From 5ab0c2e030db6e7304a62dea61c6e0149fc6efd7 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Tue, 15 Oct 2024 14:03:18 +0000 Subject: [PATCH] Auto-Update: 2024-10-15T14:00:18.621893+00:00 --- CVE-2023/CVE-2023-226xx/CVE-2023-22644.json | 48 +- CVE-2023/CVE-2023-255xx/CVE-2023-25581.json | 4 +- CVE-2023/CVE-2023-421xx/CVE-2023-42133.json | 8 +- CVE-2023/CVE-2023-480xx/CVE-2023-48082.json | 8 +- CVE-2023/CVE-2023-507xx/CVE-2023-50780.json | 8 +- CVE-2024/CVE-2024-01xx/CVE-2024-0129.json | 8 +- CVE-2024/CVE-2024-215xx/CVE-2024-21534.json | 8 +- CVE-2024/CVE-2024-215xx/CVE-2024-21535.json | 8 +- CVE-2024/CVE-2024-256xx/CVE-2024-25622.json | 8 +- CVE-2024/CVE-2024-287xx/CVE-2024-28709.json | 69 +- CVE-2024/CVE-2024-287xx/CVE-2024-28710.json | 69 +- CVE-2024/CVE-2024-301xx/CVE-2024-30117.json | 8 +- CVE-2024/CVE-2024-335xx/CVE-2024-33578.json | 8 +- CVE-2024/CVE-2024-335xx/CVE-2024-33579.json | 8 +- CVE-2024/CVE-2024-335xx/CVE-2024-33580.json | 8 +- CVE-2024/CVE-2024-335xx/CVE-2024-33581.json | 8 +- CVE-2024/CVE-2024-335xx/CVE-2024-33582.json | 8 +- CVE-2024/CVE-2024-352xx/CVE-2024-35202.json | 4 +- CVE-2024/CVE-2024-355xx/CVE-2024-35517.json | 8 +- CVE-2024/CVE-2024-355xx/CVE-2024-35518.json | 8 +- CVE-2024/CVE-2024-355xx/CVE-2024-35519.json | 8 +- CVE-2024/CVE-2024-355xx/CVE-2024-35520.json | 8 +- CVE-2024/CVE-2024-355xx/CVE-2024-35522.json | 8 +- CVE-2024/CVE-2024-383xx/CVE-2024-38365.json | 8 +- CVE-2024/CVE-2024-388xx/CVE-2024-38862.json | 12 +- CVE-2024/CVE-2024-388xx/CVE-2024-38863.json | 8 +- CVE-2024/CVE-2024-395xx/CVE-2024-39526.json | 8 +- CVE-2024/CVE-2024-395xx/CVE-2024-39527.json | 8 +- CVE-2024/CVE-2024-395xx/CVE-2024-39534.json | 8 +- CVE-2024/CVE-2024-395xx/CVE-2024-39544.json | 8 +- CVE-2024/CVE-2024-395xx/CVE-2024-39547.json | 8 +- CVE-2024/CVE-2024-395xx/CVE-2024-39563.json | 8 +- CVE-2024/CVE-2024-40xx/CVE-2024-4089.json | 8 +- CVE-2024/CVE-2024-419xx/CVE-2024-41997.json | 8 +- CVE-2024/CVE-2024-41xx/CVE-2024-4130.json | 8 +- CVE-2024/CVE-2024-41xx/CVE-2024-4131.json | 8 +- CVE-2024/CVE-2024-41xx/CVE-2024-4132.json | 8 +- CVE-2024/CVE-2024-420xx/CVE-2024-42018.json | 8 +- CVE-2024/CVE-2024-426xx/CVE-2024-42640.json | 8 +- CVE-2024/CVE-2024-437xx/CVE-2024-43701.json | 8 +- CVE-2024/CVE-2024-441xx/CVE-2024-44157.json | 8 +- CVE-2024/CVE-2024-444xx/CVE-2024-44413.json | 8 +- CVE-2024/CVE-2024-444xx/CVE-2024-44414.json | 8 +- CVE-2024/CVE-2024-444xx/CVE-2024-44415.json | 8 +- CVE-2024/CVE-2024-447xx/CVE-2024-44729.json | 8 +- CVE-2024/CVE-2024-447xx/CVE-2024-44730.json | 8 +- CVE-2024/CVE-2024-447xx/CVE-2024-44731.json | 8 +- CVE-2024/CVE-2024-447xx/CVE-2024-44734.json | 8 +- CVE-2024/CVE-2024-448xx/CVE-2024-44807.json | 8 +- CVE-2024/CVE-2024-451xx/CVE-2024-45184.json | 8 +- CVE-2024/CVE-2024-452xx/CVE-2024-45271.json | 8 +- CVE-2024/CVE-2024-452xx/CVE-2024-45272.json | 8 +- CVE-2024/CVE-2024-452xx/CVE-2024-45273.json | 8 +- CVE-2024/CVE-2024-452xx/CVE-2024-45274.json | 8 +- CVE-2024/CVE-2024-452xx/CVE-2024-45275.json | 8 +- CVE-2024/CVE-2024-452xx/CVE-2024-45276.json | 8 +- CVE-2024/CVE-2024-453xx/CVE-2024-45315.json | 8 +- CVE-2024/CVE-2024-453xx/CVE-2024-45316.json | 8 +- CVE-2024/CVE-2024-453xx/CVE-2024-45317.json | 8 +- CVE-2024/CVE-2024-453xx/CVE-2024-45396.json | 8 +- CVE-2024/CVE-2024-453xx/CVE-2024-45397.json | 8 +- CVE-2024/CVE-2024-454xx/CVE-2024-45402.json | 8 +- CVE-2024/CVE-2024-454xx/CVE-2024-45403.json | 8 +- CVE-2024/CVE-2024-457xx/CVE-2024-45731.json | 8 +- CVE-2024/CVE-2024-457xx/CVE-2024-45732.json | 8 +- CVE-2024/CVE-2024-457xx/CVE-2024-45733.json | 8 +- CVE-2024/CVE-2024-457xx/CVE-2024-45734.json | 8 +- CVE-2024/CVE-2024-457xx/CVE-2024-45735.json | 8 +- CVE-2024/CVE-2024-457xx/CVE-2024-45736.json | 8 +- CVE-2024/CVE-2024-457xx/CVE-2024-45737.json | 8 +- CVE-2024/CVE-2024-457xx/CVE-2024-45738.json | 8 +- CVE-2024/CVE-2024-457xx/CVE-2024-45739.json | 8 +- CVE-2024/CVE-2024-457xx/CVE-2024-45740.json | 8 +- CVE-2024/CVE-2024-457xx/CVE-2024-45741.json | 8 +- CVE-2024/CVE-2024-457xx/CVE-2024-45754.json | 8 +- CVE-2024/CVE-2024-460xx/CVE-2024-46088.json | 8 +- CVE-2024/CVE-2024-462xx/CVE-2024-46215.json | 8 +- CVE-2024/CVE-2024-464xx/CVE-2024-46468.json | 8 +- CVE-2024/CVE-2024-465xx/CVE-2024-46528.json | 8 +- CVE-2024/CVE-2024-465xx/CVE-2024-46532.json | 8 +- CVE-2024/CVE-2024-465xx/CVE-2024-46535.json | 8 +- CVE-2024/CVE-2024-468xx/CVE-2024-46898.json | 8 +- CVE-2024/CVE-2024-469xx/CVE-2024-46911.json | 8 +- CVE-2024/CVE-2024-469xx/CVE-2024-46980.json | 8 +- CVE-2024/CVE-2024-469xx/CVE-2024-46988.json | 8 +- CVE-2024/CVE-2024-46xx/CVE-2024-4658.json | 4 +- CVE-2024/CVE-2024-470xx/CVE-2024-47074.json | 8 +- CVE-2024/CVE-2024-470xx/CVE-2024-47084.json | 4 +- CVE-2024/CVE-2024-471xx/CVE-2024-47164.json | 4 +- CVE-2024/CVE-2024-471xx/CVE-2024-47165.json | 4 +- CVE-2024/CVE-2024-471xx/CVE-2024-47166.json | 4 +- CVE-2024/CVE-2024-471xx/CVE-2024-47167.json | 4 +- CVE-2024/CVE-2024-471xx/CVE-2024-47168.json | 4 +- CVE-2024/CVE-2024-473xx/CVE-2024-47331.json | 8 +- CVE-2024/CVE-2024-473xx/CVE-2024-47353.json | 8 +- CVE-2024/CVE-2024-473xx/CVE-2024-47354.json | 4 +- CVE-2024/CVE-2024-474xx/CVE-2024-47489.json | 10 +- CVE-2024/CVE-2024-474xx/CVE-2024-47490.json | 8 +- CVE-2024/CVE-2024-474xx/CVE-2024-47491.json | 10 +- CVE-2024/CVE-2024-474xx/CVE-2024-47493.json | 10 +- CVE-2024/CVE-2024-474xx/CVE-2024-47494.json | 8 +- CVE-2024/CVE-2024-474xx/CVE-2024-47495.json | 8 +- CVE-2024/CVE-2024-474xx/CVE-2024-47496.json | 8 +- CVE-2024/CVE-2024-474xx/CVE-2024-47497.json | 8 +- CVE-2024/CVE-2024-474xx/CVE-2024-47498.json | 8 +- CVE-2024/CVE-2024-474xx/CVE-2024-47499.json | 8 +- CVE-2024/CVE-2024-475xx/CVE-2024-47501.json | 8 +- CVE-2024/CVE-2024-475xx/CVE-2024-47502.json | 8 +- CVE-2024/CVE-2024-475xx/CVE-2024-47503.json | 8 +- CVE-2024/CVE-2024-475xx/CVE-2024-47504.json | 8 +- CVE-2024/CVE-2024-475xx/CVE-2024-47505.json | 8 +- CVE-2024/CVE-2024-475xx/CVE-2024-47506.json | 8 +- CVE-2024/CVE-2024-475xx/CVE-2024-47507.json | 8 +- CVE-2024/CVE-2024-475xx/CVE-2024-47508.json | 8 +- CVE-2024/CVE-2024-475xx/CVE-2024-47509.json | 8 +- CVE-2024/CVE-2024-476xx/CVE-2024-47636.json | 4 +- CVE-2024/CVE-2024-476xx/CVE-2024-47648.json | 4 +- CVE-2024/CVE-2024-476xx/CVE-2024-47674.json | 8 +- CVE-2024/CVE-2024-477xx/CVE-2024-47766.json | 8 +- CVE-2024/CVE-2024-477xx/CVE-2024-47767.json | 8 +- CVE-2024/CVE-2024-478xx/CVE-2024-47826.json | 8 +- CVE-2024/CVE-2024-478xx/CVE-2024-47830.json | 8 +- CVE-2024/CVE-2024-478xx/CVE-2024-47831.json | 8 +- CVE-2024/CVE-2024-478xx/CVE-2024-47867.json | 4 +- CVE-2024/CVE-2024-478xx/CVE-2024-47868.json | 4 +- CVE-2024/CVE-2024-478xx/CVE-2024-47869.json | 4 +- CVE-2024/CVE-2024-478xx/CVE-2024-47870.json | 4 +- CVE-2024/CVE-2024-478xx/CVE-2024-47871.json | 4 +- CVE-2024/CVE-2024-478xx/CVE-2024-47872.json | 4 +- CVE-2024/CVE-2024-478xx/CVE-2024-47875.json | 8 +- CVE-2024/CVE-2024-478xx/CVE-2024-47877.json | 8 +- CVE-2024/CVE-2024-478xx/CVE-2024-47884.json | 8 +- CVE-2024/CVE-2024-478xx/CVE-2024-47885.json | 8 +- CVE-2024/CVE-2024-479xx/CVE-2024-47943.json | 8 +- CVE-2024/CVE-2024-479xx/CVE-2024-47944.json | 8 +- CVE-2024/CVE-2024-479xx/CVE-2024-47945.json | 8 +- CVE-2024/CVE-2024-479xx/CVE-2024-47962.json | 4 +- CVE-2024/CVE-2024-479xx/CVE-2024-47963.json | 4 +- CVE-2024/CVE-2024-479xx/CVE-2024-47964.json | 4 +- CVE-2024/CVE-2024-479xx/CVE-2024-47965.json | 4 +- CVE-2024/CVE-2024-479xx/CVE-2024-47966.json | 4 +- CVE-2024/CVE-2024-480xx/CVE-2024-48020.json | 8 +- CVE-2024/CVE-2024-480xx/CVE-2024-48033.json | 8 +- CVE-2024/CVE-2024-480xx/CVE-2024-48040.json | 8 +- CVE-2024/CVE-2024-480xx/CVE-2024-48041.json | 8 +- CVE-2024/CVE-2024-481xx/CVE-2024-48119.json | 8 +- CVE-2024/CVE-2024-481xx/CVE-2024-48120.json | 8 +- CVE-2024/CVE-2024-481xx/CVE-2024-48150.json | 8 +- CVE-2024/CVE-2024-481xx/CVE-2024-48153.json | 8 +- CVE-2024/CVE-2024-481xx/CVE-2024-48168.json | 8 +- CVE-2024/CVE-2024-482xx/CVE-2024-48249.json | 8 +- CVE-2024/CVE-2024-482xx/CVE-2024-48251.json | 8 +- CVE-2024/CVE-2024-482xx/CVE-2024-48253.json | 8 +- CVE-2024/CVE-2024-482xx/CVE-2024-48255.json | 8 +- CVE-2024/CVE-2024-482xx/CVE-2024-48257.json | 8 +- CVE-2024/CVE-2024-482xx/CVE-2024-48259.json | 8 +- CVE-2024/CVE-2024-482xx/CVE-2024-48278.json | 21 + CVE-2024/CVE-2024-482xx/CVE-2024-48279.json | 21 + CVE-2024/CVE-2024-482xx/CVE-2024-48280.json | 21 + CVE-2024/CVE-2024-482xx/CVE-2024-48282.json | 21 + CVE-2024/CVE-2024-482xx/CVE-2024-48283.json | 21 + CVE-2024/CVE-2024-487xx/CVE-2024-48768.json | 8 +- CVE-2024/CVE-2024-487xx/CVE-2024-48769.json | 8 +- CVE-2024/CVE-2024-487xx/CVE-2024-48770.json | 8 +- CVE-2024/CVE-2024-487xx/CVE-2024-48771.json | 8 +- CVE-2024/CVE-2024-487xx/CVE-2024-48772.json | 8 +- CVE-2024/CVE-2024-487xx/CVE-2024-48773.json | 8 +- CVE-2024/CVE-2024-487xx/CVE-2024-48774.json | 8 +- CVE-2024/CVE-2024-487xx/CVE-2024-48775.json | 8 +- CVE-2024/CVE-2024-487xx/CVE-2024-48776.json | 8 +- CVE-2024/CVE-2024-487xx/CVE-2024-48777.json | 8 +- CVE-2024/CVE-2024-487xx/CVE-2024-48778.json | 8 +- CVE-2024/CVE-2024-487xx/CVE-2024-48784.json | 8 +- CVE-2024/CVE-2024-487xx/CVE-2024-48786.json | 8 +- CVE-2024/CVE-2024-487xx/CVE-2024-48787.json | 8 +- CVE-2024/CVE-2024-487xx/CVE-2024-48788.json | 8 +- CVE-2024/CVE-2024-487xx/CVE-2024-48789.json | 8 +- CVE-2024/CVE-2024-487xx/CVE-2024-48790.json | 8 +- CVE-2024/CVE-2024-487xx/CVE-2024-48791.json | 8 +- CVE-2024/CVE-2024-487xx/CVE-2024-48792.json | 8 +- CVE-2024/CVE-2024-487xx/CVE-2024-48793.json | 8 +- CVE-2024/CVE-2024-487xx/CVE-2024-48795.json | 8 +- CVE-2024/CVE-2024-487xx/CVE-2024-48796.json | 8 +- CVE-2024/CVE-2024-487xx/CVE-2024-48797.json | 8 +- CVE-2024/CVE-2024-487xx/CVE-2024-48798.json | 8 +- CVE-2024/CVE-2024-487xx/CVE-2024-48799.json | 8 +- CVE-2024/CVE-2024-488xx/CVE-2024-48813.json | 8 +- CVE-2024/CVE-2024-488xx/CVE-2024-48821.json | 8 +- CVE-2024/CVE-2024-488xx/CVE-2024-48822.json | 8 +- CVE-2024/CVE-2024-488xx/CVE-2024-48823.json | 8 +- CVE-2024/CVE-2024-488xx/CVE-2024-48824.json | 8 +- CVE-2024/CVE-2024-488xx/CVE-2024-48827.json | 8 +- CVE-2024/CVE-2024-489xx/CVE-2024-48909.json | 8 +- CVE-2024/CVE-2024-489xx/CVE-2024-48911.json | 8 +- CVE-2024/CVE-2024-489xx/CVE-2024-48937.json | 8 +- CVE-2024/CVE-2024-489xx/CVE-2024-48938.json | 8 +- CVE-2024/CVE-2024-489xx/CVE-2024-48987.json | 8 +- CVE-2024/CVE-2024-491xx/CVE-2024-49193.json | 8 +- CVE-2024/CVE-2024-492xx/CVE-2024-49214.json | 8 +- CVE-2024/CVE-2024-493xx/CVE-2024-49382.json | 8 +- CVE-2024/CVE-2024-493xx/CVE-2024-49383.json | 8 +- CVE-2024/CVE-2024-493xx/CVE-2024-49384.json | 8 +- CVE-2024/CVE-2024-493xx/CVE-2024-49387.json | 8 +- CVE-2024/CVE-2024-493xx/CVE-2024-49388.json | 8 +- CVE-2024/CVE-2024-50xx/CVE-2024-5005.json | 8 +- CVE-2024/CVE-2024-54xx/CVE-2024-5474.json | 8 +- CVE-2024/CVE-2024-61xx/CVE-2024-6157.json | 4 +- CVE-2024/CVE-2024-62xx/CVE-2024-6207.json | 8 +- CVE-2024/CVE-2024-66xx/CVE-2024-6657.json | 8 +- CVE-2024/CVE-2024-67xx/CVE-2024-6747.json | 573 +++++++++++++++- CVE-2024/CVE-2024-67xx/CVE-2024-6757.json | 8 +- CVE-2024/CVE-2024-67xx/CVE-2024-6762.json | 8 +- CVE-2024/CVE-2024-67xx/CVE-2024-6763.json | 8 +- CVE-2024/CVE-2024-69xx/CVE-2024-6959.json | 8 +- CVE-2024/CVE-2024-69xx/CVE-2024-6971.json | 8 +- CVE-2024/CVE-2024-69xx/CVE-2024-6985.json | 8 +- CVE-2024/CVE-2024-70xx/CVE-2024-7099.json | 8 +- CVE-2024/CVE-2024-74xx/CVE-2024-7489.json | 8 +- CVE-2024/CVE-2024-75xx/CVE-2024-7514.json | 8 +- CVE-2024/CVE-2024-78xx/CVE-2024-7847.json | 8 +- CVE-2024/CVE-2024-80xx/CVE-2024-8070.json | 8 +- CVE-2024/CVE-2024-81xx/CVE-2024-8184.json | 8 +- CVE-2024/CVE-2024-83xx/CVE-2024-8376.json | 8 +- CVE-2024/CVE-2024-84xx/CVE-2024-8477.json | 42 +- CVE-2024/CVE-2024-85xx/CVE-2024-8513.json | 42 +- CVE-2024/CVE-2024-85xx/CVE-2024-8530.json | 8 +- CVE-2024/CVE-2024-85xx/CVE-2024-8531.json | 8 +- CVE-2024/CVE-2024-86xx/CVE-2024-8602.json | 8 +- CVE-2024/CVE-2024-87xx/CVE-2024-8729.json | 52 +- CVE-2024/CVE-2024-87xx/CVE-2024-8755.json | 10 +- CVE-2024/CVE-2024-87xx/CVE-2024-8757.json | 8 +- CVE-2024/CVE-2024-87xx/CVE-2024-8760.json | 8 +- CVE-2024/CVE-2024-89xx/CVE-2024-8902.json | 8 +- CVE-2024/CVE-2024-89xx/CVE-2024-8912.json | 8 +- CVE-2024/CVE-2024-89xx/CVE-2024-8913.json | 8 +- CVE-2024/CVE-2024-89xx/CVE-2024-8915.json | 8 +- CVE-2024/CVE-2024-89xx/CVE-2024-8970.json | 8 +- CVE-2024/CVE-2024-89xx/CVE-2024-8987.json | 60 +- CVE-2024/CVE-2024-90xx/CVE-2024-9002.json | 8 +- CVE-2024/CVE-2024-90xx/CVE-2024-9046.json | 8 +- CVE-2024/CVE-2024-90xx/CVE-2024-9047.json | 8 +- CVE-2024/CVE-2024-90xx/CVE-2024-9051.json | 8 +- CVE-2024/CVE-2024-90xx/CVE-2024-9057.json | 65 +- CVE-2024/CVE-2024-91xx/CVE-2024-9137.json | 8 +- CVE-2024/CVE-2024-91xx/CVE-2024-9139.json | 4 +- CVE-2024/CVE-2024-91xx/CVE-2024-9164.json | 8 +- CVE-2024/CVE-2024-91xx/CVE-2024-9180.json | 4 +- CVE-2024/CVE-2024-91xx/CVE-2024-9187.json | 8 +- CVE-2024/CVE-2024-92xx/CVE-2024-9211.json | 8 +- CVE-2024/CVE-2024-92xx/CVE-2024-9221.json | 8 +- CVE-2024/CVE-2024-92xx/CVE-2024-9232.json | 8 +- CVE-2024/CVE-2024-92xx/CVE-2024-9234.json | 8 +- CVE-2024/CVE-2024-93xx/CVE-2024-9312.json | 4 +- CVE-2024/CVE-2024-93xx/CVE-2024-9346.json | 8 +- CVE-2024/CVE-2024-94xx/CVE-2024-9436.json | 8 +- CVE-2024/CVE-2024-94xx/CVE-2024-9487.json | 4 +- CVE-2024/CVE-2024-95xx/CVE-2024-9507.json | 8 +- CVE-2024/CVE-2024-95xx/CVE-2024-9538.json | 8 +- CVE-2024/CVE-2024-95xx/CVE-2024-9539.json | 8 +- CVE-2024/CVE-2024-95xx/CVE-2024-9543.json | 8 +- CVE-2024/CVE-2024-95xx/CVE-2024-9546.json | 8 +- CVE-2024/CVE-2024-95xx/CVE-2024-9548.json | 8 +- CVE-2024/CVE-2024-95xx/CVE-2024-9586.json | 8 +- CVE-2024/CVE-2024-95xx/CVE-2024-9587.json | 8 +- CVE-2024/CVE-2024-95xx/CVE-2024-9592.json | 8 +- CVE-2024/CVE-2024-95xx/CVE-2024-9595.json | 8 +- CVE-2024/CVE-2024-96xx/CVE-2024-9610.json | 8 +- CVE-2024/CVE-2024-96xx/CVE-2024-9611.json | 8 +- CVE-2024/CVE-2024-96xx/CVE-2024-9616.json | 8 +- CVE-2024/CVE-2024-96xx/CVE-2024-9656.json | 8 +- CVE-2024/CVE-2024-96xx/CVE-2024-9670.json | 8 +- CVE-2024/CVE-2024-96xx/CVE-2024-9687.json | 8 +- CVE-2024/CVE-2024-96xx/CVE-2024-9696.json | 8 +- CVE-2024/CVE-2024-97xx/CVE-2024-9704.json | 8 +- CVE-2024/CVE-2024-97xx/CVE-2024-9707.json | 8 +- CVE-2024/CVE-2024-97xx/CVE-2024-9756.json | 8 +- CVE-2024/CVE-2024-97xx/CVE-2024-9776.json | 8 +- CVE-2024/CVE-2024-97xx/CVE-2024-9778.json | 8 +- CVE-2024/CVE-2024-97xx/CVE-2024-9785.json | 4 +- CVE-2024/CVE-2024-97xx/CVE-2024-9786.json | 4 +- CVE-2024/CVE-2024-97xx/CVE-2024-9787.json | 4 +- CVE-2024/CVE-2024-97xx/CVE-2024-9788.json | 4 +- CVE-2024/CVE-2024-97xx/CVE-2024-9789.json | 4 +- CVE-2024/CVE-2024-97xx/CVE-2024-9790.json | 4 +- CVE-2024/CVE-2024-97xx/CVE-2024-9792.json | 4 +- CVE-2024/CVE-2024-97xx/CVE-2024-9793.json | 4 +- CVE-2024/CVE-2024-97xx/CVE-2024-9794.json | 4 +- CVE-2024/CVE-2024-97xx/CVE-2024-9797.json | 4 +- CVE-2024/CVE-2024-97xx/CVE-2024-9799.json | 4 +- CVE-2024/CVE-2024-98xx/CVE-2024-9803.json | 4 +- CVE-2024/CVE-2024-98xx/CVE-2024-9804.json | 4 +- CVE-2024/CVE-2024-98xx/CVE-2024-9805.json | 4 +- CVE-2024/CVE-2024-98xx/CVE-2024-9806.json | 4 +- CVE-2024/CVE-2024-98xx/CVE-2024-9807.json | 4 +- CVE-2024/CVE-2024-98xx/CVE-2024-9808.json | 4 +- CVE-2024/CVE-2024-98xx/CVE-2024-9809.json | 4 +- CVE-2024/CVE-2024-98xx/CVE-2024-9810.json | 4 +- CVE-2024/CVE-2024-98xx/CVE-2024-9811.json | 4 +- CVE-2024/CVE-2024-98xx/CVE-2024-9812.json | 4 +- CVE-2024/CVE-2024-98xx/CVE-2024-9813.json | 4 +- CVE-2024/CVE-2024-98xx/CVE-2024-9814.json | 4 +- CVE-2024/CVE-2024-98xx/CVE-2024-9815.json | 4 +- CVE-2024/CVE-2024-98xx/CVE-2024-9816.json | 4 +- CVE-2024/CVE-2024-98xx/CVE-2024-9817.json | 4 +- CVE-2024/CVE-2024-98xx/CVE-2024-9818.json | 4 +- CVE-2024/CVE-2024-98xx/CVE-2024-9820.json | 8 +- CVE-2024/CVE-2024-98xx/CVE-2024-9821.json | 8 +- CVE-2024/CVE-2024-98xx/CVE-2024-9822.json | 4 +- CVE-2024/CVE-2024-98xx/CVE-2024-9823.json | 8 +- CVE-2024/CVE-2024-98xx/CVE-2024-9824.json | 8 +- CVE-2024/CVE-2024-98xx/CVE-2024-9837.json | 8 +- CVE-2024/CVE-2024-98xx/CVE-2024-9855.json | 8 +- CVE-2024/CVE-2024-98xx/CVE-2024-9856.json | 8 +- CVE-2024/CVE-2024-98xx/CVE-2024-9859.json | 8 +- CVE-2024/CVE-2024-98xx/CVE-2024-9860.json | 8 +- CVE-2024/CVE-2024-98xx/CVE-2024-9894.json | 8 +- CVE-2024/CVE-2024-98xx/CVE-2024-9895.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9903.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9904.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9905.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9906.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9907.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9908.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9909.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9910.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9911.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9912.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9913.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9914.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9915.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9916.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9917.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9918.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9921.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9922.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9923.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9924.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9925.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9936.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9944.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9952.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9953.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9968.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9969.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9970.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9971.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9972.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9973.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9974.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9975.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9976.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9977.json | 137 ++++ CVE-2024/CVE-2024-99xx/CVE-2024-9980.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9981.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9982.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9983.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9984.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9985.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9986.json | 141 ++++ README.md | 62 +- _state.csv | 715 ++++++++++---------- 361 files changed, 3591 insertions(+), 1121 deletions(-) create mode 100644 CVE-2024/CVE-2024-482xx/CVE-2024-48278.json create mode 100644 CVE-2024/CVE-2024-482xx/CVE-2024-48279.json create mode 100644 CVE-2024/CVE-2024-482xx/CVE-2024-48280.json create mode 100644 CVE-2024/CVE-2024-482xx/CVE-2024-48282.json create mode 100644 CVE-2024/CVE-2024-482xx/CVE-2024-48283.json create mode 100644 CVE-2024/CVE-2024-99xx/CVE-2024-9977.json create mode 100644 CVE-2024/CVE-2024-99xx/CVE-2024-9986.json diff --git a/CVE-2023/CVE-2023-226xx/CVE-2023-22644.json b/CVE-2023/CVE-2023-226xx/CVE-2023-22644.json index 90085d45946..dd2ec72dc2b 100644 --- a/CVE-2023/CVE-2023-226xx/CVE-2023-22644.json +++ b/CVE-2023/CVE-2023-226xx/CVE-2023-22644.json @@ -2,13 +2,13 @@ "id": "CVE-2023-22644", "sourceIdentifier": "meissner@suse.de", "published": "2023-09-20T09:15:12.837", - "lastModified": "2024-10-15T11:15:10.860", + "lastModified": "2024-10-15T12:15:02.520", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "A vulnerability has been identified which may lead to sensitive data being leaked into Rancher's audit logs. [Rancher Audit Logging](https://ranchermanager.docs.rancher.com/how-to-guides/advanced-user-guides/enable-api-audit-log) is an opt-in feature, only deployments that have it enabled and have [AUDIT_LEVEL](https://ranchermanager.docs.rancher.com/how-to-guides/advanced-user-guides/enable-api-audit-log#audit-log-levels) set to `1 or above` are impacted by this issue." + "value": "A vulnerability has been identified in which Rancher does not automatically clean up a user which has been deleted from the configured authentication provider (AP). This characteristic also applies to disabled or revoked users, Rancher will not reflect these modifications which may leave the user\u2019s tokens still usable." }, { "lang": "es", @@ -22,18 +22,18 @@ "type": "Secondary", "cvssData": { "version": "4.0", - "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", - "privilegesRequired": "HIGH", - "userInteraction": "PASSIVE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", "vulnerableSystemConfidentiality": "HIGH", - "vulnerableSystemIntegrity": "NONE", - "vulnerableSystemAvailability": "NONE", - "subsequentSystemConfidentiality": "HIGH", - "subsequentSystemIntegrity": "HIGH", - "subsequentSystemAvailability": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirements": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", @@ -55,7 +55,7 @@ "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", - "baseScore": 8.4, + "baseScore": 8.7, "baseSeverity": "HIGH" } } @@ -80,6 +80,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 3.6 + }, + { + "source": "meissner@suse.de", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ] }, @@ -90,7 +110,7 @@ "description": [ { "lang": "en", - "value": "CWE-532" + "value": "CWE-287" } ] } @@ -123,11 +143,11 @@ ], "references": [ { - "url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-22649", + "url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-22650", "source": "meissner@suse.de" }, { - "url": "https://github.com/rancher/rancher/security/advisories/GHSA-xfj7-qf8w-2gcr", + "url": "https://github.com/rancher/rancher/security/advisories/GHSA-9ghh-mmcq-8phc", "source": "meissner@suse.de" } ] diff --git a/CVE-2023/CVE-2023-255xx/CVE-2023-25581.json b/CVE-2023/CVE-2023-255xx/CVE-2023-25581.json index 38bfde9c0a2..93484c0b6a1 100644 --- a/CVE-2023/CVE-2023-255xx/CVE-2023-25581.json +++ b/CVE-2023/CVE-2023-255xx/CVE-2023-25581.json @@ -2,8 +2,8 @@ "id": "CVE-2023-25581", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-10T16:15:04.923", - "lastModified": "2024-10-10T16:15:04.923", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2023/CVE-2023-421xx/CVE-2023-42133.json b/CVE-2023/CVE-2023-421xx/CVE-2023-42133.json index fd6659fd73b..b33c44f8354 100644 --- a/CVE-2023/CVE-2023-421xx/CVE-2023-42133.json +++ b/CVE-2023/CVE-2023-421xx/CVE-2023-42133.json @@ -2,13 +2,17 @@ "id": "CVE-2023-42133", "sourceIdentifier": "cvd@cert.pl", "published": "2024-10-11T13:15:15.190", - "lastModified": "2024-10-11T13:15:15.190", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "PAX Android based POS devices allow for escalation of privilege via improperly configured scripts.\n\nAn attacker must have shell access with system account privileges in order to exploit this vulnerability.\nA patch addressing this issue was included in firmware version PayDroid_8.1.0_Sagittarius_V11.1.61_20240226." + }, + { + "lang": "es", + "value": "Los dispositivos POS basados en Android PAX permiten la escalada de privilegios a trav\u00e9s de scripts configurados incorrectamente. Un atacante debe tener acceso al shell con privilegios de cuenta del sistema para poder explotar esta vulnerabilidad. Se incluy\u00f3 un parche que soluciona este problema en la versi\u00f3n de firmware PayDroid_8.1.0_Sagittarius_V11.1.61_20240226." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-480xx/CVE-2023-48082.json b/CVE-2023/CVE-2023-480xx/CVE-2023-48082.json index c6dffff685e..5558dc93296 100644 --- a/CVE-2023/CVE-2023-480xx/CVE-2023-48082.json +++ b/CVE-2023/CVE-2023-480xx/CVE-2023-48082.json @@ -2,13 +2,17 @@ "id": "CVE-2023-48082", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-14T19:15:10.780", - "lastModified": "2024-10-14T19:15:10.780", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Nagios XI before 5.11.3 2024R1 was discovered to improperly handle API keys generation (randomly-generated), allowing attackers to possibly generate the same set of API keys for all users and utilize them to authenticate." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que Nagios XI anterior a 5.11.3 2024R1 manejaba incorrectamente la generaci\u00f3n de claves API (generadas aleatoriamente), lo que permit\u00eda a los atacantes generar posiblemente el mismo conjunto de claves API para todos los usuarios y utilizarlas para autenticarse." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-507xx/CVE-2023-50780.json b/CVE-2023/CVE-2023-507xx/CVE-2023-50780.json index 992cf7a21af..54bdf8f34af 100644 --- a/CVE-2023/CVE-2023-507xx/CVE-2023-50780.json +++ b/CVE-2023/CVE-2023-507xx/CVE-2023-50780.json @@ -2,13 +2,17 @@ "id": "CVE-2023-50780", "sourceIdentifier": "security@apache.org", "published": "2024-10-14T16:15:03.477", - "lastModified": "2024-10-14T16:15:03.477", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Apache ActiveMQ Artemis allows access to diagnostic information and controls through MBeans, which are also exposed through the authenticated Jolokia endpoint. Before version 2.29.0, this also included the Log4J2 MBean. This MBean is not meant for exposure to non-administrative users. This could eventually allow an authenticated attacker to write arbitrary files to the filesystem and indirectly achieve RCE.\n\n\nUsers are recommended to upgrade to version 2.29.0 or later, which fixes the issue." + }, + { + "lang": "es", + "value": "Apache ActiveMQ Artemis permite el acceso a informaci\u00f3n de diagn\u00f3stico y controles a trav\u00e9s de MBeans, que tambi\u00e9n se exponen a trav\u00e9s del endpoint autenticado Jolokia. Antes de la versi\u00f3n 2.29.0, esto tambi\u00e9n inclu\u00eda el MBean Log4J2. Este MBean no est\u00e1 pensado para exponerlo a usuarios no administrativos. Esto podr\u00eda eventualmente permitir que un atacante autenticado escriba archivos arbitrarios en el sistema de archivos y logre RCE indirectamente. Se recomienda a los usuarios actualizar a la versi\u00f3n 2.29.0 o posterior, que soluciona el problema." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-01xx/CVE-2024-0129.json b/CVE-2024/CVE-2024-01xx/CVE-2024-0129.json index 15a39061686..d4f126fa0da 100644 --- a/CVE-2024/CVE-2024-01xx/CVE-2024-0129.json +++ b/CVE-2024/CVE-2024-01xx/CVE-2024-0129.json @@ -2,13 +2,17 @@ "id": "CVE-2024-0129", "sourceIdentifier": "psirt@nvidia.com", "published": "2024-10-15T06:15:02.520", - "lastModified": "2024-10-15T06:15:02.520", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "NVIDIA NeMo contains a vulnerability in SaveRestoreConnector where a user may cause a path traversal issue via an unsafe .tar file extraction. A successful exploit of this vulnerability may lead to code execution and data tampering." + }, + { + "lang": "es", + "value": "NVIDIA NeMo contiene una vulnerabilidad en SaveRestoreConnector que puede provocar un problema de path traversal mediante una extracci\u00f3n de archivo .tar no segura. Una explotaci\u00f3n exitosa de esta vulnerabilidad puede provocar la ejecuci\u00f3n de c\u00f3digo y la manipulaci\u00f3n de datos." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-215xx/CVE-2024-21534.json b/CVE-2024/CVE-2024-215xx/CVE-2024-21534.json index e6493cb5eee..0f48bb247d0 100644 --- a/CVE-2024/CVE-2024-215xx/CVE-2024-21534.json +++ b/CVE-2024/CVE-2024-215xx/CVE-2024-21534.json @@ -2,13 +2,17 @@ "id": "CVE-2024-21534", "sourceIdentifier": "report@snyk.io", "published": "2024-10-11T13:15:15.667", - "lastModified": "2024-10-11T21:36:23.557", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Versions of the package jsonpath-plus before 10.0.0 are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of vm in Node.\r\r**Note:**\r\rThe unsafe behavior is still available after applying the fix but it is not turned on by default." + }, + { + "lang": "es", + "value": "Las versiones del paquete jsonpath-plus anteriores a la 10.0.0 son vulnerables a la ejecuci\u00f3n remota de c\u00f3digo (RCE) debido a una desinfecci\u00f3n de entrada incorrecta. Un atacante puede ejecutar c\u00f3digo arbitrario en el sistema aprovechando el uso inseguro predeterminado de vm en Node. **Nota:** El comportamiento inseguro sigue estando disponible despu\u00e9s de aplicar la correcci\u00f3n, pero no est\u00e1 activado de forma predeterminada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-215xx/CVE-2024-21535.json b/CVE-2024/CVE-2024-215xx/CVE-2024-21535.json index a67a8f42336..5585e82b04f 100644 --- a/CVE-2024/CVE-2024-215xx/CVE-2024-21535.json +++ b/CVE-2024/CVE-2024-215xx/CVE-2024-21535.json @@ -2,13 +2,17 @@ "id": "CVE-2024-21535", "sourceIdentifier": "report@snyk.io", "published": "2024-10-15T05:15:11.530", - "lastModified": "2024-10-15T05:15:11.530", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Versions of the package markdown-to-jsx before 7.4.0 are vulnerable to Cross-site Scripting (XSS) via the src property due to improper input sanitization. An attacker can execute arbitrary code by injecting a malicious iframe element in the markdown." + }, + { + "lang": "es", + "value": "Las versiones del paquete markdown-to-jsx anteriores a la 7.4.0 son vulnerables a ataques de Cross Site Scripting (XSS) a trav\u00e9s de la propiedad src debido a una desinfecci\u00f3n incorrecta de la entrada. Un atacante puede ejecutar c\u00f3digo arbitrario inyectando un elemento iframe malicioso en el paquete markdown." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-256xx/CVE-2024-25622.json b/CVE-2024/CVE-2024-256xx/CVE-2024-25622.json index 534f73cd80d..a031ae4fea7 100644 --- a/CVE-2024/CVE-2024-256xx/CVE-2024-25622.json +++ b/CVE-2024/CVE-2024-256xx/CVE-2024-25622.json @@ -2,13 +2,17 @@ "id": "CVE-2024-25622", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-11T15:15:03.947", - "lastModified": "2024-10-11T15:15:03.947", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. The configuration directives provided by the headers handler allows users to modify the response headers being sent by h2o. The configuration file of h2o has scopes, and the inner scopes (e.g., path level) are expected to inherit the configuration defined in outer scopes (e.g., global level). However, if a header directive is used in the inner scope, all the definition in outer scopes are ignored. This can lead to headers not being modified as expected. Depending on the headers being added or removed unexpectedly, this behavior could lead to unexpected client behavior. This vulnerability is fixed in commit 123f5e2b65dcdba8f7ef659a00d24bd1249141be." + }, + { + "lang": "es", + "value": "h2o es un servidor HTTP compatible con HTTP/1.x, HTTP/2 y HTTP/3. Las directivas de configuraci\u00f3n proporcionadas por el controlador de encabezados permiten a los usuarios modificar los encabezados de respuesta que env\u00eda h2o. El archivo de configuraci\u00f3n de h2o tiene \u00e1mbitos y se espera que los \u00e1mbitos internos (por ejemplo, nivel de ruta) hereden la configuraci\u00f3n definida en los \u00e1mbitos externos (por ejemplo, nivel global). Sin embargo, si se utiliza una directiva de encabezado en el \u00e1mbito interno, se ignoran todas las definiciones en los \u00e1mbitos externos. Esto puede provocar que los encabezados no se modifiquen como se esperaba. Seg\u00fan si los encabezados se agregan o eliminan inesperadamente, este comportamiento podr\u00eda provocar un comportamiento inesperado del cliente. Esta vulnerabilidad se corrigi\u00f3 en el commit 123f5e2b65dcdba8f7ef659a00d24bd1249141be." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-287xx/CVE-2024-28709.json b/CVE-2024/CVE-2024-287xx/CVE-2024-28709.json index 4cbcc895036..bb5b485b397 100644 --- a/CVE-2024/CVE-2024-287xx/CVE-2024-28709.json +++ b/CVE-2024/CVE-2024-287xx/CVE-2024-28709.json @@ -2,8 +2,8 @@ "id": "CVE-2024-28709", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-07T16:15:05.117", - "lastModified": "2024-10-07T17:47:48.410", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-10-15T13:19:03.740", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,74 @@ "value": "La vulnerabilidad de cross-site scripting en LimeSurvey anterior a 6.5.12+240611 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de una secuencia de comandos manipulado espec\u00edficamente para los campos de t\u00edtulo y comentarios." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:limesurvey:limesurvey:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.5.12\\+240611", + "matchCriteriaId": "AFFFAE49-01BB-4F70-B4A7-714B29C7AEE0" + } + ] + } + ] + } + ], "references": [ { "url": "http://limesurvey.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://github.com/LimeSurvey/LimeSurvey/commit/c844c4fba81cc26ffe6544bf095bad6252910bc0", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-287xx/CVE-2024-28710.json b/CVE-2024/CVE-2024-287xx/CVE-2024-28710.json index 0c4b8fc2651..631da484a14 100644 --- a/CVE-2024/CVE-2024-287xx/CVE-2024-28710.json +++ b/CVE-2024/CVE-2024-287xx/CVE-2024-28710.json @@ -2,8 +2,8 @@ "id": "CVE-2024-28710", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-07T16:15:05.190", - "lastModified": "2024-10-07T17:47:48.410", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-10-15T13:18:44.027", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,74 @@ "value": "Una vulnerabilidad de cross-site scripting en LimeSurvey anterior a la versi\u00f3n 6.5.0+240319 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de una falta de validaci\u00f3n de entrada y codificaci\u00f3n de salida en el componente de mensaje del widget de alerta." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:limesurvey:limesurvey:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.5.0\\+240319", + "matchCriteriaId": "0B9CA71A-6962-4051-A253-FE653900E30B" + } + ] + } + ] + } + ], "references": [ { "url": "http://limesurvey.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://github.com/LimeSurvey/LimeSurvey/commit/c2fd60f94bc1db275f20cbb27a3135a9bdfb7f10", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-301xx/CVE-2024-30117.json b/CVE-2024/CVE-2024-301xx/CVE-2024-30117.json index d201ee834b5..4cb488fe989 100644 --- a/CVE-2024/CVE-2024-301xx/CVE-2024-30117.json +++ b/CVE-2024/CVE-2024-301xx/CVE-2024-30117.json @@ -2,13 +2,17 @@ "id": "CVE-2024-30117", "sourceIdentifier": "psirt@hcl.com", "published": "2024-10-14T23:15:11.407", - "lastModified": "2024-10-14T23:15:11.407", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A dynamic search for a prerequisite library could allow the possibility for an attacker to replace the correct file under some circumstances." + }, + { + "lang": "es", + "value": "Una b\u00fasqueda din\u00e1mica de una librer\u00eda de requisitos previos podr\u00eda permitir que un atacante reemplace el archivo correcto en algunas circunstancias." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-335xx/CVE-2024-33578.json b/CVE-2024/CVE-2024-335xx/CVE-2024-33578.json index 412a86dd9cc..797737a3eef 100644 --- a/CVE-2024/CVE-2024-335xx/CVE-2024-33578.json +++ b/CVE-2024/CVE-2024-335xx/CVE-2024-33578.json @@ -2,13 +2,17 @@ "id": "CVE-2024-33578", "sourceIdentifier": "psirt@lenovo.com", "published": "2024-10-11T16:15:05.277", - "lastModified": "2024-10-11T16:15:05.277", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A DLL hijack vulnerability was reported in Lenovo Leyun that could allow a local attacker to execute code with elevated privileges." + }, + { + "lang": "es", + "value": "Se inform\u00f3 de una vulnerabilidad de secuestro de DLL en Lenovo Leyun que podr\u00eda permitir a un atacante local ejecutar c\u00f3digo con privilegios elevados." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-335xx/CVE-2024-33579.json b/CVE-2024/CVE-2024-335xx/CVE-2024-33579.json index da27e0e6eb6..536b0fd6f55 100644 --- a/CVE-2024/CVE-2024-335xx/CVE-2024-33579.json +++ b/CVE-2024/CVE-2024-335xx/CVE-2024-33579.json @@ -2,13 +2,17 @@ "id": "CVE-2024-33579", "sourceIdentifier": "psirt@lenovo.com", "published": "2024-10-11T16:15:05.523", - "lastModified": "2024-10-11T16:15:05.523", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A DLL hijack vulnerability was reported in Lenovo Baiying that could allow a local attacker to execute code with elevated privileges." + }, + { + "lang": "es", + "value": "Se inform\u00f3 de una vulnerabilidad de secuestro de DLL en Lenovo Baiying que podr\u00eda permitir a un atacante local ejecutar c\u00f3digo con privilegios elevados." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-335xx/CVE-2024-33580.json b/CVE-2024/CVE-2024-335xx/CVE-2024-33580.json index 5601c78c27a..b88c65dc8d3 100644 --- a/CVE-2024/CVE-2024-335xx/CVE-2024-33580.json +++ b/CVE-2024/CVE-2024-335xx/CVE-2024-33580.json @@ -2,13 +2,17 @@ "id": "CVE-2024-33580", "sourceIdentifier": "psirt@lenovo.com", "published": "2024-10-11T16:15:05.730", - "lastModified": "2024-10-11T16:15:05.730", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A DLL hijack vulnerability was reported in Lenovo Personal Cloud that could allow a local attacker to execute code with elevated privileges." + }, + { + "lang": "es", + "value": "Se inform\u00f3 de una vulnerabilidad de secuestro de DLL en Lenovo Personal Cloud que podr\u00eda permitir que un atacante local ejecute c\u00f3digo con privilegios elevados." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-335xx/CVE-2024-33581.json b/CVE-2024/CVE-2024-335xx/CVE-2024-33581.json index e1e31416dd2..a18ef44742e 100644 --- a/CVE-2024/CVE-2024-335xx/CVE-2024-33581.json +++ b/CVE-2024/CVE-2024-335xx/CVE-2024-33581.json @@ -2,13 +2,17 @@ "id": "CVE-2024-33581", "sourceIdentifier": "psirt@lenovo.com", "published": "2024-10-11T16:15:05.943", - "lastModified": "2024-10-11T16:15:05.943", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A DLL hijack vulnerability was reported in Lenovo PC Manager AI intelligent scenario that could allow a local attacker to execute code with elevated privileges." + }, + { + "lang": "es", + "value": "Se inform\u00f3 de una vulnerabilidad de secuestro de DLL en el escenario inteligente de Lenovo PC Manager AI que podr\u00eda permitir que un atacante local ejecute c\u00f3digo con privilegios elevados." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-335xx/CVE-2024-33582.json b/CVE-2024/CVE-2024-335xx/CVE-2024-33582.json index 41cf6fec79a..26968a777fa 100644 --- a/CVE-2024/CVE-2024-335xx/CVE-2024-33582.json +++ b/CVE-2024/CVE-2024-335xx/CVE-2024-33582.json @@ -2,13 +2,17 @@ "id": "CVE-2024-33582", "sourceIdentifier": "psirt@lenovo.com", "published": "2024-10-11T16:15:06.147", - "lastModified": "2024-10-11T16:15:06.147", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A DLL hijack vulnerability was reported in Lenovo Service Framework that could allow a local attacker to execute code with elevated privileges." + }, + { + "lang": "es", + "value": "Se inform\u00f3 de una vulnerabilidad de secuestro de DLL en Lenovo Service Framework que podr\u00eda permitir que un atacante local ejecute c\u00f3digo con privilegios elevados." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-352xx/CVE-2024-35202.json b/CVE-2024/CVE-2024-352xx/CVE-2024-35202.json index 45ffbd619dc..44e2eca3094 100644 --- a/CVE-2024/CVE-2024-352xx/CVE-2024-35202.json +++ b/CVE-2024/CVE-2024-352xx/CVE-2024-35202.json @@ -2,8 +2,8 @@ "id": "CVE-2024-35202", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-10T13:15:14.077", - "lastModified": "2024-10-10T16:35:11.390", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-355xx/CVE-2024-35517.json b/CVE-2024/CVE-2024-355xx/CVE-2024-35517.json index 466d16a61d8..bc812902568 100644 --- a/CVE-2024/CVE-2024-355xx/CVE-2024-35517.json +++ b/CVE-2024/CVE-2024-355xx/CVE-2024-35517.json @@ -2,13 +2,17 @@ "id": "CVE-2024-35517", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T22:15:03.930", - "lastModified": "2024-10-11T22:15:03.930", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Netgear XR1000 v1.0.0.64 is vulnerable to command injection in usb_remote_smb_conf.cgi via the share_name parameter." + }, + { + "lang": "es", + "value": "Netgear XR1000 v1.0.0.64 es vulnerable a la inyecci\u00f3n de comandos en usb_remote_smb_conf.cgi a trav\u00e9s del par\u00e1metro share_name." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-355xx/CVE-2024-35518.json b/CVE-2024/CVE-2024-355xx/CVE-2024-35518.json index 0ea73c0839e..039efc8e5bf 100644 --- a/CVE-2024/CVE-2024-355xx/CVE-2024-35518.json +++ b/CVE-2024/CVE-2024-355xx/CVE-2024-35518.json @@ -2,13 +2,17 @@ "id": "CVE-2024-35518", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-14T22:15:03.320", - "lastModified": "2024-10-14T22:15:03.320", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Netgear EX6120 v1.0.0.68 is vulnerable to Command Injection in genie_fix2.cgi via the wan_dns1_pri parameter." + }, + { + "lang": "es", + "value": "Netgear EX6120 v1.0.0.68 es vulnerable a la inyecci\u00f3n de comandos en genie_fix2.cgi a trav\u00e9s del par\u00e1metro wan_dns1_pri." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-355xx/CVE-2024-35519.json b/CVE-2024/CVE-2024-355xx/CVE-2024-35519.json index 9a8bb3e7e81..42019ea021d 100644 --- a/CVE-2024/CVE-2024-355xx/CVE-2024-35519.json +++ b/CVE-2024/CVE-2024-355xx/CVE-2024-35519.json @@ -2,13 +2,17 @@ "id": "CVE-2024-35519", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-14T22:15:03.543", - "lastModified": "2024-10-14T22:15:03.543", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Netgear EX6120 v1.0.0.68, Netgear EX6100 v1.0.2.28, and Netgear EX3700 v1.0.0.96 are vulnerable to command injection in operating_mode.cgi via the ap_mode parameter." + }, + { + "lang": "es", + "value": "Netgear EX6120 v1.0.0.68, Netgear EX6100 v1.0.2.28 y Netgear EX3700 v1.0.0.96 son vulnerables a la inyecci\u00f3n de comandos en operating_mode.cgi a trav\u00e9s del par\u00e1metro ap_mode." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-355xx/CVE-2024-35520.json b/CVE-2024/CVE-2024-355xx/CVE-2024-35520.json index a8cf4362c10..7c55a4d7aa4 100644 --- a/CVE-2024/CVE-2024-355xx/CVE-2024-35520.json +++ b/CVE-2024/CVE-2024-355xx/CVE-2024-35520.json @@ -2,13 +2,17 @@ "id": "CVE-2024-35520", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-14T22:15:03.727", - "lastModified": "2024-10-14T22:15:03.727", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Netgear R7000 1.0.11.136 is vulnerable to Command Injection in RMT_invite.cgi via device_name2 parameter." + }, + { + "lang": "es", + "value": "Netgear R7000 1.0.11.136 es vulnerable a la inyecci\u00f3n de comandos en RMT_invite.cgi a trav\u00e9s del par\u00e1metro device_name2." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-355xx/CVE-2024-35522.json b/CVE-2024/CVE-2024-355xx/CVE-2024-35522.json index f55f419d522..82912f330e6 100644 --- a/CVE-2024/CVE-2024-355xx/CVE-2024-35522.json +++ b/CVE-2024/CVE-2024-355xx/CVE-2024-35522.json @@ -2,13 +2,17 @@ "id": "CVE-2024-35522", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T22:15:04.117", - "lastModified": "2024-10-11T22:15:04.117", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Netgear EX3700 ' AC750 WiFi Range Extender Essentials Edition before 1.0.0.98 contains an authenticated command injection in operating_mode.cgi via the ap_mode parameter with ap_24g_manual set to 1 and ap_24g_manual_sec set to NotNone." + }, + { + "lang": "es", + "value": "El extensor de rango WiFi Netgear EX3700 ' AC750 WiFi Essentials Edition anterior a 1.0.0.98 contiene una inyecci\u00f3n de comando autenticada en operating_mode.cgi a trav\u00e9s del par\u00e1metro ap_mode con ap_24g_manual establecido en 1 y ap_24g_manual_sec establecido en NotNone." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-383xx/CVE-2024-38365.json b/CVE-2024/CVE-2024-383xx/CVE-2024-38365.json index da6c94376ea..d5adcfe0f12 100644 --- a/CVE-2024/CVE-2024-383xx/CVE-2024-38365.json +++ b/CVE-2024/CVE-2024-383xx/CVE-2024-38365.json @@ -2,13 +2,17 @@ "id": "CVE-2024-38365", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-11T20:15:04.733", - "lastModified": "2024-10-11T20:15:04.733", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "btcd is an alternative full node bitcoin implementation written in Go (golang). The btcd Bitcoin client (versions 0.10 to 0.24) did not correctly re-implement Bitcoin Core's \"FindAndDelete()\" functionality. This logic is consensus-critical: the difference in behavior with the other Bitcoin clients can lead to btcd clients accepting an invalid Bitcoin block (or rejecting a valid one). This consensus failure can be leveraged to cause a chain split (accepting an invalid Bitcoin block) or be exploited to DoS the btcd nodes (rejecting a valid Bitcoin block). An attacker can create a standard transaction where FindAndDelete doesn't return a match but removeOpCodeByData does making btcd get a different sighash, leading to a chain split. Importantly, this vulnerability can be exploited remotely by any Bitcoin user and does not require any hash power. This is because the difference in behavior can be triggered by a \"standard\" Bitcoin transaction, that is a transaction which gets relayed through the P2P network before it gets included in a Bitcoin block. `removeOpcodeByData(script []byte, dataToRemove []byte)` removes any data pushes from `script` that contain `dataToRemove`. However, `FindAndDelete` only removes exact matches. So for example, with `script = \" \"` and `dataToRemove = \"data\"` btcd will remove both data pushes but Bitcoin Core's `FindAndDelete` only removes the first `` push. This has been patched in btcd version v0.24.2. Users are advised to upgrade. There are no known workarounds for this issue." + }, + { + "lang": "es", + "value": "btcd es una implementaci\u00f3n alternativa de nodo completo de bitcoin escrita en Go (golang). El cliente de Bitcoin btcd (versiones 0.10 a 0.24) no volvi\u00f3 a implementar correctamente la funcionalidad \"FindAndDelete()\" de Bitcoin Core. Esta l\u00f3gica es cr\u00edtica para el consenso: la diferencia de comportamiento con los otros clientes de Bitcoin puede llevar a que los clientes de btcd acepten un bloque de Bitcoin no v\u00e1lido (o rechacen uno v\u00e1lido). Esta falla de consenso se puede aprovechar para causar una divisi\u00f3n de la cadena (aceptando un bloque de Bitcoin no v\u00e1lido) o se puede explotar para atacar los nodos de btcd (rechazando un bloque de Bitcoin v\u00e1lido). Un atacante puede crear una transacci\u00f3n est\u00e1ndar donde FindAndDelete no devuelva una coincidencia pero removeOpCodeByData s\u00ed, lo que hace que btcd obtenga un signo diferente, lo que lleva a una divisi\u00f3n de la cadena. Es importante destacar que esta vulnerabilidad puede ser explotada de forma remota por cualquier usuario de Bitcoin y no requiere ning\u00fan poder de hash. Esto se debe a que la diferencia en el comportamiento puede ser provocada por una transacci\u00f3n \"est\u00e1ndar\" de Bitcoin, es decir, una transacci\u00f3n que se retransmite a trav\u00e9s de la red P2P antes de que se incluya en un bloque de Bitcoin. `removeOpcodeByData(script []byte, dataToRemove []byte)` elimina cualquier env\u00edo de datos de `script` que contenga `dataToRemove`. Sin embargo, `FindAndDelete` solo elimina las coincidencias exactas. Entonces, por ejemplo, con `script = \" \"` y `dataToRemove = \"data\"` btcd eliminar\u00e1 ambos env\u00edos de datos, pero `FindAndDelete` de Bitcoin Core solo elimina el primer env\u00edo ``. Esto se ha corregido en la versi\u00f3n v0.24.2 de btcd. Se recomienda a los usuarios que actualicen. No hay workarounds para este problema." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-388xx/CVE-2024-38862.json b/CVE-2024/CVE-2024-388xx/CVE-2024-38862.json index 87084c3e91e..b267d8a4f9a 100644 --- a/CVE-2024/CVE-2024-388xx/CVE-2024-38862.json +++ b/CVE-2024/CVE-2024-388xx/CVE-2024-38862.json @@ -2,13 +2,17 @@ "id": "CVE-2024-38862", "sourceIdentifier": "security@checkmk.com", "published": "2024-10-14T08:15:02.563", - "lastModified": "2024-10-14T08:15:02.563", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p18, <2.2.0p35, <2.1.0p48 and <=2.0.0p39 (EOL) causes SNMP and IMPI secrets of host and folder properties to be written to audit log files accessible to administrators." + }, + { + "lang": "es", + "value": "La inserci\u00f3n de informaci\u00f3n confidencial en el archivo de registro en las versiones de Checkmk de Checkmk GmbH <2.3.0p18, <2.2.0p35, <2.1.0p48 y <=2.0.0p39 (EOL) hace que los secretos SNMP e IMPI de las propiedades del host y de la carpeta se escriban en archivos de registro de auditor\u00eda accesibles para los administradores." } ], "metrics": { @@ -51,8 +55,8 @@ "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", - "baseScore": 5.1, - "baseSeverity": "MEDIUM" + "baseScore": 2.0, + "baseSeverity": "LOW" } } ] diff --git a/CVE-2024/CVE-2024-388xx/CVE-2024-38863.json b/CVE-2024/CVE-2024-388xx/CVE-2024-38863.json index e18ca2a755f..50cc828f752 100644 --- a/CVE-2024/CVE-2024-388xx/CVE-2024-38863.json +++ b/CVE-2024/CVE-2024-388xx/CVE-2024-38863.json @@ -2,13 +2,17 @@ "id": "CVE-2024-38863", "sourceIdentifier": "security@checkmk.com", "published": "2024-10-14T08:15:02.823", - "lastModified": "2024-10-14T08:15:02.823", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Exposure of CSRF tokens in query parameters on specific requests in Checkmk GmbH's Checkmk versions <2.3.0p18, <2.2.0p35 and <2.1.0p48 could lead to a leak of the token to facilitate targeted phishing attacks." + }, + { + "lang": "es", + "value": "La exposici\u00f3n de tokens CSRF en par\u00e1metros de consulta en solicitudes espec\u00edficas en las versiones de Checkmk de Checkmk GmbH <2.3.0p18, <2.2.0p35 y <2.1.0p48 podr\u00eda provocar una fuga del token para facilitar ataques de phishing dirigidos." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-395xx/CVE-2024-39526.json b/CVE-2024/CVE-2024-395xx/CVE-2024-39526.json index 3bcd9518a96..e8edcb59e65 100644 --- a/CVE-2024/CVE-2024-395xx/CVE-2024-39526.json +++ b/CVE-2024/CVE-2024-395xx/CVE-2024-39526.json @@ -2,13 +2,17 @@ "id": "CVE-2024-39526", "sourceIdentifier": "sirt@juniper.net", "published": "2024-10-11T16:15:06.440", - "lastModified": "2024-10-11T16:15:06.440", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An Improper Handling of Exceptional Conditions vulnerability in packet processing of Juniper Networks Junos OS on MX Series with MPC10/MPC11/LC9600 line cards, EX9200 with EX9200-15C lines cards, MX304 devices, and Juniper Networks Junos OS Evolved on PTX Series, allows an attacker sending malformed DHCP packets to cause ingress packet processing to stop, leading to a Denial of Service (DoS).\u00a0 Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition.\n\nThis issue only occurs if DHCP snooping is enabled. See configuration below.\n\nThis issue can be detected using following commands. Their output will display the interface status going down:\n\n\nuser@device>show interfaces \nuser@device>show log messages | match \nuser@device>show log messages ==> will display the \"[Error] Wedge-Detect : Host Loopback Wedge Detected: PFE: no,\" logs.\n\nThis issue affects:\nJunos OS on \n\nMX Series \n\nwith MPC10/MPC11/LC9600 line cards, EX9200 with EX9200-15C line cards, and MX304: \n\n\n * All versions before 21.2R3-S7, \n * from 21.4 before 21.4R3-S6, \n * from 22.2 before 22.2R3-S3, \n * all versions of 22.3,\n * from 22.4 before 22.4R3, \n * from 23.2 before 23.2R2; \n\n\n\nJunos OS Evolved on PTX Series: \n * from 19.3R1-EVO before 21.2R3-S8-EVO,\n\n * from 21.4-EVO before 21.4R3-S7-EVO, \n * from 22.1-EVO before 22.1R3-S6-EVO, \n * from 22.2-EVO before 22.2R3-S5-EVO, \n * from 22.3-EVO before 22.3R3-S3-EVO, \n * from 22.4-EVO before 22.4R3-S1-EVO, \n * from 23.2-EVO before 23.2R2-S2-EVO, \n * from 23.4-EVO before 23.4R2-EVO.\n\n\n\nJunos OS Evolved releases prior to 19.3R1-EVO are unaffected by this vulnerability" + }, + { + "lang": "es", + "value": "Una vulnerabilidad de manejo inadecuado de condiciones excepcionales en el procesamiento de paquetes de Juniper Networks Junos OS en MX Series con tarjetas de l\u00ednea MPC10/MPC11/LC9600, EX9200 con tarjetas de l\u00ednea EX9200-15C, dispositivos MX304 y Juniper Networks Junos OS Evolved en PTX Series, permite que un atacante que env\u00ede paquetes DHCP malformados haga que se detenga el procesamiento de paquetes de entrada, lo que genera una denegaci\u00f3n de servicio (DoS). La recepci\u00f3n y el procesamiento continuos de estos paquetes crear\u00e1n una condici\u00f3n de denegaci\u00f3n de servicio (DoS) sostenida. Este problema solo ocurre si est\u00e1 habilitado el espionaje de DHCP. Consulte la configuraci\u00f3n a continuaci\u00f3n. Este problema se puede detectar con los siguientes comandos. Su salida mostrar\u00e1 el estado de la interfaz que se est\u00e1 desconectando: user@device>show interfaces user@device>show log messages | match user@device>show log messages ==> mostrar\u00e1 los registros \"[Error] Wedge-Detect : Host Loopback Wedge Detected: PFE: no\". Este problema afecta a: Junos OS en la serie MX con tarjetas de l\u00ednea MPC10/MPC11/LC9600, EX9200 con tarjetas de l\u00ednea EX9200-15C y MX304: * Todas las versiones anteriores a 21.2R3-S7, * desde 21.4 hasta 21.4R3-S6, * desde 22.2 hasta 22.2R3-S3, * todas las versiones de 22.3, * desde 22.4 hasta 22.4R3, * desde 23.2 hasta 23.2R2; Junos OS Evolved en la serie PTX: * desde 19.3R1-EVO hasta 21.2R3-S8-EVO, * desde 21.4-EVO hasta 21.4R3-S7-EVO, * desde 22.1-EVO hasta 22.1R3-S6-EVO, * desde 22.2-EVO hasta 22.2R3-S5-EVO, * desde 22.3-EVO hasta 22.3R3-S3-EVO, * desde 22.4-EVO hasta 22.4R3-S1-EVO, * desde 23.2-EVO hasta 23.2R2-S2-EVO, * desde 23.4-EVO hasta 23.4R2-EVO. Las versiones de Junos OS Evolved anteriores a 19.3R1-EVO no se ven afectadas por esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-395xx/CVE-2024-39527.json b/CVE-2024/CVE-2024-395xx/CVE-2024-39527.json index d0b68d18834..e67f6e16152 100644 --- a/CVE-2024/CVE-2024-395xx/CVE-2024-39527.json +++ b/CVE-2024/CVE-2024-395xx/CVE-2024-39527.json @@ -2,13 +2,17 @@ "id": "CVE-2024-39527", "sourceIdentifier": "sirt@juniper.net", "published": "2024-10-11T16:15:06.707", - "lastModified": "2024-10-11T16:15:06.707", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An\u00a0Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the command-line interface (CLI) of Juniper Networks Junos OS on SRX Series devices allows a local, low-privileged user with access to the Junos CLI to view the contents of protected files on the file system.\n\nThrough the execution of crafted CLI commands, a user with limited permissions (e.g., a low privilege login class user) can access protected files that should not be accessible to the user. These files may contain sensitive information that can be used to cause further impact to the system.\n\nThis issue affects Junos OS on SRX Series:\u00a0\n\n\n\n * All versions before\u00a021.4R3-S8,\u00a0\n * 22.2 before 22.2R3-S5,\u00a0\n * 22.3 before 22.3R3-S4,\u00a0\n * 22.4 before 22.4R3-S4,\u00a0\n * 23.2 before 23.2R2-S2,\u00a0\n * 23.4 before 23.4R2." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de exposici\u00f3n de informaci\u00f3n confidencial a un actor no autorizado en la interfaz de l\u00ednea de comandos (CLI) de Juniper Networks Junos OS en dispositivos de la serie SRX permite que un usuario local con pocos privilegios y acceso a la CLI de Junos vea el contenido de archivos protegidos en el sistema de archivos. Mediante la ejecuci\u00f3n de comandos CLI dise\u00f1ados, un usuario con permisos limitados (por ejemplo, un usuario de clase de inicio de sesi\u00f3n con pocos privilegios) puede acceder a archivos protegidos a los que no deber\u00eda tener acceso. Estos archivos pueden contener informaci\u00f3n confidencial que se puede utilizar para causar un mayor impacto en el sistema. Este problema afecta a Junos OS en la serie SRX: * Todas las versiones anteriores a 21.4R3-S8, * 22.2 anteriores a 22.2R3-S5, * 22.3 anteriores a 22.3R3-S4, * 22.4 anteriores a 22.4R3-S4, * 23.2 anteriores a 23.2R2-S2, * 23.4 anteriores a 23.4R2." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-395xx/CVE-2024-39534.json b/CVE-2024/CVE-2024-395xx/CVE-2024-39534.json index df343243ac0..82d500fc705 100644 --- a/CVE-2024/CVE-2024-395xx/CVE-2024-39534.json +++ b/CVE-2024/CVE-2024-395xx/CVE-2024-39534.json @@ -2,13 +2,17 @@ "id": "CVE-2024-39534", "sourceIdentifier": "sirt@juniper.net", "published": "2024-10-11T16:15:06.970", - "lastModified": "2024-10-11T16:15:06.970", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An\u00a0Incorrect Comparison vulnerability in the local address verification API of Juniper Networks Junos OS Evolved allows an unauthenticated network-adjacent attacker to create sessions or send traffic to the device using the network and broadcast address of the subnet assigned to an interface. This is unintended and unexpected behavior and can allow an attacker to bypass certain compensating controls, such as stateless firewall filters.\n\nThis issue affects Junos OS Evolved:\u00a0\n\n\n\n * All versions before 21.4R3-S8-EVO,\u00a0\n * 22.2-EVO before 22.2R3-S4-EVO,\u00a0\n * 22.3-EVO before 22.3R3-S4-EVO,\u00a0\n * 22.4-EVO before 22.4R3-S3-EVO,\u00a0\n * 23.2-EVO before 23.2R2-S1-EVO,\u00a0\n * 23.4-EVO before 23.4R1-S2-EVO, 23.4R2-EVO." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de comparaci\u00f3n incorrecta en la API de verificaci\u00f3n de direcci\u00f3n local de Juniper Networks Junos OS Evolved permite que un atacante no autenticado adyacente a la red cree sesiones o env\u00ede tr\u00e1fico al dispositivo utilizando la direcci\u00f3n de red y de difusi\u00f3n de la subred asignada a una interfaz. Este es un comportamiento no deseado e inesperado y puede permitir que un atacante eluda ciertos controles de compensaci\u00f3n, como filtros de firewall sin estado. Este problema afecta a Junos OS Evolved: * Todas las versiones anteriores a 21.4R3-S8-EVO, * 22.2-EVO anteriores a 22.2R3-S4-EVO, * 22.3-EVO anteriores a 22.3R3-S4-EVO, * 22.4-EVO anteriores a 22.4R3-S3-EVO, * 23.2-EVO anteriores a 23.2R2-S1-EVO, * 23.4-EVO anteriores a 23.4R1-S2-EVO, 23.4R2-EVO." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-395xx/CVE-2024-39544.json b/CVE-2024/CVE-2024-395xx/CVE-2024-39544.json index 605a7e5e793..20921e63722 100644 --- a/CVE-2024/CVE-2024-395xx/CVE-2024-39544.json +++ b/CVE-2024/CVE-2024-395xx/CVE-2024-39544.json @@ -2,13 +2,17 @@ "id": "CVE-2024-39544", "sourceIdentifier": "sirt@juniper.net", "published": "2024-10-11T16:15:07.240", - "lastModified": "2024-10-11T16:15:07.240", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An\u00a0Incorrect Default Permissions vulnerability in the command line interface (CLI) of Juniper Networks Junos OS Evolved allows a low privileged local attacker to view NETCONF traceoptions files, representing an exposure of sensitive information.\n\n\n\nOn all Junos OS Evolved platforms, when NETCONF traceoptions are configured, NETCONF traceoptions files get created with an incorrect group permission, which allows \n\na low-privileged user can access sensitive information compromising the confidentiality of the system.\n\n\n\nJunos OS Evolved:\u00a0\n\n\n\n\n * All versions before 20.4R3-S9-EVO,\u00a0\n * 21.2-EVO before 21.2R3-S7-EVO,\u00a0\n * 21.4-EVO before 21.4R3-S5-EVO,\u00a0\n * 22.1-EVO before 22.1R3-S5-EVO,\u00a0\n * 22.2-EVO before 22.2R3-S3-EVO,\u00a0\n * 22.3-EVO before 22.3R3-EVO, 22.3R3-S2-EVO,\u00a0\n * 22.4-EVO before 22.4R3-EVO,\u00a0\n * 23.2-EVO before 23.2R1-S2-EVO, 23.2R2-EVO." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de permisos predeterminados incorrectos en la interfaz de l\u00ednea de comandos (CLI) de Juniper Networks Junos OS Evolved permite que un atacante local con pocos privilegios vea los archivos traceoptions de NETCONF, lo que representa una exposici\u00f3n de informaci\u00f3n confidencial. En todas las plataformas Junos OS Evolved, cuando se configuran los archivos traceoptions de NETCONF, se crean archivos traceoptions de NETCONF con un permiso de grupo incorrecto, lo que permite que un usuario con pocos privilegios pueda acceder a informaci\u00f3n confidencial y comprometer la confidencialidad del sistema. Junos OS Evolved: * Todas las versiones anteriores a 20.4R3-S9-EVO, * 21.2-EVO anterior a 21.2R3-S7-EVO, * 21.4-EVO anterior a 21.4R3-S5-EVO, * 22.1-EVO anterior a 22.1R3-S5-EVO, * 22.2-EVO anterior a 22.2R3-S3-EVO, * 22.3-EVO anterior a 22.3R3-EVO, 22.3R3-S2-EVO, * 22.4-EVO anterior a 22.4R3-EVO, * 23.2-EVO anterior a 23.2R1-S2-EVO, 23.2R2-EVO." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-395xx/CVE-2024-39547.json b/CVE-2024/CVE-2024-395xx/CVE-2024-39547.json index 909f8bb81be..338a670ec13 100644 --- a/CVE-2024/CVE-2024-395xx/CVE-2024-39547.json +++ b/CVE-2024/CVE-2024-395xx/CVE-2024-39547.json @@ -2,13 +2,17 @@ "id": "CVE-2024-39547", "sourceIdentifier": "sirt@juniper.net", "published": "2024-10-11T16:15:07.483", - "lastModified": "2024-10-11T16:15:07.483", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An\u00a0Improper Handling of Exceptional Conditions vulnerability in the rpd-server of Juniper Networks Junos OS and Junos OS Evolved within cRPD allows an unauthenticated network-based attacker sending crafted TCP traffic to the routing engine (RE) to cause a CPU-based Denial of Service (DoS).\n\nIf specially crafted TCP traffic is received by the control plane, or a TCP session terminates unexpectedly, it will cause increased control plane CPU utilization by the rpd-server process.\n\nWhile not explicitly required, the impact is more severe when RIB sharding is enabled.\n\nTask accounting shows unexpected reads by the RPD Server jobs for shards:\n\nuser@junos> show task accounting detail\n...\nread:RPD Server.0.0.0.0+780.192.168.0.78+48886 TOT:00000003.00379787 MAX:00000000.00080516 RUNS: 233888\\\nread:RPD Server.0.0.0.0+780.192.168.0.78+49144 TOT:00000004.00007565 MAX:00000000.00080360 RUNS: 233888\\\nread:RPD Server.0.0.0.0+780.192.168.0.78+49694 TOT:00000003.00600584 MAX:00000000.00080463 RUNS: 233888\\\nread:RPD Server.0.0.0.0+780.192.168.0.78+50246 TOT:00000004.00346998 MAX:00000000.00080338 RUNS: 233888\\\n\n\n\nThis issue affects:\n\nJunos OS with cRPD:\u00a0\n\n * All versions before 21.2R3-S8,\u00a0\n * 21.4 before 21.4R3-S7,\u00a0\n * 22.1 before 22.1R3-S6,\u00a0\n * 22.2 before 22.2R3-S4,\u00a0\n * 22.3 before 22.3R3-S3,\u00a0\n * 22.4 before 22.4R3-S2,\u00a0\n * 23.2 before 23.2R2-S2,\u00a0\n * 24.2 before 24.2R2;\u00a0\n\n\nJunos OS Evolved with cRPD:\u00a0\n\n * All versions before 21.4R3-S7-EVO,\u00a0\n * 22.2 before 22.2R3-S4-EVO,\u00a0\n * 22.3 before 22.3R3-S3-EVO,\u00a0\n * 22.4 before 22.4R3-S2-EVO,\u00a0\n * 23.2 before 23.2R2-EVO." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de manejo inadecuado de condiciones excepcionales en el servidor rpd de Juniper Networks Junos OS y Junos OS Evolved dentro de cRPD permite que un atacante no autenticado basado en la red env\u00ede tr\u00e1fico TCP manipulado al motor de enrutamiento (RE) para provocar una denegaci\u00f3n de servicio (DoS) basada en la CPU. Si el plano de control recibe tr\u00e1fico TCP especialmente manipulado o una sesi\u00f3n TCP finaliza inesperadamente, esto provocar\u00e1 un aumento en la utilizaci\u00f3n de la CPU del plano de control por parte del proceso rpd-server. Si bien no se requiere expl\u00edcitamente, el impacto es m\u00e1s grave cuando se habilita la fragmentaci\u00f3n RIB. La contabilidad de tareas muestra lecturas inesperadas de los trabajos del servidor RPD para los fragmentos: user@junos> show task accounting detail ... read:RPD Server.0.0.0.0+780.192.168.0.78+48886 TOT:00000003.00379787 MAX:00000000.00080516 RUNS: 233888\\ read:RPD Server.0.0.0.0+780.192.168.0.78+49144 TOT:00000004.00007565 MAX:00000000.00080360 RUNS: 233888\\ read:RPD Server.0.0.0.0+780.192.168.0.78+49694 TOT:00000003.00600584 MAX:00000000.00080463 EJECUCIONES: 233888\\ lectura:RPD Server.0.0.0.0+780.192.168.0.78+50246 TOT:00000004.00346998 MAX:00000000.00080338 EJECUCIONES: 233888\\ Este problema afecta a: Junos OS con cRPD: * Todas las versiones anteriores a 21.2R3-S8, * 21.4 anteriores a 21.4R3-S7, * 22.1 anteriores a 22.1R3-S6, * 22.2 anteriores a 22.2R3-S4, * 22.3 anteriores a 22.3R3-S3, * 22.4 anteriores a 22.4R3-S2, * 23.2 antes de 23.2R2-S2, * 24.2 antes de 24.2R2; Junos OS evolucionado con cRPD: * Todas las versiones anteriores a 21.4R3-S7-EVO, * 22.2 antes de 22.2R3-S4-EVO, * 22.3 antes de 22.3R3-S3-EVO, * 22.4 antes de 22.4R3-S2-EVO, * 23.2 antes de 23.2R2-EVO." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-395xx/CVE-2024-39563.json b/CVE-2024/CVE-2024-395xx/CVE-2024-39563.json index 3a91a9218e6..eb8153cebe6 100644 --- a/CVE-2024/CVE-2024-395xx/CVE-2024-39563.json +++ b/CVE-2024/CVE-2024-395xx/CVE-2024-39563.json @@ -2,13 +2,17 @@ "id": "CVE-2024-39563", "sourceIdentifier": "sirt@juniper.net", "published": "2024-10-11T16:15:07.740", - "lastModified": "2024-10-11T16:15:07.740", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A Command Injection\u00a0vulnerability in Juniper Networks Junos Space allows an unauthenticated, network-based attacker sending a specially crafted request\u00a0to execute arbitrary shell commands on the Junos Space Appliance, leading to\u00a0remote command execution by the web application, gaining complete control of the device.\n\nA specific script in the Junos Space web application allows attacker-controlled input from a GET request without sufficient input sanitization. A specially crafted request can exploit this vulnerability to execute arbitrary shell commands on the Junos Space Appliance.\n\nThis issue affects Junos Space 24.1R1. Previous versions of Junos Space are unaffected by this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de inyecci\u00f3n de comandos en Juniper Networks Junos Space permite que un atacante no autenticado basado en la red env\u00ede una solicitud especialmente dise\u00f1ada para ejecutar comandos de shell arbitrarios en el dispositivo Junos Space, lo que lleva a la ejecuci\u00f3n remota de comandos por parte de la aplicaci\u00f3n web, obteniendo as\u00ed el control total del dispositivo. Un script espec\u00edfico en la aplicaci\u00f3n web Junos Space permite la entrada controlada por el atacante desde una solicitud GET sin una desinfecci\u00f3n de entrada suficiente. Una solicitud especialmente dise\u00f1ada puede explotar esta vulnerabilidad para ejecutar comandos de shell arbitrarios en el dispositivo Junos Space. Este problema afecta a Junos Space 24.1R1. Las versiones anteriores de Junos Space no se ven afectadas por esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-40xx/CVE-2024-4089.json b/CVE-2024/CVE-2024-40xx/CVE-2024-4089.json index 1e96ef327d3..f5737fdb0ca 100644 --- a/CVE-2024/CVE-2024-40xx/CVE-2024-4089.json +++ b/CVE-2024/CVE-2024-40xx/CVE-2024-4089.json @@ -2,13 +2,17 @@ "id": "CVE-2024-4089", "sourceIdentifier": "psirt@lenovo.com", "published": "2024-10-11T16:15:13.633", - "lastModified": "2024-10-11T16:15:13.633", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A DLL hijack vulnerability was reported in Lenovo Super File that could allow a local attacker to execute code with elevated privileges." + }, + { + "lang": "es", + "value": "Se inform\u00f3 de una vulnerabilidad de secuestro de DLL en Lenovo Super File que podr\u00eda permitir a un atacante local ejecutar c\u00f3digo con privilegios elevados." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-419xx/CVE-2024-41997.json b/CVE-2024/CVE-2024-419xx/CVE-2024-41997.json index 9553229b60f..8a2862b953e 100644 --- a/CVE-2024/CVE-2024-419xx/CVE-2024-41997.json +++ b/CVE-2024/CVE-2024-419xx/CVE-2024-41997.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41997", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-14T16:15:03.640", - "lastModified": "2024-10-14T16:15:03.640", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in version of Warp Terminal prior to 2024.07.18 (v0.2024.07.16.08.02). A command injection vulnerability exists in the Docker integration functionality. An attacker can create a specially crafted hyperlink using the `warp://action/docker/open_subshell` intent that when clicked by the victim results in command execution on the victim's machine." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en la versi\u00f3n de Warp Terminal anterior a 2024.07.18 (v0.2024.07.16.08.02). Existe una vulnerabilidad de inyecci\u00f3n de comandos en la funcionalidad de integraci\u00f3n de Docker. Un atacante puede crear un hiperv\u00ednculo especialmente manipulado utilizando la intenci\u00f3n `warp://action/docker/open_subshell` que, cuando la v\u00edctima hace clic en \u00e9l, da como resultado la ejecuci\u00f3n del comando en la m\u00e1quina de la v\u00edctima." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-41xx/CVE-2024-4130.json b/CVE-2024/CVE-2024-41xx/CVE-2024-4130.json index 0a33dcaf596..60a7194a6c0 100644 --- a/CVE-2024/CVE-2024-41xx/CVE-2024-4130.json +++ b/CVE-2024/CVE-2024-41xx/CVE-2024-4130.json @@ -2,13 +2,17 @@ "id": "CVE-2024-4130", "sourceIdentifier": "psirt@lenovo.com", "published": "2024-10-11T16:15:13.840", - "lastModified": "2024-10-11T16:15:13.840", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A DLL hijack vulnerability was reported in Lenovo App Store that could allow a local attacker to execute code with elevated privileges." + }, + { + "lang": "es", + "value": "Se inform\u00f3 de una vulnerabilidad de secuestro de DLL en Lenovo App Store que podr\u00eda permitir que un atacante local ejecute c\u00f3digo con privilegios elevados." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-41xx/CVE-2024-4131.json b/CVE-2024/CVE-2024-41xx/CVE-2024-4131.json index aa504bc0a56..5c7fa62745f 100644 --- a/CVE-2024/CVE-2024-41xx/CVE-2024-4131.json +++ b/CVE-2024/CVE-2024-41xx/CVE-2024-4131.json @@ -2,13 +2,17 @@ "id": "CVE-2024-4131", "sourceIdentifier": "psirt@lenovo.com", "published": "2024-10-11T16:15:14.050", - "lastModified": "2024-10-11T16:15:14.050", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A DLL hijack vulnerability was reported in Lenovo Emulator that could allow a local attacker to execute code with elevated privileges." + }, + { + "lang": "es", + "value": "Se inform\u00f3 de una vulnerabilidad de secuestro de DLL en Lenovo Emulator que podr\u00eda permitir que un atacante local ejecute c\u00f3digo con privilegios elevados." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-41xx/CVE-2024-4132.json b/CVE-2024/CVE-2024-41xx/CVE-2024-4132.json index bec5e1b520c..8d3e520ee7d 100644 --- a/CVE-2024/CVE-2024-41xx/CVE-2024-4132.json +++ b/CVE-2024/CVE-2024-41xx/CVE-2024-4132.json @@ -2,13 +2,17 @@ "id": "CVE-2024-4132", "sourceIdentifier": "psirt@lenovo.com", "published": "2024-10-11T16:15:14.243", - "lastModified": "2024-10-11T16:15:14.243", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A DLL hijack vulnerability was reported in Lenovo Lock Screen that could allow a local attacker to execute code with elevated privileges." + }, + { + "lang": "es", + "value": "Se inform\u00f3 de una vulnerabilidad de secuestro de DLL en Lenovo Lock Screen que podr\u00eda permitir que un atacante local ejecute c\u00f3digo con privilegios elevados." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-420xx/CVE-2024-42018.json b/CVE-2024/CVE-2024-420xx/CVE-2024-42018.json index dd9fff9c95e..fa19d12f380 100644 --- a/CVE-2024/CVE-2024-420xx/CVE-2024-42018.json +++ b/CVE-2024/CVE-2024-420xx/CVE-2024-42018.json @@ -2,13 +2,17 @@ "id": "CVE-2024-42018", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T17:15:03.573", - "lastModified": "2024-10-11T17:15:03.573", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in Atos Eviden SMC xScale before 1.6.6. During initialization of nodes, some configuration parameters are retrieved from management nodes. These parameters embed credentials whose integrity and confidentiality may be important to the security of the HPC configuration. Because these parameters are needed for initialization, there is no available mechanism to ensure access control on the management node, and a mitigation measure is normally put in place to prevent access to unprivileged users. It was discovered that this mitigation measure does not survive a reboot of diskful nodes. (Diskless nodes are not at risk.) The mistake lies in the cloudinit configuration: the iptables configuration should have been in the bootcmd instead of the runcmd section." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en Atos Eviden SMC xScale antes de la versi\u00f3n 1.6.6. Durante la inicializaci\u00f3n de los nodos, se recuperan algunos par\u00e1metros de configuraci\u00f3n de los nodos de administraci\u00f3n. Estos par\u00e1metros incorporan credenciales cuya integridad y confidencialidad pueden ser importantes para la seguridad de la configuraci\u00f3n de HPC. Debido a que estos par\u00e1metros son necesarios para la inicializaci\u00f3n, no hay ning\u00fan mecanismo disponible para garantizar el control de acceso en el nodo de administraci\u00f3n y normalmente se implementa una medida de mitigaci\u00f3n para evitar el acceso a usuarios sin privilegios. Se descubri\u00f3 que esta medida de mitigaci\u00f3n no sobrevive al reinicio de nodos con disco lleno. (Los nodos sin disco no corren riesgo). El error se encuentra en la configuraci\u00f3n de cloudinit: la configuraci\u00f3n de iptables deber\u00eda haber estado en la secci\u00f3n bootcmd en lugar de la secci\u00f3n runcmd." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-426xx/CVE-2024-42640.json b/CVE-2024/CVE-2024-426xx/CVE-2024-42640.json index 770ffa6d02c..a9632706541 100644 --- a/CVE-2024/CVE-2024-426xx/CVE-2024-42640.json +++ b/CVE-2024/CVE-2024-426xx/CVE-2024-42640.json @@ -2,8 +2,8 @@ "id": "CVE-2024-42640", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T16:15:08.040", - "lastModified": "2024-10-11T16:15:08.040", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [ { "sourceIdentifier": "cve@mitre.org", @@ -16,6 +16,10 @@ { "lang": "en", "value": "angular-base64-upload prior to v0.1.21 is vulnerable to unauthenticated remote code execution via demo/server.php. Exploiting this vulnerability allows an attacker to upload arbitrary content to the server, which can subsequently be accessed through demo/uploads. This leads to the execution of previously uploaded content and enables the attacker to achieve code execution on the server. NOTE: This vulnerability only affects products that are no longer supported by the maintainer." + }, + { + "lang": "es", + "value": "Las versiones angular-base64-upload anteriores a v0.1.21 son vulnerables a la ejecuci\u00f3n remota de c\u00f3digo no autenticado a trav\u00e9s de demo/server.php. Aprovechar esta vulnerabilidad permite a un atacante cargar contenido arbitrario al servidor, al que posteriormente se puede acceder a trav\u00e9s de demo/uploads. Esto lleva a la ejecuci\u00f3n de contenido cargado previamente y permite al atacante ejecutar c\u00f3digo en el servidor. NOTA: Esta vulnerabilidad solo afecta a los productos que ya no reciben soporte del fabricante." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43701.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43701.json index 291c57971da..df8eb1e1eae 100644 --- a/CVE-2024/CVE-2024-437xx/CVE-2024-43701.json +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43701.json @@ -2,13 +2,17 @@ "id": "CVE-2024-43701", "sourceIdentifier": "367425dc-4d06-4041-9650-c2dc6aaa27ce", "published": "2024-10-14T09:15:04.157", - "lastModified": "2024-10-14T09:15:04.157", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Software installed and run as a non-privileged user may conduct GPU system calls to read and write freed physical memory from the GPU." + }, + { + "lang": "es", + "value": "El software instalado y ejecutado como un usuario sin privilegios puede realizar llamadas al sistema de GPU para leer y escribir la memoria f\u00edsica liberada de la GPU." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-441xx/CVE-2024-44157.json b/CVE-2024/CVE-2024-441xx/CVE-2024-44157.json index aa9484badf2..a1bd0d74a28 100644 --- a/CVE-2024/CVE-2024-441xx/CVE-2024-44157.json +++ b/CVE-2024/CVE-2024-441xx/CVE-2024-44157.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44157", "sourceIdentifier": "product-security@apple.com", "published": "2024-10-11T18:15:08.030", - "lastModified": "2024-10-11T18:15:08.030", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A stack buffer overflow was addressed through improved input validation. This issue is fixed in Apple TV 1.5.0.152 for Windows, iTunes 12.13.3 for Windows. Parsing a maliciously crafted video file may lead to unexpected system termination." + }, + { + "lang": "es", + "value": "Se solucion\u00f3 un desbordamiento del b\u00fafer de pila mediante una validaci\u00f3n de entrada mejorada. Este problema se solucion\u00f3 en Apple TV 1.5.0.152 para Windows y iTunes 12.13.3 para Windows. El an\u00e1lisis de un archivo de video manipulado con fines malintencionados puede provocar la finalizaci\u00f3n inesperada del sistema." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-444xx/CVE-2024-44413.json b/CVE-2024/CVE-2024-444xx/CVE-2024-44413.json index 0efa1a303ad..8bb70123e90 100644 --- a/CVE-2024/CVE-2024-444xx/CVE-2024-44413.json +++ b/CVE-2024/CVE-2024-444xx/CVE-2024-44413.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44413", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T17:15:03.790", - "lastModified": "2024-10-11T17:15:03.790", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was discovered in DI_8200-16.07.26A1, which has been classified as critical. This issue affects the upgrade_filter_asp function in the upgrade_filter.asp file. Manipulation of the path parameter can lead to command injection." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 una vulnerabilidad en DI_8200-16.07.26A1, que se ha clasificado como cr\u00edtica. Este problema afecta a la funci\u00f3n upgrade_filter_asp en el archivo upgrade_filter.asp. La manipulaci\u00f3n del par\u00e1metro path puede provocar la inyecci\u00f3n de comandos." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-444xx/CVE-2024-44414.json b/CVE-2024/CVE-2024-444xx/CVE-2024-44414.json index 666843fd212..1dcba342e7a 100644 --- a/CVE-2024/CVE-2024-444xx/CVE-2024-44414.json +++ b/CVE-2024/CVE-2024-444xx/CVE-2024-44414.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44414", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T17:15:03.880", - "lastModified": "2024-10-11T21:36:31.953", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was discovered in FBM_292W-21.03.10V, which has been classified as critical. This issue affects the sub_4901E0 function in the msp_info.htm file. Manipulation of the path parameter can lead to command injection." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 una vulnerabilidad en FBM_292W-21.03.10V, que se ha clasificado como cr\u00edtica. Este problema afecta a la funci\u00f3n sub_4901E0 en el archivo msp_info.htm. La manipulaci\u00f3n del par\u00e1metro path puede provocar la inyecci\u00f3n de comandos." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-444xx/CVE-2024-44415.json b/CVE-2024/CVE-2024-444xx/CVE-2024-44415.json index b886f9ae744..12cdb289229 100644 --- a/CVE-2024/CVE-2024-444xx/CVE-2024-44415.json +++ b/CVE-2024/CVE-2024-444xx/CVE-2024-44415.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44415", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T17:15:03.967", - "lastModified": "2024-10-11T17:15:03.967", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was discovered in DI_8200-16.07.26A1, There is a buffer overflow in the dbsrv_asp function; The strcpy function is executed without checking the length of the string, leading to a buffer overflow." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 una vulnerabilidad en DI_8200-16.07.26A1, hay un desbordamiento de b\u00fafer en la funci\u00f3n dbsrv_asp; la funci\u00f3n strcpy se ejecuta sin verificar la longitud de la cadena, lo que genera un desbordamiento de b\u00fafer." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-447xx/CVE-2024-44729.json b/CVE-2024/CVE-2024-447xx/CVE-2024-44729.json index fe25bdc8091..36f9b30c1b3 100644 --- a/CVE-2024/CVE-2024-447xx/CVE-2024-44729.json +++ b/CVE-2024/CVE-2024-447xx/CVE-2024-44729.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44729", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T16:15:08.150", - "lastModified": "2024-10-11T16:15:08.150", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Incorrect access control in the component app/src/server.js of Mirotalk before commit 9de226 allows unauthenticated attackers without presenter privileges to arbitrarily eject users from a meeting." + }, + { + "lang": "es", + "value": "Un control de acceso incorrecto en el componente app/src/server.js de Mirotalk antes de el commit 9de226 permite que atacantes no autenticados sin privilegios de presentador expulsen arbitrariamente a los usuarios de una reuni\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-447xx/CVE-2024-44730.json b/CVE-2024/CVE-2024-447xx/CVE-2024-44730.json index 62dee52de56..2e77c81b34a 100644 --- a/CVE-2024/CVE-2024-447xx/CVE-2024-44730.json +++ b/CVE-2024/CVE-2024-447xx/CVE-2024-44730.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44730", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T16:15:08.250", - "lastModified": "2024-10-11T16:15:08.250", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Incorrect access control in the function handleDataChannelChat(dataMessage) of Mirotalk before commit c21d58 allows attackers to forge chat messages using an arbitrary sender name." + }, + { + "lang": "es", + "value": "Un control de acceso incorrecto en la funci\u00f3n handleDataChannelChat(dataMessage) de Mirotalk antes de el commit c21d58 permite a los atacantes falsificar mensajes de chat utilizando un nombre de remitente arbitrario." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-447xx/CVE-2024-44731.json b/CVE-2024/CVE-2024-447xx/CVE-2024-44731.json index 115d1220afe..c097d7720d9 100644 --- a/CVE-2024/CVE-2024-447xx/CVE-2024-44731.json +++ b/CVE-2024/CVE-2024-447xx/CVE-2024-44731.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44731", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T17:15:04.080", - "lastModified": "2024-10-11T17:15:04.080", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Mirotalk before commit 9de226 was discovered to contain a DOM-based cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary code via sending crafted payloads in messages to other users over RTC connections." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que Mirotalk antes de el commit 9de226 conten\u00eda una vulnerabilidad de cross-site scripting (XSS) basada en DOM que permite a los atacantes ejecutar c\u00f3digo arbitrario mediante el env\u00edo de payloads malipulados en mensajes a otros usuarios mediante conexiones RTC." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-447xx/CVE-2024-44734.json b/CVE-2024/CVE-2024-447xx/CVE-2024-44734.json index 3581cd95890..3731b0c946d 100644 --- a/CVE-2024/CVE-2024-447xx/CVE-2024-44734.json +++ b/CVE-2024/CVE-2024-447xx/CVE-2024-44734.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44734", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T17:15:04.157", - "lastModified": "2024-10-11T17:15:04.157", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Incorrect access control in Mirotalk before commit 9de226 allows attackers to arbitrarily change usernames via sending a crafted roomAction request to the server." + }, + { + "lang": "es", + "value": "Un control de acceso incorrecto en Mirotalk antes de el commit 9de226 permite a los atacantes cambiar arbitrariamente los nombres de usuario mediante el env\u00edo de una solicitud roomAction manipulada espec\u00edficamente para el servidor." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-448xx/CVE-2024-44807.json b/CVE-2024/CVE-2024-448xx/CVE-2024-44807.json index 577320fc916..6a8fa771288 100644 --- a/CVE-2024/CVE-2024-448xx/CVE-2024-44807.json +++ b/CVE-2024/CVE-2024-448xx/CVE-2024-44807.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44807", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T18:15:08.133", - "lastModified": "2024-10-11T18:15:08.133", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A directory listing issue in the baserCMS plugin in D-ZERO CO., LTD. BurgerEditor and BurgerEditor Limited Edition before 2.25.1 allows remote attackers to obtain sensitive information by exposing a list of the uploaded files." + }, + { + "lang": "es", + "value": "Un problema de listado de directorios en el complemento baserCMS en D-ZERO CO., LTD. BurgerEditor y BurgerEditor Limited Edition anteriores a la versi\u00f3n 2.25.1 permite a atacantes remotos obtener informaci\u00f3n confidencial al exponer una lista de los archivos cargados." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-451xx/CVE-2024-45184.json b/CVE-2024/CVE-2024-451xx/CVE-2024-45184.json index fbd0dc47a9a..34659f296dd 100644 --- a/CVE-2024/CVE-2024-451xx/CVE-2024-45184.json +++ b/CVE-2024/CVE-2024-451xx/CVE-2024-45184.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45184", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T21:15:06.947", - "lastModified": "2024-10-11T21:15:06.947", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modems with chipset Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, Modem 5123, and Modem 5300. A USAT out-of-bounds write due to a heap buffer overflow can lead to a Denial of Service." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en Samsung Mobile Processor, Wearable Processor, and Modems with chipset 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, m\u00f3dem 5123 y Modem 5300. Una escritura fuera de los l\u00edmites de USAT debido a un desbordamiento del b\u00fafer del mont\u00f3n puede provocar una denegaci\u00f3n de servicio." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-452xx/CVE-2024-45271.json b/CVE-2024/CVE-2024-452xx/CVE-2024-45271.json index 9353abc86b2..7a060800eca 100644 --- a/CVE-2024/CVE-2024-452xx/CVE-2024-45271.json +++ b/CVE-2024/CVE-2024-452xx/CVE-2024-45271.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45271", "sourceIdentifier": "info@cert.vde.com", "published": "2024-10-15T11:15:11.420", - "lastModified": "2024-10-15T11:15:11.420", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An unauthenticated local attacker can gain admin privileges by deploying a config file due to improper input validation." + }, + { + "lang": "es", + "value": "Un atacante local no autenticado puede obtener privilegios de administrador al implementar un archivo de configuraci\u00f3n debido a una validaci\u00f3n de entrada incorrecta." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-452xx/CVE-2024-45272.json b/CVE-2024/CVE-2024-452xx/CVE-2024-45272.json index c7f465f4b3a..459a4c7ddf1 100644 --- a/CVE-2024/CVE-2024-452xx/CVE-2024-45272.json +++ b/CVE-2024/CVE-2024-452xx/CVE-2024-45272.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45272", "sourceIdentifier": "info@cert.vde.com", "published": "2024-10-15T11:15:11.673", - "lastModified": "2024-10-15T11:15:11.673", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An unauthenticated remote attacker can perform a brute-force attack on the credentials of the remote service portal with a high chance of success, resulting in connection lost." + }, + { + "lang": "es", + "value": "Un atacante remoto no autenticado puede realizar un ataque de fuerza bruta a las credenciales del portal de servicio remoto con una alta probabilidad de \u00e9xito, lo que da como resultado la p\u00e9rdida de la conexi\u00f3n." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-452xx/CVE-2024-45273.json b/CVE-2024/CVE-2024-452xx/CVE-2024-45273.json index a7d969dc48a..4377695ecc2 100644 --- a/CVE-2024/CVE-2024-452xx/CVE-2024-45273.json +++ b/CVE-2024/CVE-2024-452xx/CVE-2024-45273.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45273", "sourceIdentifier": "info@cert.vde.com", "published": "2024-10-15T11:15:11.940", - "lastModified": "2024-10-15T11:15:11.940", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An unauthenticated local attacker can decrypt the devices config file and therefore compromise the device due to a weak implementation of the encryption used." + }, + { + "lang": "es", + "value": "Un atacante local no autenticado puede descifrar el archivo de configuraci\u00f3n del dispositivo y, por lo tanto, comprometer el dispositivo debido a una implementaci\u00f3n d\u00e9bil del cifrado utilizado." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-452xx/CVE-2024-45274.json b/CVE-2024/CVE-2024-452xx/CVE-2024-45274.json index 9a61dea9c9a..f39c5371f61 100644 --- a/CVE-2024/CVE-2024-452xx/CVE-2024-45274.json +++ b/CVE-2024/CVE-2024-452xx/CVE-2024-45274.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45274", "sourceIdentifier": "info@cert.vde.com", "published": "2024-10-15T11:15:12.247", - "lastModified": "2024-10-15T11:15:12.247", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An unauthenticated remote attacker can execute OS commands via UDP on the device due to missing authentication." + }, + { + "lang": "es", + "value": "Un atacante remoto no autenticado puede ejecutar comandos del sistema operativo a trav\u00e9s de UDP en el dispositivo debido a la falta de autenticaci\u00f3n." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-452xx/CVE-2024-45275.json b/CVE-2024/CVE-2024-452xx/CVE-2024-45275.json index e4c264fa8b9..1786f96eb0c 100644 --- a/CVE-2024/CVE-2024-452xx/CVE-2024-45275.json +++ b/CVE-2024/CVE-2024-452xx/CVE-2024-45275.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45275", "sourceIdentifier": "info@cert.vde.com", "published": "2024-10-15T11:15:12.487", - "lastModified": "2024-10-15T11:15:12.487", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The devices contain two hard coded user accounts with hardcoded passwords that allow an unauthenticated remote attacker for full control of the affected devices." + }, + { + "lang": "es", + "value": "Los dispositivos contienen dos cuentas de usuario codificadas con contrase\u00f1as codificadas que permiten a un atacante remoto no autenticado tener control total de los dispositivos afectados." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-452xx/CVE-2024-45276.json b/CVE-2024/CVE-2024-452xx/CVE-2024-45276.json index 8ffeddf690f..b4c75b09cbb 100644 --- a/CVE-2024/CVE-2024-452xx/CVE-2024-45276.json +++ b/CVE-2024/CVE-2024-452xx/CVE-2024-45276.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45276", "sourceIdentifier": "info@cert.vde.com", "published": "2024-10-15T11:15:12.760", - "lastModified": "2024-10-15T11:15:12.760", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An unauthenticated remote attacker can get read access to files in the \"/tmp\" directory due to missing authentication." + }, + { + "lang": "es", + "value": "Un atacante remoto no autenticado puede obtener acceso de lectura a los archivos en el directorio \"/tmp\" debido a la falta de autenticaci\u00f3n." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-453xx/CVE-2024-45315.json b/CVE-2024/CVE-2024-453xx/CVE-2024-45315.json index 1c7d54bf12c..a8e3bd0fb3a 100644 --- a/CVE-2024/CVE-2024-453xx/CVE-2024-45315.json +++ b/CVE-2024/CVE-2024-453xx/CVE-2024-45315.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45315", "sourceIdentifier": "PSIRT@sonicwall.com", "published": "2024-10-11T13:15:15.883", - "lastModified": "2024-10-11T13:15:15.883", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Improper link resolution before file access ('Link Following') vulnerability in SonicWall Connect Tunnel (version 12.4.3.271 and earlier of Windows client) allows users with standard privileges to create arbitrary folders and files, potentially leading to local Denial of Service (DoS) attack." + }, + { + "lang": "es", + "value": "La vulnerabilidad de resoluci\u00f3n de enlace incorrecta antes del acceso al archivo ('Seguimiento de enlace') en SonicWall Connect Tunnel (versi\u00f3n 12.4.3.271 y anteriores del cliente de Windows) permite a los usuarios con privilegios est\u00e1ndar crear carpetas y archivos arbitrarios, lo que potencialmente conduce a un ataque de denegaci\u00f3n de servicio (DoS) local." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-453xx/CVE-2024-45316.json b/CVE-2024/CVE-2024-453xx/CVE-2024-45316.json index 647615c97fa..1ebe22bbd7f 100644 --- a/CVE-2024/CVE-2024-453xx/CVE-2024-45316.json +++ b/CVE-2024/CVE-2024-453xx/CVE-2024-45316.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45316", "sourceIdentifier": "PSIRT@sonicwall.com", "published": "2024-10-11T13:15:16.010", - "lastModified": "2024-10-11T21:36:32.947", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Improper link resolution before file access ('Link Following') vulnerability in SonicWall Connect Tunnel (version 12.4.3.271 and earlier of Windows client) allows users with standard privileges to delete arbitrary folders and files, potentially leading to local privilege escalation attack." + }, + { + "lang": "es", + "value": "La vulnerabilidad de resoluci\u00f3n de enlace incorrecta antes del acceso al archivo ('Seguimiento de enlace') en SonicWall Connect Tunnel (versi\u00f3n 12.4.3.271 y anteriores del cliente de Windows) permite a los usuarios con privilegios est\u00e1ndar eliminar carpetas y archivos arbitrarios, lo que potencialmente conduce a un ataque de escalada de privilegios locales." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-453xx/CVE-2024-45317.json b/CVE-2024/CVE-2024-453xx/CVE-2024-45317.json index bada5cb2f50..fd283ca9c71 100644 --- a/CVE-2024/CVE-2024-453xx/CVE-2024-45317.json +++ b/CVE-2024/CVE-2024-453xx/CVE-2024-45317.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45317", "sourceIdentifier": "PSIRT@sonicwall.com", "published": "2024-10-11T13:15:16.103", - "lastModified": "2024-10-11T13:15:16.103", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A Server-Side Request Forgery (SSRF) vulnerability in SMA1000 appliance firmware versions 12.4.3-02676 and earlier allows a remote, unauthenticated attacker to cause the SMA1000 server-side application to make requests to an unintended IP address." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de Server-Side Request Forgery (SSRF) en las versiones de firmware 12.4.3-02676 y anteriores del dispositivo SMA1000 permite que un atacante remoto no autenticado haga que la aplicaci\u00f3n del lado del servidor SMA1000 realice solicitudes a una direcci\u00f3n IP no deseada." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-453xx/CVE-2024-45396.json b/CVE-2024/CVE-2024-453xx/CVE-2024-45396.json index 8b1b9225296..4a3e62a9f5e 100644 --- a/CVE-2024/CVE-2024-453xx/CVE-2024-45396.json +++ b/CVE-2024/CVE-2024-453xx/CVE-2024-45396.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45396", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-11T15:15:04.457", - "lastModified": "2024-10-11T15:15:04.457", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Quicly is an IETF QUIC protocol implementation. Quicly up to commtit d720707 is susceptible to a denial-of-service attack. A remote attacker can exploit these bugs to trigger an assertion failure that crashes process using quicly. The vulnerability is addressed with commit 2a95896104901589c495bc41460262e64ffcad5c." + }, + { + "lang": "es", + "value": "Quicly es una implementaci\u00f3n del protocolo QUIC de la IETF. Hasta el commit d720707, Quicly es susceptible a un ataque de denegaci\u00f3n de servicio. Un atacante remoto puede aprovechar estos errores para desencadenar un error de aserci\u00f3n que bloquee el proceso que utiliza Quicly. La vulnerabilidad se soluciona con el commit 2a95896104901589c495bc41460262e64ffcad5c." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-453xx/CVE-2024-45397.json b/CVE-2024/CVE-2024-453xx/CVE-2024-45397.json index c9a4b4f9527..fb24db4a04f 100644 --- a/CVE-2024/CVE-2024-453xx/CVE-2024-45397.json +++ b/CVE-2024/CVE-2024-453xx/CVE-2024-45397.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45397", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-11T15:15:04.690", - "lastModified": "2024-10-11T15:15:04.690", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. When an HTTP request using TLS/1.3 early data on top of TCP Fast Open or QUIC 0-RTT packets is received and the IP-address-based access control is used, the access control does not detect and prohibit HTTP requests conveyed by packets with a spoofed source address. This behavior allows attackers on the network to execute HTTP requests from addresses that are otherwise rejected by the address-based access control. The vulnerability has been addressed in commit 15ed15a. Users may disable the use of TCP FastOpen and QUIC to mitigate the issue." + }, + { + "lang": "es", + "value": "h2o es un servidor HTTP compatible con HTTP/1.x, HTTP/2 y HTTP/3. Cuando se recibe una solicitud HTTP que utiliza datos tempranos TLS/1.3 sobre paquetes TCP Fast Open o QUIC 0-RTT y se utiliza el control de acceso basado en direcciones IP, el control de acceso no detecta ni proh\u00edbe las solicitudes HTTP transmitidas por paquetes con una direcci\u00f3n de origen falsificada. Este comportamiento permite a los atacantes de la red ejecutar solicitudes HTTP desde direcciones que, de otro modo, ser\u00edan rechazadas por el control de acceso basado en direcciones. La vulnerabilidad se ha abordado en el commit 15ed15a. Los usuarios pueden desactivar el uso de TCP FastOpen y QUIC para mitigar el problema." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-454xx/CVE-2024-45402.json b/CVE-2024/CVE-2024-454xx/CVE-2024-45402.json index 51d61044cd6..c94b7ee395c 100644 --- a/CVE-2024/CVE-2024-454xx/CVE-2024-45402.json +++ b/CVE-2024/CVE-2024-454xx/CVE-2024-45402.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45402", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-11T15:15:04.903", - "lastModified": "2024-10-11T15:15:04.903", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Picotls is a TLS protocol library that allows users select different crypto backends based on their use case. When parsing a spoofed TLS handshake message, picotls (specifically, bindings within picotls that call the crypto libraries) may attempt to free the same memory twice. This double free occurs during the disposal of multiple objects without any intervening calls to malloc Typically, this triggers the malloc implementation to detect the error and abort the process. However, depending on the internals of malloc and the crypto backend being used, the flaw could potentially lead to a use-after-free scenario, which might allow for arbitrary code execution. The vulnerability is addressed with commit 9b88159ce763d680e4a13b6e8f3171ae923a535d." + }, + { + "lang": "es", + "value": "Picotls es una librer\u00eda de protocolo TLS que permite a los usuarios seleccionar diferentes backends criptogr\u00e1ficos seg\u00fan su caso de uso. Al analizar un mensaje de protocolo de enlace TLS falsificado, picotls (espec\u00edficamente, los enlaces dentro de picotls que llaman a las librer\u00edas criptogr\u00e1ficas) pueden intentar liberar la misma memoria dos veces. Esta doble liberaci\u00f3n ocurre durante la eliminaci\u00f3n de m\u00faltiples objetos sin ninguna llamada intermedia a malloc. Por lo general, esto activa la implementaci\u00f3n de malloc para detectar el error y abortar el proceso. Sin embargo, dependiendo de los componentes internos de malloc y el backend criptogr\u00e1fico que se use, la falla podr\u00eda potencialmente conducir a un escenario de use-after-free, lo que podr\u00eda permitir la ejecuci\u00f3n de c\u00f3digo arbitrario. La vulnerabilidad se soluciona con el commit 9b88159ce763d680e4a13b6e8f3171ae923a535d." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-454xx/CVE-2024-45403.json b/CVE-2024/CVE-2024-454xx/CVE-2024-45403.json index 4e251d8169a..4d48d676ebb 100644 --- a/CVE-2024/CVE-2024-454xx/CVE-2024-45403.json +++ b/CVE-2024/CVE-2024-454xx/CVE-2024-45403.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45403", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-11T15:15:05.123", - "lastModified": "2024-10-11T15:15:05.123", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. When h2o is configured as a reverse proxy and HTTP/3 requests are cancelled by the client, h2o might crash due to an assertion failure. The crash can be exploited by an attacker to mount a Denial-of-Service attack. By default, the h2o standalone server automatically restarts, minimizing the impact. However, HTTP requests that were served concurrently will still be disrupted. The vulnerability has been addressed in commit 1ed32b2. Users may disable the use of HTTP/3 to mitigate the issue." + }, + { + "lang": "es", + "value": "h2o es un servidor HTTP compatible con HTTP/1.x, HTTP/2 y HTTP/3. Cuando h2o est\u00e1 configurado como un proxy inverso y el cliente cancela las solicitudes HTTP/3, h2o puede bloquearse debido a un error de aserci\u00f3n. Un atacante puede aprovechar el bloqueo para lanzar un ataque de denegaci\u00f3n de servicio. De forma predeterminada, el servidor independiente h2o se reinicia autom\u00e1ticamente, lo que minimiza el impacto. Sin embargo, las solicitudes HTTP que se atendieron simult\u00e1neamente seguir\u00e1n siendo interrumpidas. La vulnerabilidad se ha solucionado en el commit 1ed32b2. Los usuarios pueden desactivar el uso de HTTP/3 para mitigar el problema." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-457xx/CVE-2024-45731.json b/CVE-2024/CVE-2024-457xx/CVE-2024-45731.json index 9961d23504a..76009d95cc2 100644 --- a/CVE-2024/CVE-2024-457xx/CVE-2024-45731.json +++ b/CVE-2024/CVE-2024-457xx/CVE-2024-45731.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45731", "sourceIdentifier": "prodsec@splunk.com", "published": "2024-10-14T17:15:11.177", - "lastModified": "2024-10-14T17:15:11.177", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Splunk Enterprise for Windows versions below 9.3.1, 9.2.3, and 9.1.6, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could write a file to the Windows system root directory, which has a default location in the Windows System32 folder, when Splunk Enterprise for Windows is installed on a separate drive." + }, + { + "lang": "es", + "value": "En las versiones de Splunk Enterprise para Windows anteriores a 9.3.1, 9.2.3 y 9.1.6, un usuario con privilegios bajos que no tenga los roles de \"administrador\" o \"poder\" de Splunk podr\u00eda escribir un archivo en el directorio ra\u00edz del sistema de Windows, que tiene una ubicaci\u00f3n predeterminada en la carpeta System32 de Windows, cuando Splunk Enterprise para Windows est\u00e1 instalado en una unidad separada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-457xx/CVE-2024-45732.json b/CVE-2024/CVE-2024-457xx/CVE-2024-45732.json index 29d66889649..13227703f3d 100644 --- a/CVE-2024/CVE-2024-457xx/CVE-2024-45732.json +++ b/CVE-2024/CVE-2024-457xx/CVE-2024-45732.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45732", "sourceIdentifier": "prodsec@splunk.com", "published": "2024-10-14T17:15:11.410", - "lastModified": "2024-10-14T17:15:11.410", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Splunk Enterprise versions below 9.3.1, and 9.2.0 versions below 9.2.3, and Splunk Cloud Platform versions below 9.2.2403.103, 9.1.2312.200, 9.1.2312.110 and 9.1.2308.208, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could run a search as the \"nobody\" Splunk user in the SplunkDeploymentServerConfig app. This could let the low-privileged user access potentially restricted data." + }, + { + "lang": "es", + "value": "En las versiones de Splunk Enterprise anteriores a 9.3.1, 9.2.0 y 9.2.3, y en las versiones de Splunk Cloud Platform anteriores a 9.2.2403.103, 9.1.2312.200, 9.1.2312.110 y 9.1.2308.208, un usuario con privilegios bajos que no tenga los roles de Splunk \"admin\" o \"power\" podr\u00eda ejecutar una b\u00fasqueda como el usuario de Splunk \"nobody\" en la aplicaci\u00f3n SplunkDeploymentServerConfig. Esto podr\u00eda permitir que el usuario con privilegios bajos acceda a datos potencialmente restringidos." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-457xx/CVE-2024-45733.json b/CVE-2024/CVE-2024-457xx/CVE-2024-45733.json index 91651b6b2de..fb62fa11a33 100644 --- a/CVE-2024/CVE-2024-457xx/CVE-2024-45733.json +++ b/CVE-2024/CVE-2024-457xx/CVE-2024-45733.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45733", "sourceIdentifier": "prodsec@splunk.com", "published": "2024-10-14T17:15:11.657", - "lastModified": "2024-10-14T17:15:11.657", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Splunk Enterprise for Windows versions below 9.2.3 and 9.1.6, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could perform a Remote Code Execution (RCE) due to an insecure session storage configuration." + }, + { + "lang": "es", + "value": "En las versiones de Splunk Enterprise para Windows anteriores a 9.2.3 y 9.1.6, un usuario con pocos privilegios que no tenga los roles de \"administrador\" o \"poder\" de Splunk podr\u00eda realizar una ejecuci\u00f3n remota de c\u00f3digo (RCE) debido a una configuraci\u00f3n de almacenamiento de sesi\u00f3n insegura." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-457xx/CVE-2024-45734.json b/CVE-2024/CVE-2024-457xx/CVE-2024-45734.json index 469dd960d69..6fd06fb95cf 100644 --- a/CVE-2024/CVE-2024-457xx/CVE-2024-45734.json +++ b/CVE-2024/CVE-2024-457xx/CVE-2024-45734.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45734", "sourceIdentifier": "prodsec@splunk.com", "published": "2024-10-14T17:15:11.850", - "lastModified": "2024-10-14T17:15:11.850", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Splunk Enterprise versions 9.3.0, 9.2.3, and 9.1.6, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could view images on the machine that runs Splunk Enterprise by using the PDF export feature in Splunk classic dashboards. The images on the machine could be exposed by exporting the dashboard as a PDF, using the local image path in the img tag in the source extensible markup language (XML) code for the Splunk classic dashboard." + }, + { + "lang": "es", + "value": "En las versiones 9.3.0, 9.2.3 y 9.1.6 de Splunk Enterprise, un usuario con pocos privilegios que no tenga los roles de \"administrador\" o \"poder\" de Splunk podr\u00eda ver im\u00e1genes en la m\u00e1quina que ejecuta Splunk Enterprise mediante la funci\u00f3n de exportaci\u00f3n a PDF en los paneles cl\u00e1sicos de Splunk. Las im\u00e1genes en la m\u00e1quina podr\u00edan exponerse exportando el panel como PDF, utilizando la ruta de la imagen local en la etiqueta img en el c\u00f3digo fuente del lenguaje de marcado extensible (XML) para el panel cl\u00e1sico de Splunk." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-457xx/CVE-2024-45735.json b/CVE-2024/CVE-2024-457xx/CVE-2024-45735.json index c945c8a0fab..497c8029504 100644 --- a/CVE-2024/CVE-2024-457xx/CVE-2024-45735.json +++ b/CVE-2024/CVE-2024-457xx/CVE-2024-45735.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45735", "sourceIdentifier": "prodsec@splunk.com", "published": "2024-10-14T17:15:12.053", - "lastModified": "2024-10-14T17:15:12.053", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Splunk Enterprise versions below 9.2.3 and 9.1.6, and Splunk Secure Gateway versions on Splunk Cloud Platform versions below 3.4.259, 3.6.17, and 3.7.0, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles can see App Key Value Store (KV Store) deployment configuration and public/private keys in the Splunk Secure Gateway App." + }, + { + "lang": "es", + "value": "En las versiones de Splunk Enterprise anteriores a 9.2.3 y 9.1.6, y en las versiones de Splunk Secure Gateway en Splunk Cloud Platform anteriores a 3.4.259, 3.6.17 y 3.7.0, un usuario con privilegios bajos que no tenga los roles de \"administrador\" o \"poder\" de Splunk puede ver la configuraci\u00f3n de implementaci\u00f3n del Almac\u00e9n de valores de clave de la aplicaci\u00f3n (Almac\u00e9n KV) y las claves p\u00fablicas/privadas en la aplicaci\u00f3n Splunk Secure Gateway." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-457xx/CVE-2024-45736.json b/CVE-2024/CVE-2024-457xx/CVE-2024-45736.json index 0944db2cc1d..16b60737428 100644 --- a/CVE-2024/CVE-2024-457xx/CVE-2024-45736.json +++ b/CVE-2024/CVE-2024-457xx/CVE-2024-45736.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45736", "sourceIdentifier": "prodsec@splunk.com", "published": "2024-10-14T17:15:12.253", - "lastModified": "2024-10-14T17:15:12.253", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.107, 9.1.2312.204, and 9.1.2312.111, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could craft a search query with an improperly formatted \"INGEST_EVAL\" parameter as part of a [Field Transformation](https://docs.splunk.com/Documentation/Splunk/latest/Knowledge/Managefieldtransforms) which could crash the Splunk daemon (splunkd)." + }, + { + "lang": "es", + "value": "En las versiones de Splunk Enterprise anteriores a 9.3.1, 9.2.3 y 9.1.6 y en las versiones de Splunk Cloud Platform anteriores a 9.2.2403.107, 9.1.2312.204 y 9.1.2312.111, un usuario con privilegios bajos que no tenga los roles de \"administrador\" o \"poder\" de Splunk podr\u00eda crear una consulta de b\u00fasqueda con un par\u00e1metro \"INGEST_EVAL\" con formato incorrecto como parte de una [Transformaci\u00f3n de campo](https://docs.splunk.com/Documentation/Splunk/latest/Knowledge/Managefieldtransforms) que podr\u00eda bloquear el daemon de Splunk (splunkd)." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-457xx/CVE-2024-45737.json b/CVE-2024/CVE-2024-457xx/CVE-2024-45737.json index aa920f899bf..e033087b6ba 100644 --- a/CVE-2024/CVE-2024-457xx/CVE-2024-45737.json +++ b/CVE-2024/CVE-2024-457xx/CVE-2024-45737.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45737", "sourceIdentifier": "prodsec@splunk.com", "published": "2024-10-14T17:15:12.453", - "lastModified": "2024-10-14T17:15:12.453", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108, and 9.1.2312.204, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could change the maintenance mode state of App Key Value Store (KVStore) through a Cross-Site Request Forgery (CSRF)." + }, + { + "lang": "es", + "value": "En las versiones de Splunk Enterprise anteriores a 9.3.1, 9.2.3 y 9.1.6 y en las versiones de Splunk Cloud Platform anteriores a 9.2.2403.108 y 9.1.2312.204, un usuario con privilegios bajos que no tenga los roles de \"administrador\" o \"poder\" de Splunk podr\u00eda cambiar el estado del modo de mantenimiento de App Key Value Store (KVStore) a trav\u00e9s de un Cross-Site Request Forgery (CSRF)." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-457xx/CVE-2024-45738.json b/CVE-2024/CVE-2024-457xx/CVE-2024-45738.json index 68dc3eab818..06bba7b5bff 100644 --- a/CVE-2024/CVE-2024-457xx/CVE-2024-45738.json +++ b/CVE-2024/CVE-2024-457xx/CVE-2024-45738.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45738", "sourceIdentifier": "prodsec@splunk.com", "published": "2024-10-14T17:15:12.660", - "lastModified": "2024-10-14T17:15:12.660", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes sensitive HTTP parameters to the `_internal` index. This exposure could happen if you configure the Splunk Enterprise `REST_Calls` log channel at the DEBUG logging level." + }, + { + "lang": "es", + "value": "En las versiones de Splunk Enterprise anteriores a 9.3.1, 9.2.3 y 9.1.6, el software puede exponer par\u00e1metros HTTP confidenciales al \u00edndice `_internal`. Esta exposici\u00f3n podr\u00eda ocurrir si configura el canal de registro `REST_Calls` de Splunk Enterprise en el nivel de registro DEBUG." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-457xx/CVE-2024-45739.json b/CVE-2024/CVE-2024-457xx/CVE-2024-45739.json index 5ce4abe2f65..570cfd0cb41 100644 --- a/CVE-2024/CVE-2024-457xx/CVE-2024-45739.json +++ b/CVE-2024/CVE-2024-457xx/CVE-2024-45739.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45739", "sourceIdentifier": "prodsec@splunk.com", "published": "2024-10-14T17:15:12.860", - "lastModified": "2024-10-14T17:15:12.860", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes plaintext passwords for local native authentication Splunk users. This exposure could happen when you configure the Splunk Enterprise AdminManager log channel at the DEBUG logging level." + }, + { + "lang": "es", + "value": "En las versiones de Splunk Enterprise anteriores a 9.3.1, 9.2.3 y 9.1.6, el software puede exponer las contrase\u00f1as de texto plano de los usuarios de Splunk con autenticaci\u00f3n nativa local. Esta exposici\u00f3n podr\u00eda ocurrir cuando configura el canal de registro de Splunk Enterprise AdminManager en el nivel de registro DEBUG." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-457xx/CVE-2024-45740.json b/CVE-2024/CVE-2024-457xx/CVE-2024-45740.json index d08d4a7e0d3..0c92d3e7b63 100644 --- a/CVE-2024/CVE-2024-457xx/CVE-2024-45740.json +++ b/CVE-2024/CVE-2024-457xx/CVE-2024-45740.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45740", "sourceIdentifier": "prodsec@splunk.com", "published": "2024-10-14T17:15:13.047", - "lastModified": "2024-10-14T17:15:13.047", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could craft a malicious payload through Scheduled Views that could result in execution of unauthorized JavaScript code in the browser of a user." + }, + { + "lang": "es", + "value": "En las versiones de Splunk Enterprise anteriores a 9.2.3 y 9.1.6 y en las versiones de Splunk Cloud Platform anteriores a 9.2.2403, un usuario con pocos privilegios que no tenga los roles de \"administrador\" o \"poder\" de Splunk podr\u00eda crear un payload malicioso a trav\u00e9s de Vistas programadas que podr\u00eda resultar en la ejecuci\u00f3n de c\u00f3digo JavaScript no autorizado en el navegador de un usuario." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-457xx/CVE-2024-45741.json b/CVE-2024/CVE-2024-457xx/CVE-2024-45741.json index 4d17f8050ce..536083c3ef6 100644 --- a/CVE-2024/CVE-2024-457xx/CVE-2024-45741.json +++ b/CVE-2024/CVE-2024-457xx/CVE-2024-45741.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45741", "sourceIdentifier": "prodsec@splunk.com", "published": "2024-10-14T17:15:13.250", - "lastModified": "2024-10-14T17:15:13.250", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108 and 9.1.2312.205, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could create a malicious payload through a custom configuration file that the \"api.uri\" parameter from the \"/manager/search/apps/local\" endpoint in Splunk Web calls. This could result in execution of unauthorized JavaScript code in the browser of a user." + }, + { + "lang": "es", + "value": "En las versiones de Splunk Enterprise anteriores a 9.2.3 y 9.1.6 y en las versiones de Splunk Cloud Platform anteriores a 9.2.2403.108 y 9.1.2312.205, un usuario con pocos privilegios que no tenga los roles de \"administrador\" o \"poder\" de Splunk podr\u00eda crear un payload malicioso a trav\u00e9s de un archivo de configuraci\u00f3n personalizado al que llama el par\u00e1metro \"api.uri\" del punto de conexi\u00f3n \"/manager/search/apps/local\" en Splunk Web. Esto podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo JavaScript no autorizado en el navegador de un usuario." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-457xx/CVE-2024-45754.json b/CVE-2024/CVE-2024-457xx/CVE-2024-45754.json index 3da76e97093..3e70b209806 100644 --- a/CVE-2024/CVE-2024-457xx/CVE-2024-45754.json +++ b/CVE-2024/CVE-2024-457xx/CVE-2024-45754.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45754", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T22:15:04.337", - "lastModified": "2024-10-11T22:15:04.337", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in the centreon-bi-server component in Centreon BI Server 24.04.x before 24.04.3, 23.10.x before 23.10.8, 23.04.x before 23.04.11, and 22.10.x before 22.10.11. SQL injection can occur in the listing of configured reporting jobs. Exploitation is only accessible to authenticated users with high-privileged access." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en el componente centreon-bi-server en Centreon BI Server 24.04.x anterior a 24.04.3, 23.10.x anterior a 23.10.8, 23.04.x anterior a 23.04.11 y 22.10.x anterior a 22.10.11. La inyecci\u00f3n de SQL puede ocurrir en la lista de trabajos de informes configurados. La explotaci\u00f3n solo es accesible para usuarios autenticados con acceso con privilegios elevados." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-460xx/CVE-2024-46088.json b/CVE-2024/CVE-2024-460xx/CVE-2024-46088.json index 59fbade33c4..608223e672e 100644 --- a/CVE-2024/CVE-2024-460xx/CVE-2024-46088.json +++ b/CVE-2024/CVE-2024-460xx/CVE-2024-46088.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46088", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T16:15:08.357", - "lastModified": "2024-10-11T21:36:35.423", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An arbitrary file upload vulnerability in the ProductAction.entphone interface of Zhejiang University Entersoft Customer Resource Management System v2002 to v2024 allows attackers to execute arbitrary code via uploading a crafted file." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de carga de archivos arbitrarios en la interfaz Zhejiang University Entersoft Customer Resource Management System v2002 a v2024 de la Universidad de Zhejiang permite a los atacantes ejecutar c\u00f3digo arbitrario mediante la carga de un archivo manipulado espec\u00edficamente para ello." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-462xx/CVE-2024-46215.json b/CVE-2024/CVE-2024-462xx/CVE-2024-46215.json index b455b4a356e..10fc440451e 100644 --- a/CVE-2024/CVE-2024-462xx/CVE-2024-46215.json +++ b/CVE-2024/CVE-2024-462xx/CVE-2024-46215.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46215", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T17:15:04.260", - "lastModified": "2024-10-11T17:15:04.260", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was discovered in KM08-708H-v1.1, There is a buffer overflow in the sub_445BDC() function within the /usr/sbin/goahead program; The strcpy function is executed without checking the length of the string, leading to a buffer overflow." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 una vulnerabilidad en KM08-708H-v1.1, hay un desbordamiento de b\u00fafer en la funci\u00f3n sub_445BDC() dentro del programa /usr/sbin/goahead; la funci\u00f3n strcpy se ejecuta sin verificar la longitud de la cadena, lo que genera un desbordamiento de b\u00fafer." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-464xx/CVE-2024-46468.json b/CVE-2024/CVE-2024-464xx/CVE-2024-46468.json index 73f43ceae02..43899076236 100644 --- a/CVE-2024/CVE-2024-464xx/CVE-2024-46468.json +++ b/CVE-2024/CVE-2024-464xx/CVE-2024-46468.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46468", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T21:15:07.040", - "lastModified": "2024-10-11T21:15:07.040", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A Server-Side Request Forgery (SSRF) vulnerability exists in the jpress <= v5.1.1, which can be exploited by an attacker to obtain sensitive information, resulting in an information disclosure." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de Server-Side Request Forgery (SSRF) en jpress <= v5.1.1, que puede ser explotada por un atacante para obtener informaci\u00f3n confidencial, lo que resulta en una divulgaci\u00f3n de informaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-465xx/CVE-2024-46528.json b/CVE-2024/CVE-2024-465xx/CVE-2024-46528.json index fab1f31477a..24da369ad0b 100644 --- a/CVE-2024/CVE-2024-465xx/CVE-2024-46528.json +++ b/CVE-2024/CVE-2024-465xx/CVE-2024-46528.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46528", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-14T18:15:03.847", - "lastModified": "2024-10-14T18:15:03.847", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An Insecure Direct Object Reference (IDOR) vulnerability in KubeSphere v3.4.1 and v4.1.1 allows low-privileged authenticated attackers to access sensitive resources without proper authorization checks." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de referencia directa de objetos insegura (IDOR) en KubeSphere v3.4.1 y v4.1.1 permite a atacantes autenticados con pocos privilegios acceder a recursos confidenciales sin las verificaciones de autorizaci\u00f3n adecuadas." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-465xx/CVE-2024-46532.json b/CVE-2024/CVE-2024-465xx/CVE-2024-46532.json index 2d3fce84074..9a2eb8eaf69 100644 --- a/CVE-2024/CVE-2024-465xx/CVE-2024-46532.json +++ b/CVE-2024/CVE-2024-465xx/CVE-2024-46532.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46532", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T18:15:08.267", - "lastModified": "2024-10-11T18:15:08.267", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "SQL Injection vulnerability in OpenHIS v.1.0 allows an attacker to execute arbitrary code via the refund function in the PayController.class.php component." + }, + { + "lang": "es", + "value": "La vulnerabilidad de inyecci\u00f3n SQL en OpenHIS v.1.0 permite a un atacante ejecutar c\u00f3digo arbitrario a trav\u00e9s de la funci\u00f3n de reembolso en el componente PayController.class.php." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-465xx/CVE-2024-46535.json b/CVE-2024/CVE-2024-465xx/CVE-2024-46535.json index bc991a508fa..f9c471fcefb 100644 --- a/CVE-2024/CVE-2024-465xx/CVE-2024-46535.json +++ b/CVE-2024/CVE-2024-465xx/CVE-2024-46535.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46535", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-14T17:15:13.440", - "lastModified": "2024-10-14T17:15:13.440", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Jepaas v7.2.8 was discovered to contain a SQL injection vulnerability via the orderSQL parameter at /homePortal/loadUserMsg." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que Jepaas v7.2.8 conten\u00eda una vulnerabilidad de inyecci\u00f3n SQL a trav\u00e9s del par\u00e1metro orderSQL en /homePortal/loadUserMsg." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-468xx/CVE-2024-46898.json b/CVE-2024/CVE-2024-468xx/CVE-2024-46898.json index 6f768de09d1..04aaa481fa8 100644 --- a/CVE-2024/CVE-2024-468xx/CVE-2024-46898.json +++ b/CVE-2024/CVE-2024-468xx/CVE-2024-46898.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46898", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-10-15T07:15:02.267", - "lastModified": "2024-10-15T07:15:02.267", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "SHIRASAGI prior to v1.19.1 processes URLs in HTTP requests improperly, resulting in a path traversal vulnerability. If this vulnerability is exploited, arbitrary files on the server may be retrieved when processing crafted HTTP requests." + }, + { + "lang": "es", + "value": "Las versiones anteriores a la v1.19.1 de SHIRASAGI procesan las URL de las solicitudes HTTP de forma incorrecta, lo que genera una vulnerabilidad de path traversal. Si se explota esta vulnerabilidad, se pueden recuperar archivos arbitrarios del servidor al procesar solicitudes HTTP manipuladas." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-469xx/CVE-2024-46911.json b/CVE-2024/CVE-2024-469xx/CVE-2024-46911.json index abf38d6a59c..11bd7e433c8 100644 --- a/CVE-2024/CVE-2024-469xx/CVE-2024-46911.json +++ b/CVE-2024/CVE-2024-469xx/CVE-2024-46911.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46911", "sourceIdentifier": "security@apache.org", "published": "2024-10-14T09:15:04.297", - "lastModified": "2024-10-14T09:15:04.297", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cross-site Resource Forgery (CSRF), Privilege escalation vulnerability in Apache Roller. On multi-blog/user Roller websites, by default weblog owners are trusted to publish arbitrary weblog content and this combined with a deficiency in Roller's CSRF protections allowed an escalation of privileges attack. This issue affects Apache Roller before 6.1.4.\n\nRoller users who run multi-blog/user Roller websites are recommended to upgrade to version 6.1.4, which fixes the issue.\n\nRoller 6.1.4 release announcement:\u00a0 https://lists.apache.org/thread/3c3f6rwqptyw6wdc95654fq5vlosqdpw" + }, + { + "lang": "es", + "value": "Vulnerabilidad de escalada de privilegios por Cross-site Resource Forgery (CSRF) en Apache Roller. En los sitios web de Roller con varios blogs y usuarios, por defecto, se conf\u00eda en los propietarios de los blogs para que publiquen contenido arbitrario en los blogs y esto, combinado con una deficiencia en las protecciones CSRF de Roller, permiti\u00f3 un ataque de escalada de privilegios. Este problema afecta a Apache Roller anterior a la versi\u00f3n 6.1.4. Se recomienda a los usuarios de Roller que ejecutan sitios web de Roller con varios blogs y usuarios que actualicen a la versi\u00f3n 6.1.4, que soluciona el problema. Anuncio de lanzamiento de Roller 6.1.4: https://lists.apache.org/thread/3c3f6rwqptyw6wdc95654fq5vlosqdpw" } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-469xx/CVE-2024-46980.json b/CVE-2024/CVE-2024-469xx/CVE-2024-46980.json index 4afa23372ea..26abf82aafc 100644 --- a/CVE-2024/CVE-2024-469xx/CVE-2024-46980.json +++ b/CVE-2024/CVE-2024-469xx/CVE-2024-46980.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46980", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-14T18:15:03.947", - "lastModified": "2024-10-14T18:15:03.947", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap Community Edition 15.13.99.37, Tuleap Enterprise Edition 15.13-3, and Tuleap Enterprise Edition 15.12-6, a site administrator could create an artifact link type with a forward label allowing them to execute uncontrolled code (or at least achieve content injection) in a mail client. Tuleap Community Edition 15.13.99.37, Tuleap Enterprise Edition 15.13-3, and Tuleap Enterprise Edition 15.12-6 fix this issue." + }, + { + "lang": "es", + "value": "Tuleap es una herramienta para la trazabilidad de extremo a extremo de desarrollos de aplicaciones y sistemas. Antes de Tuleap Community Edition 15.13.99.37, Tuleap Enterprise Edition 15.13-3 y Tuleap Enterprise Edition 15.12-6, un administrador de sitio pod\u00eda crear un tipo de enlace de artefacto con una etiqueta de reenv\u00edo que le permitiera ejecutar c\u00f3digo no controlado (o al menos lograr la inyecci\u00f3n de contenido) en un cliente de correo. Tuleap Community Edition 15.13.99.37, Tuleap Enterprise Edition 15.13-3 y Tuleap Enterprise Edition 15.12-6 solucionan este problema." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-469xx/CVE-2024-46988.json b/CVE-2024/CVE-2024-469xx/CVE-2024-46988.json index 14a88172d3a..36ba9cd0b25 100644 --- a/CVE-2024/CVE-2024-469xx/CVE-2024-46988.json +++ b/CVE-2024/CVE-2024-469xx/CVE-2024-46988.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46988", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-14T18:15:04.173", - "lastModified": "2024-10-14T18:15:04.173", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap Community Edition 15.13.99.40, Tuleap Enterprise Edition 15.13-3, and Tuleap Enterprise Edition 15.12-6, users might receive email notification with information they should not have access to. Tuleap Community Edition 15.13.99.40, Tuleap Enterprise Edition 15.13-3, and Tuleap Enterprise Edition 15.12-6 fix this issue." + }, + { + "lang": "es", + "value": "Tuleap es una herramienta para la trazabilidad de extremo a extremo de los desarrollos de aplicaciones y sistemas. Antes de Tuleap Community Edition 15.13.99.40, Tuleap Enterprise Edition 15.13-3 y Tuleap Enterprise Edition 15.12-6, los usuarios pod\u00edan recibir notificaciones por correo electr\u00f3nico con informaci\u00f3n a la que no deber\u00edan tener acceso. Tuleap Community Edition 15.13.99.40, Tuleap Enterprise Edition 15.13-3 y Tuleap Enterprise Edition 15.12-6 solucionan este problema." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-46xx/CVE-2024-4658.json b/CVE-2024/CVE-2024-46xx/CVE-2024-4658.json index 1ade92faf90..24d689c10f3 100644 --- a/CVE-2024/CVE-2024-46xx/CVE-2024-4658.json +++ b/CVE-2024/CVE-2024-46xx/CVE-2024-4658.json @@ -2,8 +2,8 @@ "id": "CVE-2024-4658", "sourceIdentifier": "iletisim@usom.gov.tr", "published": "2024-10-10T14:15:05.587", - "lastModified": "2024-10-10T14:15:05.587", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-470xx/CVE-2024-47074.json b/CVE-2024/CVE-2024-470xx/CVE-2024-47074.json index c5b73e3e94f..72e1960ade1 100644 --- a/CVE-2024/CVE-2024-470xx/CVE-2024-47074.json +++ b/CVE-2024/CVE-2024-470xx/CVE-2024-47074.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47074", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-11T15:15:05.353", - "lastModified": "2024-10-11T15:15:05.353", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "DataEase is an open source data visualization analysis tool. In Dataease, the PostgreSQL data source in the data source function can customize the JDBC connection parameters and the PG server target to be connected. In backend/src/main/java/io/dataease/provider/datasource/JdbcProvider.java, PgConfiguration class don't filter any parameters, directly concat user input. So, if the attacker adds some parameters in JDBC url, and connect to evil PG server, the attacker can trigger the PG jdbc deserialization vulnerability, and eventually the attacker can execute through the deserialization vulnerability system commands and obtain server privileges. The vulnerability has been fixed in v1.18.25." + }, + { + "lang": "es", + "value": "DataEase es una herramienta de an\u00e1lisis de visualizaci\u00f3n de datos de c\u00f3digo abierto. En DataEase, la fuente de datos PostgreSQL en la funci\u00f3n de fuente de datos puede personalizar los par\u00e1metros de conexi\u00f3n JDBC y el servidor PG de destino al que se conectar\u00e1. En backend/src/main/java/io/dataease/provider/datasource/JdbcProvider.java, la clase PgConfiguration no filtra ning\u00fan par\u00e1metro, concatena directamente la entrada del usuario. Por lo tanto, si el atacante agrega algunos par\u00e1metros en la URL JDBC y se conecta al servidor PG malicioso, el atacante puede activar la vulnerabilidad de deserializaci\u00f3n de JDBC de PG y, eventualmente, el atacante puede ejecutar a trav\u00e9s de la vulnerabilidad de deserializaci\u00f3n comandos del sistema y obtener privilegios de servidor. La vulnerabilidad se ha corregido en v1.18.25." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-470xx/CVE-2024-47084.json b/CVE-2024/CVE-2024-470xx/CVE-2024-47084.json index d1430de9d88..8fc6de7f357 100644 --- a/CVE-2024/CVE-2024-470xx/CVE-2024-47084.json +++ b/CVE-2024/CVE-2024-470xx/CVE-2024-47084.json @@ -2,8 +2,8 @@ "id": "CVE-2024-47084", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-10T22:15:10.263", - "lastModified": "2024-10-10T22:15:10.263", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-471xx/CVE-2024-47164.json b/CVE-2024/CVE-2024-471xx/CVE-2024-47164.json index 37cfc07bf05..df5544517cb 100644 --- a/CVE-2024/CVE-2024-471xx/CVE-2024-47164.json +++ b/CVE-2024/CVE-2024-471xx/CVE-2024-47164.json @@ -2,8 +2,8 @@ "id": "CVE-2024-47164", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-10T22:15:10.437", - "lastModified": "2024-10-10T22:15:10.437", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-471xx/CVE-2024-47165.json b/CVE-2024/CVE-2024-471xx/CVE-2024-47165.json index af5417f677a..ab323d38e0c 100644 --- a/CVE-2024/CVE-2024-471xx/CVE-2024-47165.json +++ b/CVE-2024/CVE-2024-471xx/CVE-2024-47165.json @@ -2,8 +2,8 @@ "id": "CVE-2024-47165", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-10T22:15:10.680", - "lastModified": "2024-10-10T22:15:10.680", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-471xx/CVE-2024-47166.json b/CVE-2024/CVE-2024-471xx/CVE-2024-47166.json index 26d952f0c6c..63f490c3b7c 100644 --- a/CVE-2024/CVE-2024-471xx/CVE-2024-47166.json +++ b/CVE-2024/CVE-2024-471xx/CVE-2024-47166.json @@ -2,8 +2,8 @@ "id": "CVE-2024-47166", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-10T22:15:10.833", - "lastModified": "2024-10-10T22:15:10.833", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-471xx/CVE-2024-47167.json b/CVE-2024/CVE-2024-471xx/CVE-2024-47167.json index 553a570f0eb..a91c8b12072 100644 --- a/CVE-2024/CVE-2024-471xx/CVE-2024-47167.json +++ b/CVE-2024/CVE-2024-471xx/CVE-2024-47167.json @@ -2,8 +2,8 @@ "id": "CVE-2024-47167", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-10T22:15:11.000", - "lastModified": "2024-10-10T22:15:11.000", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-471xx/CVE-2024-47168.json b/CVE-2024/CVE-2024-471xx/CVE-2024-47168.json index 78a187ebfb8..6902a98a004 100644 --- a/CVE-2024/CVE-2024-471xx/CVE-2024-47168.json +++ b/CVE-2024/CVE-2024-471xx/CVE-2024-47168.json @@ -2,8 +2,8 @@ "id": "CVE-2024-47168", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-10T22:15:11.173", - "lastModified": "2024-10-10T22:15:11.173", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-473xx/CVE-2024-47331.json b/CVE-2024/CVE-2024-473xx/CVE-2024-47331.json index b63f7fcd499..bb97cbfd83a 100644 --- a/CVE-2024/CVE-2024-473xx/CVE-2024-47331.json +++ b/CVE-2024/CVE-2024-473xx/CVE-2024-47331.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47331", "sourceIdentifier": "audit@patchstack.com", "published": "2024-10-11T19:15:09.783", - "lastModified": "2024-10-11T19:15:09.783", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NinjaTeam Multi Step for Contact Form allows SQL Injection.This issue affects Multi Step for Contact Form: from n/a through 2.7.7." + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de elementos especiales utilizados en un comando SQL ('Inyecci\u00f3n SQL') en NinjaTeam Multi Step for Contact Form permite la inyecci\u00f3n SQL. Este problema afecta a Multi Step for Contact Form: desde n/a hasta 2.7.7." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-473xx/CVE-2024-47353.json b/CVE-2024/CVE-2024-473xx/CVE-2024-47353.json index ba6d837864c..6c48c4e2461 100644 --- a/CVE-2024/CVE-2024-473xx/CVE-2024-47353.json +++ b/CVE-2024/CVE-2024-473xx/CVE-2024-47353.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47353", "sourceIdentifier": "audit@patchstack.com", "published": "2024-10-11T19:15:10.003", - "lastModified": "2024-10-11T19:15:10.003", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "URL Redirection to Untrusted Site ('Open Redirect') vulnerability in QuomodoSoft ElementsReady Addons for Elementor.This issue affects ElementsReady Addons for Elementor: from n/a through 6.4.2." + }, + { + "lang": "es", + "value": "Vulnerabilidad de redirecci\u00f3n de URL a un sitio no confiable ('Redirecci\u00f3n abierta') en QuomodoSoft ElementsReady Addons for Elementor. Este problema afecta a los complementos ElementsReady para Elementor: desde n/a hasta 6.4.2." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-473xx/CVE-2024-47354.json b/CVE-2024/CVE-2024-473xx/CVE-2024-47354.json index 6b0adc53c6a..58dc332f253 100644 --- a/CVE-2024/CVE-2024-473xx/CVE-2024-47354.json +++ b/CVE-2024/CVE-2024-473xx/CVE-2024-47354.json @@ -2,8 +2,8 @@ "id": "CVE-2024-47354", "sourceIdentifier": "audit@patchstack.com", "published": "2024-10-10T19:15:16.837", - "lastModified": "2024-10-10T19:15:16.837", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-474xx/CVE-2024-47489.json b/CVE-2024/CVE-2024-474xx/CVE-2024-47489.json index b1ed883c963..8837a9c8706 100644 --- a/CVE-2024/CVE-2024-474xx/CVE-2024-47489.json +++ b/CVE-2024/CVE-2024-474xx/CVE-2024-47489.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47489", "sourceIdentifier": "sirt@juniper.net", "published": "2024-10-11T16:15:08.533", - "lastModified": "2024-10-11T16:15:08.533", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "An Improper Handling of Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of the Juniper Networks Junos OS Evolved on ACX Series devices allows an unauthenticated, network based attacker sending specific transit protocol traffic to cause a partial Denial of Service (DoS) to downstream devices.\n\nReceipt of specific transit protocol packets is incorrectly processed by the Routing Engine (RE), filling up the DDoS protection queue which is shared between routing protocols.\u00a0This influx of transit protocol packets causes DDoS protection violations,\u00a0resulting in protocol flaps which can affect connectivity to networking devices.\n\nThis issue affects both IPv4 and IPv6. This issue does not require any specific routing protocol to be configured or enabled.\n\nThe following commands can be used to monitor the DDoS protection queue:\n\n\u00a0 \u00a0 \u00a0 \u00a0labuser@re0> show evo-pfemand host pkt-stats\n\n\u2003\u2003\u00a0 labuser@re0> show host-path ddos all-policers\n\nThis issue affects Junos OS Evolved:\u00a0\n\n\n\n * All versions before 21.4R3-S8-EVO,\u00a0\n * from 22.2 before 22.2R3-S4-EVO,\u00a0\n * from 22.3 before 22.3R3-S4-EVO,\u00a0\n * from 22.4 before 22.4R3-S3-EVO,\u00a0\n * from 23.2 before 23.2R2-EVO,\u00a0\n * from 23.4 before 23.4R1-S1-EVO, 23.4R2-EVO,\u00a0\n * from 24.2 before 24.2R2-EVO." + "value": "An Improper Handling of Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of the Juniper Networks Junos OS Evolved on ACX Series devices allows an unauthenticated, network based attacker sending specific transit protocol traffic to cause a partial Denial of Service (DoS) to downstream devices.\n\nReceipt of specific transit protocol packets is incorrectly processed by the Routing Engine (RE), filling up the DDoS protection queue which is shared between routing protocols.\u00a0This influx of transit protocol packets causes DDoS protection violations,\u00a0resulting in protocol flaps which can affect connectivity to networking devices.\n\nThis issue affects both IPv4 and IPv6. This issue does not require any specific routing protocol to be configured or enabled.\n\nThe following commands can be used to monitor the DDoS protection queue:\n\n\u00a0 \u00a0 \u00a0 \u00a0labuser@re0> show evo-pfemand host pkt-stats\n\n??\u00a0 labuser@re0> show host-path ddos all-policers\n\nThis issue affects Junos OS Evolved:\u00a0\n\n\n\n * All versions before 21.4R3-S8-EVO,\u00a0\n * from 22.2 before 22.2R3-S4-EVO,\u00a0\n * from 22.3 before 22.3R3-S4-EVO,\u00a0\n * from 22.4 before 22.4R3-S3-EVO,\u00a0\n * from 23.2 before 23.2R2-EVO,\u00a0\n * from 23.4 before 23.4R1-S1-EVO, 23.4R2-EVO,\u00a0\n * from 24.2 before 24.2R2-EVO." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de manejo inadecuado de condiciones excepcionales en el motor de reenv\u00edo de paquetes (pfe) del sistema operativo Juniper Networks Junos OS Evolved en los dispositivos de la serie ACX permite que un atacante no autenticado basado en la red env\u00ede tr\u00e1fico de protocolo de tr\u00e1nsito espec\u00edfico para provocar una denegaci\u00f3n de servicio (DoS) parcial a los dispositivos de bajada. El motor de enrutamiento (RE) procesa incorrectamente la recepci\u00f3n de paquetes de protocolo de tr\u00e1nsito espec\u00edfico, lo que llena la cola de protecci\u00f3n DDoS que se comparte entre los protocolos de enrutamiento. Esta afluencia de paquetes de protocolo de tr\u00e1nsito provoca violaciones de la protecci\u00f3n DDoS, lo que da como resultado fluctuaciones de protocolo que pueden afectar la conectividad a los dispositivos de red. Este problema afecta tanto a IPv4 como a IPv6. Este problema no requiere que se configure o habilite ning\u00fan protocolo de enrutamiento espec\u00edfico. Los siguientes comandos se pueden utilizar para monitorear la cola de protecci\u00f3n DDoS: labuser@re0> show evo-pfemand host pkt-stats labuser@re0> show host-path ddos all-policers Este problema afecta a Junos OS Evolved: * Todas las versiones anteriores a 21.4R3-S8-EVO, * desde 22.2 hasta 22.2R3-S4-EVO, * desde 22.3 hasta 22.3R3-S4-EVO, * desde 22.4 hasta 22.4R3-S3-EVO, * desde 23.2 hasta 23.2R2-EVO, * desde 23.4 hasta 23.4R1-S1-EVO, 23.4R2-EVO, * desde 24.2 hasta 24.2R2-EVO." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-474xx/CVE-2024-47490.json b/CVE-2024/CVE-2024-474xx/CVE-2024-47490.json index dd6db312c06..de37a870fa7 100644 --- a/CVE-2024/CVE-2024-474xx/CVE-2024-47490.json +++ b/CVE-2024/CVE-2024-474xx/CVE-2024-47490.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47490", "sourceIdentifier": "sirt@juniper.net", "published": "2024-10-11T16:15:08.803", - "lastModified": "2024-10-11T16:15:08.803", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the Packet Forwarding Engine (PFE)\u00a0of Juniper Networks Junos OS Evolved on ACX 7000 Series allows an unauthenticated, network based attacker to cause increased consumption of resources, ultimately resulting in a Denial of Service (DoS).\n\nWhen specific transit MPLS packets are received by the PFE, these packets are internally forwarded to the Routing Engine (RE), rather than being handled appropriately. Continuous receipt of these MPLS packets causes resources to be exhausted. MPLS config is not required to be affected by this issue.\u00a0\n\n\nThis issue affects Junos OS Evolved ACX 7000 Series:\u00a0\n\n\n\n * All versions before 21.4R3-S9-EVO,\n * 22.2-EVO before 22.2R3-S4-EVO,\u00a0\n * 22.3-EVO before 22.3R3-S3-EVO,\u00a0\n * 22.4-EVO before 22.4R3-S2-EVO,\u00a0\n * 23.2-EVO before 23.2R2-EVO,\u00a0\n * 23.4-EVO before 23.4R1-S1-EVO, 23.4R2-EVO." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de restricci\u00f3n inadecuada del canal de comunicaci\u00f3n a los endpoints previstos en el motor de reenv\u00edo de paquetes (PFE) de Juniper Networks Junos OS Evolved en la serie ACX 7000 permite que un atacante no autenticado basado en la red provoque un mayor consumo de recursos, lo que en \u00faltima instancia da como resultado una denegaci\u00f3n de servicio (DoS). Cuando el PFE recibe paquetes MPLS de tr\u00e1nsito espec\u00edficos, estos paquetes se reenv\u00edan internamente al motor de enrutamiento (RE), en lugar de manejarse adecuadamente. La recepci\u00f3n continua de estos paquetes MPLS hace que se agoten los recursos. No es necesario que la configuraci\u00f3n MPLS se vea afectada por este problema. Este problema afecta a Junos OS Evolved ACX 7000 Series: * Todas las versiones anteriores a 21.4R3-S9-EVO, * 22.2-EVO anterior a 22.2R3-S4-EVO, * 22.3-EVO anterior a 22.3R3-S3-EVO, * 22.4-EVO anterior a 22.4R3-S2-EVO, * 23.2-EVO anterior a 23.2R2-EVO, * 23.4-EVO anterior a 23.4R1-S1-EVO, 23.4R2-EVO." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-474xx/CVE-2024-47491.json b/CVE-2024/CVE-2024-474xx/CVE-2024-47491.json index 658111380a6..50175c35a2b 100644 --- a/CVE-2024/CVE-2024-474xx/CVE-2024-47491.json +++ b/CVE-2024/CVE-2024-474xx/CVE-2024-47491.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47491", "sourceIdentifier": "sirt@juniper.net", "published": "2024-10-11T16:15:09.060", - "lastModified": "2024-10-11T16:15:09.060", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to cause Denial of Service (DoS).\n\nWhen a BGP UPDATE with malformed path attribute is received over an established BGP session, rpd crashes and restarts. \n\nContinuous receipt of a BGP UPDATE with a specifically malformed path attribute will create a sustained Denial of Service (DoS) condition for impacted devices.\n\nThis issue affects:\n\n\u2003Juniper Networks Junos OS:\u00a0\n\n\n\n * All versions before 21.4R3-S8,\u00a0\n * from 22.2 before 22.2R3-S4,\u00a0\n * from 22.4 before 22.4R3-S3,\u00a0\n * from 23.2 before 23.2R2-S1,\u00a0\n * from 23.4 before 23.4R1-S2, 23.4R2.\n\n\n\u2003Juniper Networks Junos OS Evolved:\u00a0\n\n * All versions before 21.4R3-S8-EVO, \n * from 22.2 before 22.2R3-S4-EVO, \n * from 22.4 before 22.4R3-S3-EVO,\n * from 23.2 before 23.2R2-S1-EVO, \n * from 23.4 before 23.4R1-S2-EVO, 23.4R2-EVO." + "value": "An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to cause Denial of Service (DoS).\n\nWhen a BGP UPDATE with malformed path attribute is received over an established BGP session, rpd crashes and restarts. \n\nContinuous receipt of a BGP UPDATE with a specifically malformed path attribute will create a sustained Denial of Service (DoS) condition for impacted devices.\n\nThis issue affects:\n\n?Juniper Networks Junos OS:\u00a0\n\n\n\n * All versions before 21.4R3-S8,\u00a0\n * from 22.2 before 22.2R3-S4,\u00a0\n * from 22.4 before 22.4R3-S3,\u00a0\n * from 23.2 before 23.2R2-S1,\u00a0\n * from 23.4 before 23.4R1-S2, 23.4R2.\n\n\n?Juniper Networks Junos OS Evolved:\u00a0\n\n * All versions before 21.4R3-S8-EVO, \n * from 22.2 before 22.2R3-S4-EVO, \n * from 22.4 before 22.4R3-S3-EVO,\n * from 23.2 before 23.2R2-S1-EVO, \n * from 23.4 before 23.4R1-S2-EVO, 23.4R2-EVO." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de manejo inadecuado de condiciones excepcionales en el Routing Protocol Daemon (rpd) de Juniper Networks Junos OS y Junos OS Evolved permite que un atacante no autenticado basado en la red provoque una denegaci\u00f3n de servicio (DoS). Cuando se recibe una ACTUALIZACI\u00d3N BGP con un atributo de ruta malformado en una sesi\u00f3n BGP establecida, rpd se bloquea y se reinicia. La recepci\u00f3n continua de una ACTUALIZACI\u00d3N BGP con un atributo de ruta espec\u00edficamente malformado crear\u00e1 una condici\u00f3n de denegaci\u00f3n de servicio (DoS) sostenida para los dispositivos afectados. Este problema afecta a: Juniper Networks Junos OS: * Todas las versiones anteriores a 21.4R3-S8, * desde 22.2 hasta 22.2R3-S4, * desde 22.4 hasta 22.4R3-S3, * desde 23.2 hasta 23.2R2-S1, * desde 23.4 hasta 23.4R1-S2, 23.4R2. Juniper Networks Junos OS Evolved: * Todas las versiones anteriores a 21.4R3-S8-EVO, * desde 22.2 hasta 22.2R3-S4-EVO, * desde 22.4 hasta 22.4R3-S3-EVO, * desde 23.2 hasta 23.2R2-S1-EVO, * desde 23.4 hasta 23.4R1-S2-EVO, 23.4R2-EVO." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-474xx/CVE-2024-47493.json b/CVE-2024/CVE-2024-474xx/CVE-2024-47493.json index 4d91b65409a..b6497c63ce5 100644 --- a/CVE-2024/CVE-2024-474xx/CVE-2024-47493.json +++ b/CVE-2024/CVE-2024-474xx/CVE-2024-47493.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47493", "sourceIdentifier": "sirt@juniper.net", "published": "2024-10-11T16:15:09.320", - "lastModified": "2024-10-11T16:15:09.320", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of the Juniper Networks Junos OS on the SRX5K, SRX4600 and MX Series platforms with Trio-based FPCs allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS).\n\nIn case of channelized Modular Interface Cards (MICs), every physical interface flap operation will leak heap memory. Over a period of time, continuous physical interface flap operations causes\u00a0local FPC to eventually run out of memory and crash.\u00a0\u00a0\n\nBelow CLI command can be used to check the memory usage over a period of time:\n\n\u2003\u2003user@host> show chassis fpc\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 Temp CPU Utilization (%) \u00a0 CPU Utilization (%) Memory \u00a0 \nUtilization (%)\n\u00a0 Slot State \u00a0 \u00a0 (C)\u00a0 Total\u00a0 Interrupt \u00a0 \u00a0 1min \u00a0 5min \u00a0\n15min DRAM (MB) Heap \u00a0 \u00a0 Buffer\n\n\u00a0 0 \nOnline\u00a0 \u00a0 \u00a0 \u00a043 \u00a0 \u00a0 41 \u00a0 \u00a0 \u00a0 \u00a0 \n2 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 2048 \u00a0 \u00a0 \u00a0 49 \u00a0 \u00a0 \u00a0 \u00a0 14\n\n\u00a0 1 \nOnline\u00a0 \u00a0 \u00a0 \u00a043 \u00a0 \u00a0 41 \u00a0 \u00a0 \u00a0 \u00a0 \n2 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0\n2048 \u00a0 \u00a0 \u00a0 49 \u00a0 \u00a0 \u00a0 \u00a0 14\n\n\u00a0 2 \nOnline\u00a0 \u00a0 \u00a0 \u00a043 \u00a0 \u00a0 41 \u00a0 \u00a0 \u00a0 \u00a0 \n2 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0\n2048 \u00a0 \u00a0 \u00a0 49 \u00a0 \u00a0 \u00a0 \u00a0 14\n\n\n\n\n\n\n\n\n\nThis issue affects Junos OS on SRX5K, SRX4600 and MX Series:\u00a0\n\n\n\n\n * All versions before 21.2R3-S7,\u00a0\n * from 21.4 before 21.4R3-S6,\u00a0\n * from 22.1 before 22.1R3-S5,\u00a0\n * from 22.2 before 22.2R3-S3,\u00a0\n * from 22.3 before 22.3R3-S2,\u00a0\n * from 22.4 before 22.4R3,\u00a0\n * from 23.2 before 23.2R2,\u00a0\n * from 23.4 before 23.4R2." + "value": "A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of the Juniper Networks Junos OS on the SRX5K, SRX4600 and MX Series platforms with Trio-based FPCs allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS).\n\nIn case of channelized Modular Interface Cards (MICs), every physical interface flap operation will leak heap memory. Over a period of time, continuous physical interface flap operations causes\u00a0local FPC to eventually run out of memory and crash.\u00a0\u00a0\n\nBelow CLI command can be used to check the memory usage over a period of time:\n\n??user@host> show chassis fpc\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 Temp CPU Utilization (%) \u00a0 CPU Utilization (%) Memory \u00a0 \nUtilization (%)\n\u00a0 Slot State \u00a0 \u00a0 (C)\u00a0 Total\u00a0 Interrupt \u00a0 \u00a0 1min \u00a0 5min \u00a0\n15min DRAM (MB) Heap \u00a0 \u00a0 Buffer\n\n\u00a0 0 \nOnline\u00a0 \u00a0 \u00a0 \u00a043 \u00a0 \u00a0 41 \u00a0 \u00a0 \u00a0 \u00a0 \n2 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 2048 \u00a0 \u00a0 \u00a0 49 \u00a0 \u00a0 \u00a0 \u00a0 14\n\n\u00a0 1 \nOnline\u00a0 \u00a0 \u00a0 \u00a043 \u00a0 \u00a0 41 \u00a0 \u00a0 \u00a0 \u00a0 \n2 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0\n2048 \u00a0 \u00a0 \u00a0 49 \u00a0 \u00a0 \u00a0 \u00a0 14\n\n\u00a0 2 \nOnline\u00a0 \u00a0 \u00a0 \u00a043 \u00a0 \u00a0 41 \u00a0 \u00a0 \u00a0 \u00a0 \n2 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0\n2048 \u00a0 \u00a0 \u00a0 49 \u00a0 \u00a0 \u00a0 \u00a0 14\n\n\n\n\n\n\n\n\n\nThis issue affects Junos OS on SRX5K, SRX4600 and MX Series:\u00a0\n\n\n\n\n * All versions before 21.2R3-S7,\u00a0\n * from 21.4 before 21.4R3-S6,\u00a0\n * from 22.1 before 22.1R3-S5,\u00a0\n * from 22.2 before 22.2R3-S3,\u00a0\n * from 22.3 before 22.3R3-S2,\u00a0\n * from 22.4 before 22.4R3,\u00a0\n * from 23.2 before 23.2R2,\u00a0\n * from 23.4 before 23.4R2." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de falta de liberaci\u00f3n de memoria despu\u00e9s de la vida \u00fatil efectiva en el motor de reenv\u00edo de paquetes (PFE) del sistema operativo Junos de Juniper Networks en las plataformas de las series SRX5K, SRX4600 y MX con FPC basadas en Trio permite que un atacante adyacente no autenticado provoque una denegaci\u00f3n de servicio (DoS). En el caso de las tarjetas de interfaz modulares (MIC) canalizadas, cada operaci\u00f3n de oscilaci\u00f3n de la interfaz f\u00edsica perder\u00e1 memoria del mont\u00f3n. Con el paso del tiempo, las operaciones de oscilaci\u00f3n de la interfaz f\u00edsica continuas hacen que la FPC local se quede sin memoria y se bloquee. El siguiente comando CLI se puede utilizar para comprobar el uso de la memoria durante un per\u00edodo de tiempo: user@host> show housing fpc Temp CPU Utilization (%) CPU Utilization (%) Memory Utilization (%) Slot State (C) Total Interrupt 1min 5min 15min DRAM (MB) Heap Buffer 0 Online 43 41 2 2048 49 14 1 Online 43 41 2 2048 49 14 2 Online 43 41 2 2048 49 14 Este problema afecta a Junos OS en SRX5K, SRX4600 y MX Series: * Todas las versiones anteriores a 21.2R3-S7, * desde 21.4 hasta 21.4R3-S6, * desde 22.1 hasta 22.1R3-S5, * desde 22.2 hasta 22.2R3-S3, * desde 22.3 hasta 22.3R3-S2, * de 22.4 antes de 22.4R3, * de 23.2 antes de 23.2R2, * de 23.4 antes de 23.4R2." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-474xx/CVE-2024-47494.json b/CVE-2024/CVE-2024-474xx/CVE-2024-47494.json index 0b140fb9443..b9d5e939402 100644 --- a/CVE-2024/CVE-2024-474xx/CVE-2024-47494.json +++ b/CVE-2024/CVE-2024-474xx/CVE-2024-47494.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47494", "sourceIdentifier": "sirt@juniper.net", "published": "2024-10-11T16:15:09.580", - "lastModified": "2024-10-11T16:15:09.580", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in the AgentD process of Juniper Networks Junos OS allows an attacker who is already causing impact to established sessions which generates counter changes picked up by the AgentD process during telemetry polling, to move the AgentD process into a state where AgentD attempts to reap an already destroyed sensor. This reaping attempt then leads to memory corruption causing the FPC to crash which is a Denial of Service (DoS).\n\n\n\n\n\nThe FPC will recover automatically without user intervention after the crash.\nThis issue affects Junos OS:\u00a0\n\n * All versions before\u00a021.4R3-S9\n * From 22.2 before 22.2R3-S5,\n * From 22.3 before 22.3R3-S4,\n * From 22.4 before 22.4R3-S3,\n * From 23.2 before 23.2R2-S2,\n * From 23.4 before 23.4R2.\n\n\nThis issue does not affect Junos OS Evolved." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de condici\u00f3n de ejecuci\u00f3n de tiempo de verificaci\u00f3n y tiempo de uso (TOCTOU) en el proceso AgentD de Juniper Networks Junos OS permite a un atacante que ya est\u00e1 causando impacto en sesiones establecidas que generan cambios de contador detectados por el proceso AgentD durante el sondeo de telemetr\u00eda, mover el proceso AgentD a un estado donde AgentD intenta cosechar un sensor ya destruido. Este intento de cosecha luego conduce a la corrupci\u00f3n de la memoria que hace que el FPC se bloquee, lo que es una denegaci\u00f3n de servicio (DoS). El FPC se recuperar\u00e1 autom\u00e1ticamente sin la intervenci\u00f3n del usuario despu\u00e9s del bloqueo. Este problema afecta a Junos OS: * Todas las versiones anteriores a 21.4R3-S9 * Desde 22.2 antes de 22.2R3-S5, * Desde 22.3 antes de 22.3R3-S4, * Desde 22.4 antes de 22.4R3-S3, * Desde 23.2 antes de 23.2R2-S2, * Desde 23.4 antes de 23.4R2. Este problema no afecta a Junos OS Evolved." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-474xx/CVE-2024-47495.json b/CVE-2024/CVE-2024-474xx/CVE-2024-47495.json index cad4660245a..da6a9eb67ae 100644 --- a/CVE-2024/CVE-2024-474xx/CVE-2024-47495.json +++ b/CVE-2024/CVE-2024-474xx/CVE-2024-47495.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47495", "sourceIdentifier": "sirt@juniper.net", "published": "2024-10-11T16:15:09.830", - "lastModified": "2024-10-11T16:15:09.830", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An Authorization Bypass Through User-Controlled Key vulnerability allows a locally authenticated attacker with shell access to gain full control of the device when Dual Routing Engines (REs) are in use on Juniper Networks Junos OS Evolved devices.\n\nThis issue affects:\nJuniper Networks Junos OS Evolved with dual-REs:\n * All versions before 21.2R3-S8-EVO,\n * from 21.4-EVO before 21.4R3-S8-EVO,\n * from 22.2-EVO before 22.2R3-S4-EVO,\n * from 22.3-EVO before 22.3R3-S4-EVO,\n * from 22.4-EVO before 22.4R3-S3-EVO,\n * from 23.2-EVO before 23.2R2-S1-EVO,\n * from 23.4-EVO before 23.4R2-S1-EVO.\n\n\n\nThis issue does not affect Juniper Networks Junos OS." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de omisi\u00f3n de autorizaci\u00f3n a trav\u00e9s de una clave controlada por el usuario permite que un atacante autenticado localmente con acceso al shell obtenga control total del dispositivo cuando se utilizan motores de enrutamiento dual (RE) en dispositivos Juniper Networks Junos OS Evolved. Este problema afecta a: Juniper Networks Junos OS Evolved con RE duales: * Todas las versiones anteriores a 21.2R3-S8-EVO, * desde 21.4-EVO hasta 21.4R3-S8-EVO, * desde 22.2-EVO hasta 22.2R3-S4-EVO, * desde 22.3-EVO hasta 22.3R3-S4-EVO, * desde 22.4-EVO hasta 22.4R3-S3-EVO, * desde 23.2-EVO hasta 23.2R2-S1-EVO, * desde 23.4-EVO hasta 23.4R2-S1-EVO. Este problema no afecta a Juniper Networks Junos OS." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-474xx/CVE-2024-47496.json b/CVE-2024/CVE-2024-474xx/CVE-2024-47496.json index 3c8261a9038..d6a0396c069 100644 --- a/CVE-2024/CVE-2024-474xx/CVE-2024-47496.json +++ b/CVE-2024/CVE-2024-474xx/CVE-2024-47496.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47496", "sourceIdentifier": "sirt@juniper.net", "published": "2024-10-11T16:15:10.080", - "lastModified": "2024-10-11T16:15:10.080", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A\u00a0NULL Pointer Dereference vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS allows a local, low-privileged attacker to cause a Denial-of-Service (DoS).\n\nWhen a specific command is executed, the pfe crashes.\u00a0This will cause traffic forwarding to be interrupted until the system self-recovers. Repeated execution will create a sustained DoS condition.\n\n This issue only affects MX Series devices with Line cards MPC1-MPC9.\nThis issue affects:\nJunos OS on MX Series: \n\n\n * All versions before 21.4R3-S9, \n * from 22.2 before 22.2R3-S5,\u00a0\n * from 22.3 before 22.3R3-S4, \n * from 22.4 before 22.4R3-S2, \n * from 23.2 before 23.2R2-S1, \n * from 23.4 before 23.4R2." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de desreferencia de puntero nulo en el motor de reenv\u00edo de paquetes (pfe) de Juniper Networks Junos OS permite a un atacante local con pocos privilegios provocar una denegaci\u00f3n de servicio (DoS). Cuando se ejecuta un comando espec\u00edfico, el pfe se bloquea. Esto provocar\u00e1 que el reenv\u00edo de tr\u00e1fico se interrumpa hasta que el sistema se recupere por s\u00ed solo. La ejecuci\u00f3n repetida crear\u00e1 una condici\u00f3n de DoS sostenida. Este problema solo afecta a los dispositivos de la serie MX con tarjetas de l\u00ednea MPC1-MPC9. Este problema afecta a: Junos OS en la serie MX: * Todas las versiones anteriores a 21.4R3-S9, * desde 22.2 hasta 22.2R3-S5, * desde 22.3 hasta 22.3R3-S4, * desde 22.4 hasta 22.4R3-S2, * desde 23.2 hasta 23.2R2-S1, * desde 23.4 hasta 23.4R2." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-474xx/CVE-2024-47497.json b/CVE-2024/CVE-2024-474xx/CVE-2024-47497.json index 40060c71a46..8f1cda8c52a 100644 --- a/CVE-2024/CVE-2024-474xx/CVE-2024-47497.json +++ b/CVE-2024/CVE-2024-474xx/CVE-2024-47497.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47497", "sourceIdentifier": "sirt@juniper.net", "published": "2024-10-11T16:15:10.340", - "lastModified": "2024-10-11T16:15:10.340", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An Uncontrolled Resource Consumption vulnerability in the http daemon (httpd) of Juniper Networks Junos OS on SRX Series, QFX Series, MX Series and EX Series allows an unauthenticated, network-based attacker to cause Denial-of-Service (DoS).\n\nAn attacker can send specific HTTPS connection requests to the device, triggering the creation of processes that are not properly terminated. Over time, this leads to resource exhaustion, ultimately causing the device to crash and restart.\n\nThe following command can be used to monitor the resource usage:\nuser@host> show system processes extensive | match mgd | count\n\nThis issue affects Junos OS on SRX Series and EX Series:\nAll versions before 21.4R3-S7,\nfrom 22.2 before 22.2R3-S4,\nfrom 22.3 before 22.3R3-S3,\nfrom 22.4 before 22.4R3-S2,\nfrom 23.2 before 23.2R2-S1,\nfrom 23.4 before 23.4R1-S2, 23.4R2." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de consumo descontrolado de recursos en el daemon http (httpd) del sistema operativo Junos de Juniper Networks en las series SRX, QFX, MX y EX permite que un atacante no autenticado basado en la red provoque una denegaci\u00f3n de servicio (DoS). Un atacante puede enviar solicitudes de conexi\u00f3n HTTPS espec\u00edficas al dispositivo, lo que desencadena la creaci\u00f3n de procesos que no se terminan correctamente. Con el tiempo, esto conduce al agotamiento de los recursos, lo que finalmente hace que el dispositivo se bloquee y se reinicie. Se puede utilizar el siguiente comando para supervisar el uso de los recursos: user@host> show system processes comprehensive | match mgd | Este problema afecta a Junos OS en las series SRX y EX: todas las versiones anteriores a 21.4R3-S7, desde 22.2 hasta 22.2R3-S4, desde 22.3 hasta 22.3R3-S3, desde 22.4 hasta 22.4R3-S2, desde 23.2 hasta 23.2R2-S1, desde 23.4 hasta 23.4R1-S2, 23.4R2." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-474xx/CVE-2024-47498.json b/CVE-2024/CVE-2024-474xx/CVE-2024-47498.json index 772daf69b21..f9c3ab7ab32 100644 --- a/CVE-2024/CVE-2024-474xx/CVE-2024-47498.json +++ b/CVE-2024/CVE-2024-474xx/CVE-2024-47498.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47498", "sourceIdentifier": "sirt@juniper.net", "published": "2024-10-11T16:15:10.590", - "lastModified": "2024-10-11T16:15:10.590", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An Unimplemented or Unsupported Feature in UI vulnerability in the CLI of Juniper Networks Junos OS Evolved on QFX5000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS).\n\nSeveral configuration statements meant to enforce limits on MAC learning and moves can be configured but do not take effect. This can lead to control plane overload situations which will severely impact the ability of the device to processes legitimate traffic.\n\n\n\nThis issue affects Junos OS Evolved on QFX5000 Series:\n\n\n\n * All versions before 21.4R3-S8-EVO,\n * 22.2-EVO versions before 22.2R3-S5-EVO,\n\n * 22.4-EVO versions before 22.4R3-EVO,\n * 23.2-EVO versions before 23.2R2-EVO." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de caracter\u00edstica no implementada o no compatible en la interfaz de usuario en la CLI de Juniper Networks Junos OS Evolved en la serie QFX5000 permite que un atacante adyacente no autenticado provoque una denegaci\u00f3n de servicio (DoS). Se pueden configurar varias declaraciones de configuraci\u00f3n destinadas a imponer l\u00edmites en el aprendizaje y los movimientos de MAC, pero no surten efecto. Esto puede provocar situaciones de sobrecarga del plano de control que afectar\u00e1n gravemente la capacidad del dispositivo para procesar tr\u00e1fico leg\u00edtimo. Este problema afecta a Junos OS Evolved en la serie QFX5000: * Todas las versiones anteriores a 21.4R3-S8-EVO, * Versiones 22.2-EVO anteriores a 22.2R3-S5-EVO, * Versiones 22.4-EVO anteriores a 22.4R3-EVO, * Versiones 23.2-EVO anteriores a 23.2R2-EVO." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-474xx/CVE-2024-47499.json b/CVE-2024/CVE-2024-474xx/CVE-2024-47499.json index 8ac175c708e..47829021487 100644 --- a/CVE-2024/CVE-2024-474xx/CVE-2024-47499.json +++ b/CVE-2024/CVE-2024-474xx/CVE-2024-47499.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47499", "sourceIdentifier": "sirt@juniper.net", "published": "2024-10-11T16:15:10.850", - "lastModified": "2024-10-11T16:15:10.850", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network based attacker to cause a Denial of Service (DoS).\u00a0\n\nIn a scenario where BGP Monitoring Protocol (BMP) is configured with rib-in pre-policy monitoring, receiving a BGP update with a specifically malformed AS PATH attribute over an established BGP session, can cause an RPD crash and restart.\n\nThis issue affects:\n\nJunos OS:\u00a0\n\n\n\n * All versions before 21.2R3-S8,\n * 21.4 versions before 21.4R3-S8,\n * 22.2 versions before 22.2R3-S4,\n * 22.3 versions before 22.3R3-S3,\n * 22.4 versions before 22.4R3-S2,\n * 23.2 versions before 23.2R2-S1,\n * 23.4 versions before 23.4R1-S2, 23.4R2;\n\n\n\n\n\n\n\nJunos OS Evolved:\n\n\n\n\n * All versions before 21.2R3-S8-EVO,\n * 21.4 versions before 21.4R3-S8-EVO,\n * 22.2 versions before 22.2R3-S4-EVO,\n * 22.3 versions before 22.3R3-S3-EVO,\n * 22.4 versions before 22.4R3-S2-EVO,\n * 23.2 versions before 23.2R2-S1-EVO,\n * 23.4 versions before 23.4R1-S2-EVO, 23.4R2-EVO." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de verificaci\u00f3n incorrecta de condiciones inusuales o excepcionales en el daemon de protocolo de enrutamiento (RPD) de Juniper Networks Junos OS y Junos OS Evolved permite que un atacante no autenticado basado en la red provoque una denegaci\u00f3n de servicio (DoS). En un escenario en el que el protocolo de monitoreo BGP (BMP) est\u00e1 configurado con monitoreo previo a la pol\u00edtica rib-in, recibir una actualizaci\u00f3n BGP con un atributo AS PATH espec\u00edficamente mal formado en una sesi\u00f3n BGP establecida puede provocar un bloqueo y reinicio del RPD. Este problema afecta a: Junos OS: * Todas las versiones anteriores a 21.2R3-S8, * Versiones 21.4 anteriores a 21.4R3-S8, * Versiones 22.2 anteriores a 22.2R3-S4, * Versiones 22.3 anteriores a 22.3R3-S3, * Versiones 22.4 anteriores a 22.4R3-S2, * Versiones 23.2 anteriores a 23.2R2-S1, * Versiones 23.4 anteriores a 23.4R1-S2, 23.4R2; Junos OS Evolved: * Todas las versiones anteriores a 21.2R3-S8-EVO, * Versiones 21.4 anteriores a 21.4R3-S8-EVO, * Versiones 22.2 anteriores a 22.2R3-S4-EVO, * Versiones 22.3 anteriores a 22.3R3-S3-EVO, * Versiones 22.4 anteriores a 22.4R3-S2-EVO, * Versiones 23.2 anteriores a 23.2R2-S1-EVO, * Versiones 23.4 anteriores a 23.4R1-S2-EVO, 23.4R2-EVO." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-475xx/CVE-2024-47501.json b/CVE-2024/CVE-2024-475xx/CVE-2024-47501.json index 265a0086e65..5aeb624780a 100644 --- a/CVE-2024/CVE-2024-475xx/CVE-2024-47501.json +++ b/CVE-2024/CVE-2024-475xx/CVE-2024-47501.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47501", "sourceIdentifier": "sirt@juniper.net", "published": "2024-10-11T16:15:11.167", - "lastModified": "2024-10-11T16:15:11.167", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A NULL Pointer Dereference vulnerability in the \n\npacket forwarding engine (pfe)\u00a0of Juniper Networks Junos OS on MX304, MX with MPC10/11/LC9600, and\u00a0EX9200 with EX9200-15C allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS).\n\nIn a VPLS or Junos Fusion scenario, the execution of specific show commands will cause all FPCs hosting VPLS sessions or connecting to satellites to crash and restart.\n\nThis issue affects Junos on\u00a0MX304, MX with MPC10/11/LC9600 and EX9200 with EX9200-15C:\u00a0\n\n\n\n * All version before 21.2R3-S1,\n * 21.3 versions before 21.3R3,\u00a0\n * 21.4 versions before 21.4R2." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de desreferencia de puntero nulo en el motor de reenv\u00edo de paquetes (pfe) de Juniper Networks Junos OS en MX304, MX con MPC10/11/LC9600 y EX9200 con EX9200-15C permite que un atacante autenticado localmente con privilegios bajos provoque una denegaci\u00f3n de servicio (DoS). En un escenario de VPLS o Junos Fusion, la ejecuci\u00f3n de comandos show espec\u00edficos provocar\u00e1 que todos los FPC que alojan sesiones VPLS o se conectan a sat\u00e9lites se bloqueen y reinicien. Este problema afecta a Junos en MX304, MX con MPC10/11/LC9600 y EX9200 con EX9200-15C: * Todas las versiones anteriores a 21.2R3-S1, * Versiones 21.3 anteriores a 21.3R3, * Versiones 21.4 anteriores a 21.4R2." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-475xx/CVE-2024-47502.json b/CVE-2024/CVE-2024-475xx/CVE-2024-47502.json index d29388e520b..7b7086007f2 100644 --- a/CVE-2024/CVE-2024-475xx/CVE-2024-47502.json +++ b/CVE-2024/CVE-2024-475xx/CVE-2024-47502.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47502", "sourceIdentifier": "sirt@juniper.net", "published": "2024-10-11T16:15:11.413", - "lastModified": "2024-10-11T16:15:11.413", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An Allocation of Resources Without Limits or Throttling vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network based attacker to cause a Denial of Service (DoS).\n\nIn specific cases the state of TCP sessions that are terminated is not cleared, which over time leads to an exhaustion of resources, preventing new connections to the control plane from being established.\n\nA continuously increasing number of connections shown by:\n\n\n\nuser@host > show system connections\n\n\n\nis indicative of the problem. To recover the respective RE needs to be restarted manually.\n\nThis issue only affects IPv4 but does not affect IPv6.\nThis issue only affects TCP sessions established in-band (over an interface on an FPC) but not out-of-band (over the management ethernet port on the routing-engine).\n\nThis issue affects Junos OS Evolved:\u00a0\n\n * All versions before 21.4R3-S9-EVO,\n * 22.2 versions before 22.2R3-S4-EVO,\n * 22.4 version before 22.4R3-S3-EVO,\n * 23.2 versions before 23.2R2-S1-EVO,\n * 23.4 versions before 23.4R2-EVO." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de asignaci\u00f3n de recursos sin l\u00edmites o limitaci\u00f3n en el n\u00facleo de Juniper Networks Junos OS Evolved permite a un atacante no autenticado basado en la red provocar una denegaci\u00f3n de servicio (DoS). En casos espec\u00edficos, el estado de las sesiones TCP que se terminan no se borra, lo que con el tiempo conduce a un agotamiento de los recursos, lo que impide que se establezcan nuevas conexiones al plano de control. Un n\u00famero de conexiones en continuo aumento que se muestra mediante: user@host > show system connections es indicativo del problema. Para recuperarse, es necesario reiniciar manualmente el RE correspondiente. Este problema solo afecta a IPv4, pero no a IPv6. Este problema solo afecta a las sesiones TCP establecidas en banda (a trav\u00e9s de una interfaz en un FPC), pero no fuera de banda (a trav\u00e9s del puerto Ethernet de administraci\u00f3n en el motor de enrutamiento). Este problema afecta a Junos OS Evolved: * Todas las versiones anteriores a 21.4R3-S9-EVO, * Versiones 22.2 anteriores a 22.2R3-S4-EVO, * Versiones 22.4 anteriores a 22.4R3-S3-EVO, * Versiones 23.2 anteriores a 23.2R2-S1-EVO, * Versiones 23.4 anteriores a 23.4R2-EVO." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-475xx/CVE-2024-47503.json b/CVE-2024/CVE-2024-475xx/CVE-2024-47503.json index fa68f53f5d1..046fc7be2ea 100644 --- a/CVE-2024/CVE-2024-475xx/CVE-2024-47503.json +++ b/CVE-2024/CVE-2024-475xx/CVE-2024-47503.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47503", "sourceIdentifier": "sirt@juniper.net", "published": "2024-10-11T16:15:11.663", - "lastModified": "2024-10-11T16:15:11.663", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX4600 and\u00a0SRX5000 Series allows an unauthenticated and logically adjacent attacker to cause a Denial-of-Service (DoS).\n\nIf in a multicast scenario a sequence of \n\nspecific\u00a0PIM packets is received, this will cause a flowd crash and restart, which leads to momentary service interruption.\nThis issue affects Junos OS on SRX 4600 and SRX 5000 Series:\n\n\n\n * All versions before 21.4R3-S9,\n * 22.2 versions before 22.2R3-S5,\n * 22.3 versions before 22.3R3-S4,\n * 22.4 versions before 22.4R3-S4,\n * 23.2 versions before 23.2R2-S2,\n * 23.4 versions before 23.4R2,\u00a0\n * 24.2 versions before 24.2R1-S1, 24.2R2." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de verificaci\u00f3n incorrecta de condiciones inusuales o excepcionales en el daemon de procesamiento de flujo (flowd) del sistema operativo Junos de Juniper Networks en las series SRX4600 y SRX5000 permite que un atacante no autenticado y l\u00f3gicamente adyacente provoque una denegaci\u00f3n de servicio (DoS). Si en un escenario de multidifusi\u00f3n se recibe una secuencia de paquetes PIM espec\u00edficos, esto provocar\u00e1 un bloqueo y reinicio de flowd, lo que lleva a una interrupci\u00f3n moment\u00e1nea del servicio. Este problema afecta a Junos OS en las series SRX 4600 y SRX 5000: * Todas las versiones anteriores a 21.4R3-S9, * Versiones 22.2 anteriores a 22.2R3-S5, * Versiones 22.3 anteriores a 22.3R3-S4, * Versiones 22.4 anteriores a 22.4R3-S4, * Versiones 23.2 anteriores a 23.2R2-S2, * Versiones 23.4 anteriores a 23.4R2, * Versiones 24.2 anteriores a 24.2R1-S1, 24.2R2." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-475xx/CVE-2024-47504.json b/CVE-2024/CVE-2024-475xx/CVE-2024-47504.json index 98a2a7e93d2..a9beeecfc7e 100644 --- a/CVE-2024/CVE-2024-475xx/CVE-2024-47504.json +++ b/CVE-2024/CVE-2024-475xx/CVE-2024-47504.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47504", "sourceIdentifier": "sirt@juniper.net", "published": "2024-10-11T16:15:11.900", - "lastModified": "2024-10-11T16:15:11.900", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An Improper Validation of Specified Type of Input vulnerability in the packet forwarding engine (pfe) Juniper Networks Junos OS on SRX5000 Series allows an unauthenticated, network based attacker to cause a Denial of Service (Dos).\n\nWhen a non-clustered SRX5000 device receives a specifically malformed packet this will cause a flowd crash and restart.\n\nThis issue affects Junos OS:\n\n * 22.1 releases 22.1R1 and later before 22.2R3-S5,\n * 22.3 releases before 22.3R3-S4,\n * 22.4 releases before 22.4R3-S4,\n * 23.2 releases before 23.2R2-S2,\n * 23.4 releases before 23.4R2-S1,\n * 24.2 releases before 24.2R1-S1, 24.2R2.\n\n\nPlease note that the PR does indicate that earlier versions have been fixed as well, but these won't be adversely impacted by this." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de validaci\u00f3n incorrecta del tipo de entrada especificado en el motor de reenv\u00edo de paquetes (pfe) de Juniper Networks Junos OS en la serie SRX5000 permite que un atacante no autenticado basado en la red provoque una denegaci\u00f3n de servicio (Dos). Cuando un dispositivo SRX5000 no agrupado recibe un paquete espec\u00edficamente malformado, esto provocar\u00e1 un bloqueo y reinicio de flowd. Este problema afecta a Junos OS: * 22.1 versiones 22.1R1 y posteriores anteriores a 22.2R3-S5, * 22.3 versiones anteriores a 22.3R3-S4, * 22.4 versiones anteriores a 22.4R3-S4, * 23.2 versiones anteriores a 23.2R2-S2, * 23.4 versiones anteriores a 23.4R2-S1, * 24.2 versiones anteriores a 24.2R1-S1, 24.2R2. Tenga en cuenta que el comunicado de prensa indica que tambi\u00e9n se han corregido versiones anteriores, pero que estas no se ver\u00e1n afectadas negativamente por esto." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-475xx/CVE-2024-47505.json b/CVE-2024/CVE-2024-475xx/CVE-2024-47505.json index f4e7ae6a723..cb78a2d257e 100644 --- a/CVE-2024/CVE-2024-475xx/CVE-2024-47505.json +++ b/CVE-2024/CVE-2024-475xx/CVE-2024-47505.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47505", "sourceIdentifier": "sirt@juniper.net", "published": "2024-10-11T16:15:12.210", - "lastModified": "2024-10-11T16:15:12.210", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An Allocation of Resources Without Limits or Throttling\u00a0vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved allows an authenticated, network-based attacker to cause an FPC crash leading to a Denial of Service (DoS).When specific SNMP GET operations or specific low-priviledged CLI commands are executed, a GUID resource leak will occur, eventually leading to exhaustion and resulting in FPCs to hang. Affected FPCs need to be manually restarted to recover.\n\nGUID exhaustion will trigger a syslog message like one of the following:\n\nevo-pfemand[]: get_next_guid: Ran out of Guid Space ...\nevo-aftmand-zx[]: get_next_guid: Ran out of Guid Space ...\nThe leak can be monitored by running the following command and taking note of the values in the rightmost column labeled Guids:\n\n\n\n\n\nuser@host> show platform application-info allocations app evo-pfemand/evo-pfemand\n\n\n\nIn case one or more of these values are constantly increasing the leak is happening.\n\nThis issue affects Junos OS Evolved:\n\n\n\n * All versions before 21.4R3-S7-EVO,\n * 22.1 versions before 22.1R3-S6-EVO,\n * 22.2 versions before 22.2R3-EVO,\u00a0\n\n * 22.3 versions before 22.3R3-EVO,\n * 22.4 versions before 22.4R2-EVO.\n\n\n\nPlease note that this issue is similar to, but different from\u00a0CVE-2024-47508 and CVE-2024-47509." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de asignaci\u00f3n de recursos sin l\u00edmites ni limitaci\u00f3n en el daemon de administraci\u00f3n PFE (evo-pfemand) de Juniper Networks Junos OS Evolved permite que un atacante autenticado basado en la red provoque un bloqueo de FPC que genere una denegaci\u00f3n de servicio (DoS). Cuando se ejecutan operaciones GET de SNMP espec\u00edficas o comandos CLI con privilegios bajos espec\u00edficos, se produce una p\u00e9rdida de recursos GUID que, con el tiempo, provoca el agotamiento y hace que los FPC se bloqueen. Los FPC afectados deben reiniciarse manualmente para recuperarse. El agotamiento de GUID activar\u00e1 un mensaje de syslog como uno de los siguientes: evo-pfemand[]: get_next_guid: Ran out of Guid Space ... evo-aftmand-zx[]: get_next_guid: Ran out of Guid Space ... La p\u00e9rdida se puede monitorear ejecutando el siguiente comando y tomando nota de los valores en la columna m\u00e1s a la derecha etiquetada como Guids: user@host> show platform application-info assignments app evo-pfemand/evo-pfemand En caso de que uno o m\u00e1s de estos valores aumenten constantemente, se est\u00e1 produciendo la p\u00e9rdida. Este problema afecta a Junos OS Evolved: * Todas las versiones anteriores a 21.4R3-S7-EVO, * Versiones 22.1 anteriores a 22.1R3-S6-EVO, * Versiones 22.2 anteriores a 22.2R3-EVO, * Versiones 22.3 anteriores a 22.3R3-EVO, * Versiones 22.4 anteriores a 22.4R2-EVO. Tenga en cuenta que este problema es similar a CVE-2024-47508 y CVE-2024-47509, pero diferente." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-475xx/CVE-2024-47506.json b/CVE-2024/CVE-2024-475xx/CVE-2024-47506.json index abd4fa273ca..aa970e7c994 100644 --- a/CVE-2024/CVE-2024-475xx/CVE-2024-47506.json +++ b/CVE-2024/CVE-2024-475xx/CVE-2024-47506.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47506", "sourceIdentifier": "sirt@juniper.net", "published": "2024-10-11T16:15:12.450", - "lastModified": "2024-10-11T16:15:12.450", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A Deadlock vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS).\n\nWhen a large amount of traffic is processed by ATP Cloud inspection, a deadlock can occur which will result in a PFE crash and restart. Whether the crash occurs, depends on system internal timing that is outside the attackers control.\n\n\n\nThis issue affects Junos OS on SRX Series:\n\n\n\n * All versions before 21.3R3-S1,\n * 21.4 versions before 21.4R3,\n * 22.1 versions before 22.1R2,\n * 22.2 versions before 22.2R1-S2, 22.2R2." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de bloqueo en el motor de reenv\u00edo de paquetes (PFE) de Juniper Networks Junos OS en SRX Series permite que un atacante no autenticado basado en la red provoque una denegaci\u00f3n de servicio (DoS). Cuando la inspecci\u00f3n de ATP Cloud procesa una gran cantidad de tr\u00e1fico, puede producirse un bloqueo que provocar\u00e1 un bloqueo y reinicio del PFE. El hecho de que se produzca el bloqueo depende de la sincronizaci\u00f3n interna del sistema que est\u00e1 fuera del control del atacante. Este problema afecta a Junos OS en SRX Series: * Todas las versiones anteriores a 21.3R3-S1, * Versiones 21.4 anteriores a 21.4R3, * Versiones 22.1 anteriores a 22.1R2, * Versiones 22.2 anteriores a 22.2R1-S2, 22.2R2." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-475xx/CVE-2024-47507.json b/CVE-2024/CVE-2024-475xx/CVE-2024-47507.json index 39745f08769..868d5ba3fe5 100644 --- a/CVE-2024/CVE-2024-475xx/CVE-2024-47507.json +++ b/CVE-2024/CVE-2024-475xx/CVE-2024-47507.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47507", "sourceIdentifier": "sirt@juniper.net", "published": "2024-10-11T16:15:12.700", - "lastModified": "2024-10-11T16:15:12.700", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause an integrity impact to the downstream devices.\n\nWhen a peer sends a BGP update message which contains the aggregator attribute with an ASN value of zero (0), rpd accepts and propagates this attribute, which can cause issues for downstream BGP peers receiving this.\n\n\n\nThis issue affects:\n\nJunos OS:\n\n\n\n * All versions before 21.4R3-S6,\n * 22.2 versions before 22.2R3-S3,\n * 22.4 versions before 22.4R3;\u00a0\n\n\n\n\n\n\n\nJunos OS Evolved:\u00a0\n\n\n\n * All versions before 21.4R3-S7-EVO,\n * 22.2 versions before 22.2R3-S4-EVO,\n * 22.4 versions before 22.4R3-EVO." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de verificaci\u00f3n incorrecta de condiciones inusuales o excepcionales en el daemon de protocolo de enrutamiento (rpd) de Juniper Networks Junos OS y Junos OS Evolved permite que un atacante no autenticado basado en la red cause un impacto en la integridad de los dispositivos de bajada. Cuando un par env\u00eda un mensaje de actualizaci\u00f3n de BGP que contiene el atributo gregator con un valor ASN de cero (0), rpd acepta y propaga este atributo, lo que puede causar problemas para los pares de BGP de bajada que lo reciben. Este problema afecta a: Junos OS: * Todas las versiones anteriores a 21.4R3-S6, * Versiones 22.2 anteriores a 22.2R3-S3, * Versiones 22.4 anteriores a 22.4R3; Junos OS Evolved: * Todas las versiones anteriores a 21.4R3-S7-EVO, * Versiones 22.2 anteriores a 22.2R3-S4-EVO, * Versiones 22.4 anteriores a 22.4R3-EVO." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-475xx/CVE-2024-47508.json b/CVE-2024/CVE-2024-475xx/CVE-2024-47508.json index cef6d69b228..74fad091b2b 100644 --- a/CVE-2024/CVE-2024-475xx/CVE-2024-47508.json +++ b/CVE-2024/CVE-2024-475xx/CVE-2024-47508.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47508", "sourceIdentifier": "sirt@juniper.net", "published": "2024-10-11T16:15:12.957", - "lastModified": "2024-10-11T16:15:12.957", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An Allocation of Resources Without Limits or Throttling\u00a0vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved allows an authenticated, network-based attacker to cause an FPC crash leading to a Denial of Service (DoS).When specific SNMP GET operations or specific low-priviledged CLI commands are executed, a GUID resource leak will occur, eventually leading to exhaustion and resulting in FPCs to hang. Affected FPCs need to be manually restarted to recover.\n\nGUID exhaustion will trigger a syslog message like one of the following:\n\nevo-pfemand[]: get_next_guid: Ran out of Guid Space ...\nevo-aftmand-zx[]: get_next_guid: Ran out of Guid Space ...\nThe leak can be monitored by running the following command and taking note of the values in the rightmost column labeled Guids:\n\n\n\n\n\nuser@host> show platform application-info allocations app evo-pfemand/evo-pfemand\n\n\n\nIn case one or more of these values are constantly increasing the leak is happening.\n\nThis issue affects Junos OS Evolved:\n\n\n\n * All versions before 21.2R3-S8-EVO,\n * 21.3 versions before 21.3R3-EVO;\n * 21.4 versions before 22.1R2-EVO,\n\n * 22.1 versions before\u00a022.1R1-S1-EVO, 22.1R2-EVO.\n\n\n\n\n\nPlease note that this issue is similar to, but different from CVE-2024-47505 and CVE-2024-47509." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de asignaci\u00f3n de recursos sin l\u00edmites ni limitaci\u00f3n en el daemon de administraci\u00f3n PFE (evo-pfemand) de Juniper Networks Junos OS Evolved permite que un atacante autenticado basado en la red provoque un bloqueo de FPC que genere una denegaci\u00f3n de servicio (DoS). Cuando se ejecutan operaciones GET de SNMP espec\u00edficas o comandos CLI con privilegios bajos espec\u00edficos, se produce una p\u00e9rdida de recursos GUID que, con el tiempo, provoca el agotamiento y hace que los FPC se bloqueen. Los FPC afectados deben reiniciarse manualmente para recuperarse. El agotamiento de GUID activar\u00e1 un mensaje de syslog como uno de los siguientes: evo-pfemand[]: get_next_guid: Ran out of Guid Space ... evo-aftmand-zx[]: get_next_guid: Ran out of Guid Space ... La p\u00e9rdida se puede monitorear ejecutando el siguiente comando y tomando nota de los valores en la columna m\u00e1s a la derecha etiquetada Guids: user@host> show platform application-info assignments app evo-pfemand/evo-pfemand En caso de que uno o m\u00e1s de estos valores aumenten constantemente, la p\u00e9rdida est\u00e1 ocurriendo. Este problema afecta a Junos OS Evolved: * Todas las versiones anteriores a 21.2R3-S8-EVO, * 21.3 versiones anteriores a 21.3R3-EVO; * 21.4 versiones anteriores a 22.1R2-EVO, * 22.1 versiones anteriores a 22.1R1-S1-EVO, 22.1R2-EVO. Tenga en cuenta que este problema es similar, pero diferente de CVE-2024-47505 y CVE-2024-47509." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-475xx/CVE-2024-47509.json b/CVE-2024/CVE-2024-475xx/CVE-2024-47509.json index 48d1cfffcbf..5ab4e168057 100644 --- a/CVE-2024/CVE-2024-475xx/CVE-2024-47509.json +++ b/CVE-2024/CVE-2024-475xx/CVE-2024-47509.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47509", "sourceIdentifier": "sirt@juniper.net", "published": "2024-10-11T16:15:13.187", - "lastModified": "2024-10-11T16:15:13.187", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An Allocation of Resources Without Limits or Throttling\u00a0vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved allows an authenticated, network-based attacker to cause an FPC crash leading to a Denial of Service (DoS).When specific SNMP GET operations or specific low-priviledged CLI commands are executed, a GUID resource leak will occur, eventually leading to exhaustion and resulting in FPCs to hang. Affected FPCs need to be manually restarted to recover.\n\nGUID exhaustion will trigger a syslog message like one of the following:\n\nevo-pfemand[]: get_next_guid: Ran out of Guid Space ...\nevo-aftmand-zx[]: get_next_guid: Ran out of Guid Space ...\nThe leak can be monitored by running the following command and taking note of the values in the rightmost column labeled Guids:\n\n\n\n\n\nuser@host> show platform application-info allocations app evo-pfemand/evo-pfemand\n\n\n\nIn case one or more of these values are constantly increasing the leak is happening.\n\nThis issue affects Junos OS Evolved:\n\n\n\n * All versions before 21.4R2-EVO,\n * 22.1 versions before 22.1R2-EVO.\n\n\n\n\n\nPlease note that this issue is similar to, but different from CVE-2024-47505 and CVE-2024-47508." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de asignaci\u00f3n de recursos sin l\u00edmites ni limitaci\u00f3n en el daemon de administraci\u00f3n PFE (evo-pfemand) de Juniper Networks Junos OS Evolved permite que un atacante autenticado basado en la red provoque un bloqueo de FPC que genere una denegaci\u00f3n de servicio (DoS). Cuando se ejecutan operaciones GET de SNMP espec\u00edficas o comandos CLI con privilegios bajos espec\u00edficos, se produce una p\u00e9rdida de recursos GUID que, con el tiempo, provoca el agotamiento y hace que los FPC se bloqueen. Los FPC afectados deben reiniciarse manualmente para recuperarse. El agotamiento de GUID activar\u00e1 un mensaje de syslog como uno de los siguientes: evo-pfemand[]: get_next_guid: Ran out of Guid Space ... evo-aftmand-zx[]: get_next_guid: Ran out of Guid Space ... La p\u00e9rdida se puede monitorear ejecutando el siguiente comando y tomando nota de los valores en la columna m\u00e1s a la derecha etiquetada Guids: user@host> show platform application-info assignments app evo-pfemand/evo-pfemand En caso de que uno o m\u00e1s de estos valores aumenten constantemente, la p\u00e9rdida est\u00e1 ocurriendo. Este problema afecta a Junos OS Evolved: * Todas las versiones anteriores a 21.4R2-EVO, * Versiones 22.1 anteriores a 22.1R2-EVO. Tenga en cuenta que este problema es similar a, pero diferente de CVE-2024-47505 y CVE-2024-47508." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-476xx/CVE-2024-47636.json b/CVE-2024/CVE-2024-476xx/CVE-2024-47636.json index ea15d1fd85d..56614ae5fc5 100644 --- a/CVE-2024/CVE-2024-476xx/CVE-2024-47636.json +++ b/CVE-2024/CVE-2024-476xx/CVE-2024-47636.json @@ -2,8 +2,8 @@ "id": "CVE-2024-47636", "sourceIdentifier": "audit@patchstack.com", "published": "2024-10-10T18:15:07.920", - "lastModified": "2024-10-10T18:15:07.920", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-476xx/CVE-2024-47648.json b/CVE-2024/CVE-2024-476xx/CVE-2024-47648.json index 4e7f177171b..cc7b5b6f025 100644 --- a/CVE-2024/CVE-2024-476xx/CVE-2024-47648.json +++ b/CVE-2024/CVE-2024-476xx/CVE-2024-47648.json @@ -2,8 +2,8 @@ "id": "CVE-2024-47648", "sourceIdentifier": "audit@patchstack.com", "published": "2024-10-10T19:15:17.067", - "lastModified": "2024-10-10T19:15:17.067", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-476xx/CVE-2024-47674.json b/CVE-2024/CVE-2024-476xx/CVE-2024-47674.json index 8370081311f..cc6a7d93e7d 100644 --- a/CVE-2024/CVE-2024-476xx/CVE-2024-47674.json +++ b/CVE-2024/CVE-2024-476xx/CVE-2024-47674.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47674", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-15T11:15:13.073", - "lastModified": "2024-10-15T11:15:13.073", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: avoid leaving partial pfn mappings around in error case\n\nAs Jann points out, PFN mappings are special, because unlike normal\nmemory mappings, there is no lifetime information associated with the\nmapping - it is just a raw mapping of PFNs with no reference counting of\na 'struct page'.\n\nThat's all very much intentional, but it does mean that it's easy to\nmess up the cleanup in case of errors. Yes, a failed mmap() will always\neventually clean up any partial mappings, but without any explicit\nlifetime in the page table mapping itself, it's very easy to do the\nerror handling in the wrong order.\n\nIn particular, it's easy to mistakenly free the physical backing store\nbefore the page tables are actually cleaned up and (temporarily) have\nstale dangling PTE entries.\n\nTo make this situation less error-prone, just make sure that any partial\npfn mapping is torn down early, before any other error handling." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mm: evitar dejar asignaciones pfn parciales en caso de error Como se\u00f1ala Jann, las asignaciones PFN son especiales, porque a diferencia de las asignaciones de memoria normales, no hay informaci\u00f3n de duraci\u00f3n asociada con la asignaci\u00f3n: es solo una asignaci\u00f3n sin procesar de PFN sin recuento de referencias de una 'p\u00e1gina de estructura'. Todo eso es muy intencional, pero significa que es f\u00e1cil arruinar la limpieza en caso de errores. S\u00ed, un mmap() fallido siempre limpiar\u00e1 eventualmente cualquier asignaci\u00f3n parcial, pero sin ninguna duraci\u00f3n expl\u00edcita en la asignaci\u00f3n de la tabla de p\u00e1ginas en s\u00ed, es muy f\u00e1cil hacer el manejo de errores en el orden incorrecto. En particular, es f\u00e1cil liberar por error el almacenamiento de respaldo f\u00edsico antes de que las tablas de p\u00e1ginas se limpien realmente y (temporalmente) tengan entradas PTE colgantes obsoletas. Para hacer que esta situaci\u00f3n sea menos propensa a errores, simplemente aseg\u00farese de que cualquier asignaci\u00f3n pfn parcial se elimine temprano, antes de cualquier otro manejo de errores." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-477xx/CVE-2024-47766.json b/CVE-2024/CVE-2024-477xx/CVE-2024-47766.json index c26cdb87c89..1977ae39992 100644 --- a/CVE-2024/CVE-2024-477xx/CVE-2024-47766.json +++ b/CVE-2024/CVE-2024-477xx/CVE-2024-47766.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47766", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-14T18:15:04.387", - "lastModified": "2024-10-14T18:15:04.387", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap Community Edition 15.13.99.110, Tuleap Enterprise Edition 15.13-5, and Tuleap Enterprise Edition 15.12-5, administrators of a project can access the content of trackers with permissions restrictions of project they are members of but not admin via the cross tracker search widget. Tuleap Community Edition 15.13.99.110, Tuleap Enterprise Edition 15.13-5, and Tuleap Enterprise Edition 15.12-8 fix this issue." + }, + { + "lang": "es", + "value": "Tuleap es una herramienta para la trazabilidad de extremo a extremo de los desarrollos de aplicaciones y sistemas. Antes de Tuleap Community Edition 15.13.99.110, Tuleap Enterprise Edition 15.13-5 y Tuleap Enterprise Edition 15.12-5, los administradores de un proyecto pueden acceder al contenido de los rastreadores con restricciones de permisos del proyecto del que son miembros pero no administradores a trav\u00e9s del widget de b\u00fasqueda de rastreadores cruzados. Tuleap Community Edition 15.13.99.110, Tuleap Enterprise Edition 15.13-5 y Tuleap Enterprise Edition 15.12-8 solucionan este problema." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-477xx/CVE-2024-47767.json b/CVE-2024/CVE-2024-477xx/CVE-2024-47767.json index 1bf5c3b09f9..039c1ed6812 100644 --- a/CVE-2024/CVE-2024-477xx/CVE-2024-47767.json +++ b/CVE-2024/CVE-2024-477xx/CVE-2024-47767.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47767", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-14T18:15:04.593", - "lastModified": "2024-10-14T18:15:04.593", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap Community Edition 15.13.99.113, Tuleap Enterprise Edition 15.13-5, and Tuleap Enterprise Edition 15.12-5, users might see tracker names they should not have access to. Tuleap Community Edition 15.13.99.113, Tuleap Enterprise Edition 15.13-5, and Tuleap Enterprise Edition 15.12-8 fix this issue." + }, + { + "lang": "es", + "value": "Tuleap es una herramienta para la trazabilidad de extremo a extremo de los desarrollos de aplicaciones y sistemas. En versiones anteriores a Tuleap Community Edition 15.13.99.113, Tuleap Enterprise Edition 15.13-5 y Tuleap Enterprise Edition 15.12-5, los usuarios pod\u00edan ver nombres de rastreadores a los que no deber\u00edan tener acceso. Tuleap Community Edition 15.13.99.113, Tuleap Enterprise Edition 15.13-5 y Tuleap Enterprise Edition 15.12-8 solucionan este problema." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-478xx/CVE-2024-47826.json b/CVE-2024/CVE-2024-478xx/CVE-2024-47826.json index 909585443af..a0efd4c4f85 100644 --- a/CVE-2024/CVE-2024-478xx/CVE-2024-47826.json +++ b/CVE-2024/CVE-2024-478xx/CVE-2024-47826.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47826", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-14T18:15:04.800", - "lastModified": "2024-10-14T18:15:04.800", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "eLabFTW is an open source electronic lab notebook for research labs. A vulnerability in versions prior to 5.1.5 allows an attacker to inject arbitrary HTML tags in the pages: \"experiments.php\" (show mode), \"database.php\" (show mode) or \"search.php\". It works by providing HTML code in the extended search string, which will then be displayed back to the user in the error message. This means that injected HTML will appear in a red \"alert/danger\" box, and be part of an error message. Due to some other security measures, it is not possible to execute arbitrary javascript from this attack. As such, this attack is deemed low impact. Users should upgrade to at least version 5.1.5 to receive a patch. No known workarounds are available." + }, + { + "lang": "es", + "value": "eLabFTW es un cuaderno de laboratorio electr\u00f3nico de c\u00f3digo abierto para laboratorios de investigaci\u00f3n. Una vulnerabilidad en versiones anteriores a la 5.1.5 permite a un atacante inyectar etiquetas HTML arbitrarias en las p\u00e1ginas: \"experiments.php\" (modo de visualizaci\u00f3n), \"database.php\" (modo de visualizaci\u00f3n) o \"search.php\". Funciona proporcionando c\u00f3digo HTML en la cadena de b\u00fasqueda extendida, que luego se mostrar\u00e1 al usuario en el mensaje de error. Esto significa que el HTML inyectado aparecer\u00e1 en un cuadro rojo de \"alerta/peligro\" y ser\u00e1 parte de un mensaje de error. Debido a otras medidas de seguridad, no es posible ejecutar javascript arbitrario desde este ataque. Como tal, este ataque se considera de bajo impacto. Los usuarios deben actualizar al menos a la versi\u00f3n 5.1.5 para recibir un parche. No se workarounds disponibles." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-478xx/CVE-2024-47830.json b/CVE-2024/CVE-2024-478xx/CVE-2024-47830.json index 1d62e7819f2..655c8ed9780 100644 --- a/CVE-2024/CVE-2024-478xx/CVE-2024-47830.json +++ b/CVE-2024/CVE-2024-478xx/CVE-2024-47830.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47830", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-11T15:15:05.613", - "lastModified": "2024-10-11T15:15:05.613", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Plane is an open-source project management tool. Plane uses the ** wildcard support to retrieve the image from any hostname as in /web/next.config.js. This may permit an attacker to induce the server side into performing requests to unintended locations. This vulnerability is fixed in 0.23.0." + }, + { + "lang": "es", + "value": "Plane es una herramienta de gesti\u00f3n de proyectos de c\u00f3digo abierto. Plane utiliza el comod\u00edn ** para recuperar la imagen de cualquier nombre de host, como en /web/next.config.js. Esto puede permitir que un atacante induzca al servidor a realizar solicitudes a ubicaciones no deseadas. Esta vulnerabilidad se corrigi\u00f3 en la versi\u00f3n 0.23.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-478xx/CVE-2024-47831.json b/CVE-2024/CVE-2024-478xx/CVE-2024-47831.json index 1f71ed631d6..79dd3de272a 100644 --- a/CVE-2024/CVE-2024-478xx/CVE-2024-47831.json +++ b/CVE-2024/CVE-2024-478xx/CVE-2024-47831.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47831", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-14T18:15:05.013", - "lastModified": "2024-10-14T18:15:05.013", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Next.js is a React Framework for the Web. Cersions on the 10.x, 11.x, 12.x, 13.x, and 14.x branches before version 14.2.7 contain a vulnerability in the image optimization feature which allows for a potential Denial of Service (DoS) condition which could lead to excessive CPU consumption. Neither the `next.config.js` file that is configured with `images.unoptimized` set to `true` or `images.loader` set to a non-default value nor the Next.js application that is hosted on Vercel are affected. This issue was fully patched in Next.js `14.2.7`. As a workaround, ensure that the `next.config.js` file has either `images.unoptimized`, `images.loader` or `images.loaderFile` assigned." + }, + { + "lang": "es", + "value": "Next.js es un framework de trabajo de React para la Web. Las versiones 10.x, 11.x, 12.x, 13.x y 14.x anteriores a la versi\u00f3n 14.2.7 contienen una vulnerabilidad en la funci\u00f3n de optimizaci\u00f3n de im\u00e1genes que permite una posible condici\u00f3n de denegaci\u00f3n de servicio (DoS) que podr\u00eda provocar un consumo excesivo de CPU. Ni el archivo `next.config.js` que est\u00e1 configurado con `images.unoptimized` establecido en `true` o `images.loader` establecido en un valor que no sea el predeterminado ni la aplicaci\u00f3n Next.js alojada en Vercel se ven afectados. Este problema se solucion\u00f3 por completo en Next.js `14.2.7`. Como workaround, aseg\u00farese de que el archivo `next.config.js` tenga asignado `images.unoptimized`, `images.loader` o `images.loaderFile`." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-478xx/CVE-2024-47867.json b/CVE-2024/CVE-2024-478xx/CVE-2024-47867.json index 709be200b1d..70b3b7b3266 100644 --- a/CVE-2024/CVE-2024-478xx/CVE-2024-47867.json +++ b/CVE-2024/CVE-2024-478xx/CVE-2024-47867.json @@ -2,8 +2,8 @@ "id": "CVE-2024-47867", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-10T23:15:02.640", - "lastModified": "2024-10-10T23:15:02.640", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-478xx/CVE-2024-47868.json b/CVE-2024/CVE-2024-478xx/CVE-2024-47868.json index 794ac4207d6..b280743a05e 100644 --- a/CVE-2024/CVE-2024-478xx/CVE-2024-47868.json +++ b/CVE-2024/CVE-2024-478xx/CVE-2024-47868.json @@ -2,8 +2,8 @@ "id": "CVE-2024-47868", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-10T23:15:02.797", - "lastModified": "2024-10-10T23:15:02.797", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-478xx/CVE-2024-47869.json b/CVE-2024/CVE-2024-478xx/CVE-2024-47869.json index 3a56f053ea1..d1c3127aaeb 100644 --- a/CVE-2024/CVE-2024-478xx/CVE-2024-47869.json +++ b/CVE-2024/CVE-2024-478xx/CVE-2024-47869.json @@ -2,8 +2,8 @@ "id": "CVE-2024-47869", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-10T23:15:02.930", - "lastModified": "2024-10-10T23:15:02.930", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-478xx/CVE-2024-47870.json b/CVE-2024/CVE-2024-478xx/CVE-2024-47870.json index defae2ba31e..678390393f1 100644 --- a/CVE-2024/CVE-2024-478xx/CVE-2024-47870.json +++ b/CVE-2024/CVE-2024-478xx/CVE-2024-47870.json @@ -2,8 +2,8 @@ "id": "CVE-2024-47870", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-10T23:15:03.070", - "lastModified": "2024-10-10T23:15:03.070", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-478xx/CVE-2024-47871.json b/CVE-2024/CVE-2024-478xx/CVE-2024-47871.json index 9701cc85f4e..dff71f64e22 100644 --- a/CVE-2024/CVE-2024-478xx/CVE-2024-47871.json +++ b/CVE-2024/CVE-2024-478xx/CVE-2024-47871.json @@ -2,8 +2,8 @@ "id": "CVE-2024-47871", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-10T23:15:03.187", - "lastModified": "2024-10-10T23:15:03.187", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-478xx/CVE-2024-47872.json b/CVE-2024/CVE-2024-478xx/CVE-2024-47872.json index c79f2e79e27..563193dc480 100644 --- a/CVE-2024/CVE-2024-478xx/CVE-2024-47872.json +++ b/CVE-2024/CVE-2024-478xx/CVE-2024-47872.json @@ -2,8 +2,8 @@ "id": "CVE-2024-47872", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-10T23:15:03.303", - "lastModified": "2024-10-10T23:15:03.303", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-478xx/CVE-2024-47875.json b/CVE-2024/CVE-2024-478xx/CVE-2024-47875.json index bd80b33a3c2..f21149e3445 100644 --- a/CVE-2024/CVE-2024-478xx/CVE-2024-47875.json +++ b/CVE-2024/CVE-2024-478xx/CVE-2024-47875.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47875", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-11T15:15:05.860", - "lastModified": "2024-10-11T15:15:05.860", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMpurify was vulnerable to nesting-based mXSS. This vulnerability is fixed in 2.5.0 and 3.1.3." + }, + { + "lang": "es", + "value": "DOMPurify es un desinfectante de XSS ultrarr\u00e1pido, ultratolerante y exclusivo de DOM para HTML, MathML y SVG. DOMpurify era vulnerable a mXSS basado en anidamiento. Esta vulnerabilidad se solucion\u00f3 en 2.5.0 y 3.1.3." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-478xx/CVE-2024-47877.json b/CVE-2024/CVE-2024-478xx/CVE-2024-47877.json index 90cb98b1ec5..53ba5823388 100644 --- a/CVE-2024/CVE-2024-478xx/CVE-2024-47877.json +++ b/CVE-2024/CVE-2024-478xx/CVE-2024-47877.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47877", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-11T17:15:04.450", - "lastModified": "2024-10-11T17:15:04.450", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Extract is aA Go library to extract archives in zip, tar.gz or tar.bz2 formats. A maliciously crafted archive may allow an attacker to create a symlink outside the extraction target directory. This vulnerability is fixed in 4.0.0. If you're using the Extractor.FS interface, then upgrading to /v4 will require to implement the new methods that have been added." + }, + { + "lang": "es", + "value": "Extract es una librer\u00eda Go para extraer archivos en formato zip, tar.gz o tar.bz2. Un archivo manipulado con fines malintencionados puede permitir a un atacante crear un enlace simb\u00f3lico fuera del directorio de destino de la extracci\u00f3n. Esta vulnerabilidad se ha corregido en la versi\u00f3n 4.0.0. Si utiliza la interfaz Extractor.FS, la actualizaci\u00f3n a /v4 requerir\u00e1 la implementaci\u00f3n de los nuevos m\u00e9todos que se han a\u00f1adido." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-478xx/CVE-2024-47884.json b/CVE-2024/CVE-2024-478xx/CVE-2024-47884.json index 7ee52b018dd..0c4141360cd 100644 --- a/CVE-2024/CVE-2024-478xx/CVE-2024-47884.json +++ b/CVE-2024/CVE-2024-478xx/CVE-2024-47884.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47884", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-11T20:15:04.993", - "lastModified": "2024-10-11T20:15:04.993", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "foxmarks is a CLI read-only interface for Firefox's bookmarks and history. A temporary file was created under the /tmp directory with read permissions for all users containing a copy of Firefox's database of bookmarks, history, input history, visits counter, use counter, view counter and more confidential information about the history of using Firefox. Permissions default to 0o600 for NamedTempFile. However, after copying the database, its permissions were copied with it resulting in an insecure file with 0x644 permissions. A malicious user is able to read the database when the targeted user executes foxmarks bookmarks or foxmarks history. This vulnerability is patched in v2.1.0." + }, + { + "lang": "es", + "value": "foxmarks es una interfaz CLI de solo lectura para los marcadores e historial de Firefox. Se cre\u00f3 un archivo temporal en el directorio /tmp con permisos de lectura para todos los usuarios que conten\u00eda una copia de la base de datos de marcadores, historial, historial de entradas, contador de visitas, contador de uso, contador de vistas y m\u00e1s informaci\u00f3n confidencial sobre el historial de uso de Firefox. Los permisos predeterminados son 0o600 para NamedTempFile. Sin embargo, despu\u00e9s de copiar la base de datos, sus permisos se copiaron con ella, lo que result\u00f3 en un archivo inseguro con permisos 0x644. Un usuario malintencionado puede leer la base de datos cuando el usuario objetivo ejecuta foxmarks bookmarks o foxmarks history. Esta vulnerabilidad est\u00e1 parcheada en v2.1.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-478xx/CVE-2024-47885.json b/CVE-2024/CVE-2024-478xx/CVE-2024-47885.json index 4c9fad2de13..25e5bf4495e 100644 --- a/CVE-2024/CVE-2024-478xx/CVE-2024-47885.json +++ b/CVE-2024/CVE-2024-478xx/CVE-2024-47885.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47885", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-14T19:15:10.903", - "lastModified": "2024-10-14T19:15:10.903", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Astro web framework has a DOM Clobbering gadget in the client-side router starting in version 3.0.0 and prior to version 4.16.1. It can lead to cross-site scripting (XSS) in websites enables Astro's client-side routing and has *stored* attacker-controlled scriptless HTML elements (i.e., `iframe` tags with unsanitized `name` attributes) on the destination pages. This vulnerability can result in cross-site scripting (XSS) attacks on websites that built with Astro that enable the client-side routing with `ViewTransitions` and store the user-inserted scriptless HTML tags without properly sanitizing the `name` attributes on the page. Version 4.16.1 contains a patch for this issue." + }, + { + "lang": "es", + "value": "El framework web Astro tiene un gadget de DOM Clobbering en el enrutador del lado del cliente a partir de la versi\u00f3n 3.0.0 y antes de la versi\u00f3n 4.16.1. Puede provocar Cross Site Scripting (XSS) en sitios web que habilitan el enrutamiento del lado del cliente de Astro y han *almacenado* elementos HTML sin secuencias de comandos controlados por el atacante (es decir, etiquetas `iframe` con atributos `name` sin sanear) en las p\u00e1ginas de destino. Esta vulnerabilidad puede provocar ataques de Cross Site Scripting (XSS) en sitios web creados con Astro que habilitan el enrutamiento del lado del cliente con `ViewTransitions` y almacenan las etiquetas HTML sin secuencias de comandos insertadas por el usuario sin sanear adecuadamente los atributos `name` en la p\u00e1gina. La versi\u00f3n 4.16.1 contiene un parche para este problema." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-479xx/CVE-2024-47943.json b/CVE-2024/CVE-2024-479xx/CVE-2024-47943.json index a1772238610..7cbe302cba2 100644 --- a/CVE-2024/CVE-2024-479xx/CVE-2024-47943.json +++ b/CVE-2024/CVE-2024-479xx/CVE-2024-47943.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47943", "sourceIdentifier": "551230f0-3615-47bd-b7cc-93e92e730bbf", "published": "2024-10-15T09:15:03.357", - "lastModified": "2024-10-15T09:15:03.357", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The firmware upgrade function in the admin web interface of the Rittal\u00a0IoT Interface & CMC III Processing Unit devices checks if \nthe patch files are signed before executing the containing run.sh \nscript. The signing process is kind of an HMAC with a long string as key\n which is hard-coded in the firmware and is freely available for \ndownload. This allows crafting malicious \"signed\" .patch files in order \nto compromise the device and execute arbitrary code." + }, + { + "lang": "es", + "value": "La funci\u00f3n de actualizaci\u00f3n de firmware en la interfaz web de administraci\u00f3n de los dispositivos Rittal IoT Interface & CMC III Processing Unit comprueba si los archivos de parche est\u00e1n firmados antes de ejecutar el script run.sh que los contiene. El proceso de firma es una especie de HMAC con una cadena larga como clave que est\u00e1 codificada en el firmware y est\u00e1 disponible de forma gratuita para su descarga. Esto permite manipular archivos .patch \"firmados\" maliciosos para comprometer el dispositivo y ejecutar c\u00f3digo arbitrario." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-479xx/CVE-2024-47944.json b/CVE-2024/CVE-2024-479xx/CVE-2024-47944.json index a1470a5962d..de7b6483fb9 100644 --- a/CVE-2024/CVE-2024-479xx/CVE-2024-47944.json +++ b/CVE-2024/CVE-2024-479xx/CVE-2024-47944.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47944", "sourceIdentifier": "551230f0-3615-47bd-b7cc-93e92e730bbf", "published": "2024-10-15T09:15:03.580", - "lastModified": "2024-10-15T09:15:03.580", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The device directly executes .patch firmware upgrade files on a USB stick without any prior authentication in the admin interface. This leads to an unauthenticated code execution via the\u00a0firmware upgrade function." + }, + { + "lang": "es", + "value": "El dispositivo ejecuta directamente los archivos de actualizaci\u00f3n de firmware .patch en una memoria USB sin ninguna autenticaci\u00f3n previa en la interfaz de administraci\u00f3n. Esto da lugar a una ejecuci\u00f3n de c\u00f3digo no autenticado a trav\u00e9s de la funci\u00f3n de actualizaci\u00f3n de firmware." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-479xx/CVE-2024-47945.json b/CVE-2024/CVE-2024-479xx/CVE-2024-47945.json index 5beb5e31827..c2b178f6733 100644 --- a/CVE-2024/CVE-2024-479xx/CVE-2024-47945.json +++ b/CVE-2024/CVE-2024-479xx/CVE-2024-47945.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47945", "sourceIdentifier": "551230f0-3615-47bd-b7cc-93e92e730bbf", "published": "2024-10-15T10:15:03.973", - "lastModified": "2024-10-15T10:15:03.973", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The devices are vulnerable to session hijacking due to insufficient \nentropy in its session ID generation algorithm. The session IDs are \npredictable, with only 32,768 possible values per user, which allows \nattackers to pre-generate valid session IDs, leading to unauthorized \naccess to user sessions. This is not only due to the use of an \n(insecure) rand() function call but also because of missing \ninitialization via srand(). As a result only the PIDs are effectively \nused as seed." + }, + { + "lang": "es", + "value": "Los dispositivos son vulnerables al secuestro de sesiones debido a la entrop\u00eda insuficiente en su algoritmo de generaci\u00f3n de identificadores de sesi\u00f3n. Los identificadores de sesi\u00f3n son predecibles, con solo 32 768 valores posibles por usuario, lo que permite a los atacantes generar previamente identificadores de sesi\u00f3n v\u00e1lidos, lo que conduce a un acceso no autorizado a las sesiones de usuario. Esto no solo se debe al uso de una llamada a la funci\u00f3n rand() (insegura), sino tambi\u00e9n a la falta de inicializaci\u00f3n a trav\u00e9s de srand(). Como resultado, solo los identificadores PID se utilizan de manera efectiva como semilla." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-479xx/CVE-2024-47962.json b/CVE-2024/CVE-2024-479xx/CVE-2024-47962.json index 2ae9d2fa523..480ae88bd53 100644 --- a/CVE-2024/CVE-2024-479xx/CVE-2024-47962.json +++ b/CVE-2024/CVE-2024-479xx/CVE-2024-47962.json @@ -2,8 +2,8 @@ "id": "CVE-2024-47962", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2024-10-10T18:15:08.183", - "lastModified": "2024-10-10T18:15:08.183", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-479xx/CVE-2024-47963.json b/CVE-2024/CVE-2024-479xx/CVE-2024-47963.json index 012cb1c42f7..0641f6a909a 100644 --- a/CVE-2024/CVE-2024-479xx/CVE-2024-47963.json +++ b/CVE-2024/CVE-2024-479xx/CVE-2024-47963.json @@ -2,8 +2,8 @@ "id": "CVE-2024-47963", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2024-10-10T18:15:08.330", - "lastModified": "2024-10-10T18:15:08.330", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-479xx/CVE-2024-47964.json b/CVE-2024/CVE-2024-479xx/CVE-2024-47964.json index 7f90458fb8d..693a1f86688 100644 --- a/CVE-2024/CVE-2024-479xx/CVE-2024-47964.json +++ b/CVE-2024/CVE-2024-479xx/CVE-2024-47964.json @@ -2,8 +2,8 @@ "id": "CVE-2024-47964", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2024-10-10T18:15:08.470", - "lastModified": "2024-10-10T18:15:08.470", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-479xx/CVE-2024-47965.json b/CVE-2024/CVE-2024-479xx/CVE-2024-47965.json index 8c235354a72..0efe2a69c43 100644 --- a/CVE-2024/CVE-2024-479xx/CVE-2024-47965.json +++ b/CVE-2024/CVE-2024-479xx/CVE-2024-47965.json @@ -2,8 +2,8 @@ "id": "CVE-2024-47965", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2024-10-10T18:15:08.587", - "lastModified": "2024-10-10T18:15:08.587", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-479xx/CVE-2024-47966.json b/CVE-2024/CVE-2024-479xx/CVE-2024-47966.json index 0c6f45d16e8..f34042d5301 100644 --- a/CVE-2024/CVE-2024-479xx/CVE-2024-47966.json +++ b/CVE-2024/CVE-2024-479xx/CVE-2024-47966.json @@ -2,8 +2,8 @@ "id": "CVE-2024-47966", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2024-10-10T18:15:08.710", - "lastModified": "2024-10-10T18:15:08.710", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-480xx/CVE-2024-48020.json b/CVE-2024/CVE-2024-480xx/CVE-2024-48020.json index e4742afdf88..0f3c02b2ee8 100644 --- a/CVE-2024/CVE-2024-480xx/CVE-2024-48020.json +++ b/CVE-2024/CVE-2024-480xx/CVE-2024-48020.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48020", "sourceIdentifier": "audit@patchstack.com", "published": "2024-10-11T19:15:10.220", - "lastModified": "2024-10-11T19:15:10.220", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Revmakx Backup and Staging by WP Time Capsule allows SQL Injection.This issue affects Backup and Staging by WP Time Capsule: from n/a through 1.22.21." + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de elementos especiales utilizados en un comando SQL ('Inyecci\u00f3n SQL') en Revmakx Backup and Staging de WP Time Capsule permite la inyecci\u00f3n SQL. Este problema afecta a Backup and Staging de WP Time Capsule: desde n/a hasta 1.22.21." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-480xx/CVE-2024-48033.json b/CVE-2024/CVE-2024-480xx/CVE-2024-48033.json index b918c9e4d94..923d71d0ddd 100644 --- a/CVE-2024/CVE-2024-480xx/CVE-2024-48033.json +++ b/CVE-2024/CVE-2024-480xx/CVE-2024-48033.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48033", "sourceIdentifier": "audit@patchstack.com", "published": "2024-10-11T19:15:10.430", - "lastModified": "2024-10-11T19:15:10.430", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Deserialization of Untrusted Data vulnerability in Elie Burstein, Baptiste Gourdin Talkback allows Object Injection.This issue affects Talkback: from n/a through 1.0." + }, + { + "lang": "es", + "value": "La vulnerabilidad de deserializaci\u00f3n de datos no confiables en Elie Burstein, Baptiste Gourdin Talkback permite la inyecci\u00f3n de objetos. Este problema afecta a Talkback: desde n/a hasta 1.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-480xx/CVE-2024-48040.json b/CVE-2024/CVE-2024-480xx/CVE-2024-48040.json index 14a6711f577..02d36e24389 100644 --- a/CVE-2024/CVE-2024-480xx/CVE-2024-48040.json +++ b/CVE-2024/CVE-2024-480xx/CVE-2024-48040.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48040", "sourceIdentifier": "audit@patchstack.com", "published": "2024-10-11T19:15:10.660", - "lastModified": "2024-10-11T19:15:10.660", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tainacan.Org Tainacan allows SQL Injection.This issue affects Tainacan: from n/a through 0.21.8." + }, + { + "lang": "es", + "value": "Vulnerabilidad de neutralizaci\u00f3n incorrecta de elementos especiales utilizados en un comando SQL ('Inyecci\u00f3n SQL') en Tainacan.Org Tainacan permite la inyecci\u00f3n SQL. Este problema afecta a Tainacan: desde n/a hasta 0.21.8." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-480xx/CVE-2024-48041.json b/CVE-2024/CVE-2024-480xx/CVE-2024-48041.json index 8c003042b9f..849f11cf19b 100644 --- a/CVE-2024/CVE-2024-480xx/CVE-2024-48041.json +++ b/CVE-2024/CVE-2024-480xx/CVE-2024-48041.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48041", "sourceIdentifier": "audit@patchstack.com", "published": "2024-10-11T19:15:10.880", - "lastModified": "2024-10-11T19:15:10.880", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CreativeMindsSolutions CM Tooltip Glossary allows Stored XSS.This issue affects CM Tooltip Glossary: from n/a through 4.3.9." + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web (XSS o 'Cross-site Scripting') en CreativeMindsSolutions CM Tooltip Glossary permite XSS almacenado. Este problema afecta al glosario de informaci\u00f3n sobre herramientas CM: desde n/a hasta 4.3.9." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-481xx/CVE-2024-48119.json b/CVE-2024/CVE-2024-481xx/CVE-2024-48119.json index c68795ce2b7..59a59e842bf 100644 --- a/CVE-2024/CVE-2024-481xx/CVE-2024-48119.json +++ b/CVE-2024/CVE-2024-481xx/CVE-2024-48119.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48119", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-14T14:15:11.597", - "lastModified": "2024-10-14T14:15:11.597", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Vtiger CRM v8.2.0 has a HTML Injection vulnerability in the module parameter. Authenticated users can inject arbitrary HTML." + }, + { + "lang": "es", + "value": "Vtiger CRM v8.2.0 tiene una vulnerabilidad de inyecci\u00f3n de HTML en el par\u00e1metro del m\u00f3dulo. Los usuarios autenticados pueden inyectar HTML arbitrario." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-481xx/CVE-2024-48120.json b/CVE-2024/CVE-2024-481xx/CVE-2024-48120.json index fbcc1c92820..e86c8d5964a 100644 --- a/CVE-2024/CVE-2024-481xx/CVE-2024-48120.json +++ b/CVE-2024/CVE-2024-481xx/CVE-2024-48120.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48120", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-14T14:15:11.780", - "lastModified": "2024-10-14T14:15:11.780", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "X2CRM v8.5 is vulnerable to a stored Cross-Site Scripting (XSS) in the \"Opportunities\" module. An attacker can inject malicious JavaScript code into the \"Name\" field when creating a list." + }, + { + "lang": "es", + "value": "X2CRM v8.5 es vulnerable a un ataque Cross-Site Scripting (XSS) almacenado en el m\u00f3dulo \"Oportunidades\". Un atacante puede inyectar c\u00f3digo JavaScript malicioso en el campo \"Nombre\" al crear una lista." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-481xx/CVE-2024-48150.json b/CVE-2024/CVE-2024-481xx/CVE-2024-48150.json index d2fd1f9f208..0d62b0af78b 100644 --- a/CVE-2024/CVE-2024-481xx/CVE-2024-48150.json +++ b/CVE-2024/CVE-2024-481xx/CVE-2024-48150.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48150", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-14T16:15:03.750", - "lastModified": "2024-10-14T16:15:03.750", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the sub_451208 function." + }, + { + "lang": "es", + "value": "D-Link DIR-820L 1.05B03 tiene una vulnerabilidad de desbordamiento de pila en la funci\u00f3n sub_451208." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-481xx/CVE-2024-48153.json b/CVE-2024/CVE-2024-481xx/CVE-2024-48153.json index 487f0aeec6b..3f7072faabd 100644 --- a/CVE-2024/CVE-2024-481xx/CVE-2024-48153.json +++ b/CVE-2024/CVE-2024-481xx/CVE-2024-48153.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48153", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-14T16:15:03.840", - "lastModified": "2024-10-14T16:15:03.840", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the get_subconfig function." + }, + { + "lang": "es", + "value": "DrayTek Vigor3900 1.5.1.3 permite a los atacantes inyectar comandos maliciosos en mainfunction.cgi y ejecutar comandos arbitrarios llamando a la funci\u00f3n get_subconfig." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-481xx/CVE-2024-48168.json b/CVE-2024/CVE-2024-481xx/CVE-2024-48168.json index 489edd8c534..fa3c3b8f5b3 100644 --- a/CVE-2024/CVE-2024-481xx/CVE-2024-48168.json +++ b/CVE-2024/CVE-2024-481xx/CVE-2024-48168.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48168", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-14T17:15:13.520", - "lastModified": "2024-10-14T17:15:13.520", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A stack overflow vulnerability exists in the sub_402280 function of the HNAP service of D-Link DCS-960L 1.09, allowing an attacker to execute arbitrary code." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de desbordamiento de pila en la funci\u00f3n sub_402280 del servicio HNAP de D-Link DCS-960L 1.09, que permite a un atacante ejecutar c\u00f3digo arbitrario." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-482xx/CVE-2024-48249.json b/CVE-2024/CVE-2024-482xx/CVE-2024-48249.json index ba789ab098b..e55bb8775eb 100644 --- a/CVE-2024/CVE-2024-482xx/CVE-2024-48249.json +++ b/CVE-2024/CVE-2024-482xx/CVE-2024-48249.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48249", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-14T15:15:13.760", - "lastModified": "2024-10-14T15:15:13.760", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Wavelog 1.8.5 allows Gridmap_model.php get_band_confirmed SQL injection via band, sat, propagation, or mode." + }, + { + "lang": "es", + "value": "Wavelog 1.8.5 permite la inyecci\u00f3n SQL get_band_confirmed de Gridmap_model.php mediante banda, sat\u00e9lite, propagaci\u00f3n o modo." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-482xx/CVE-2024-48251.json b/CVE-2024/CVE-2024-482xx/CVE-2024-48251.json index 0a7d59f019b..20c6392371c 100644 --- a/CVE-2024/CVE-2024-482xx/CVE-2024-48251.json +++ b/CVE-2024/CVE-2024-482xx/CVE-2024-48251.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48251", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-14T15:15:13.857", - "lastModified": "2024-10-14T15:15:13.857", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Wavelog 1.8.5 allows Activated_gridmap_model.php get_band_confirmed SQL injection via band, sat, propagation, or mode." + }, + { + "lang": "es", + "value": "Wavelog 1.8.5 permite la inyecci\u00f3n SQL get_band_confirmed de Activated_gridmap_model.php mediante banda, sat\u00e9lite, propagaci\u00f3n o modo." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-482xx/CVE-2024-48253.json b/CVE-2024/CVE-2024-482xx/CVE-2024-48253.json index fec3b84c9ee..5e94d7c2d4e 100644 --- a/CVE-2024/CVE-2024-482xx/CVE-2024-48253.json +++ b/CVE-2024/CVE-2024-482xx/CVE-2024-48253.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48253", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-14T14:15:11.857", - "lastModified": "2024-10-14T14:15:11.857", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cloudlog 2.6.15 allows Oqrs.php delete_oqrs_line id SQL injection." + }, + { + "lang": "es", + "value": "Cloudlog 2.6.15 permite la inyecci\u00f3n SQL del identificador delete_oqrs_line de Oqrs.php." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-482xx/CVE-2024-48255.json b/CVE-2024/CVE-2024-482xx/CVE-2024-48255.json index 2c52e47cdf8..4991b018d7e 100644 --- a/CVE-2024/CVE-2024-482xx/CVE-2024-48255.json +++ b/CVE-2024/CVE-2024-482xx/CVE-2024-48255.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48255", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-14T14:15:11.937", - "lastModified": "2024-10-14T14:15:11.937", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cloudlog 2.6.15 allows Oqrs.php get_station_info station_id SQL injection." + }, + { + "lang": "es", + "value": "Cloudlog 2.6.15 permite la inyecci\u00f3n SQL de Oqrs.php get_station_info station_id." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-482xx/CVE-2024-48257.json b/CVE-2024/CVE-2024-482xx/CVE-2024-48257.json index 5544947fc07..a9b519f8196 100644 --- a/CVE-2024/CVE-2024-482xx/CVE-2024-48257.json +++ b/CVE-2024/CVE-2024-482xx/CVE-2024-48257.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48257", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-14T15:15:13.947", - "lastModified": "2024-10-14T15:15:13.947", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Wavelog 1.8.5 allows Oqrs_model.php get_worked_modes station_id SQL injectioin." + }, + { + "lang": "es", + "value": "Wavelog 1.8.5 permite la inyecci\u00f3n SQL de Oqrs_model.php get_worked_modes station_id." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-482xx/CVE-2024-48259.json b/CVE-2024/CVE-2024-482xx/CVE-2024-48259.json index 46f62805ec3..429b52e4399 100644 --- a/CVE-2024/CVE-2024-482xx/CVE-2024-48259.json +++ b/CVE-2024/CVE-2024-482xx/CVE-2024-48259.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48259", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-14T15:15:14.033", - "lastModified": "2024-10-14T15:15:14.033", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cloudlog 2.6.15 allows Oqrs.php request_form SQL injection via station_id or callsign." + }, + { + "lang": "es", + "value": "Cloudlog 2.6.15 permite la inyecci\u00f3n SQL de request_form Oqrs.php a trav\u00e9s de station_id o callsign." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-482xx/CVE-2024-48278.json b/CVE-2024/CVE-2024-482xx/CVE-2024-48278.json new file mode 100644 index 00000000000..c1eec24103b --- /dev/null +++ b/CVE-2024/CVE-2024-482xx/CVE-2024-48278.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-48278", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-10-15T13:15:11.000", + "lastModified": "2024-10-15T13:15:11.000", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to Cross Site Request Forgery (CSRF) via /edit-profile.php." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/m14r41/Writeups/blob/main/CVE/phpGurukul/User%20Registration%20%26%20Login%20and%20User%20Management%20System%20With%20admin%20panel/CSRF%20-%20Profile.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-482xx/CVE-2024-48279.json b/CVE-2024/CVE-2024-482xx/CVE-2024-48279.json new file mode 100644 index 00000000000..bd4bdcc153e --- /dev/null +++ b/CVE-2024/CVE-2024-482xx/CVE-2024-48279.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-48279", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-10-15T13:15:11.083", + "lastModified": "2024-10-15T13:15:11.083", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A HTML Injection vulnerability was found in /search-result.php of PHPGurukul User Registration & Login and User Management System 3.2. This vulnerability allows remote attackers to execute arbitrary HTML code via the searchkey parameter in a POST HTTP request." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/m14r41/Writeups/blob/main/CVE/phpGurukul/User%20Registration%20%26%20Login%20and%20User%20Management%20System%20With%20admin%20panel/HTML%20Injection%20-%20Search.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-482xx/CVE-2024-48280.json b/CVE-2024/CVE-2024-482xx/CVE-2024-48280.json new file mode 100644 index 00000000000..b2ebe27bdcf --- /dev/null +++ b/CVE-2024/CVE-2024-482xx/CVE-2024-48280.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-48280", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-10-15T13:15:11.160", + "lastModified": "2024-10-15T13:15:11.160", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A SQL Injection vulnerability was found in /search-result.php of PHPGurukul User Registration & Login and User Management System 3.2, which allows remote attackers to execute arbitrary SQL command via the fromdate parameter in a POST HTTP request." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/m14r41/Writeups/blob/main/CVE/phpGurukul/User%20Registration%20%26%20Login%20and%20User%20Management%20System%20With%20admin%20panel/SQL%20Injection%20-%20Bw%20Date%20Report%20%28%20fromdate%29.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-482xx/CVE-2024-48282.json b/CVE-2024/CVE-2024-482xx/CVE-2024-48282.json new file mode 100644 index 00000000000..29f781d3349 --- /dev/null +++ b/CVE-2024/CVE-2024-482xx/CVE-2024-48282.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-48282", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-10-15T13:15:11.227", + "lastModified": "2024-10-15T13:15:11.227", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A SQL Injection vulnerability was found in /password-recovery.php of PHPGurukul User Registration & Login and User Management System 3.2, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the femail parameter in a POST HTTP request." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/m14r41/Writeups/blob/main/CVE/phpGurukul/User%20Registration%20%26%20Login%20and%20User%20Management%20System%20With%20admin%20panel/SQL%20Injection%20-%20Forget%20Password.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-482xx/CVE-2024-48283.json b/CVE-2024/CVE-2024-482xx/CVE-2024-48283.json new file mode 100644 index 00000000000..c2ab0c8c7b7 --- /dev/null +++ b/CVE-2024/CVE-2024-482xx/CVE-2024-48283.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-48283", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-10-15T13:15:11.283", + "lastModified": "2024-10-15T13:15:11.283", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to SQL Injection in /admin//search-result.php via the searchkey parameter." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/m14r41/Writeups/blob/main/CVE/phpGurukul/User%20Registration%20%26%20Login%20and%20User%20Management%20System%20With%20admin%20panel/SQL%20Injection%20-%20Search.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-487xx/CVE-2024-48768.json b/CVE-2024/CVE-2024-487xx/CVE-2024-48768.json index b07bcd16f8a..d5114722de8 100644 --- a/CVE-2024/CVE-2024-487xx/CVE-2024-48768.json +++ b/CVE-2024/CVE-2024-487xx/CVE-2024-48768.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48768", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T20:15:05.253", - "lastModified": "2024-10-11T20:15:05.253", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in almaodo GmbH appinventor.ai_google.almando_control 2.3.1 allows a remote attacker to obtain sensitive information via the firmware update process" + }, + { + "lang": "es", + "value": "Un problema en almaodo GmbH appinventor.ai_google.almando_control 2.3.1 permite que un atacante remoto obtenga informaci\u00f3n confidencial a trav\u00e9s del proceso de actualizaci\u00f3n de firmware" } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-487xx/CVE-2024-48769.json b/CVE-2024/CVE-2024-487xx/CVE-2024-48769.json index 5c00fd01493..da0b0fae5c4 100644 --- a/CVE-2024/CVE-2024-487xx/CVE-2024-48769.json +++ b/CVE-2024/CVE-2024-487xx/CVE-2024-48769.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48769", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T20:15:05.353", - "lastModified": "2024-10-11T20:15:05.353", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in BURG-WCHTER KG de.burgwachter.keyapp.app 4.5.0 allows a remote attacker to obtain sensitve information via the firmware update process." + }, + { + "lang": "es", + "value": "Un problema en BURG-WCHTER KG de.burgwachter.keyapp.app 4.5.0 permite a un atacante remoto obtener informaci\u00f3n confidencial a trav\u00e9s del proceso de actualizaci\u00f3n del firmware." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-487xx/CVE-2024-48770.json b/CVE-2024/CVE-2024-487xx/CVE-2024-48770.json index a77afc21848..2f8a8c17a9e 100644 --- a/CVE-2024/CVE-2024-487xx/CVE-2024-48770.json +++ b/CVE-2024/CVE-2024-487xx/CVE-2024-48770.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48770", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T20:15:05.450", - "lastModified": "2024-10-11T20:15:05.450", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in Plug n Play Camera com.wisdomcity.zwave 1.1.0 allows a remote attacker to obtain sensitive information via the firmware update process." + }, + { + "lang": "es", + "value": "Un problema en Plug n Play Camera com.wisdomcity.zwave 1.1.0 permite que un atacante remoto obtenga informaci\u00f3n confidencial a trav\u00e9s del proceso de actualizaci\u00f3n del firmware." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-487xx/CVE-2024-48771.json b/CVE-2024/CVE-2024-487xx/CVE-2024-48771.json index 3c3411ce45d..b669f3bd559 100644 --- a/CVE-2024/CVE-2024-487xx/CVE-2024-48771.json +++ b/CVE-2024/CVE-2024-487xx/CVE-2024-48771.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48771", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T20:15:05.537", - "lastModified": "2024-10-11T20:15:05.537", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in almando GmbH Almando Play APP (com.almando.play) 1.8.2 allows a remote attacker to obtain sensitive information via the firmware update process" + }, + { + "lang": "es", + "value": "Un problema en la aplicaci\u00f3n Almando Play de almando GmbH (com.almando.play) 1.8.2 permite que un atacante remoto obtenga informaci\u00f3n confidencial a trav\u00e9s del proceso de actualizaci\u00f3n del firmware." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-487xx/CVE-2024-48772.json b/CVE-2024/CVE-2024-487xx/CVE-2024-48772.json index f3bb98ed58a..1656edebdbc 100644 --- a/CVE-2024/CVE-2024-487xx/CVE-2024-48772.json +++ b/CVE-2024/CVE-2024-487xx/CVE-2024-48772.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48772", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T21:15:07.127", - "lastModified": "2024-10-11T21:15:07.127", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in C-CHIP (com.cchip.cchipamaota) v.1.2.8 allows a remote attacker to obtain sensitive information via the firmware update process." + }, + { + "lang": "es", + "value": "Un problema en C-CHIP (com.cchip.cchipamaota) v.1.2.8 permite que un atacante remoto obtenga informaci\u00f3n confidencial a trav\u00e9s del proceso de actualizaci\u00f3n del firmware." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-487xx/CVE-2024-48773.json b/CVE-2024/CVE-2024-487xx/CVE-2024-48773.json index 835c256f38b..daeeb2f3c31 100644 --- a/CVE-2024/CVE-2024-487xx/CVE-2024-48773.json +++ b/CVE-2024/CVE-2024-487xx/CVE-2024-48773.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48773", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T20:15:05.637", - "lastModified": "2024-10-11T20:15:05.637", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in WoFit v.7.2.3 allows a remote attacker to obtain sensitive information via the firmware update process" + }, + { + "lang": "es", + "value": "Un problema en WoFit v.7.2.3 permite que un atacante remoto obtenga informaci\u00f3n confidencial a trav\u00e9s del proceso de actualizaci\u00f3n del firmware" } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-487xx/CVE-2024-48774.json b/CVE-2024/CVE-2024-487xx/CVE-2024-48774.json index d175fba5a19..19ade8c7539 100644 --- a/CVE-2024/CVE-2024-487xx/CVE-2024-48774.json +++ b/CVE-2024/CVE-2024-487xx/CVE-2024-48774.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48774", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T20:15:05.720", - "lastModified": "2024-10-11T20:15:05.720", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in Fermax Asia Pacific Pte Ltd com.fermax.vida 2.4.6 allows a remote attacker to obtain sensitve information via the firmware update process." + }, + { + "lang": "es", + "value": "Un problema en Fermax Asia Pacific Pte Ltd com.fermax.vida 2.4.6 permite a un atacante remoto obtener informaci\u00f3n confidencial a trav\u00e9s del proceso de actualizaci\u00f3n de firmware." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-487xx/CVE-2024-48775.json b/CVE-2024/CVE-2024-487xx/CVE-2024-48775.json index 82c18c54ce7..796f173d61f 100644 --- a/CVE-2024/CVE-2024-487xx/CVE-2024-48775.json +++ b/CVE-2024/CVE-2024-487xx/CVE-2024-48775.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48775", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T20:15:05.810", - "lastModified": "2024-10-11T20:15:05.810", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in Plug n Play Camera com.ezset.delaney 1.2.0 allows a remote attacker to obtain sensitive information via the firmware update process." + }, + { + "lang": "es", + "value": "Un problema en Plug n Play Camera com.ezset.delaney 1.2.0 permite que un atacante remoto obtenga informaci\u00f3n confidencial a trav\u00e9s del proceso de actualizaci\u00f3n del firmware." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-487xx/CVE-2024-48776.json b/CVE-2024/CVE-2024-487xx/CVE-2024-48776.json index e7f1799da06..cb6240279a5 100644 --- a/CVE-2024/CVE-2024-487xx/CVE-2024-48776.json +++ b/CVE-2024/CVE-2024-487xx/CVE-2024-48776.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48776", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T20:15:05.903", - "lastModified": "2024-10-11T20:15:05.903", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in Shelly com.home.shelly 1.0.4 allows a remote attacker to obtain sensitive information via the firmware update process" + }, + { + "lang": "es", + "value": "Un problema en Shelly com.home.shelly 1.0.4 permite que un atacante remoto obtenga informaci\u00f3n confidencial a trav\u00e9s del proceso de actualizaci\u00f3n de firmware" } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-487xx/CVE-2024-48777.json b/CVE-2024/CVE-2024-487xx/CVE-2024-48777.json index 348c1a4516e..6870b9b0e17 100644 --- a/CVE-2024/CVE-2024-487xx/CVE-2024-48777.json +++ b/CVE-2024/CVE-2024-487xx/CVE-2024-48777.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48777", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T20:15:05.997", - "lastModified": "2024-10-11T20:15:05.997", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "LEDVANCE com.ledvance.smartplus.eu 2.1.10 allows a remote attacker to obtain sensitive information via the firmware update process." + }, + { + "lang": "es", + "value": "LEDVANCE com.ledvance.smartplus.eu 2.1.10 permite que un atacante remoto obtenga informaci\u00f3n confidencial a trav\u00e9s del proceso de actualizaci\u00f3n del firmware." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-487xx/CVE-2024-48778.json b/CVE-2024/CVE-2024-487xx/CVE-2024-48778.json index a17aff708a0..3de4432d6c3 100644 --- a/CVE-2024/CVE-2024-487xx/CVE-2024-48778.json +++ b/CVE-2024/CVE-2024-487xx/CVE-2024-48778.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48778", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T20:15:06.090", - "lastModified": "2024-10-11T20:15:06.090", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in GIANT MANUFACTURING CO., LTD RideLink (tw.giant.ridelink) 2.0.7 allows a remote attacker to obtain sensitive information via the firmware update process." + }, + { + "lang": "es", + "value": "Un problema en GIANT MANUFACTURING CO., LTD RideLink (tw.giant.ridelink) 2.0.7 permite que un atacante remoto obtenga informaci\u00f3n confidencial a trav\u00e9s del proceso de actualizaci\u00f3n del firmware." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-487xx/CVE-2024-48784.json b/CVE-2024/CVE-2024-487xx/CVE-2024-48784.json index 6b6166f077d..b5bce1cfad0 100644 --- a/CVE-2024/CVE-2024-487xx/CVE-2024-48784.json +++ b/CVE-2024/CVE-2024-487xx/CVE-2024-48784.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48784", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T20:15:06.180", - "lastModified": "2024-10-11T20:15:06.180", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An Incorrect Access Control issue in SAMPMAX com.sampmax.homemax 2.1.2.7 allows a remote attacker to obtain sensitive information via the firmware update process." + }, + { + "lang": "es", + "value": "Un problema de control de acceso incorrecto en SAMPMAX com.sampmax.homemax 2.1.2.7 permite que un atacante remoto obtenga informaci\u00f3n confidencial a trav\u00e9s del proceso de actualizaci\u00f3n del firmware." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-487xx/CVE-2024-48786.json b/CVE-2024/CVE-2024-487xx/CVE-2024-48786.json index aaa2d7e9b6f..92358651c2c 100644 --- a/CVE-2024/CVE-2024-487xx/CVE-2024-48786.json +++ b/CVE-2024/CVE-2024-487xx/CVE-2024-48786.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48786", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T20:15:06.277", - "lastModified": "2024-10-11T20:15:06.277", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in SWITCHBOT INC SwitchBot (com.theswitchbot.switchbot) 5.0.4 allows a remote attacker to obtain sensitive information via the firmware update process." + }, + { + "lang": "es", + "value": "Un problema en SWITCHBOT INC SwitchBot (com.theswitchbot.switchbot) 5.0.4 permite que un atacante remoto obtenga informaci\u00f3n confidencial a trav\u00e9s del proceso de actualizaci\u00f3n del firmware." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-487xx/CVE-2024-48787.json b/CVE-2024/CVE-2024-487xx/CVE-2024-48787.json index d2800573f24..c751135a57e 100644 --- a/CVE-2024/CVE-2024-487xx/CVE-2024-48787.json +++ b/CVE-2024/CVE-2024-487xx/CVE-2024-48787.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48787", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T20:15:06.407", - "lastModified": "2024-10-11T20:15:06.407", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in Revic Optics Revic Ops (us.revic.revicops) 1.12.5 allows a remote attacker to obtain sensitive information via the firmware update process." + }, + { + "lang": "es", + "value": "Un problema en Revic Optics Revic Ops (us.revic.revicops) 1.12.5 permite que un atacante remoto obtenga informaci\u00f3n confidencial a trav\u00e9s del proceso de actualizaci\u00f3n del firmware." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-487xx/CVE-2024-48788.json b/CVE-2024/CVE-2024-487xx/CVE-2024-48788.json index e02513ddcca..f9132c961c0 100644 --- a/CVE-2024/CVE-2024-487xx/CVE-2024-48788.json +++ b/CVE-2024/CVE-2024-487xx/CVE-2024-48788.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48788", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T21:15:07.220", - "lastModified": "2024-10-11T21:15:07.220", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in YESCAM (com.yescom.YesCam.zwave) 1.0.2 allows a remote attacker to obtain sensitive information via the firmware update process." + }, + { + "lang": "es", + "value": "Un problema en YESCAM (com.yescom.YesCam.zwave) 1.0.2 permite que un atacante remoto obtenga informaci\u00f3n confidencial a trav\u00e9s del proceso de actualizaci\u00f3n del firmware." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-487xx/CVE-2024-48789.json b/CVE-2024/CVE-2024-487xx/CVE-2024-48789.json index 927fd8b4ded..005a5a74d4a 100644 --- a/CVE-2024/CVE-2024-487xx/CVE-2024-48789.json +++ b/CVE-2024/CVE-2024-487xx/CVE-2024-48789.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48789", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-14T18:15:05.230", - "lastModified": "2024-10-14T18:15:05.230", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in INATRONIC com.inatronic.drivedeck.home 2.6.23 allows a remote attacker to obtain sensitve information via the firmware update process." + }, + { + "lang": "es", + "value": "Un problema en INATRONIC com.inatronic.drivedeck.home 2.6.23 permite que un atacante remoto obtenga informaci\u00f3n confidencial a trav\u00e9s del proceso de actualizaci\u00f3n del firmware." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-487xx/CVE-2024-48790.json b/CVE-2024/CVE-2024-487xx/CVE-2024-48790.json index 6b4b215e7c7..6968f61880d 100644 --- a/CVE-2024/CVE-2024-487xx/CVE-2024-48790.json +++ b/CVE-2024/CVE-2024-487xx/CVE-2024-48790.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48790", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-14T18:15:05.323", - "lastModified": "2024-10-14T18:15:05.323", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in ILIFE com.ilife.home.global 1.8.7 allows a remote attacker to obtain sensitive information via the firmware update process." + }, + { + "lang": "es", + "value": "Un problema en ILIFE com.ilife.home.global 1.8.7 permite que un atacante remoto obtenga informaci\u00f3n confidencial a trav\u00e9s del proceso de actualizaci\u00f3n del firmware." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-487xx/CVE-2024-48791.json b/CVE-2024/CVE-2024-487xx/CVE-2024-48791.json index 76233a3215f..25bdf06c4fd 100644 --- a/CVE-2024/CVE-2024-487xx/CVE-2024-48791.json +++ b/CVE-2024/CVE-2024-487xx/CVE-2024-48791.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48791", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-14T18:15:05.420", - "lastModified": "2024-10-14T18:15:05.420", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in Plug n Play Camera com.starvedia.mCamView.zwave 5.5.1 allows a remote attacker to obtain sensitive information via the firmware update process" + }, + { + "lang": "es", + "value": "Un problema en Plug n Play Camera com.starvedia.mCamView.zwave 5.5.1 permite que un atacante remoto obtenga informaci\u00f3n confidencial a trav\u00e9s del proceso de actualizaci\u00f3n del firmware" } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-487xx/CVE-2024-48792.json b/CVE-2024/CVE-2024-487xx/CVE-2024-48792.json index 6377bd6bd2f..3fc11059190 100644 --- a/CVE-2024/CVE-2024-487xx/CVE-2024-48792.json +++ b/CVE-2024/CVE-2024-487xx/CVE-2024-48792.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48792", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-14T18:15:05.520", - "lastModified": "2024-10-14T18:15:05.520", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in Hideez com.hideez 2.7.8.3 allows a remote attacker to obtain sensitive information via the firmware update process." + }, + { + "lang": "es", + "value": "Un problema en Hideez com.hideez 2.7.8.3 permite que un atacante remoto obtenga informaci\u00f3n confidencial a trav\u00e9s del proceso de actualizaci\u00f3n del firmware." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-487xx/CVE-2024-48793.json b/CVE-2024/CVE-2024-487xx/CVE-2024-48793.json index ab0bef636a5..f5f0aeca177 100644 --- a/CVE-2024/CVE-2024-487xx/CVE-2024-48793.json +++ b/CVE-2024/CVE-2024-487xx/CVE-2024-48793.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48793", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-14T18:15:05.620", - "lastModified": "2024-10-14T18:15:05.620", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in INATRONIC com.inatronic.bmw 2.7.1 allows a remote attacker to obtain sensitive information via the firmware update process." + }, + { + "lang": "es", + "value": "Un problema en INATRONIC com.inatronic.bmw 2.7.1 permite que un atacante remoto obtenga informaci\u00f3n confidencial a trav\u00e9s del proceso de actualizaci\u00f3n del firmware." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-487xx/CVE-2024-48795.json b/CVE-2024/CVE-2024-487xx/CVE-2024-48795.json index 5d37c657e4d..c39c1c280d4 100644 --- a/CVE-2024/CVE-2024-487xx/CVE-2024-48795.json +++ b/CVE-2024/CVE-2024-487xx/CVE-2024-48795.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48795", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-14T18:15:05.717", - "lastModified": "2024-10-14T18:15:05.717", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in Creative Labs Pte Ltd com.creative.apps.xficonnect 2.00.02 allows a remote attacker to obtain sensitive information via the firmware update process." + }, + { + "lang": "es", + "value": "Un problema en Creative Labs Pte Ltd com.creative.apps.xficonnect 2.00.02 permite a un atacante remoto obtener informaci\u00f3n confidencial a trav\u00e9s del proceso de actualizaci\u00f3n del firmware." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-487xx/CVE-2024-48796.json b/CVE-2024/CVE-2024-487xx/CVE-2024-48796.json index 795008b04c2..5c167da233e 100644 --- a/CVE-2024/CVE-2024-487xx/CVE-2024-48796.json +++ b/CVE-2024/CVE-2024-487xx/CVE-2024-48796.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48796", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-14T17:15:13.610", - "lastModified": "2024-10-14T17:15:13.610", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in EQUES com.eques.plug 1.0.1 allows a remote attacker to obtain sensitive information via the firmware update process." + }, + { + "lang": "es", + "value": "Un problema en EQUES com.eques.plug 1.0.1 permite que un atacante remoto obtenga informaci\u00f3n confidencial a trav\u00e9s del proceso de actualizaci\u00f3n del firmware." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-487xx/CVE-2024-48797.json b/CVE-2024/CVE-2024-487xx/CVE-2024-48797.json index a6e1cc4a1a7..335d3c15125 100644 --- a/CVE-2024/CVE-2024-487xx/CVE-2024-48797.json +++ b/CVE-2024/CVE-2024-487xx/CVE-2024-48797.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48797", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-14T17:15:13.690", - "lastModified": "2024-10-14T17:15:13.690", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in PCS Engineering Preston Cinema (com.prestoncinema.app) 0.2.0 allows a remote attacker to obtain sensitive information via the firmware update process." + }, + { + "lang": "es", + "value": "Un problema en PCS Engineering Preston Cinema (com.prestoncinema.app) 0.2.0 permite que un atacante remoto obtenga informaci\u00f3n confidencial a trav\u00e9s del proceso de actualizaci\u00f3n de firmware." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-487xx/CVE-2024-48798.json b/CVE-2024/CVE-2024-487xx/CVE-2024-48798.json index 6e5f12915a6..3f1bfbe2cfa 100644 --- a/CVE-2024/CVE-2024-487xx/CVE-2024-48798.json +++ b/CVE-2024/CVE-2024-487xx/CVE-2024-48798.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48798", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-14T17:15:13.770", - "lastModified": "2024-10-14T17:15:13.770", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in Hubble Connected (com.hubbleconnected.vervelife) 2.00.81 allows a remote attacker to obtain sensitive information via the firmware update process." + }, + { + "lang": "es", + "value": "Un problema en Hubble Connected (com.hubbleconnected.vervelife) 2.00.81 permite que un atacante remoto obtenga informaci\u00f3n confidencial a trav\u00e9s del proceso de actualizaci\u00f3n del firmware." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-487xx/CVE-2024-48799.json b/CVE-2024/CVE-2024-487xx/CVE-2024-48799.json index cd24fe1502d..926e63125bc 100644 --- a/CVE-2024/CVE-2024-487xx/CVE-2024-48799.json +++ b/CVE-2024/CVE-2024-487xx/CVE-2024-48799.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48799", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-14T17:15:13.857", - "lastModified": "2024-10-14T17:15:13.857", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in LOREX TECHNOLOGY INC com.lorexcorp.lorexping 1.4.22 allows a remote attacker to obtain sensitive information via the firmware update process." + }, + { + "lang": "es", + "value": "Un problema en LOREX TECHNOLOGY INC com.lorexcorp.lorexping 1.4.22 permite que un atacante remoto obtenga informaci\u00f3n confidencial a trav\u00e9s del proceso de actualizaci\u00f3n del firmware." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-488xx/CVE-2024-48813.json b/CVE-2024/CVE-2024-488xx/CVE-2024-48813.json index b31a28703e3..69f655a846d 100644 --- a/CVE-2024/CVE-2024-488xx/CVE-2024-48813.json +++ b/CVE-2024/CVE-2024-488xx/CVE-2024-48813.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48813", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T16:15:13.453", - "lastModified": "2024-10-11T21:36:43.527", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "SQL injection vulnerability in employee-management-system-php-and-mysql-free-download.html taskmatic 1.0 allows a remote attacker to execute arbitrary code via the admin_id parameter of the /update-employee.php component." + }, + { + "lang": "es", + "value": "La vulnerabilidad de inyecci\u00f3n SQL en employee-management-system-php-and-mysql-free-download.html taskmatic 1.0 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s del par\u00e1metro admin_id del componente /update-employee.php." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-488xx/CVE-2024-48821.json b/CVE-2024/CVE-2024-488xx/CVE-2024-48821.json index 4f2001128d4..42290a93347 100644 --- a/CVE-2024/CVE-2024-488xx/CVE-2024-48821.json +++ b/CVE-2024/CVE-2024-488xx/CVE-2024-48821.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48821", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-14T21:15:11.710", - "lastModified": "2024-10-14T21:15:11.710", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cross Site Scripting vulnerability in Automatic Systems Maintenance SlimLane 29565_d74ecce0c1081d50546db573a499941b10799fb7 allows a remote attacker to escalate privileges via the FtpConfig.php component." + }, + { + "lang": "es", + "value": "La vulnerabilidad de Cross Site Scripting en Automatic Systems Maintenance SlimLane 29565_d74ecce0c1081d50546db573a499941b10799fb7 permite a un atacante remoto escalar privilegios a trav\u00e9s del componente FtpConfig.php." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-488xx/CVE-2024-48822.json b/CVE-2024/CVE-2024-488xx/CVE-2024-48822.json index e7c997df120..fb939f2c5e9 100644 --- a/CVE-2024/CVE-2024-488xx/CVE-2024-48822.json +++ b/CVE-2024/CVE-2024-488xx/CVE-2024-48822.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48822", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-14T21:15:11.813", - "lastModified": "2024-10-14T21:15:11.813", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Privilege escalation in Automatic Systems Maintenance SlimLane 29565_d74ecce0c1081d50546db573a499941b10799fb7 allows a remote attacker to escalate privileges via the FtpConfig.php page." + }, + { + "lang": "es", + "value": "La escalada de privilegios en Automatic Systems Maintenance SlimLane 29565_d74ecce0c1081d50546db573a499941b10799fb7 permite a un atacante remoto escalar privilegios a trav\u00e9s de la p\u00e1gina FtpConfig.php." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-488xx/CVE-2024-48823.json b/CVE-2024/CVE-2024-488xx/CVE-2024-48823.json index 9977adcd313..9b47deecf02 100644 --- a/CVE-2024/CVE-2024-488xx/CVE-2024-48823.json +++ b/CVE-2024/CVE-2024-488xx/CVE-2024-48823.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48823", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-14T21:15:11.903", - "lastModified": "2024-10-14T21:15:11.903", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Local file inclusion in Automatic Systems Maintenance SlimLane 29565_d74ecce0c1081d50546db573a499941b10799fb7 allows a remote attacker to escalate privileges via the PassageAutoServer.php page." + }, + { + "lang": "es", + "value": "La inclusi\u00f3n de archivos locales en Automatic Systems Maintenance SlimLane 29565_d74ecce0c1081d50546db573a499941b10799fb7 permite a un atacante remoto escalar privilegios a trav\u00e9s de la p\u00e1gina PassageAutoServer.php." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-488xx/CVE-2024-48824.json b/CVE-2024/CVE-2024-488xx/CVE-2024-48824.json index 75ccf8896a0..049995dd151 100644 --- a/CVE-2024/CVE-2024-488xx/CVE-2024-48824.json +++ b/CVE-2024/CVE-2024-488xx/CVE-2024-48824.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48824", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-14T21:15:11.997", - "lastModified": "2024-10-14T21:15:11.997", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in Automatic Systems Maintenance SlimLane 29565_d74ecce0c1081d50546db573a499941b10799fb7 allows a remote attacker to obtain sensitive information via the Racine & FileName parameters in the download-file.php component." + }, + { + "lang": "es", + "value": "Un problema en Automatic Systems Maintenance SlimLane 29565_d74ecce0c1081d50546db573a499941b10799fb7 permite a un atacante remoto obtener informaci\u00f3n confidencial a trav\u00e9s de los par\u00e1metros Racine y FileName en el componente download-file.php." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-488xx/CVE-2024-48827.json b/CVE-2024/CVE-2024-488xx/CVE-2024-48827.json index 79ef90ace79..d50ef9cbbb8 100644 --- a/CVE-2024/CVE-2024-488xx/CVE-2024-48827.json +++ b/CVE-2024/CVE-2024-488xx/CVE-2024-48827.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48827", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T16:15:13.550", - "lastModified": "2024-10-11T21:36:44.280", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in sbondCo Watcharr v.1.43.0 allows a remote attacker to execute arbitrary code and escalate privileges via the Change Password function." + }, + { + "lang": "es", + "value": "Un problema en sbondCo Watcharr v.1.43.0 permite a un atacante remoto ejecutar c\u00f3digo arbitrario y escalar privilegios a trav\u00e9s de la funci\u00f3n Cambiar contrase\u00f1a." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-489xx/CVE-2024-48909.json b/CVE-2024/CVE-2024-489xx/CVE-2024-48909.json index 8f1019b7e22..9d254b2cf3f 100644 --- a/CVE-2024/CVE-2024-489xx/CVE-2024-48909.json +++ b/CVE-2024/CVE-2024-489xx/CVE-2024-48909.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48909", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-14T21:15:12.080", - "lastModified": "2024-10-14T21:15:12.080", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "SpiceDB is an open source database for scalably storing and querying fine-grained authorization data. Starting in version 1.35.0 and prior to version 1.37.1, clients that have enabled `LookupResources2` and have caveats in the evaluation path for their requests can return a permissionship of `CONDITIONAL` with context marked as missing, even then the context was supplied. LookupResources2 is the new default in SpiceDB 1.37.0 and has been opt-in since SpiceDB 1.35.0. The bug is patched as part of SpiceDB 1.37.1. As a workaround, disable LookupResources2 via the `--enable-experimental-lookup-resources` flag by setting it to `false`." + }, + { + "lang": "es", + "value": "SpiceDB es una base de datos de c\u00f3digo abierto para almacenar y consultar de forma escalable datos de autorizaci\u00f3n de grano fino. A partir de la versi\u00f3n 1.35.0 y antes de la versi\u00f3n 1.37.1, los clientes que han habilitado `LookupResources2` y tienen advertencias en la ruta de evaluaci\u00f3n para sus solicitudes pueden devolver un permiso `CONDICIONAL` con el contexto marcado como faltante, incluso si se proporcion\u00f3 el contexto. LookupResources2 es el nuevo valor predeterminado en SpiceDB 1.37.0 y ha sido opcional desde SpiceDB 1.35.0. El error se corrigi\u00f3 como parte de SpiceDB 1.37.1. Como workaround, deshabilite LookupResources2 a trav\u00e9s del indicador `--enable-experimental-lookup-resources` estableci\u00e9ndolo en `false`." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-489xx/CVE-2024-48911.json b/CVE-2024/CVE-2024-489xx/CVE-2024-48911.json index a2203de0236..519e03cc9ce 100644 --- a/CVE-2024/CVE-2024-489xx/CVE-2024-48911.json +++ b/CVE-2024/CVE-2024-489xx/CVE-2024-48911.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48911", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-14T21:15:12.323", - "lastModified": "2024-10-14T21:15:12.323", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "OpenCanary, a multi-protocol network honeypot, directly executed commands taken from its config file. Prior to version 0.9.4, where the config file is stored in an unprivileged user directory but the daemon is executed by root, it\u2019s possible for the unprivileged user to change the config file and escalate permissions when root later runs the daemon. Version 0.9.4 contains a fix for the issue." + }, + { + "lang": "es", + "value": "OpenCanary, un honeypot de red multiprotocolo, ejecutaba directamente comandos tomados de su archivo de configuraci\u00f3n. Antes de la versi\u00f3n 0.9.4, donde el archivo de configuraci\u00f3n se almacenaba en un directorio de usuario sin privilegios pero el daemon lo ejecutaba el usuario root, era posible que el usuario sin privilegios cambiara el archivo de configuraci\u00f3n y aumentara los permisos cuando el usuario root ejecutaba posteriormente el daemon. La versi\u00f3n 0.9.4 contiene una soluci\u00f3n para el problema." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-489xx/CVE-2024-48937.json b/CVE-2024/CVE-2024-489xx/CVE-2024-48937.json index 6a5d3a88257..a117543c310 100644 --- a/CVE-2024/CVE-2024-489xx/CVE-2024-48937.json +++ b/CVE-2024/CVE-2024-489xx/CVE-2024-48937.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48937", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T21:15:07.307", - "lastModified": "2024-10-11T21:15:07.307", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Znuny before LTS 6.5.1 through 6.5.10 and 7.0.1 through 7.0.16 allows XSS. JavaScript code in the short description of the SLA field in Activity Dialogues is executed." + }, + { + "lang": "es", + "value": "Las versiones anteriores a LTS 6.5.1 a 6.5.10 y 7.0.1 a 7.0.16 de Znuny permiten XSS. Se ejecuta el c\u00f3digo JavaScript en la descripci\u00f3n breve del campo SLA en los di\u00e1logos de actividad." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-489xx/CVE-2024-48938.json b/CVE-2024/CVE-2024-489xx/CVE-2024-48938.json index c628e3b9a22..eb0309982d4 100644 --- a/CVE-2024/CVE-2024-489xx/CVE-2024-48938.json +++ b/CVE-2024/CVE-2024-489xx/CVE-2024-48938.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48938", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T21:15:07.387", - "lastModified": "2024-10-11T21:15:07.387", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Znuny before LTS 6.5.1 through 6.5.10 and 7.0.1 through 7.0.16 allows DoS/ReDos via email. Parsing the content of emails where HTML code is copied from Microsoft Word could lead to high CPU usage and block the parsing process." + }, + { + "lang": "es", + "value": "Las versiones anteriores a LTS 6.5.1 a 6.5.10 y 7.0.1 a 7.0.16 de Znuny permiten ataques DoS/ReDos por correo electr\u00f3nico. Analizar el contenido de correos electr\u00f3nicos en los que se copia c\u00f3digo HTML de Microsoft Word podr\u00eda generar un alto uso de la CPU y bloquear el proceso de an\u00e1lisis." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-489xx/CVE-2024-48987.json b/CVE-2024/CVE-2024-489xx/CVE-2024-48987.json index 5a1c3338ff3..28a257cb234 100644 --- a/CVE-2024/CVE-2024-489xx/CVE-2024-48987.json +++ b/CVE-2024/CVE-2024-489xx/CVE-2024-48987.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48987", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T13:15:16.197", - "lastModified": "2024-10-11T21:36:49.470", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Snipe-IT before 7.0.10 allows remote code execution (associated with cookie serialization) when an attacker knows the APP_KEY. This is exacerbated by .env files, available from the product's repository, that have default APP_KEY values." + }, + { + "lang": "es", + "value": "Las versiones anteriores a la versi\u00f3n 7.0.10 de Snipe-IT permiten la ejecuci\u00f3n remota de c\u00f3digo (asociada con la serializaci\u00f3n de cookies) cuando un atacante conoce la clave APP_KEY. Esto se ve agravado por los archivos .env, disponibles en el repositorio del producto, que tienen valores APP_KEY predeterminados." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-491xx/CVE-2024-49193.json b/CVE-2024/CVE-2024-491xx/CVE-2024-49193.json index 99288eb4f99..9a9b2313bd4 100644 --- a/CVE-2024/CVE-2024-491xx/CVE-2024-49193.json +++ b/CVE-2024/CVE-2024-491xx/CVE-2024-49193.json @@ -2,13 +2,17 @@ "id": "CVE-2024-49193", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-12T14:15:02.753", - "lastModified": "2024-10-12T14:15:02.753", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Zendesk before 2024-07-02 allows remote attackers to read ticket history via e-mail spoofing, because Cc fields are extracted from incoming e-mail messages and used to grant additional authorization for ticket viewing, the mechanism for detecting spoofed e-mail messages is insufficient, and the support e-mail addresses associated with individual tickets are predictable." + }, + { + "lang": "es", + "value": "Zendesk anterior al 2 de julio de 2024 permite a atacantes remotos leer el historial de tickets a trav\u00e9s de suplantaci\u00f3n de correo electr\u00f3nico, porque los campos Cc se extraen de los mensajes de correo electr\u00f3nico entrantes y se utilizan para otorgar autorizaci\u00f3n adicional para la visualizaci\u00f3n de tickets, el mecanismo para detectar mensajes de correo electr\u00f3nico falsificados es insuficiente y las direcciones de correo electr\u00f3nico de soporte asociadas con tickets individuales son predecibles." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-492xx/CVE-2024-49214.json b/CVE-2024/CVE-2024-492xx/CVE-2024-49214.json index 0a641277d8b..96325d72220 100644 --- a/CVE-2024/CVE-2024-492xx/CVE-2024-49214.json +++ b/CVE-2024/CVE-2024-492xx/CVE-2024-49214.json @@ -2,13 +2,17 @@ "id": "CVE-2024-49214", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-14T04:15:05.853", - "lastModified": "2024-10-14T04:15:05.853", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "QUIC in HAProxy 3.1.x before 3.1-dev7, 3.0.x before 3.0.5, and 2.9.x before 2.9.11 allows opening a 0-RTT session with a spoofed IP address. This can bypass the IP allow/block list functionality." + }, + { + "lang": "es", + "value": "QUIC en HAProxy 3.1.x anterior a 3.1-dev7, 3.0.x anterior a 3.0.5 y 2.9.x anterior a 2.9.11 permite abrir una sesi\u00f3n 0-RTT con una direcci\u00f3n IP falsificada. Esto puede eludir la funcionalidad de lista de direcciones IP permitidas o bloqueadas." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-493xx/CVE-2024-49382.json b/CVE-2024/CVE-2024-493xx/CVE-2024-49382.json index fbaa3fd26f0..475e6517b22 100644 --- a/CVE-2024/CVE-2024-493xx/CVE-2024-49382.json +++ b/CVE-2024/CVE-2024-493xx/CVE-2024-49382.json @@ -2,13 +2,17 @@ "id": "CVE-2024-49382", "sourceIdentifier": "security@acronis.com", "published": "2024-10-15T11:15:13.153", - "lastModified": "2024-10-15T11:15:13.153", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Excessive attack surface in archive-server service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690." + }, + { + "lang": "es", + "value": "Superficie de ataque excesiva en el servicio de servidor de archivos debido a la vinculaci\u00f3n a una direcci\u00f3n IP sin restricciones. Los siguientes productos se ven afectados: Acronis Cyber Protect 16 (Linux, Windows) antes de la compilaci\u00f3n 38690." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-493xx/CVE-2024-49383.json b/CVE-2024/CVE-2024-493xx/CVE-2024-49383.json index f4fbe2a6aee..e14cd9e659d 100644 --- a/CVE-2024/CVE-2024-493xx/CVE-2024-49383.json +++ b/CVE-2024/CVE-2024-493xx/CVE-2024-49383.json @@ -2,13 +2,17 @@ "id": "CVE-2024-49383", "sourceIdentifier": "security@acronis.com", "published": "2024-10-15T11:15:13.423", - "lastModified": "2024-10-15T11:15:13.423", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Excessive attack surface in acep-importer service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690." + }, + { + "lang": "es", + "value": "Superficie de ataque excesiva en el servicio acep-importer debido a la vinculaci\u00f3n a una direcci\u00f3n IP sin restricciones. Los siguientes productos se ven afectados: Acronis Cyber Protect 16 (Linux, Windows) antes de la compilaci\u00f3n 38690." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-493xx/CVE-2024-49384.json b/CVE-2024/CVE-2024-493xx/CVE-2024-49384.json index 8013cb2737c..e9558404992 100644 --- a/CVE-2024/CVE-2024-493xx/CVE-2024-49384.json +++ b/CVE-2024/CVE-2024-493xx/CVE-2024-49384.json @@ -2,13 +2,17 @@ "id": "CVE-2024-49384", "sourceIdentifier": "security@acronis.com", "published": "2024-10-15T11:15:13.643", - "lastModified": "2024-10-15T11:15:13.643", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Excessive attack surface in acep-collector service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690." + }, + { + "lang": "es", + "value": "Superficie de ataque excesiva en el servicio acep-collector debido a la vinculaci\u00f3n a una direcci\u00f3n IP sin restricciones. Los siguientes productos se ven afectados: Acronis Cyber Protect 16 (Linux, Windows) antes de la compilaci\u00f3n 38690." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-493xx/CVE-2024-49387.json b/CVE-2024/CVE-2024-493xx/CVE-2024-49387.json index 3d2c5b18ab8..773795ea23e 100644 --- a/CVE-2024/CVE-2024-493xx/CVE-2024-49387.json +++ b/CVE-2024/CVE-2024-493xx/CVE-2024-49387.json @@ -2,13 +2,17 @@ "id": "CVE-2024-49387", "sourceIdentifier": "security@acronis.com", "published": "2024-10-15T11:15:13.860", - "lastModified": "2024-10-15T11:15:13.860", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cleartext transmission of sensitive information in acep-collector service. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690." + }, + { + "lang": "es", + "value": "Transmisi\u00f3n de texto plano de informaci\u00f3n confidencial en el servicio acep-collector. Los siguientes productos est\u00e1n afectados: Acronis Cyber Protect 16 (Linux, Windows) anterior a la compilaci\u00f3n 38690." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-493xx/CVE-2024-49388.json b/CVE-2024/CVE-2024-493xx/CVE-2024-49388.json index c2fac3aae10..2b0bc8ecf1e 100644 --- a/CVE-2024/CVE-2024-493xx/CVE-2024-49388.json +++ b/CVE-2024/CVE-2024-493xx/CVE-2024-49388.json @@ -2,13 +2,17 @@ "id": "CVE-2024-49388", "sourceIdentifier": "security@acronis.com", "published": "2024-10-15T11:15:14.063", - "lastModified": "2024-10-15T11:15:14.063", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Sensitive information manipulation due to improper authorization. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690." + }, + { + "lang": "es", + "value": "Manipulaci\u00f3n de informaci\u00f3n confidencial debido a una autorizaci\u00f3n indebida. Los siguientes productos est\u00e1n afectados: Acronis Cyber Protect 16 (Linux, Windows) anterior a la compilaci\u00f3n 38690." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-50xx/CVE-2024-5005.json b/CVE-2024/CVE-2024-50xx/CVE-2024-5005.json index 120ad70bcb2..fd0159e8179 100644 --- a/CVE-2024/CVE-2024-50xx/CVE-2024-5005.json +++ b/CVE-2024/CVE-2024-50xx/CVE-2024-5005.json @@ -2,13 +2,17 @@ "id": "CVE-2024-5005", "sourceIdentifier": "cve@gitlab.com", "published": "2024-10-11T13:15:16.317", - "lastModified": "2024-10-11T13:15:16.317", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue has been discovered discovered in GitLab EE/CE affecting all versions starting from 11.4 before 17.2.9, all versions starting from 17.3 before 17.3.5, all versions starting from 17.4 before 17.4.2 It was possible for guest users to disclose project templates using the API." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en GitLab EE/CE que afectaba a todas las versiones desde la 11.4 hasta la 17.2.9, todas las versiones desde la 17.3 hasta la 17.3.5 y todas las versiones desde la 17.4 hasta la 17.4.2. Los usuarios invitados pod\u00edan divulgar plantillas de proyecto mediante la API." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-54xx/CVE-2024-5474.json b/CVE-2024/CVE-2024-54xx/CVE-2024-5474.json index 3f35f588d5b..4e11389651f 100644 --- a/CVE-2024/CVE-2024-54xx/CVE-2024-5474.json +++ b/CVE-2024/CVE-2024-54xx/CVE-2024-5474.json @@ -2,13 +2,17 @@ "id": "CVE-2024-5474", "sourceIdentifier": "psirt@lenovo.com", "published": "2024-10-11T16:15:14.440", - "lastModified": "2024-10-11T16:15:14.440", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A potential information disclosure vulnerability was reported in Lenovo's packaging of Dolby Vision Provisioning software prior to version 2.0.0.2 that could allow a local attacker to read files on the system with elevated privileges during installation of the package. Previously installed versions are not affected by this issue." + }, + { + "lang": "es", + "value": "Se inform\u00f3 de una posible vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en el paquete de software Dolby Vision Provisioning de Lenovo anterior a la versi\u00f3n 2.0.0.2 que podr\u00eda permitir que un atacante local lea archivos en el sistema con privilegios elevados durante la instalaci\u00f3n del paquete. Las versiones instaladas anteriormente no se ven afectadas por este problema." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-61xx/CVE-2024-6157.json b/CVE-2024/CVE-2024-61xx/CVE-2024-6157.json index f85843dab13..a07fe4b2683 100644 --- a/CVE-2024/CVE-2024-61xx/CVE-2024-6157.json +++ b/CVE-2024/CVE-2024-61xx/CVE-2024-6157.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6157", "sourceIdentifier": "cybersecurity@ch.abb.com", "published": "2024-10-10T13:15:14.370", - "lastModified": "2024-10-10T13:15:14.370", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-62xx/CVE-2024-6207.json b/CVE-2024/CVE-2024-62xx/CVE-2024-6207.json index b0908e0c7a6..ebae8cf3bb8 100644 --- a/CVE-2024/CVE-2024-62xx/CVE-2024-6207.json +++ b/CVE-2024/CVE-2024-62xx/CVE-2024-6207.json @@ -2,13 +2,17 @@ "id": "CVE-2024-6207", "sourceIdentifier": "PSIRT@rockwellautomation.com", "published": "2024-10-14T21:15:12.460", - "lastModified": "2024-10-14T21:15:12.460", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html \u00a0and send a specially crafted CIP message to the device. If exploited, a threat actor could help prevent access to the legitimate user and end connections to connected devices including the workstation. To recover the controllers, a download is required which ends any process that the controller is running." + }, + { + "lang": "es", + "value": "CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html y enviar un mensaje CIP especialmente manipulado al dispositivo. Si se explota, un actor de amenazas podr\u00eda ayudar a evitar el acceso al usuario leg\u00edtimo y finalizar las conexiones a los dispositivos conectados, incluida la estaci\u00f3n de trabajo. Para recuperar los controladores, se requiere una descarga que finalice cualquier proceso que est\u00e9 ejecutando el controlador." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-66xx/CVE-2024-6657.json b/CVE-2024/CVE-2024-66xx/CVE-2024-6657.json index e6aeaa115ac..3a7acf57339 100644 --- a/CVE-2024/CVE-2024-66xx/CVE-2024-6657.json +++ b/CVE-2024/CVE-2024-66xx/CVE-2024-6657.json @@ -2,13 +2,17 @@ "id": "CVE-2024-6657", "sourceIdentifier": "product-security@silabs.com", "published": "2024-10-11T14:15:05.770", - "lastModified": "2024-10-11T14:15:05.770", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A denial of service may be caused to a single peripheral device in a BLE network when multiple central \ndevices continuously connect and disconnect to the peripheral. A hard reset is required to recover the peripheral device." + }, + { + "lang": "es", + "value": "Se puede producir una denegaci\u00f3n de servicio a un \u00fanico dispositivo perif\u00e9rico en una red BLE cuando varios dispositivos centrales se conectan y desconectan continuamente del perif\u00e9rico. Es necesario realizar un reinicio completo para recuperar el dispositivo perif\u00e9rico." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-67xx/CVE-2024-6747.json b/CVE-2024/CVE-2024-67xx/CVE-2024-6747.json index 44b606ebf47..98eb654cabe 100644 --- a/CVE-2024/CVE-2024-67xx/CVE-2024-6747.json +++ b/CVE-2024/CVE-2024-67xx/CVE-2024-6747.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6747", "sourceIdentifier": "security@checkmk.com", "published": "2024-10-10T08:15:03.630", - "lastModified": "2024-10-10T12:51:56.987", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-10-15T13:22:17.563", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "security@checkmk.com", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + }, { "source": "security@checkmk.com", "type": "Secondary", @@ -51,10 +81,547 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2.0.0", + "versionEndExcluding": "2.1.0", + "matchCriteriaId": "0DD526DC-BA30-47DE-ADF6-0B078E6EA747" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:-:*:*:*:*:*:*", + "matchCriteriaId": "1AE224D8-742B-4D1F-ABBE-3DDA3EA5C5AD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "B783A741-AAF2-43EE-8272-9239133A01E8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "A5F275A3-A99E-40E1-BD77-694FA568541F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "3A44BF1A-5BE0-4412-B51D-055445758B61" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "A31BAE94-9096-4320-AC19-AA204E8EC08D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "1B0784EA-98E8-4490-B97B-894F188A223D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "A56A901F-1040-4DB9-9BE3-FE1999C514CA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "58A904FC-C015-469D-8502-E678D5FDBD06" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "1B5D109C-60AA-4FA4-9B10-2191AAF109F2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p17:*:*:*:*:*:*", + "matchCriteriaId": "37297866-24BB-4044-8744-EC0A8C29F152" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p18:*:*:*:*:*:*", + "matchCriteriaId": "F9D4A171-CCB3-43B8-8B70-78610423E7C0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p19:*:*:*:*:*:*", + "matchCriteriaId": "5E1145FF-426D-407C-9F4B-EF773BD191EC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "4DA8F776-A724-48FC-B7EF-13788BC69753" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p20:*:*:*:*:*:*", + "matchCriteriaId": "46F42A22-99F2-4DF5-9B00-3123396F87AC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p21:*:*:*:*:*:*", + "matchCriteriaId": "1C59D4D3-D526-4E6B-B3AA-FE485D030190" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p22:*:*:*:*:*:*", + "matchCriteriaId": "65E5CAE6-DC8B-47B3-84A0-D79B0C33EB45" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p23:*:*:*:*:*:*", + "matchCriteriaId": "8B9E0D89-79E2-476A-8A3E-8443316BC310" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p24:*:*:*:*:*:*", + "matchCriteriaId": "38EA0591-C30B-4102-8A06-1B922FD3A0C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p25:*:*:*:*:*:*", + "matchCriteriaId": "5E9AF0D3-8DD6-4EC7-BB33-54401D4025FC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p26:*:*:*:*:*:*", + "matchCriteriaId": "983604CC-DD2C-42A9-8B9D-A9A261CE8BA6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p27:*:*:*:*:*:*", + "matchCriteriaId": "224960F7-695C-415B-B991-E8C01859AA80" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p28:*:*:*:*:*:*", + "matchCriteriaId": "1F6D86E4-738B-4ADA-858E-C12CCED9FAAA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p29:*:*:*:*:*:*", + "matchCriteriaId": "BD8EBF09-9B70-4972-85B1-82F41488BE3F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "076463AA-195F-4CD6-861B-72FE1C8A407F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p30:*:*:*:*:*:*", + "matchCriteriaId": "009D2C7B-39B8-400F-80A5-06D56319232C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p31:*:*:*:*:*:*", + "matchCriteriaId": "3D5AEB8D-772E-401F-975C-61BDD30B481E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p32:*:*:*:*:*:*", + "matchCriteriaId": "2ECAB6C5-518C-4CA4-8B2B-D51115612A8B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p33:*:*:*:*:*:*", + "matchCriteriaId": "FECC252C-02AA-41EC-BB84-5C1A6BC0FB8A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p34:*:*:*:*:*:*", + "matchCriteriaId": "238324F5-7225-40DD-82E8-52F30F0D3776" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p35:*:*:*:*:*:*", + "matchCriteriaId": "4F3C9510-BD43-4F67-9C30-4F82B5D230E8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p36:*:*:*:*:*:*", + "matchCriteriaId": "51941654-F6FF-4323-AECA-5D1D84308CD2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p37:*:*:*:*:*:*", + "matchCriteriaId": "6E800133-1D28-41D1-8D73-9437D741F83B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p38:*:*:*:*:*:*", + "matchCriteriaId": "8A34B28B-2BD9-4F28-9428-8CF7FCEAD7C3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p39:*:*:*:*:*:*", + "matchCriteriaId": "D3FC491E-DE27-4C8F-B699-DB5260935D51" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "63043834-98E5-47C2-91F1-41B98270ABCA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p40:*:*:*:*:*:*", + "matchCriteriaId": "0BE2C8FE-20CC-4B7E-B27B-54C873DC7530" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p41:*:*:*:*:*:*", + "matchCriteriaId": "5C3C3714-C696-4456-88AA-B6E4EFC73C92" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p42:*:*:*:*:*:*", + "matchCriteriaId": "BFF9D1C9-C340-4C31-A3EA-74EF85C6F34D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p43:*:*:*:*:*:*", + "matchCriteriaId": "A70FBA9D-F7DF-4961-9518-F7AE14FE174D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p44:*:*:*:*:*:*", + "matchCriteriaId": "FB38424F-0955-4FE3-9C1D-69D21A08AA8D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p45:*:*:*:*:*:*", + "matchCriteriaId": "4EE19624-17FB-45DD-926D-1A745FF02CB0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p46:*:*:*:*:*:*", + "matchCriteriaId": "C7E289B5-B6C6-4514-9CA1-5EBE155ECFE4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p47:*:*:*:*:*:*", + "matchCriteriaId": "ECBDBA95-0CAA-42A2-A3B1-B4D0DF1F7523" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p48:*:*:*:*:*:*", + "matchCriteriaId": "B0819489-976E-4C46-9D76-0338F40C2A64" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "FCF745D0-2EA6-4414-90BC-99D3ED08BB01" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "4823087F-D7FA-4594-8FD3-412DE5EA1F02" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "6429F9CE-D477-4CFF-B6E0-4BF11B61ED0E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p8:*:*:*:*:*:*", + "matchCriteriaId": "A50C58F9-94ED-4D85-8331-2D81F8E0760A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p9:*:*:*:*:*:*", + "matchCriteriaId": "9A6AC0BD-FB65-4FAA-B344-66F87F16F8B3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:-:*:*:*:*:*:*", + "matchCriteriaId": "C66704F1-0B5E-4B43-8748-987022F378F8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "3FB7221E-BE9F-4529-8E07-8AD547FA3208" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "30A074AD-9499-46E3-AB67-D6CEE3AA01C3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "A8BD0240-A22B-4273-BD47-C35A8C12E127" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "DAA5680F-1DD0-48AA-BB7F-15B27365F0FA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "BC2F31CA-D4EB-44E6-9A09-5255D33F4A88" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "CD80BD69-20C6-4E17-B165-98689179A5A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "B044D43B-0233-4A0D-A356-B9F9324E2777" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "7DE79896-EBE5-42F2-A126-2A871BBA1071" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p17:*:*:*:*:*:*", + "matchCriteriaId": "51A44E69-EEA1-4B01-B7B3-5BF7B39819E3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p18:*:*:*:*:*:*", + "matchCriteriaId": "BCB65AEB-CF52-410B-92B1-2DCFB914FFA4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p19:*:*:*:*:*:*", + "matchCriteriaId": "B7E17FA6-9011-489C-9FA9-368CA2D86FAE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "7BCEB6FF-668F-4313-9264-0BF021AFC45F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p20:*:*:*:*:*:*", + "matchCriteriaId": "F8B27218-A4FF-47BE-B578-6DB704478921" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p21:*:*:*:*:*:*", + "matchCriteriaId": "8735357F-16A7-4408-9DDD-1C6796BADBE9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p22:*:*:*:*:*:*", + "matchCriteriaId": "4505098C-0A2B-481E-A3DF-D6DF8EFA4DE7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p23:*:*:*:*:*:*", + "matchCriteriaId": "C12AFCCF-014E-4EEB-8F04-F1ACE182BA98" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p24:*:*:*:*:*:*", + "matchCriteriaId": "66B85557-D5EC-4AF4-B97A-D2B80A58B3B1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p25:*:*:*:*:*:*", + "matchCriteriaId": "233ECD21-FA72-43AF-8E4C-DAC27CC18F3C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p26:*:*:*:*:*:*", + "matchCriteriaId": "8B4DB8EE-C10A-4097-8E66-2932BAEB732E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p27:*:*:*:*:*:*", + "matchCriteriaId": "8653402A-C5AA-4CB1-8742-A12CCBE59373" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p28:*:*:*:*:*:*", + "matchCriteriaId": "77047A82-E6D5-4E84-9BEC-ACD2FDA91FAE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p29:*:*:*:*:*:*", + "matchCriteriaId": "2E44AE62-1746-410F-A28E-F8292E1F8D68" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "E2342E2D-58B0-43E7-8C01-DF4678520F39" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p30:*:*:*:*:*:*", + "matchCriteriaId": "B6C1AC39-5AE0-4FC8-93FF-966400B074F0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p31:*:*:*:*:*:*", + "matchCriteriaId": "68455233-52CD-44B8-8B02-D94BA84DA6A8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p32:*:*:*:*:*:*", + "matchCriteriaId": "1C95A313-7665-4877-B421-0D20E3D3D54D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p33:*:*:*:*:*:*", + "matchCriteriaId": "0AEF278D-D782-4A2B-B1B8-19A21D151AA2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p34:*:*:*:*:*:*", + "matchCriteriaId": "B027FE8B-1802-4449-A0CB-6D15F9634559" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p35:*:*:*:*:*:*", + "matchCriteriaId": "9B2BC55F-17AE-4BC4-824D-06BE9B15516C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "1871B646-CA69-477F-B113-B901AC7B3934" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "EEC65A72-CAE1-4E28-83EF-7ECAFE921BB6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "D8FDECBC-8213-495F-A932-C4310F7C1F87" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "CB49BC95-6AA8-4F53-A3D6-E199BF756AAF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p8:*:*:*:*:*:*", + "matchCriteriaId": "050B6617-8FD4-47A6-BE4A-A52503A65812" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p9:*:*:*:*:*:*", + "matchCriteriaId": "4CA0FEC5-7036-47AF-A341-873B6C324B58" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:-:*:*:*:*:*:*", + "matchCriteriaId": "83202950-840A-4CB7-AD96-CE62E84FABD8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "310A2FA2-633A-48FB-A5C2-9A9A922E72E2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "3C0F1DC8-D9DF-4A7A-80DC-618FAB091375" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "9B0A1E3E-1B5A-4346-95BC-DE6FF6EE14CA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "EB52B2A7-BDC1-4A4F-ABAF-69C1BA8E83C2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "9F89225F-6969-4D89-B889-9CB09972825B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "2A1B23EA-4571-4E4E-80BC-FD76FFD83FFB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "625A6998-5DAE-4538-9760-20523CCE501F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "6EFD4461-2C37-418F-90AD-3A956B2D91C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p17:*:*:*:*:*:*", + "matchCriteriaId": "88523633-844C-41FE-ADF1-74D6AA2BCE6C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "7D1993E3-C4F9-4D78-BD02-A0B22D93BF1F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "B28A0C9D-072A-413C-8587-CD57CB918190" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "DF22D0A7-82B1-4598-B8C5-BDFE523D07F2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "20035AFB-75B4-4164-9833-A2FCAE24B577" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "8BCBACEB-7130-455D-B4BE-243053C116DC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "156384E2-E04B-4153-A91F-3F307C9FEAE8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p8:*:*:*:*:*:*", + "matchCriteriaId": "EEC0ED95-F43B-46D7-9AA0-A0FB1C32EF1D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p9:*:*:*:*:*:*", + "matchCriteriaId": "91C194C1-5292-4E2A-BB71-9C5CD3CE6194" + } + ] + } + ] + } + ], "references": [ { "url": "https://checkmk.com/werk/17145", - "source": "security@checkmk.com" + "source": "security@checkmk.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-67xx/CVE-2024-6757.json b/CVE-2024/CVE-2024-67xx/CVE-2024-6757.json index a2ef9656170..45923ab2a00 100644 --- a/CVE-2024/CVE-2024-67xx/CVE-2024-6757.json +++ b/CVE-2024/CVE-2024-67xx/CVE-2024-6757.json @@ -2,13 +2,17 @@ "id": "CVE-2024-6757", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-15T02:15:02.653", - "lastModified": "2024-10-15T02:15:02.653", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Elementor Website Builder \u2013 More than Just a Page Builder plugin for WordPress is vulnerable to Basic Information Exposure in all versions up to, and including, 3.23.5 via the get_image_alt function. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract either excerpt data or titles of private or password-protected posts." + }, + { + "lang": "es", + "value": "El complemento Elementor Website Builder \u2013 More than Just a Page Builder para WordPress es vulnerable a la exposici\u00f3n de informaci\u00f3n b\u00e1sica en todas las versiones hasta la 3.23.5 incluida a trav\u00e9s de la funci\u00f3n get_image_alt. Esto permite que atacantes autenticados, con acceso de nivel de colaborador o superior, extraigan datos de extractos o t\u00edtulos de publicaciones privadas o protegidas con contrase\u00f1a." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-67xx/CVE-2024-6762.json b/CVE-2024/CVE-2024-67xx/CVE-2024-6762.json index 2877b14a0b1..75da615a80a 100644 --- a/CVE-2024/CVE-2024-67xx/CVE-2024-6762.json +++ b/CVE-2024/CVE-2024-67xx/CVE-2024-6762.json @@ -2,13 +2,17 @@ "id": "CVE-2024-6762", "sourceIdentifier": "emo@eclipse.org", "published": "2024-10-14T16:15:03.930", - "lastModified": "2024-10-14T16:15:03.930", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Jetty PushSessionCacheFilter can be exploited by unauthenticated users \nto launch remote DoS attacks by exhausting the server\u2019s memory." + }, + { + "lang": "es", + "value": "Jetty PushSessionCacheFilter puede ser explotado por usuarios no autenticados para lanzar ataques DoS remotos agotando la memoria del servidor." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-67xx/CVE-2024-6763.json b/CVE-2024/CVE-2024-67xx/CVE-2024-6763.json index 7c62f7bfdcb..5fc247ca590 100644 --- a/CVE-2024/CVE-2024-67xx/CVE-2024-6763.json +++ b/CVE-2024/CVE-2024-67xx/CVE-2024-6763.json @@ -2,13 +2,17 @@ "id": "CVE-2024-6763", "sourceIdentifier": "emo@eclipse.org", "published": "2024-10-14T16:15:04.163", - "lastModified": "2024-10-14T16:15:04.163", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, HttpURI, for URI/URL parsing.\n\nThe HttpURI class does insufficient validation on the authority segment of a URI. However the behaviour of HttpURI\n differs from the common browsers in how it handles a URI that would be \nconsidered invalid if fully validated against the RRC. Specifically HttpURI\n and the browser may differ on the value of the host extracted from an \ninvalid URI and thus a combination of Jetty and a vulnerable browser may\n be vulnerable to a open redirect attack or to a SSRF attack if the URI \nis used after passing validation checks." + }, + { + "lang": "es", + "value": "Eclipse Jetty es un servidor web y motor de servlets basado en Java, ligero y altamente escalable. Incluye una clase de utilidad, HttpURI, para el an\u00e1lisis de URL/URL. La clase HttpURI realiza una validaci\u00f3n insuficiente en el segmento de autoridad de una URI. Sin embargo, el comportamiento de HttpURI difiere de los navegadores comunes en c\u00f3mo maneja una URI que se considerar\u00eda inv\u00e1lida si se validara completamente contra el RRC. Espec\u00edficamente, HttpURI y el navegador pueden diferir en el valor del host extra\u00eddo de una URI inv\u00e1lida y, por lo tanto, una combinaci\u00f3n de Jetty y un navegador vulnerable puede ser vulnerable a un ataque de redireccionamiento abierto o a un ataque SSRF si la URI se usa despu\u00e9s de pasar las verificaciones de validaci\u00f3n." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-69xx/CVE-2024-6959.json b/CVE-2024/CVE-2024-69xx/CVE-2024-6959.json index 545f8cbac5c..d953b3b5cfd 100644 --- a/CVE-2024/CVE-2024-69xx/CVE-2024-6959.json +++ b/CVE-2024/CVE-2024-69xx/CVE-2024-6959.json @@ -2,13 +2,17 @@ "id": "CVE-2024-6959", "sourceIdentifier": "security@huntr.dev", "published": "2024-10-13T13:15:10.880", - "lastModified": "2024-10-13T13:15:10.880", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in parisneo/lollms-webui version 9.8 allows for a Denial of Service (DOS) attack when uploading an audio file. If an attacker appends a large number of characters to the end of a multipart boundary, the system will continuously process each character, rendering lollms-webui inaccessible. This issue is exacerbated by the lack of Cross-Site Request Forgery (CSRF) protection, enabling remote exploitation. The vulnerability leads to service disruption, resource exhaustion, and extended downtime." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la versi\u00f3n 9.8 de parisneo/lollms-webui permite un ataque de denegaci\u00f3n de servicio (DOS) al cargar un archivo de audio. Si un atacante agrega una gran cantidad de caracteres al final de un l\u00edmite de varias partes, el sistema procesar\u00e1 continuamente cada car\u00e1cter, lo que har\u00e1 que lollms-webui sea inaccesible. Este problema se ve agravado por la falta de protecci\u00f3n contra Cross-Site Request Forgery (CSRF), lo que permite la explotaci\u00f3n remota. La vulnerabilidad provoca la interrupci\u00f3n del servicio, el agotamiento de los recursos y un tiempo de inactividad prolongado." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-69xx/CVE-2024-6971.json b/CVE-2024/CVE-2024-69xx/CVE-2024-6971.json index 779bacb1805..2e54ed8aa9a 100644 --- a/CVE-2024/CVE-2024-69xx/CVE-2024-6971.json +++ b/CVE-2024/CVE-2024-69xx/CVE-2024-6971.json @@ -2,13 +2,17 @@ "id": "CVE-2024-6971", "sourceIdentifier": "security@huntr.dev", "published": "2024-10-11T13:15:16.537", - "lastModified": "2024-10-11T13:15:16.537", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A path traversal vulnerability exists in the parisneo/lollms-webui repository, specifically in the `lollms_file_system.py` file. The functions `add_rag_database`, `toggle_mount_rag_database`, and `vectorize_folder` do not implement security measures such as `sanitize_path_from_endpoint` or `sanitize_path`. This allows an attacker to perform vectorize operations on `.sqlite` files in any directory on the victim's computer, potentially installing multiple packages and causing a crash." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de path traversal en el repositorio parisneo/lollms-webui, espec\u00edficamente en el archivo `lollms_file_system.py`. Las funciones `add_rag_database`, `toggle_mount_rag_database` y `vectorize_folder` no implementan medidas de seguridad como `sanitize_path_from_endpoint` o `sanitize_path`. Esto permite que un atacante realice operaciones de vectorizaci\u00f3n en archivos `.sqlite` en cualquier directorio de la computadora de la v\u00edctima, lo que podr\u00eda instalar varios paquetes y provocar un bloqueo." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-69xx/CVE-2024-6985.json b/CVE-2024/CVE-2024-69xx/CVE-2024-6985.json index f45a56d7f2c..1f3e6159053 100644 --- a/CVE-2024/CVE-2024-69xx/CVE-2024-6985.json +++ b/CVE-2024/CVE-2024-69xx/CVE-2024-6985.json @@ -2,13 +2,17 @@ "id": "CVE-2024-6985", "sourceIdentifier": "security@huntr.dev", "published": "2024-10-11T16:15:14.657", - "lastModified": "2024-10-11T16:15:14.657", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A path traversal vulnerability exists in the api open_personality_folder endpoint of parisneo/lollms-webui. This vulnerability allows an attacker to read any folder in the personality_folder on the victim's computer, even though sanitize_path is set. The issue arises due to improper sanitization of the personality_folder parameter, which can be exploited to traverse directories and access arbitrary files." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de path traversal en el endpoint de la API open_personality_folder de parisneo/lollms-webui. Esta vulnerabilidad permite a un atacante leer cualquier carpeta en personality_folder en la computadora de la v\u00edctima, incluso aunque sanitize_path est\u00e9 configurado. El problema surge debido a una desinfecci\u00f3n incorrecta del par\u00e1metro personality_folder, que puede explotarse para recorrer directorios y acceder a archivos arbitrarios." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-70xx/CVE-2024-7099.json b/CVE-2024/CVE-2024-70xx/CVE-2024-7099.json index 3965c001f9d..a0f207e55b1 100644 --- a/CVE-2024/CVE-2024-70xx/CVE-2024-7099.json +++ b/CVE-2024/CVE-2024-70xx/CVE-2024-7099.json @@ -2,13 +2,17 @@ "id": "CVE-2024-7099", "sourceIdentifier": "security@huntr.dev", "published": "2024-10-13T21:15:10.957", - "lastModified": "2024-10-13T21:15:10.957", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "netease-youdao/qanything version 1.4.1 contains a vulnerability where unsafe data obtained from user input is concatenated in SQL queries, leading to SQL injection. The affected functions include `get_knowledge_base_name`, `from_status_to_status`, `delete_files`, and `get_file_by_status`. An attacker can exploit this vulnerability to execute arbitrary SQL queries, potentially stealing information from the database. The issue is fixed in version 1.4.2." + }, + { + "lang": "es", + "value": "La versi\u00f3n 1.4.1 de netease-youdao/qanything contiene una vulnerabilidad en la que los datos no seguros obtenidos de la entrada del usuario se concatenan en consultas SQL, lo que provoca una inyecci\u00f3n SQL. Las funciones afectadas incluyen `get_knowledge_base_name`, `from_status_to_status`, `delete_files` y `get_file_by_status`. Un atacante puede aprovechar esta vulnerabilidad para ejecutar consultas SQL arbitrarias, lo que podr\u00eda robar informaci\u00f3n de la base de datos. El problema se solucion\u00f3 en la versi\u00f3n 1.4.2." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-74xx/CVE-2024-7489.json b/CVE-2024/CVE-2024-74xx/CVE-2024-7489.json index 0e284b1adce..0ce82472f75 100644 --- a/CVE-2024/CVE-2024-74xx/CVE-2024-7489.json +++ b/CVE-2024/CVE-2024-74xx/CVE-2024-7489.json @@ -2,13 +2,17 @@ "id": "CVE-2024-7489", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-12T06:15:02.337", - "lastModified": "2024-10-12T06:15:02.337", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Forms for Mailchimp by Optin Cat \u2013 Grow Your MailChimp List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form color parameters in all versions up to, and including, 2.5.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled." + }, + { + "lang": "es", + "value": "El complemento Forms for Mailchimp by Optin Cat \u2013 Grow Your MailChimp List para WordPress es vulnerable a cross-site scripting almacenado a trav\u00e9s de los par\u00e1metros de color del formulario en todas las versiones hasta la 2.5.6 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes autenticados, con acceso a nivel de editor, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada. Esto solo afecta a instalaciones multisitio e instalaciones donde se ha deshabilitado unfiltered_html." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-75xx/CVE-2024-7514.json b/CVE-2024/CVE-2024-75xx/CVE-2024-7514.json index 51aaeeba13a..ccb7aefa00c 100644 --- a/CVE-2024/CVE-2024-75xx/CVE-2024-7514.json +++ b/CVE-2024/CVE-2024-75xx/CVE-2024-7514.json @@ -2,13 +2,17 @@ "id": "CVE-2024-7514", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-11T13:15:16.800", - "lastModified": "2024-10-11T13:15:16.800", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The WordPress Comments Import & Export plugin for WordPress is vulnerable to to arbitrary file read due to insufficient file path validation during the comments import process, in versions up to, and including, 2.3.7. This makes it possible for authenticated attackers, with Author-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.\r\nThe issue was partially fixed in version 2.3.8 and fully fixed in 2.3.9" + }, + { + "lang": "es", + "value": "El complemento WordPress Comments Import & Export para WordPress es vulnerable a la lectura arbitraria de archivos debido a una validaci\u00f3n insuficiente de la ruta de archivo durante el proceso de importaci\u00f3n de comentarios, en versiones hasta la 2.3.7 incluida. Esto permite que atacantes autenticados, con acceso de nivel de autor y superior, lean el contenido de archivos arbitrarios en el servidor, que pueden contener informaci\u00f3n confidencial. El problema se solucion\u00f3 parcialmente en la versi\u00f3n 2.3.8 y se solucion\u00f3 por completo en la 2.3.9." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-78xx/CVE-2024-7847.json b/CVE-2024/CVE-2024-78xx/CVE-2024-7847.json index e38fad2c553..1321f93f760 100644 --- a/CVE-2024/CVE-2024-78xx/CVE-2024-7847.json +++ b/CVE-2024/CVE-2024-78xx/CVE-2024-7847.json @@ -2,13 +2,17 @@ "id": "CVE-2024-7847", "sourceIdentifier": "PSIRT@rockwellautomation.com", "published": "2024-10-14T14:15:12.020", - "lastModified": "2024-10-14T14:15:12.020", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "VULNERABILITY DETAILS\n\nRockwell Automation used the latest versions of the CVSS scoring system to assess the following vulnerabilities. The following vulnerabilities were reported to us by Sharon Brizinov of Claroty Research - Team82. \n\nA feature in the affected products enables users to prepare a project file with an embedded VBA script and can be configured to run once the project file has been opened without user intervention. This feature can be abused to trick a legitimate user into executing malicious code upon opening an infected RSP/RSS project file. If exploited, a threat actor may be able to perform a remote code execution. Connected devices may also be impacted by exploitation of this vulnerability." + }, + { + "lang": "es", + "value": "DETALLES DE LA VULNERABILIDAD Rockwell Automation utiliz\u00f3 las \u00faltimas versiones del sistema de puntuaci\u00f3n CVSS para evaluar las siguientes vulnerabilidades. Sharon Brizinov de Claroty Research - Team82 nos inform\u00f3 sobre las siguientes vulnerabilidades. Una caracter\u00edstica de los productos afectados permite a los usuarios preparar un archivo de proyecto con un script VBA integrado y se puede configurar para que se ejecute una vez que se haya abierto el archivo de proyecto sin intervenci\u00f3n del usuario. Esta caracter\u00edstica se puede utilizar de forma abusiva para enga\u00f1ar a un usuario leg\u00edtimo para que ejecute c\u00f3digo malicioso al abrir un archivo de proyecto RSP/RSS infectado. Si se explota, un actor de amenazas puede realizar una ejecuci\u00f3n remota de c\u00f3digo. Los dispositivos conectados tambi\u00e9n pueden verse afectados por la explotaci\u00f3n de esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-80xx/CVE-2024-8070.json b/CVE-2024/CVE-2024-80xx/CVE-2024-8070.json index 4d7cd80dd5b..48587a0a7a7 100644 --- a/CVE-2024/CVE-2024-80xx/CVE-2024-8070.json +++ b/CVE-2024/CVE-2024-80xx/CVE-2024-8070.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8070", "sourceIdentifier": "cybersecurity@se.com", "published": "2024-10-13T20:15:03.360", - "lastModified": "2024-10-13T20:15:03.360", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "CWE-312: Cleartext Storage of Sensitive Information vulnerability exists that exposes test\ncredentials in the firmware binary" + }, + { + "lang": "es", + "value": "CWE-312: Existe una vulnerabilidad de almacenamiento de informaci\u00f3n confidencial en texto plano que expone las credenciales de prueba en el binario del firmware." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-81xx/CVE-2024-8184.json b/CVE-2024/CVE-2024-81xx/CVE-2024-8184.json index 46a27174db8..eb8b26634f6 100644 --- a/CVE-2024/CVE-2024-81xx/CVE-2024-8184.json +++ b/CVE-2024/CVE-2024-81xx/CVE-2024-8184.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8184", "sourceIdentifier": "emo@eclipse.org", "published": "2024-10-14T16:15:04.380", - "lastModified": "2024-10-14T16:15:04.380", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote() which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de seguridad en ThreadLimitHandler.getRemote() de Jetty que puede ser explotada por usuarios no autorizados para provocar un ataque de denegaci\u00f3n de servicio (DoS) remoto. Al enviar repetidamente solicitudes manipuladas, los atacantes pueden generar errores OutofMemory y agotar la memoria del servidor." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-83xx/CVE-2024-8376.json b/CVE-2024/CVE-2024-83xx/CVE-2024-8376.json index 0c2466c1b1d..0209e667f96 100644 --- a/CVE-2024/CVE-2024-83xx/CVE-2024-8376.json +++ b/CVE-2024/CVE-2024-83xx/CVE-2024-8376.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8376", "sourceIdentifier": "emo@eclipse.org", "published": "2024-10-11T16:15:14.860", - "lastModified": "2024-10-11T16:15:14.860", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Eclipse Mosquitto up to version 2.0.18a, an attacker can achieve memory leaking, segmentation fault or heap-use-after-free by sending specific sequences of \"CONNECT\", \"DISCONNECT\", \"SUBSCRIBE\", \"UNSUBSCRIBE\" and \"PUBLISH\" packets." + }, + { + "lang": "es", + "value": "En Eclipse Mosquitto hasta la versi\u00f3n 2.0.18a, un atacante puede lograr fugas de memoria, fallas de segmentaci\u00f3n o heap-use-after-free enviando secuencias espec\u00edficas de paquetes \"CONECTAR\", \"DESCONECTAR\", \"SUBSCRIBE\", \"CANCELAR SUSCRIPCI\u00d3N\" y \"PUBLICAR\"." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-84xx/CVE-2024-8477.json b/CVE-2024/CVE-2024-84xx/CVE-2024-8477.json index f2570fb98d3..cb17cdb7229 100644 --- a/CVE-2024/CVE-2024-84xx/CVE-2024-8477.json +++ b/CVE-2024/CVE-2024-84xx/CVE-2024-8477.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8477", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-10T03:15:02.300", - "lastModified": "2024-10-10T12:51:56.987", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-10-15T13:30:52.877", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -40,6 +40,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -51,14 +61,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:brevo:newsletter\\,_smtp\\,_email_marketing_and_subscribe:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.1.88", + "matchCriteriaId": "F2D6DFA7-4A55-49CD-8AAF-010B7F3E9D69" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/changeset/3165451/mailin/tags/3.1.88/page/page-home.php", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e070b422-9036-4362-832b-43fd4838f394?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-85xx/CVE-2024-8513.json b/CVE-2024/CVE-2024-85xx/CVE-2024-8513.json index 3bc612834c6..2d14286ad96 100644 --- a/CVE-2024/CVE-2024-85xx/CVE-2024-8513.json +++ b/CVE-2024/CVE-2024-85xx/CVE-2024-8513.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8513", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-10T02:15:03.323", - "lastModified": "2024-10-10T12:51:56.987", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-10-15T13:33:14.333", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -40,6 +40,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -51,14 +61,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:quarka:qa_analytics:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "4.1.0.0", + "matchCriteriaId": "71183DCF-D95B-4215-9B68-A15AD1B04F6E" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/qa-heatmap-analytics/trunk/class-qahm-admin-page-config.php#L801", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/15d29d58-9e28-4e18-aeb9-9c63cb308673?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-85xx/CVE-2024-8530.json b/CVE-2024/CVE-2024-85xx/CVE-2024-8530.json index 17a875c9d6e..6d8f452c890 100644 --- a/CVE-2024/CVE-2024-85xx/CVE-2024-8530.json +++ b/CVE-2024/CVE-2024-85xx/CVE-2024-8530.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8530", "sourceIdentifier": "cybersecurity@se.com", "published": "2024-10-11T14:15:05.970", - "lastModified": "2024-10-11T14:15:05.970", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "CWE-306: Missing Authentication for Critical Function vulnerability exists that could\ncause exposure of private data when an already generated \u201clogcaptures\u201d archive is accessed\ndirectly by HTTPS." + }, + { + "lang": "es", + "value": "CWE-306: Existe una vulnerabilidad de falta de autenticaci\u00f3n para funciones cr\u00edticas que podr\u00eda provocar la exposici\u00f3n de datos privados cuando se accede directamente a un archivo de \u201ccapturas de registro\u201d ya generado mediante HTTPS." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-85xx/CVE-2024-8531.json b/CVE-2024/CVE-2024-85xx/CVE-2024-8531.json index 58a48b72b3b..af4374e68d7 100644 --- a/CVE-2024/CVE-2024-85xx/CVE-2024-8531.json +++ b/CVE-2024/CVE-2024-85xx/CVE-2024-8531.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8531", "sourceIdentifier": "cybersecurity@se.com", "published": "2024-10-11T14:15:06.173", - "lastModified": "2024-10-11T14:15:06.173", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "CWE-347: Improper Verification of Cryptographic Signature vulnerability exists that could\ncompromise the Data Center Expert software when an upgrade bundle is manipulated to\ninclude arbitrary bash scripts that are executed as root." + }, + { + "lang": "es", + "value": "CWE-347: Existe una vulnerabilidad de verificaci\u00f3n incorrecta de la firma criptogr\u00e1fica que podr\u00eda comprometer el software Data Center Expert cuando se manipula un paquete de actualizaci\u00f3n para incluir scripts bash arbitrarios que se ejecutan como root." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-86xx/CVE-2024-8602.json b/CVE-2024/CVE-2024-86xx/CVE-2024-8602.json index 691bcdde3da..30a518d9fa2 100644 --- a/CVE-2024/CVE-2024-86xx/CVE-2024-8602.json +++ b/CVE-2024/CVE-2024-86xx/CVE-2024-8602.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8602", "sourceIdentifier": "vulnerability@ncsc.ch", "published": "2024-10-14T14:15:12.400", - "lastModified": "2024-10-14T14:15:12.400", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "When the XML is read from the codes in the PDF and parsed using a DocumentBuilder, the default settings of the DocumentBuilder allow for an XXE (XML External Entity) attack. Further information on this can be found on the website of the Open Worldwide Application Security Project (OWASP). An attacker could theoretically leverage this by delivering a manipulated PDF file to the target, and depending on the environment, various actions can be executed. These actions include:\n\n * Reading files from the operating system\n * Crashing the thread handling the parsing or causing it to enter an infinite loop\n * Executing HTTP requests\n * Loading additional DTDs or XML files\n * Under certain conditions, executing OS commands" + }, + { + "lang": "es", + "value": "Cuando se lee el XML de los c\u00f3digos en el PDF y se analiza utilizando un DocumentBuilder, la configuraci\u00f3n predeterminada de DocumentBuilder permite un ataque XXE (XML External Entity). Puede encontrar m\u00e1s informaci\u00f3n sobre esto en el sitio web del Proyecto de seguridad de aplicaciones abierto a nivel mundial (OWASP). En teor\u00eda, un atacante podr\u00eda aprovechar esto entregando un archivo PDF manipulado al objetivo y, seg\u00fan el entorno, se pueden ejecutar varias acciones. Estas acciones incluyen: * Leer archivos del sistema operativo * Bloquear el hilo que maneja el an\u00e1lisis o hacer que entre en un bucle infinito * Ejecutar solicitudes HTTP * Cargar archivos DTD o XML adicionales * Bajo ciertas condiciones, ejecutar comandos del sistema operativo" } ], "metrics": { diff --git a/CVE-2024/CVE-2024-87xx/CVE-2024-8729.json b/CVE-2024/CVE-2024-87xx/CVE-2024-8729.json index ddf986f3df9..891b5e43380 100644 --- a/CVE-2024/CVE-2024-87xx/CVE-2024-8729.json +++ b/CVE-2024/CVE-2024-87xx/CVE-2024-8729.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8729", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-10T02:15:03.550", - "lastModified": "2024-10-10T12:51:56.987", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-10-15T13:40:37.917", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -51,14 +71,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:idiom:easy_social_share_buttons:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.4.5", + "matchCriteriaId": "45141E0C-4220-4B83-BB1F-057B77D6F0FE" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/easy-social-share-buttons/trunk/includes/class-easy-social-share-buttons-settings.php#L271", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b616bb6c-0861-4920-a589-f2c5bb819164?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-87xx/CVE-2024-8755.json b/CVE-2024/CVE-2024-87xx/CVE-2024-8755.json index 74d9786de39..000d91845d4 100644 --- a/CVE-2024/CVE-2024-87xx/CVE-2024-8755.json +++ b/CVE-2024/CVE-2024-87xx/CVE-2024-8755.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8755", "sourceIdentifier": "security@progress.com", "published": "2024-10-11T15:15:06.150", - "lastModified": "2024-10-11T15:15:06.150", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.This issue affects:\n\n\n\n\n\n\u202fProduct \n\n\n\n\n\nAffected Versions \n\n\n\n\n\nLoadMaster \n\n\n\n\n\nFrom 7.2.55.0 to 7.2.60.1 (inclusive) \n\n\n\n\n\n\u202f\u00a0\n\n\n\n\n\nFrom 7.2.49.0 to 7.2.54.12 (inclusive) \n\n\n\n\n\n\u202f\u00a0\n\n\n\n\n\n7.2.48.12 and all prior versions \n\n\n\n\n\n\n\n\nMulti-Tenant Hypervisor \n\n\n\n\n\n7.1.35.12 and all prior versions \n\n\n\n\n\n\n\n\n\n\nECS\n\n\n\n\n\nAll prior versions to 7.2.60.1 (inclusive)" + "value": "Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.This issue affects:\n\n\n\n\n\n?Product \n\n\n\n\n\nAffected Versions \n\n\n\n\n\nLoadMaster \n\n\n\n\n\nFrom 7.2.55.0 to 7.2.60.1 (inclusive) \n\n\n\n\n\n?\u00a0\n\n\n\n\n\nFrom 7.2.49.0 to 7.2.54.12 (inclusive) \n\n\n\n\n\n?\u00a0\n\n\n\n\n\n7.2.48.12 and all prior versions \n\n\n\n\n\n\n\n\nMulti-Tenant Hypervisor \n\n\n\n\n\n7.1.35.12 and all prior versions \n\n\n\n\n\n\n\n\n\n\nECS\n\n\n\n\n\nAll prior versions to 7.2.60.1 (inclusive)" + }, + { + "lang": "es", + "value": "Vulnerabilidad de validaci\u00f3n de entrada incorrecta de usuario autenticado en progreso LoadMaster permite: Inyecci\u00f3n de comandos del sistema operativo. Este problema afecta a: Producto Versiones afectadas LoadMaster De 7.2.55.0 a 7.2.60.1 (incluida) De 7.2.49.0 a 7.2.54.12 (incluida) 7.2.48.12 y todas las versiones anteriores Hipervisor multiinquilino 7.1.35.12 y todas las versiones anteriores ECS Todas las versiones anteriores a 7.2.60.1 (incluida)" } ], "metrics": { diff --git a/CVE-2024/CVE-2024-87xx/CVE-2024-8757.json b/CVE-2024/CVE-2024-87xx/CVE-2024-8757.json index d1cd29d4136..c9410506ee2 100644 --- a/CVE-2024/CVE-2024-87xx/CVE-2024-8757.json +++ b/CVE-2024/CVE-2024-87xx/CVE-2024-8757.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8757", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-12T10:15:02.687", - "lastModified": "2024-10-12T10:15:02.687", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The WP Post Author \u2013 Boost Your Blog's Engagement with Author Box, Social Links, Co-Authors, Guest Authors, Post Rating System, and Custom User Registration Form Builder plugin for WordPress is vulnerable to time-based SQL Injection via the linked_user_id parameter in all versions up to, and including, 3.8.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database." + }, + { + "lang": "es", + "value": "El complemento WP Post Author \u2013 Boost Your Blog's Engagement with Author Box, Social Links, Co-Authors, Guest Authors, Post Rating System, and Custom User Registration Form Builder para WordPress es vulnerable a la inyecci\u00f3n SQL basada en tiempo a trav\u00e9s del par\u00e1metro linked_user_id en todas las versiones hasta la 3.8.1 incluida, debido a un escape insuficiente en el par\u00e1metro proporcionado por el usuario y a la falta de preparaci\u00f3n suficiente en la consulta SQL existente. Esto hace posible que los atacantes autenticados, con acceso de nivel de administrador y superior, agreguen consultas SQL adicionales a las consultas ya existentes que se pueden usar para extraer informaci\u00f3n confidencial de la base de datos." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-87xx/CVE-2024-8760.json b/CVE-2024/CVE-2024-87xx/CVE-2024-8760.json index 5f86fbd01cf..61abc203f4c 100644 --- a/CVE-2024/CVE-2024-87xx/CVE-2024-8760.json +++ b/CVE-2024/CVE-2024-87xx/CVE-2024-8760.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8760", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-12T09:15:02.677", - "lastModified": "2024-10-12T09:15:02.677", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Stackable \u2013 Page Builder Gutenberg Blocks plugin for WordPress is vulnerable to CSS Injection in all versions up to, and including, 3.13.6. This makes it possible for unauthenticated attackers to embed untrusted style information into comments resulting in a possibility of data exfiltration such as admin nonces with limited impact. These nonces could be used to perform CSRF attacks within a limited time window. The presence of other plugins may make additional nonces available, which may pose a risk in plugins that don't perform capability checks to protect AJAX actions or other actions reachable by lower-privileged users." + }, + { + "lang": "es", + "value": "El complemento Stackable \u2013 Page Builder Gutenberg Blocks para WordPress es vulnerable a la inyecci\u00f3n de CSS en todas las versiones hasta la 3.13.6 incluida. Esto permite que atacantes no autenticados incorporen informaci\u00f3n de estilo no confiable en los comentarios, lo que genera la posibilidad de exfiltraci\u00f3n de datos, como nonces de administraci\u00f3n, con un impacto limitado. Estos nonces podr\u00edan usarse para realizar ataques CSRF dentro de un per\u00edodo de tiempo limitado. La presencia de otros complementos puede hacer que haya nonces adicionales disponibles, lo que puede representar un riesgo en complementos que no realizan verificaciones de capacidad para proteger acciones AJAX u otras acciones a las que puedan acceder usuarios con menos privilegios." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-89xx/CVE-2024-8902.json b/CVE-2024/CVE-2024-89xx/CVE-2024-8902.json index 9f997c660c7..790ab4ae61d 100644 --- a/CVE-2024/CVE-2024-89xx/CVE-2024-8902.json +++ b/CVE-2024/CVE-2024-89xx/CVE-2024-8902.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8902", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-12T10:15:03.810", - "lastModified": "2024-10-12T10:15:03.810", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Elementor Addon Elements plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.13.8 via the render_column function in modules/data-table/widgets/data-table.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft template data." + }, + { + "lang": "es", + "value": "El complemento Elementor Addon Elements para WordPress es vulnerable a la exposici\u00f3n de informaci\u00f3n confidencial en todas las versiones hasta la 1.13.8 incluida a trav\u00e9s de la funci\u00f3n render_column en modules/data-table/widgets/data-table.php. Esto permite que atacantes autenticados, con acceso de nivel de colaborador y superior, extraigan datos confidenciales de plantillas privadas, pendientes y en borrador." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-89xx/CVE-2024-8912.json b/CVE-2024/CVE-2024-89xx/CVE-2024-8912.json index e444d9f7496..82062c318d6 100644 --- a/CVE-2024/CVE-2024-89xx/CVE-2024-8912.json +++ b/CVE-2024/CVE-2024-89xx/CVE-2024-8912.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8912", "sourceIdentifier": "cve-coordination@google.com", "published": "2024-10-11T19:15:11.110", - "lastModified": "2024-10-11T19:15:11.110", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An HTTP Request Smuggling vulnerability in Looker allowed an unauthorized attacker to capture HTTP responses destined for legitimate users.\n\nThere are two Looker versions that are hosted by Looker:\n\n * Looker (Google Cloud core) was found to be vulnerable. This issue has already been mitigated and our investigation has found no signs of exploitation.\n * Looker (original) was not vulnerable to this issue.\n\n\nCustomer-hosted Looker instances were found to be vulnerable and must be upgraded.\n\nThis vulnerability has been patched in all supported versions of customer-hosted Looker, which are available on the Looker download page https://download.looker.com/ .\n\nFor Looker customer-hosted instances, please update to the latest supported version of Looker as soon as possible. The versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page:\n\n * 23.12 -> 23.12.123+\n * 23.18 -> 23.18.117+\n * 24.0 -> 24.0.92+\n * 24.6 -> 24.6.77+\n * 24.8 -> 24.8.66+\n * 24.10 -> 24.10.78+\n * 24.12 -> 24.12.56+\n * 24.14 -> 24.14.37+" + }, + { + "lang": "es", + "value": "Una vulnerabilidad de contrabando de solicitudes HTTP en Looker permiti\u00f3 que un atacante no autorizado capturara respuestas HTTP destinadas a usuarios leg\u00edtimos. Hay dos versiones de Looker alojadas por Looker: * Se descubri\u00f3 que Looker (n\u00facleo de Google Cloud) era vulnerable. Este problema ya se ha mitigado y nuestra investigaci\u00f3n no ha encontrado signos de explotaci\u00f3n. * Looker (original) no era vulnerable a este problema. Se descubri\u00f3 que las instancias de Looker alojadas por el cliente eran vulnerables y deben actualizarse. Esta vulnerabilidad se ha corregido en todas las versiones compatibles de Looker alojadas por el cliente, que est\u00e1n disponibles en la p\u00e1gina de descarga de Looker https://download.looker.com/ . Para las instancias de Looker alojadas por el cliente, actualice a la \u00faltima versi\u00f3n compatible de Looker lo antes posible. Las versiones a continuaci\u00f3n se han actualizado para proteger contra esta vulnerabilidad. Puede descargar estas versiones en la p\u00e1gina de descarga de Looker: * 23.12 -> 23.12.123+ * 23.18 -> 23.18.117+ * 24.0 -> 24.0.92+ * 24.6 -> 24.6.77+ * 24.8 -> 24.8.66+ * 24.10 -> 24.10.78+ * 24.12 -> 24.12.56+ * 24.14 -> 24.14.37+" } ], "metrics": { diff --git a/CVE-2024/CVE-2024-89xx/CVE-2024-8913.json b/CVE-2024/CVE-2024-89xx/CVE-2024-8913.json index 8ed0a002219..fcef135b05e 100644 --- a/CVE-2024/CVE-2024-89xx/CVE-2024-8913.json +++ b/CVE-2024/CVE-2024-89xx/CVE-2024-8913.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8913", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-11T13:15:17.040", - "lastModified": "2024-10-11T13:15:17.040", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The The Plus Addons for Elementor \u2013 Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.6.11 via the render function in modules/widgets/tp_accordion.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft template data." + }, + { + "lang": "es", + "value": "El complemento The Plus Addons for Elementor \u2013 Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce para WordPress es vulnerable a la exposici\u00f3n de informaci\u00f3n confidencial en todas las versiones hasta la 5.6.11 incluida a trav\u00e9s de la funci\u00f3n de renderizado en modules/widgets/tp_accordion.php. Esto permite que atacantes autenticados, con acceso de nivel de colaborador y superior, extraigan datos confidenciales privados, pendientes y de plantilla en borrador." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-89xx/CVE-2024-8915.json b/CVE-2024/CVE-2024-89xx/CVE-2024-8915.json index 4470629f6ed..494d60bb8bb 100644 --- a/CVE-2024/CVE-2024-89xx/CVE-2024-8915.json +++ b/CVE-2024/CVE-2024-89xx/CVE-2024-8915.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8915", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-12T09:15:02.950", - "lastModified": "2024-10-12T09:15:02.950", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Category Icon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file." + }, + { + "lang": "es", + "value": "El complemento Category Icon para WordPress es vulnerable a cross-site scripting almacenado a trav\u00e9s de la carga de archivos SVG en todas las versiones hasta la 1.0.0 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes autenticados, con acceso de nivel de autor o superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda al archivo SVG." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-89xx/CVE-2024-8970.json b/CVE-2024/CVE-2024-89xx/CVE-2024-8970.json index 5df7b61351c..85063b80f34 100644 --- a/CVE-2024/CVE-2024-89xx/CVE-2024-8970.json +++ b/CVE-2024/CVE-2024-89xx/CVE-2024-8970.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8970", "sourceIdentifier": "cve@gitlab.com", "published": "2024-10-11T13:15:17.270", - "lastModified": "2024-10-11T13:15:17.270", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in GitLab CE/EE affecting all versions starting from 11.6 prior to 17.2.9, starting from 17.3 prior to 17.3.5, and starting from 17.4 prior to 17.4.2, which allows an attacker to trigger a pipeline as another user under certain circumstances." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en GitLab CE/EE que afecta a todas las versiones desde la 11.6 anterior a la 17.2.9, desde la 17.3 anterior a la 17.3.5 y desde la 17.4 anterior a la 17.4.2, que permite a un atacante activar una canalizaci\u00f3n como otro usuario en determinadas circunstancias." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-89xx/CVE-2024-8987.json b/CVE-2024/CVE-2024-89xx/CVE-2024-8987.json index babb6004d0c..a3c8f66ce91 100644 --- a/CVE-2024/CVE-2024-89xx/CVE-2024-8987.json +++ b/CVE-2024/CVE-2024-89xx/CVE-2024-8987.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8987", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-10T02:15:03.757", - "lastModified": "2024-10-10T12:51:56.987", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-10-15T13:45:29.510", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -18,8 +18,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, + { + "source": "security@wordfence.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", @@ -51,18 +71,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:kainelabs:youzify:*:*:*:*:free:wordpress:*:*", + "versionEndIncluding": "1.3.0", + "matchCriteriaId": "E56088F5-60E1-4D5D-B334-6F5141FE9744" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/youzify/tags/1.3.0/includes/public/core/functions/general/youzify-profile-functions.php#L910", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://wordpress.org/plugins/youzify/#developers", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product", + "Release Notes" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/19c463d1-41fa-4386-b755-a14d1e68c5bd?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-90xx/CVE-2024-9002.json b/CVE-2024/CVE-2024-90xx/CVE-2024-9002.json index cce45adf901..95dabf57526 100644 --- a/CVE-2024/CVE-2024-90xx/CVE-2024-9002.json +++ b/CVE-2024/CVE-2024-90xx/CVE-2024-9002.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9002", "sourceIdentifier": "cybersecurity@se.com", "published": "2024-10-11T14:15:06.397", - "lastModified": "2024-10-11T14:15:06.397", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "CWE-269: Improper Privilege Management vulnerability exists that could cause unauthorized\naccess, loss of confidentiality, integrity, and availability of the workstation when non-admin\nauthenticated user tries to perform privilege escalation by tampering with the binaries" + }, + { + "lang": "es", + "value": "CWE-269: Existe una vulnerabilidad de administraci\u00f3n inadecuada de privilegios que podr\u00eda causar acceso no autorizado, p\u00e9rdida de confidencialidad, integridad y disponibilidad de la estaci\u00f3n de trabajo cuando un usuario autenticado que no es administrador intenta realizar una escalada de privilegios alterando los binarios." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-90xx/CVE-2024-9046.json b/CVE-2024/CVE-2024-90xx/CVE-2024-9046.json index 67e5bb422f5..7695071b9aa 100644 --- a/CVE-2024/CVE-2024-90xx/CVE-2024-9046.json +++ b/CVE-2024/CVE-2024-90xx/CVE-2024-9046.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9046", "sourceIdentifier": "psirt@lenovo.com", "published": "2024-10-11T16:15:15.000", - "lastModified": "2024-10-11T16:15:15.000", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A DLL hijack vulnerability was reported in Lenovo stARstudio that could allow a local attacker to execute code with elevated privileges." + }, + { + "lang": "es", + "value": "Se inform\u00f3 de una vulnerabilidad de secuestro de DLL en Lenovo stARstudio que podr\u00eda permitir que un atacante local ejecute c\u00f3digo con privilegios elevados." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-90xx/CVE-2024-9047.json b/CVE-2024/CVE-2024-90xx/CVE-2024-9047.json index 046b4827855..d9ad28a7831 100644 --- a/CVE-2024/CVE-2024-90xx/CVE-2024-9047.json +++ b/CVE-2024/CVE-2024-90xx/CVE-2024-9047.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9047", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-12T07:15:02.170", - "lastModified": "2024-10-12T07:15:02.170", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The WordPress File Upload plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 4.24.11 via wfu_file_downloader.php. This makes it possible for unauthenticated attackers to read or delete files outside of the originally intended directory. Successful exploitation requires the targeted WordPress installation to be using PHP 7.4 or earlier." + }, + { + "lang": "es", + "value": "El complemento WordPress File Upload de WordPress es vulnerable a Path Traversal en todas las versiones hasta la 4.24.11 incluida a trav\u00e9s de wfu_file_downloader.php. Esto permite que atacantes no autenticados lean o eliminen archivos fuera del directorio original previsto. Para explotarlo con \u00e9xito, es necesario que la instalaci\u00f3n de WordPress en cuesti\u00f3n utilice PHP 7.4 o una versi\u00f3n anterior." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-90xx/CVE-2024-9051.json b/CVE-2024/CVE-2024-90xx/CVE-2024-9051.json index 340c84d845d..ad289e6f7fd 100644 --- a/CVE-2024/CVE-2024-90xx/CVE-2024-9051.json +++ b/CVE-2024/CVE-2024-90xx/CVE-2024-9051.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9051", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-11T13:15:17.477", - "lastModified": "2024-10-11T13:15:17.477", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The WP Ultimate Post Grid plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpupg-grid-with-filters shortcode in all versions up to, and including, 3.9.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento WP Ultimate Post Grid para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del c\u00f3digo corto wpupg-grid-with-filters del complemento en todas las versiones hasta la 3.9.3 incluida, debido a una desinfecci\u00f3n de entrada insuficiente y a un escape de salida en los atributos proporcionados por el usuario. Esto permite que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-90xx/CVE-2024-9057.json b/CVE-2024/CVE-2024-90xx/CVE-2024-9057.json index b32fabf6e3d..225e20d3ac2 100644 --- a/CVE-2024/CVE-2024-90xx/CVE-2024-9057.json +++ b/CVE-2024/CVE-2024-90xx/CVE-2024-9057.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9057", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-10T02:15:03.960", - "lastModified": "2024-10-10T12:51:56.987", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-10-15T13:58:19.960", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -18,8 +18,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, + { + "source": "security@wordfence.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -51,14 +81,39 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:curator:curator.io:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.9", + "matchCriteriaId": "559C0045-DE52-4C94-B94F-5213E15E3A95" + } + ] + } + ] + } + ], "references": [ { "url": "https://wordpress.org/plugins/curatorio/#developers", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product", + "Release Notes" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/953d64f2-a514-48e9-9ab3-f9a793ad953a?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-91xx/CVE-2024-9137.json b/CVE-2024/CVE-2024-91xx/CVE-2024-9137.json index 50106649842..341e3c5182b 100644 --- a/CVE-2024/CVE-2024-91xx/CVE-2024-9137.json +++ b/CVE-2024/CVE-2024-91xx/CVE-2024-9137.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9137", "sourceIdentifier": "psirt@moxa.com", "published": "2024-10-14T09:15:04.403", - "lastModified": "2024-10-14T09:15:04.403", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The affected product lacks an authentication check when sending commands to the server via the Moxa service. This vulnerability allows an attacker to execute specified commands, potentially leading to unauthorized downloads or uploads of configuration files and system compromise." + }, + { + "lang": "es", + "value": "El producto afectado carece de una comprobaci\u00f3n de autenticaci\u00f3n al enviar comandos al servidor a trav\u00e9s del servicio Moxa. Esta vulnerabilidad permite a un atacante ejecutar comandos espec\u00edficos, lo que puede provocar descargas o cargas no autorizadas de archivos de configuraci\u00f3n y comprometer el sistema." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-91xx/CVE-2024-9139.json b/CVE-2024/CVE-2024-91xx/CVE-2024-9139.json index 283355b2c80..a582be5690a 100644 --- a/CVE-2024/CVE-2024-91xx/CVE-2024-9139.json +++ b/CVE-2024/CVE-2024-91xx/CVE-2024-9139.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9139", "sourceIdentifier": "psirt@moxa.com", "published": "2024-10-14T09:15:04.693", - "lastModified": "2024-10-14T09:15:04.693", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-91xx/CVE-2024-9164.json b/CVE-2024/CVE-2024-91xx/CVE-2024-9164.json index 72c026b111f..0b7e6ebf93a 100644 --- a/CVE-2024/CVE-2024-91xx/CVE-2024-9164.json +++ b/CVE-2024/CVE-2024-91xx/CVE-2024-9164.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9164", "sourceIdentifier": "cve@gitlab.com", "published": "2024-10-11T13:15:17.700", - "lastModified": "2024-10-11T13:15:17.700", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in GitLab EE affecting all versions starting from 12.5 prior to 17.2.9, starting from 17.3, prior to 17.3.5, and starting from 17.4 prior to 17.4.2, which allows running pipelines on arbitrary branches." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en GitLab EE que afecta a todas las versiones desde la 12.5 anterior a la 17.2.9, desde la 17.3, anterior a la 17.3.5 y desde la 17.4 anterior a la 17.4.2, lo que permite ejecutar pipelines en ramas arbitrarias." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-91xx/CVE-2024-9180.json b/CVE-2024/CVE-2024-91xx/CVE-2024-9180.json index 5bfdea4b38e..a32e435dda6 100644 --- a/CVE-2024/CVE-2024-91xx/CVE-2024-9180.json +++ b/CVE-2024/CVE-2024-91xx/CVE-2024-9180.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9180", "sourceIdentifier": "security@hashicorp.com", "published": "2024-10-10T21:15:05.010", - "lastModified": "2024-10-10T21:15:05.010", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-91xx/CVE-2024-9187.json b/CVE-2024/CVE-2024-91xx/CVE-2024-9187.json index 584d97d89fb..02b9a559f13 100644 --- a/CVE-2024/CVE-2024-91xx/CVE-2024-9187.json +++ b/CVE-2024/CVE-2024-91xx/CVE-2024-9187.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9187", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-12T06:15:02.803", - "lastModified": "2024-10-12T06:15:02.803", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Read more By Adam plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the deleteRm() function in all versions up to, and including, 1.1.8. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete read more buttons." + }, + { + "lang": "es", + "value": "El complemento Read more By Adam para WordPress es vulnerable a la p\u00e9rdida no autorizada de datos debido a una verificaci\u00f3n de capacidad faltante en la funci\u00f3n deleteRm() en todas las versiones hasta la 1.1.8 incluida. Esto hace posible que atacantes autenticados, con acceso de nivel de suscriptor y superior, eliminen los botones Read more." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-92xx/CVE-2024-9211.json b/CVE-2024/CVE-2024-92xx/CVE-2024-9211.json index 535dfdb65d9..d707027cac0 100644 --- a/CVE-2024/CVE-2024-92xx/CVE-2024-9211.json +++ b/CVE-2024/CVE-2024-92xx/CVE-2024-9211.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9211", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-11T13:15:17.883", - "lastModified": "2024-10-11T13:15:17.883", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The FULL \u2013 Cliente plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 3.1.22. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento FULL \u2013 Cliente para WordPress es vulnerable a ataques Cross-Site Scripting Reflejado debido al uso de add_query_arg y remove_query_arg sin el escape adecuado en la URL en todas las versiones hasta la 3.1.22 incluida. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-92xx/CVE-2024-9221.json b/CVE-2024/CVE-2024-92xx/CVE-2024-9221.json index db0ab3bf3dc..7ee072a2cb1 100644 --- a/CVE-2024/CVE-2024-92xx/CVE-2024-9221.json +++ b/CVE-2024/CVE-2024-92xx/CVE-2024-9221.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9221", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-11T13:15:18.100", - "lastModified": "2024-10-11T13:15:18.100", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Tainacan plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 0.21.10. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento Tainacan para WordPress es vulnerable a ataques Cross-Site Scripting Reflejado debido al uso de add_query_arg sin el escape adecuado en la URL en todas las versiones hasta la 0.21.10 incluida. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-92xx/CVE-2024-9232.json b/CVE-2024/CVE-2024-92xx/CVE-2024-9232.json index 8143a41cb04..c3e17af73e8 100644 --- a/CVE-2024/CVE-2024-92xx/CVE-2024-9232.json +++ b/CVE-2024/CVE-2024-92xx/CVE-2024-9232.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9232", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-11T13:15:18.313", - "lastModified": "2024-10-11T13:15:18.313", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Download Plugins and Themes in ZIP from Dashboard plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.9.1. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento Download Plugins and Themes in ZIP from Dashboard para WordPress es vulnerable a ataques de Cross-Site Scripting Reflejado debido al uso de add_query_arg sin el escape adecuado en la URL en todas las versiones hasta la 1.9.1 incluida. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-92xx/CVE-2024-9234.json b/CVE-2024/CVE-2024-92xx/CVE-2024-9234.json index d1f623149db..118eadaf86f 100644 --- a/CVE-2024/CVE-2024-92xx/CVE-2024-9234.json +++ b/CVE-2024/CVE-2024-92xx/CVE-2024-9234.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9234", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-11T13:15:18.530", - "lastModified": "2024-10-11T13:15:18.530", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The GutenKit \u2013 Page Builder Blocks, Patterns, and Templates for Gutenberg Block Editor plugin for WordPress is vulnerable to arbitrary file uploads due to a missing capability check on the install_and_activate_plugin_from_external() function (install-active-plugin REST API endpoint) in all versions up to, and including, 2.1.0. This makes it possible for unauthenticated attackers to install and activate arbitrary plugins, or utilize the functionality to upload arbitrary files spoofed like plugins." + }, + { + "lang": "es", + "value": "El complemento GutenKit \u2013 Page Builder Blocks, Patterns, and Templates for Gutenberg Block Editor para WordPress es vulnerable a la carga de archivos arbitrarios debido a una verificaci\u00f3n de capacidad faltante en la funci\u00f3n install_and_activate_plugin_from_external() (endpoint de la API REST install-active-plugin) en todas las versiones hasta la 2.1.0 incluida. Esto hace posible que atacantes no autenticados instalen y activen complementos arbitrarios o utilicen la funcionalidad para cargar archivos arbitrarios falsificados como complementos." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-93xx/CVE-2024-9312.json b/CVE-2024/CVE-2024-93xx/CVE-2024-9312.json index cc7ccc8de4d..34d2934d9d7 100644 --- a/CVE-2024/CVE-2024-93xx/CVE-2024-9312.json +++ b/CVE-2024/CVE-2024-93xx/CVE-2024-9312.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9312", "sourceIdentifier": "security@ubuntu.com", "published": "2024-10-10T14:15:05.863", - "lastModified": "2024-10-10T14:15:05.863", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-93xx/CVE-2024-9346.json b/CVE-2024/CVE-2024-93xx/CVE-2024-9346.json index e5c21e278ab..14481dad170 100644 --- a/CVE-2024/CVE-2024-93xx/CVE-2024-9346.json +++ b/CVE-2024/CVE-2024-93xx/CVE-2024-9346.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9346", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-11T13:15:18.740", - "lastModified": "2024-10-11T13:15:18.740", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Embed videos and respect privacy plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'v' parameter in all versions up to, and including, 1.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento Embed videos and respect privacy para WordPress es vulnerable a ataques de Cross-Site Scripting Reflejado a trav\u00e9s del par\u00e1metro \"v\" en todas las versiones hasta la 1.2 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n, como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-94xx/CVE-2024-9436.json b/CVE-2024/CVE-2024-94xx/CVE-2024-9436.json index 3578aa44f03..1a8016431c9 100644 --- a/CVE-2024/CVE-2024-94xx/CVE-2024-9436.json +++ b/CVE-2024/CVE-2024-94xx/CVE-2024-9436.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9436", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-11T13:15:18.947", - "lastModified": "2024-10-11T13:15:18.947", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The PublishPress Revisions: Duplicate Posts, Submit, Approve and Schedule Content Changes plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 3.5.14. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento PublishPress Revisions: Duplicate Posts, Submit, Approve and Schedule Content Changes para WordPress es vulnerable a Cross-Site Scripting Reflejado debido al uso de add_query_arg sin el escape adecuado en la URL en todas las versiones hasta la 3.5.14 incluida. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-94xx/CVE-2024-9487.json b/CVE-2024/CVE-2024-94xx/CVE-2024-9487.json index 16c57b2d59a..a3cf511d3e5 100644 --- a/CVE-2024/CVE-2024-94xx/CVE-2024-9487.json +++ b/CVE-2024/CVE-2024-94xx/CVE-2024-9487.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9487", "sourceIdentifier": "product-cna@github.com", "published": "2024-10-10T22:15:11.357", - "lastModified": "2024-10-10T22:15:11.357", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-95xx/CVE-2024-9507.json b/CVE-2024/CVE-2024-95xx/CVE-2024-9507.json index 5a9893d3990..4617ecbc2e0 100644 --- a/CVE-2024/CVE-2024-95xx/CVE-2024-9507.json +++ b/CVE-2024/CVE-2024-95xx/CVE-2024-9507.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9507", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-11T13:15:19.160", - "lastModified": "2024-10-11T13:15:19.160", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 2.15.2 due to improper input validation within the iconUpload function. This makes it possible for authenticated attackers, with Administrator-level access and above, to leverage a PHP filter chain attack and read the contents of arbitrary files on the server, which can contain sensitive information." + }, + { + "lang": "es", + "value": "El complemento Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder para WordPress es vulnerable a la lectura arbitraria de archivos en todas las versiones hasta la 2.15.2 incluida, debido a una validaci\u00f3n de entrada incorrecta dentro de la funci\u00f3n iconUpload. Esto hace posible que atacantes autenticados, con acceso de nivel de administrador o superior, aprovechen un ataque de cadena de filtros PHP y lean el contenido de archivos arbitrarios en el servidor, que pueden contener informaci\u00f3n confidencial." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-95xx/CVE-2024-9538.json b/CVE-2024/CVE-2024-95xx/CVE-2024-9538.json index df8aedf8528..4b568c7f97f 100644 --- a/CVE-2024/CVE-2024-95xx/CVE-2024-9538.json +++ b/CVE-2024/CVE-2024-95xx/CVE-2024-9538.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9538", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-11T13:15:19.373", - "lastModified": "2024-10-11T13:15:19.373", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The ShopLentor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.9.8 via the 'render' function in includes/addons/wl_faq.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft Elementor template data." + }, + { + "lang": "es", + "value": "El complemento ShopLentor para WordPress es vulnerable a la exposici\u00f3n de informaci\u00f3n confidencial en todas las versiones hasta la 2.9.8 incluida a trav\u00e9s de la funci\u00f3n 'render' en features/addons/wl_faq.php. Esto permite que atacantes autenticados, con acceso de nivel de colaborador y superior, extraigan datos confidenciales privados, pendientes y en borrador de plantillas de Elementor." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-95xx/CVE-2024-9539.json b/CVE-2024/CVE-2024-95xx/CVE-2024-9539.json index cd48b6eda51..759e03bea9d 100644 --- a/CVE-2024/CVE-2024-95xx/CVE-2024-9539.json +++ b/CVE-2024/CVE-2024-95xx/CVE-2024-9539.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9539", "sourceIdentifier": "product-cna@github.com", "published": "2024-10-11T18:15:08.887", - "lastModified": "2024-10-11T18:15:08.887", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An information disclosure vulnerability was identified in GitHub Enterprise Server via attacker uploaded asset URL allowing the attacker to retrieve metadata information of a user who clicks on the URL and further exploit it to create a convincing phishing page. This required the attacker to upload malicious SVG files and phish a victim user to click on that uploaded asset URL. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.14 and was fixed in versions 3.14.2, 3.13.5, 3.12.10, 3.11.16. This vulnerability was reported via the GitHub Bug Bounty program." + }, + { + "lang": "es", + "value": "Se identific\u00f3 una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en GitHub Enterprise Server a trav\u00e9s de una URL de un recurso cargado por un atacante, lo que le permite recuperar informaci\u00f3n de metadatos de un usuario que hace clic en la URL y explotarla para crear una p\u00e1gina de phishing convincente. Esto requer\u00eda que el atacante cargara archivos SVG maliciosos y enga\u00f1ara al usuario v\u00edctima para que hiciera clic en la URL del recurso cargado. Esta vulnerabilidad afect\u00f3 a todas las versiones de GitHub Enterprise Server anteriores a la 3.14 y se corrigi\u00f3 en las versiones 3.14.2, 3.13.5, 3.12.10 y 3.11.16. Esta vulnerabilidad se inform\u00f3 a trav\u00e9s del programa de recompensas por errores de GitHub." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-95xx/CVE-2024-9543.json b/CVE-2024/CVE-2024-95xx/CVE-2024-9543.json index 3cd77f3cfbc..fe157eabc03 100644 --- a/CVE-2024/CVE-2024-95xx/CVE-2024-9543.json +++ b/CVE-2024/CVE-2024-95xx/CVE-2024-9543.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9543", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-11T13:15:19.577", - "lastModified": "2024-10-11T13:15:19.577", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The PowerPress Podcasting plugin by Blubrry plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'skipto' shortcode in all versions up to, and including, 11.9.18 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento PowerPress Podcasting de Blubrry para WordPress es vulnerable a cross-site scripting almacenado a trav\u00e9s del c\u00f3digo abreviado 'skipto' del complemento en todas las versiones hasta la 11.9.18 incluida, debido a una desinfecci\u00f3n de entrada insuficiente y al escape de salida en los atributos proporcionados por el usuario. Esto permite que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n siempre que un usuario acceda a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-95xx/CVE-2024-9546.json b/CVE-2024/CVE-2024-95xx/CVE-2024-9546.json index 6dd7d8fa9ee..5c47d2fe912 100644 --- a/CVE-2024/CVE-2024-95xx/CVE-2024-9546.json +++ b/CVE-2024/CVE-2024-95xx/CVE-2024-9546.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9546", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-15T00:15:21.763", - "lastModified": "2024-10-15T00:15:21.763", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The WPIDE \u2013 File Manager & Code Editor plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.4.9. This is due to the plugin utilizing the PHP-Parser library, which outputs parser rebuild command execution results. This makes it possible for unauthenticated attackers to retrieve the full path of the web application, which can be used to aid other attacks. The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website." + }, + { + "lang": "es", + "value": "El complemento WPIDE \u2013 File Manager & Code Editor para WordPress es vulnerable a la divulgaci\u00f3n de ruta completa en todas las versiones hasta la 3.4.9 incluida. Esto se debe a que el complemento utiliza la librer\u00eda PHP-Parser, que genera los resultados de la ejecuci\u00f3n del comando de reconstrucci\u00f3n del analizador. Esto permite que los atacantes no autenticados recuperen la ruta completa de la aplicaci\u00f3n web, que se puede utilizar para ayudar a otros ataques. La informaci\u00f3n mostrada no es \u00fatil por s\u00ed sola y requiere que exista otra vulnerabilidad para que se produzcan da\u00f1os en un sitio web afectado." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-95xx/CVE-2024-9548.json b/CVE-2024/CVE-2024-95xx/CVE-2024-9548.json index 089bde39396..027eafd9880 100644 --- a/CVE-2024/CVE-2024-95xx/CVE-2024-9548.json +++ b/CVE-2024/CVE-2024-95xx/CVE-2024-9548.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9548", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-15T00:15:22.047", - "lastModified": "2024-10-15T00:15:22.047", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The SlimStat Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the resource parameter in all versions up to, and including, 5.2.6 due to insufficient input sanitization and output escaping when logging visitor requests. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento SlimStat Analytics para WordPress es vulnerable a Cross Site Scripting almacenado a trav\u00e9s del par\u00e1metro de recurso en todas las versiones hasta la 5.2.6 incluida, debido a una desinfecci\u00f3n de entrada insuficiente y a un escape de salida al registrar las solicitudes de los visitantes. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en las p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-95xx/CVE-2024-9586.json b/CVE-2024/CVE-2024-95xx/CVE-2024-9586.json index 672d8ce49b9..5e252f9af7b 100644 --- a/CVE-2024/CVE-2024-95xx/CVE-2024-9586.json +++ b/CVE-2024/CVE-2024-95xx/CVE-2024-9586.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9586", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-11T13:15:19.823", - "lastModified": "2024-10-11T13:15:19.823", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Linkz.ai plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'check_auth' and 'check_logout' functions in versions up to, and including, 1.1.8. This makes it possible for unauthenticated attackers to update plugin settings." + }, + { + "lang": "es", + "value": "El complemento Linkz.ai para WordPress es vulnerable a la modificaci\u00f3n no autorizada de datos debido a la falta de una comprobaci\u00f3n de capacidad en las funciones 'check_auth' y 'check_logout' en versiones hasta la 1.1.8 incluida. Esto permite que atacantes no autenticados actualicen la configuraci\u00f3n del complemento." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-95xx/CVE-2024-9587.json b/CVE-2024/CVE-2024-95xx/CVE-2024-9587.json index e20f9ab62fe..7563289103b 100644 --- a/CVE-2024/CVE-2024-95xx/CVE-2024-9587.json +++ b/CVE-2024/CVE-2024-95xx/CVE-2024-9587.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9587", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-11T13:15:20.043", - "lastModified": "2024-10-11T13:15:20.043", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Linkz.ai plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajax_linkz' function in versions up to, and including, 1.1.8. This makes it possible for authenticated attackers with contributor-level privileges or above, to update plugin settings." + }, + { + "lang": "es", + "value": "El complemento Linkz.ai para WordPress es vulnerable a la modificaci\u00f3n no autorizada de datos debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n 'ajax_linkz' en versiones hasta la 1.1.8 incluida. Esto permite que atacantes autenticados con privilegios de nivel de colaborador o superiores actualicen la configuraci\u00f3n del complemento." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-95xx/CVE-2024-9592.json b/CVE-2024/CVE-2024-95xx/CVE-2024-9592.json index 9689a0287c9..5942363b41f 100644 --- a/CVE-2024/CVE-2024-95xx/CVE-2024-9592.json +++ b/CVE-2024/CVE-2024-95xx/CVE-2024-9592.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9592", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-12T03:15:02.243", - "lastModified": "2024-10-12T03:15:02.243", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Easy PayPal Gift Certificate plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.3. This is due to missing or incorrect nonce validation on the 'wpppgc_plugin_options' function. This makes it possible for unauthenticated attackers to update the plugin's settings and inject malicious JavaScript via a forged request, granted they can trick a site administrator into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento Easy PayPal Gift Certificate para WordPress es vulnerable a Cross-Site Request Forgery en versiones hasta la 1.2.3 incluida. Esto se debe a la falta o la validaci\u00f3n incorrecta de nonce en la funci\u00f3n 'wpppgc_plugin_options'. Esto permite que atacantes no autenticados actualicen la configuraci\u00f3n del complemento e inyecten JavaScript malicioso a trav\u00e9s de una solicitud falsificada, siempre que puedan enga\u00f1ar a un administrador del sitio para que realice una acci\u00f3n como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-95xx/CVE-2024-9595.json b/CVE-2024/CVE-2024-95xx/CVE-2024-9595.json index 7a96333836c..5ea1360c495 100644 --- a/CVE-2024/CVE-2024-95xx/CVE-2024-9595.json +++ b/CVE-2024/CVE-2024-95xx/CVE-2024-9595.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9595", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-12T09:15:03.230", - "lastModified": "2024-10-12T09:15:03.230", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The TablePress \u2013 Tables in WordPress made easy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the table cell content in all versions up to, and including, 2.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento TablePress \u2013 Tables in WordPress made easy para WordPress es vulnerable a cross-site scripting almacenado a trav\u00e9s del contenido de las celdas de las tablas en todas las versiones hasta la 2.4.2 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes autenticados, con acceso de nivel de autor o superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n siempre que un usuario acceda a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-96xx/CVE-2024-9610.json b/CVE-2024/CVE-2024-96xx/CVE-2024-9610.json index 7d13e03b0da..81f9063217e 100644 --- a/CVE-2024/CVE-2024-96xx/CVE-2024-9610.json +++ b/CVE-2024/CVE-2024-96xx/CVE-2024-9610.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9610", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-11T13:15:20.257", - "lastModified": "2024-10-11T13:15:20.257", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Language Switcher plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 3.7.13. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento Language Switcher para WordPress es vulnerable a ataques Cross-Site Scripting Reflejado debido al uso de add_query_arg sin el escape adecuado en la URL en todas las versiones hasta la 3.7.13 incluida. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-96xx/CVE-2024-9611.json b/CVE-2024/CVE-2024-96xx/CVE-2024-9611.json index 7e4e5a96e9a..84d7adb9067 100644 --- a/CVE-2024/CVE-2024-96xx/CVE-2024-9611.json +++ b/CVE-2024/CVE-2024-96xx/CVE-2024-9611.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9611", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-11T13:15:20.487", - "lastModified": "2024-10-11T13:15:20.487", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Increase upload file size & Maximum Execution Time limit plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.0. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento Increase upload file size & Maximum Execution Time limit para WordPress es vulnerable a ataques de Cross-Site Scripting Reflejado debido al uso de add_query_arg sin el escape adecuado en la URL en todas las versiones hasta la 2.0 incluida. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n, como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-96xx/CVE-2024-9616.json b/CVE-2024/CVE-2024-96xx/CVE-2024-9616.json index c634640cc8e..0b6bcf0c2b0 100644 --- a/CVE-2024/CVE-2024-96xx/CVE-2024-9616.json +++ b/CVE-2024/CVE-2024-96xx/CVE-2024-9616.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9616", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-11T13:15:20.703", - "lastModified": "2024-10-11T13:15:20.703", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The BlockMeister \u2013 Block Pattern Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 3.1.10. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento BlockMeister \u2013 Block Pattern Builder para WordPress es vulnerable a ataques de Cross-Site Scripting Reflejado debido al uso de add_query_arg sin el escape adecuado en la URL en todas las versiones hasta la 3.1.10 incluida. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-96xx/CVE-2024-9656.json b/CVE-2024/CVE-2024-96xx/CVE-2024-9656.json index 14ae07fd943..a10bbe934d4 100644 --- a/CVE-2024/CVE-2024-96xx/CVE-2024-9656.json +++ b/CVE-2024/CVE-2024-96xx/CVE-2024-9656.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9656", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-12T06:15:03.077", - "lastModified": "2024-10-12T06:15:03.077", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Mynx Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 0.27.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file." + }, + { + "lang": "es", + "value": "El complemento Mynx Page Builder para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s de cargas de archivos SVG en todas las versiones hasta la 0.27.8 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes autenticados, con acceso de nivel de autor o superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda al archivo SVG." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-96xx/CVE-2024-9670.json b/CVE-2024/CVE-2024-96xx/CVE-2024-9670.json index a315de26088..0e649041153 100644 --- a/CVE-2024/CVE-2024-96xx/CVE-2024-9670.json +++ b/CVE-2024/CVE-2024-96xx/CVE-2024-9670.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9670", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-12T06:15:03.347", - "lastModified": "2024-10-12T06:15:03.347", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The 2D Tag Cloud plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 6.0.2. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento 2D Tag Cloud para WordPress es vulnerable a ataques Cross-Site Scripting Reflejado debido al uso de add_query_arg sin el escape adecuado en la URL en todas las versiones hasta la 6.0.2 incluida. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-96xx/CVE-2024-9687.json b/CVE-2024/CVE-2024-96xx/CVE-2024-9687.json index 5bd82176214..2100be3c2c6 100644 --- a/CVE-2024/CVE-2024-96xx/CVE-2024-9687.json +++ b/CVE-2024/CVE-2024-96xx/CVE-2024-9687.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9687", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-15T02:15:02.920", - "lastModified": "2024-10-15T02:15:02.920", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The WP 2FA with Telegram plugin for WordPress is vulnerable to Authentication Bypass in versions up to, and including, 3.0. This is due to insufficient validation of the user-controlled key on the 'validate_tg' action. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to log in as any existing user on the site, such as an administrator." + }, + { + "lang": "es", + "value": "El complemento WP 2FA con Telegram para WordPress es vulnerable a la omisi\u00f3n de autenticaci\u00f3n en versiones hasta la 3.0 incluida. Esto se debe a una validaci\u00f3n insuficiente de la clave controlada por el usuario en la acci\u00f3n 'validate_tg'. Esto hace posible que atacantes autenticados, con permisos de nivel de suscriptor y superiores, inicien sesi\u00f3n como cualquier usuario existente en el sitio, como un administrador." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-96xx/CVE-2024-9696.json b/CVE-2024/CVE-2024-96xx/CVE-2024-9696.json index 915cc3079d1..9d651228f84 100644 --- a/CVE-2024/CVE-2024-96xx/CVE-2024-9696.json +++ b/CVE-2024/CVE-2024-96xx/CVE-2024-9696.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9696", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-12T09:15:03.590", - "lastModified": "2024-10-12T09:15:03.590", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Rescue Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'rescue_tab' shortcode in all versions up to, and including, 2.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento Rescue Shortcodes para WordPress es vulnerable a cross-site scripting almacenado a trav\u00e9s del c\u00f3digo abreviado 'rescue_tab' del complemento en todas las versiones hasta la 2.8 incluida, debido a una desinfecci\u00f3n de entrada insuficiente y al escape de salida en los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-97xx/CVE-2024-9704.json b/CVE-2024/CVE-2024-97xx/CVE-2024-9704.json index 41915a218d5..3e8bad6de9a 100644 --- a/CVE-2024/CVE-2024-97xx/CVE-2024-9704.json +++ b/CVE-2024/CVE-2024-97xx/CVE-2024-9704.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9704", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-12T07:15:02.570", - "lastModified": "2024-10-12T07:15:02.570", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Social Sharing (by Danny) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'dvk_social_sharing' shortcode in all versions up to, and including, 1.3.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento Social Sharing (by Danny) para WordPress es vulnerable a cross-site scripting almacenado a trav\u00e9s del c\u00f3digo abreviado 'dvk_social_sharing' del complemento en todas las versiones hasta la 1.3.7 incluida, debido a una desinfecci\u00f3n de entrada insuficiente y a un escape de salida en los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n siempre que un usuario acceda a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-97xx/CVE-2024-9707.json b/CVE-2024/CVE-2024-97xx/CVE-2024-9707.json index 3c41df23a2a..8e8e1fa531e 100644 --- a/CVE-2024/CVE-2024-97xx/CVE-2024-9707.json +++ b/CVE-2024/CVE-2024-97xx/CVE-2024-9707.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9707", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-11T13:15:21.233", - "lastModified": "2024-10-11T13:15:21.233", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Hunk Companion plugin for WordPress is vulnerable to unauthorized plugin installation/activation due to a missing capability check on the /wp-json/hc/v1/themehunk-import REST API endpoint in all versions up to, and including, 1.8.4. This makes it possible for unauthenticated attackers to install and activate arbitrary plugins which can be leveraged to achieve remote code execution if another vulnerable plugin is installed and activated." + }, + { + "lang": "es", + "value": "El complemento Hunk Companion para WordPress es vulnerable a la instalaci\u00f3n o activaci\u00f3n no autorizada de complementos debido a una verificaci\u00f3n de capacidad faltante en el endpoint de la API REST /wp-json/hc/v1/themehunk-import en todas las versiones hasta la 1.8.4 incluida. Esto hace posible que atacantes no autenticados instalen y activen complementos arbitrarios que pueden aprovecharse para lograr la ejecuci\u00f3n remota de c\u00f3digo si se instala y activa otro complemento vulnerable." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-97xx/CVE-2024-9756.json b/CVE-2024/CVE-2024-97xx/CVE-2024-9756.json index 59a708ac868..00ba33fc270 100644 --- a/CVE-2024/CVE-2024-97xx/CVE-2024-9756.json +++ b/CVE-2024/CVE-2024-97xx/CVE-2024-9756.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9756", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-12T07:15:02.820", - "lastModified": "2024-10-12T07:15:02.820", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Order Attachments for WooCommerce plugin for WordPress is vulnerable to unauthorized limited arbitrary file uploads due to a missing capability check on the wcoa_add_attachment AJAX action in versions 2.0 to 2.4.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to upload limited file types." + }, + { + "lang": "es", + "value": "El complemento Order Attachments for WooCommerce para WordPress es vulnerable a cargas de archivos arbitrarios limitadas y no autorizadas debido a una verificaci\u00f3n de capacidad faltante en la acci\u00f3n AJAX wcoa_add_attachment en las versiones 2.0 a 2.4.1. Esto permite que atacantes autenticados, con acceso de nivel de suscriptor y superior, carguen tipos de archivos limitados." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-97xx/CVE-2024-9776.json b/CVE-2024/CVE-2024-97xx/CVE-2024-9776.json index 536b42de9ed..70b5843f64a 100644 --- a/CVE-2024/CVE-2024-97xx/CVE-2024-9776.json +++ b/CVE-2024/CVE-2024-97xx/CVE-2024-9776.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9776", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-12T06:15:03.640", - "lastModified": "2024-10-12T06:15:03.640", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The ImagePress \u2013 Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.2.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled." + }, + { + "lang": "es", + "value": "El complemento ImagePress \u2013 Image Gallery para WordPress es vulnerable a cross-site scripting almacenado a trav\u00e9s de la configuraci\u00f3n de administrador en todas las versiones hasta la 1.2.2 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes autenticados, con permisos de nivel de administrador o superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada. Esto solo afecta a instalaciones multisitio e instalaciones en las que se ha deshabilitado unfiltered_html." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-97xx/CVE-2024-9778.json b/CVE-2024/CVE-2024-97xx/CVE-2024-9778.json index 3e7a669ff66..8eeafaa6ac3 100644 --- a/CVE-2024/CVE-2024-97xx/CVE-2024-9778.json +++ b/CVE-2024/CVE-2024-97xx/CVE-2024-9778.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9778", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-12T06:15:03.930", - "lastModified": "2024-10-12T06:15:03.930", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The ImagePress \u2013 Image Gallery plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.2. This is due to missing or incorrect nonce validation on the 'imagepress_admin_page' function. This makes it possible for unauthenticated attackers to update plugin settings, including redirection URLs, via a forged request granted they can trick a site administrator into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento ImagePress \u2013 Image Gallery para WordPress es vulnerable a Cross-Site Request Forgery en todas las versiones hasta la 1.2.2 incluida. Esto se debe a la falta o la validaci\u00f3n incorrecta de nonce en la funci\u00f3n 'imagepress_admin_page'. Esto hace posible que atacantes no autenticados actualicen la configuraci\u00f3n del complemento, incluidas las URL de redireccionamiento, a trav\u00e9s de una solicitud falsificada, siempre que puedan enga\u00f1ar al administrador del sitio para que realice una acci\u00f3n como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-97xx/CVE-2024-9785.json b/CVE-2024/CVE-2024-97xx/CVE-2024-9785.json index 030a51932fd..74f0dc56d14 100644 --- a/CVE-2024/CVE-2024-97xx/CVE-2024-9785.json +++ b/CVE-2024/CVE-2024-97xx/CVE-2024-9785.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9785", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-10T13:15:14.583", - "lastModified": "2024-10-10T13:15:14.583", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-97xx/CVE-2024-9786.json b/CVE-2024/CVE-2024-97xx/CVE-2024-9786.json index dcc011a050e..ba569a2bb9a 100644 --- a/CVE-2024/CVE-2024-97xx/CVE-2024-9786.json +++ b/CVE-2024/CVE-2024-97xx/CVE-2024-9786.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9786", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-10T13:15:14.860", - "lastModified": "2024-10-10T13:15:14.860", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-97xx/CVE-2024-9787.json b/CVE-2024/CVE-2024-97xx/CVE-2024-9787.json index 72c3e6e0eaa..6063a88c9f4 100644 --- a/CVE-2024/CVE-2024-97xx/CVE-2024-9787.json +++ b/CVE-2024/CVE-2024-97xx/CVE-2024-9787.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9787", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-10T14:15:06.243", - "lastModified": "2024-10-10T14:15:06.243", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-97xx/CVE-2024-9788.json b/CVE-2024/CVE-2024-97xx/CVE-2024-9788.json index 83382cc423e..24155ef6c03 100644 --- a/CVE-2024/CVE-2024-97xx/CVE-2024-9788.json +++ b/CVE-2024/CVE-2024-97xx/CVE-2024-9788.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9788", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-10T14:15:06.537", - "lastModified": "2024-10-10T14:15:06.537", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-97xx/CVE-2024-9789.json b/CVE-2024/CVE-2024-97xx/CVE-2024-9789.json index faefc5f85eb..0d8af3bd4af 100644 --- a/CVE-2024/CVE-2024-97xx/CVE-2024-9789.json +++ b/CVE-2024/CVE-2024-97xx/CVE-2024-9789.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9789", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-10T14:15:06.803", - "lastModified": "2024-10-10T14:15:06.803", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-97xx/CVE-2024-9790.json b/CVE-2024/CVE-2024-97xx/CVE-2024-9790.json index 6ff0fbaabc8..0dbb9f4470b 100644 --- a/CVE-2024/CVE-2024-97xx/CVE-2024-9790.json +++ b/CVE-2024/CVE-2024-97xx/CVE-2024-9790.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9790", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-10T15:15:15.457", - "lastModified": "2024-10-10T15:15:15.457", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-97xx/CVE-2024-9792.json b/CVE-2024/CVE-2024-97xx/CVE-2024-9792.json index f41b7ac2f32..a8830526fc8 100644 --- a/CVE-2024/CVE-2024-97xx/CVE-2024-9792.json +++ b/CVE-2024/CVE-2024-97xx/CVE-2024-9792.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9792", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-10T15:15:15.710", - "lastModified": "2024-10-10T15:15:15.710", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [ { "sourceIdentifier": "cna@vuldb.com", diff --git a/CVE-2024/CVE-2024-97xx/CVE-2024-9793.json b/CVE-2024/CVE-2024-97xx/CVE-2024-9793.json index abde996d668..81a33a1a917 100644 --- a/CVE-2024/CVE-2024-97xx/CVE-2024-9793.json +++ b/CVE-2024/CVE-2024-97xx/CVE-2024-9793.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9793", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-10T16:15:09.080", - "lastModified": "2024-10-10T16:15:09.080", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-97xx/CVE-2024-9794.json b/CVE-2024/CVE-2024-97xx/CVE-2024-9794.json index 13ebce2f2cd..678d431ef87 100644 --- a/CVE-2024/CVE-2024-97xx/CVE-2024-9794.json +++ b/CVE-2024/CVE-2024-97xx/CVE-2024-9794.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9794", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-10T16:15:09.350", - "lastModified": "2024-10-10T16:15:09.350", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-97xx/CVE-2024-9797.json b/CVE-2024/CVE-2024-97xx/CVE-2024-9797.json index 2d757ad9223..00e04e3368f 100644 --- a/CVE-2024/CVE-2024-97xx/CVE-2024-9797.json +++ b/CVE-2024/CVE-2024-97xx/CVE-2024-9797.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9797", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-10T17:15:16.063", - "lastModified": "2024-10-10T17:15:16.063", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-97xx/CVE-2024-9799.json b/CVE-2024/CVE-2024-97xx/CVE-2024-9799.json index e4bdc3279f5..c537aab4db1 100644 --- a/CVE-2024/CVE-2024-97xx/CVE-2024-9799.json +++ b/CVE-2024/CVE-2024-97xx/CVE-2024-9799.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9799", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-10T17:15:16.390", - "lastModified": "2024-10-10T17:15:16.390", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9803.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9803.json index b00e4173494..f0c96262575 100644 --- a/CVE-2024/CVE-2024-98xx/CVE-2024-9803.json +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9803.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9803", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-10T17:15:16.730", - "lastModified": "2024-10-10T17:15:16.730", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9804.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9804.json index 8314bdfbc55..133ffecebff 100644 --- a/CVE-2024/CVE-2024-98xx/CVE-2024-9804.json +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9804.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9804", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-10T18:15:09.150", - "lastModified": "2024-10-10T18:15:09.150", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9805.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9805.json index ab7a6977d23..8cdc49cd891 100644 --- a/CVE-2024/CVE-2024-98xx/CVE-2024-9805.json +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9805.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9805", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-10T18:15:09.440", - "lastModified": "2024-10-10T18:15:09.440", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9806.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9806.json index b0b437c53c5..754d176694c 100644 --- a/CVE-2024/CVE-2024-98xx/CVE-2024-9806.json +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9806.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9806", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-10T19:15:17.520", - "lastModified": "2024-10-10T19:15:17.520", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9807.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9807.json index bc94e7eb035..b40ec4cf6ed 100644 --- a/CVE-2024/CVE-2024-98xx/CVE-2024-9807.json +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9807.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9807", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-10T19:15:17.797", - "lastModified": "2024-10-10T19:15:17.797", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9808.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9808.json index d85d480c634..ed9b111efc9 100644 --- a/CVE-2024/CVE-2024-98xx/CVE-2024-9808.json +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9808.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9808", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-10T20:15:05.003", - "lastModified": "2024-10-10T20:15:05.003", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9809.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9809.json index 9483e26892c..786cea6d618 100644 --- a/CVE-2024/CVE-2024-98xx/CVE-2024-9809.json +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9809.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9809", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-10T20:15:05.267", - "lastModified": "2024-10-10T20:15:05.267", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9810.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9810.json index e51e0ba95dd..bec702e3b6c 100644 --- a/CVE-2024/CVE-2024-98xx/CVE-2024-9810.json +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9810.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9810", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-10T20:15:05.517", - "lastModified": "2024-10-10T20:15:05.517", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9811.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9811.json index 932c10d084a..4f2b2ba46b7 100644 --- a/CVE-2024/CVE-2024-98xx/CVE-2024-9811.json +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9811.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9811", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-10T21:15:05.383", - "lastModified": "2024-10-10T21:15:05.383", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9812.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9812.json index 0ad1c94bd87..31789a73eef 100644 --- a/CVE-2024/CVE-2024-98xx/CVE-2024-9812.json +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9812.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9812", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-10T21:15:05.677", - "lastModified": "2024-10-10T21:15:05.677", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9813.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9813.json index f011426d7a7..a7f16b33497 100644 --- a/CVE-2024/CVE-2024-98xx/CVE-2024-9813.json +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9813.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9813", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-10T21:15:05.963", - "lastModified": "2024-10-10T21:15:05.963", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9814.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9814.json index 654624f9373..81d7e2497c3 100644 --- a/CVE-2024/CVE-2024-98xx/CVE-2024-9814.json +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9814.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9814", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-10T22:15:11.570", - "lastModified": "2024-10-10T22:15:11.570", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9815.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9815.json index 93ef7ee2c63..29832d60dad 100644 --- a/CVE-2024/CVE-2024-98xx/CVE-2024-9815.json +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9815.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9815", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-10T22:15:11.917", - "lastModified": "2024-10-10T22:15:11.917", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9816.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9816.json index c6c95b4dc48..6996ae3d6fb 100644 --- a/CVE-2024/CVE-2024-98xx/CVE-2024-9816.json +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9816.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9816", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-10T22:15:12.230", - "lastModified": "2024-10-10T22:15:12.230", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9817.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9817.json index 7dc69c1bb5f..71a84b5e136 100644 --- a/CVE-2024/CVE-2024-98xx/CVE-2024-9817.json +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9817.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9817", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-10T23:15:03.410", - "lastModified": "2024-10-10T23:15:03.410", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9818.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9818.json index f8054ad0639..6b8c97759f6 100644 --- a/CVE-2024/CVE-2024-98xx/CVE-2024-9818.json +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9818.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9818", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-10T23:15:03.680", - "lastModified": "2024-10-10T23:15:03.680", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9820.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9820.json index da68ab464b1..9055c8954ce 100644 --- a/CVE-2024/CVE-2024-98xx/CVE-2024-9820.json +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9820.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9820", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-15T02:15:03.170", - "lastModified": "2024-10-15T02:15:03.170", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The WP 2FA with Telegram plugin for WordPress is vulnerable to Two-Factor Authentication Bypass in versions up to, and including, 3.0. This is due to the two-factor code being stored in a cookie, which makes it possible to bypass two-factor authentication." + }, + { + "lang": "es", + "value": "El complemento WP 2FA con Telegram para WordPress es vulnerable a la omisi\u00f3n de la autenticaci\u00f3n de dos factores en versiones hasta la 3.0 incluida. Esto se debe a que el c\u00f3digo de dos factores se almacena en una cookie, lo que permite omitir la autenticaci\u00f3n de dos factores." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9821.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9821.json index eb054757939..d00d476001e 100644 --- a/CVE-2024/CVE-2024-98xx/CVE-2024-9821.json +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9821.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9821", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-12T03:15:02.507", - "lastModified": "2024-10-12T03:15:02.507", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Bot for Telegram on WooCommerce plugin for WordPress is vulnerable to sensitive information disclosure due to missing authorization checks on the 'stm_wpcfto_get_settings' AJAX action in all versions up to, and including, 1.2.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to view the Telegram Bot Token, a secret token used to control the bot, which can then be used to log in as any existing user on the site, such as an administrator, if they know the username, due to the Login with Telegram feature." + }, + { + "lang": "es", + "value": "El complemento Bot for Telegram en WooCommerce para WordPress es vulnerable a la divulgaci\u00f3n de informaci\u00f3n confidencial debido a la falta de comprobaciones de autorizaci\u00f3n en la acci\u00f3n AJAX 'stm_wpcfto_get_settings' en todas las versiones hasta la 1.2.4 incluida. Esto permite que atacantes autenticados, con acceso de nivel de suscriptor y superior, vean el token del bot de Telegram, un token secreto utilizado para controlar el bot, que luego se puede utilizar para iniciar sesi\u00f3n como cualquier usuario existente en el sitio, como un administrador, si conocen el nombre de usuario, debido a la funci\u00f3n Iniciar sesi\u00f3n con Telegram." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9822.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9822.json index 16f5099748a..d826e32df5a 100644 --- a/CVE-2024/CVE-2024-98xx/CVE-2024-9822.json +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9822.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9822", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-11T03:15:10.967", - "lastModified": "2024-10-11T03:15:10.967", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9823.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9823.json index 83af6c51735..bfa256f4270 100644 --- a/CVE-2024/CVE-2024-98xx/CVE-2024-9823.json +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9823.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9823", "sourceIdentifier": "emo@eclipse.org", "published": "2024-10-14T15:15:14.560", - "lastModified": "2024-10-14T16:15:04.653", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "There exists a security vulnerability in Jetty's DosFilter which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack on the server using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory finally." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de seguridad en el DosFilter de Jetty que puede ser explotada por usuarios no autorizados para provocar un ataque de denegaci\u00f3n de servicio (DoS) remoto en el servidor mediante el DosFilter. Al enviar repetidamente solicitudes manipuladas, los atacantes pueden generar errores OutofMemory y agotar la memoria del servidor." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9824.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9824.json index e7a5753e82d..9ca5dd240cd 100644 --- a/CVE-2024/CVE-2024-98xx/CVE-2024-9824.json +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9824.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9824", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-12T06:15:04.230", - "lastModified": "2024-10-12T06:15:04.230", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The ImagePress \u2013 Image Gallery plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the 'ip_delete_post' and 'ip_update_post_title' functions in all versions up to, and including, 1.2.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary posts and update post titles." + }, + { + "lang": "es", + "value": "El complemento ImagePress \u2013 Image Gallery para WordPress es vulnerable a modificaciones no autorizadas y p\u00e9rdida de datos debido a una falta de verificaci\u00f3n de capacidad en las funciones 'ip_delete_post' e 'ip_update_post_title' en todas las versiones hasta la 1.2.2 incluida. Esto permite que atacantes autenticados, con acceso de nivel de suscriptor y superior, eliminen publicaciones arbitrarias y actualicen los t\u00edtulos de las publicaciones." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9837.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9837.json index d0651959f97..f80b41a4354 100644 --- a/CVE-2024/CVE-2024-98xx/CVE-2024-9837.json +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9837.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9837", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-15T08:15:02.910", - "lastModified": "2024-10-15T08:15:02.910", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The The AADMY \u2013 Add Auto Date Month Year Into Posts plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.0.1. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes." + }, + { + "lang": "es", + "value": "El complemento AADMY \u2013 Add Auto Date Month Year Into Posts para WordPress es vulnerable a la ejecuci\u00f3n de c\u00f3digos cortos arbitrarios en todas las versiones hasta la 2.0.1 incluida. Esto se debe a que el software permite a los usuarios ejecutar una acci\u00f3n que no valida correctamente un valor antes de ejecutar do_shortcode. Esto hace posible que atacantes no autenticados ejecuten c\u00f3digos cortos arbitrarios." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9855.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9855.json index d20efe9d8cc..4dfe8cb14e4 100644 --- a/CVE-2024/CVE-2024-98xx/CVE-2024-9855.json +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9855.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9855", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-11T13:15:21.460", - "lastModified": "2024-10-11T13:15:21.460", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM 1.3.8. It has been declared as critical. Affected by this vulnerability is the function uploadFile of the file /admin/SysModule/upload/ajaxmodel/upload/uploadfilepath/sysmodule_1 of the component Module Plug-In Handler. The manipulation of the argument file leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The affected product is known with different names like 07FLYCMS, 07FLY-CMS, and 07FlyCRM. It was not possible to reach out to the vendor before assigning a CVE due to a not working mail address." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad en 07FLYCMS, 07FLY-CMS y 07FlyCRM 1.3.8. Se ha declarado como cr\u00edtica. La vulnerabilidad afecta a la funci\u00f3n uploadFile del archivo /admin/SysModule/upload/ajaxmodel/upload/uploadfilepath/sysmodule_1 del componente Module Plug-In Handler. La manipulaci\u00f3n del archivo de argumentos provoca una carga sin restricciones. El ataque se puede lanzar de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse. El producto afectado se conoce con diferentes nombres como 07FLYCMS, 07FLY-CMS y 07FlyCRM. No fue posible ponerse en contacto con el proveedor antes de asignar un CVE debido a que la direcci\u00f3n de correo electr\u00f3nico no funcionaba." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9856.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9856.json index eea727c24f3..9b00dbd3568 100644 --- a/CVE-2024/CVE-2024-98xx/CVE-2024-9856.json +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9856.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9856", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-11T13:15:21.883", - "lastModified": "2024-10-11T13:15:21.883", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:58:51.050", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM 1.3.8. It has been rated as problematic. Affected by this issue is some unknown functionality of the component System Settings Page. The manipulation of the argument Login Interface Copyright leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The affected product is known with different names like 07FLYCMS, 07FLY-CMS, and 07FlyCRM. It was not possible to reach out to the vendor before assigning a CVE due to a not working mail address." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad en 07FLYCMS, 07FLY-CMS y 07FlyCRM 1.3.8. Se ha calificado como problem\u00e1tica. Este problema afecta a algunas funciones desconocidas del componente System Settings Page. La manipulaci\u00f3n del argumento Login Interface Copyright provoca cross-site scripting. El ataque puede ejecutarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse. El producto afectado se conoce con diferentes nombres, como 07FLYCMS, 07FLY-CMS y 07FlyCRM. No fue posible ponerse en contacto con el proveedor antes de asignar un CVE debido a que la direcci\u00f3n de correo electr\u00f3nico no funcionaba." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9859.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9859.json index 4cbf7c1cf91..80b6e96e753 100644 --- a/CVE-2024/CVE-2024-98xx/CVE-2024-9859.json +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9859.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9859", "sourceIdentifier": "chrome-cve-admin@google.com", "published": "2024-10-11T17:15:04.677", - "lastModified": "2024-10-11T17:15:04.677", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Type confusion in WebAssembly in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)" + }, + { + "lang": "es", + "value": "La confusi\u00f3n de tipos en WebAssembly en Google Chrome anterior a la versi\u00f3n 126.0.6478.126 permit\u00eda a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de una p\u00e1gina HTML manipulada a medida. (Gravedad de seguridad de Chromium: alta)" } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9860.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9860.json index 5ee250cae9e..bab8f495892 100644 --- a/CVE-2024/CVE-2024-98xx/CVE-2024-9860.json +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9860.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9860", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-12T03:15:02.757", - "lastModified": "2024-10-12T03:15:02.757", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Bridge Core plugin for WordPress is vulnerable to unauthorized modification of data or loss of data due to a missing capability check on the 'import_action' and 'install_plugin_per_demo' functions in versions up to, and including, 3.3. This makes it possible for authenticated attackers with subscriber-level permissions or above, to delete or change plugin settings, import demo data, and install limited plugins." + }, + { + "lang": "es", + "value": "El complemento Bridge Core para WordPress es vulnerable a la modificaci\u00f3n no autorizada de datos o a la p\u00e9rdida de datos debido a la falta de una comprobaci\u00f3n de capacidad en las funciones 'import_action' e 'install_plugin_per_demo' en versiones hasta la 3.3 incluida. Esto permite que atacantes autenticados con permisos de nivel de suscriptor o superior eliminen o cambien la configuraci\u00f3n del complemento, importen datos de demostraci\u00f3n e instalen complementos limitados." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9894.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9894.json index 610949d2223..85763c3a721 100644 --- a/CVE-2024/CVE-2024-98xx/CVE-2024-9894.json +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9894.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9894", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-12T13:15:13.737", - "lastModified": "2024-10-12T13:15:13.737", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as critical, was found in code-projects Blood Bank System 1.0. Affected is an unknown function of the file reset.php. The manipulation of the argument useremail leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "En code-projects Blood Bank System 1.0 se ha encontrado una vulnerabilidad clasificada como cr\u00edtica. Se trata de una funci\u00f3n desconocida del archivo reset.php. La manipulaci\u00f3n del argumento useremail provoca una inyecci\u00f3n SQL. Es posible lanzar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede ser utilizado." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9895.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9895.json index bc92a40ff9a..70ef6b486a1 100644 --- a/CVE-2024/CVE-2024-98xx/CVE-2024-9895.json +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9895.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9895", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-15T09:15:03.720", - "lastModified": "2024-10-15T09:15:03.720", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Smart Online Order for Clover plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's moo_receipt_link shortcode in all versions up to, and including, 1.5.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento Smart Online Order de Clover para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del c\u00f3digo abreviado moo_receipt_link del complemento en todas las versiones hasta la 1.5.7 incluida, debido a una desinfecci\u00f3n de entrada insuficiente y a un escape de salida en los atributos proporcionados por el usuario. Esto permite que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9903.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9903.json index 0e8bc867723..975cb3c8787 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9903.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9903.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9903", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-12T23:15:11.027", - "lastModified": "2024-10-12T23:15:11.027", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability classified as critical has been found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.2.0. This affects the function fileUpload of the file /admin/File/fileUpload. The manipulation of the argument file leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The affected product is known with different names like 07FLYCMS, 07FLY-CMS, and 07FlyCRM. It was not possible to reach out to the vendor before assigning a CVE due to a not working mail address." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en 07FLYCMS, 07FLY-CMS y 07FlyCRM hasta la versi\u00f3n 1.2.0. Afecta a la funci\u00f3n fileUpload del archivo /admin/File/fileUpload. La manipulaci\u00f3n del argumento file permite una carga sin restricciones. Es posible iniciar el ataque de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse. El producto afectado se conoce con diferentes nombres como 07FLYCMS, 07FLY-CMS y 07FlyCRM. No fue posible ponerse en contacto con el proveedor antes de asignar un CVE debido a que la direcci\u00f3n de correo electr\u00f3nico no funcionaba." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9904.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9904.json index 17ac739bc7f..30c21e654a0 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9904.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9904.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9904", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-13T02:15:15.257", - "lastModified": "2024-10-13T02:15:15.257", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability classified as critical was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.2.0. This vulnerability affects the function pictureUpload of the file /admin/File/pictureUpload. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The affected product is known with different names like 07FLYCMS, 07FLY-CMS, and 07FlyCRM. It was not possible to reach out to the vendor before assigning a CVE due to a not working mail address." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en 07FLYCMS, 07FLY-CMS y 07FlyCRM hasta la versi\u00f3n 1.2.0. Esta vulnerabilidad afecta a la funci\u00f3n pictureUpload del archivo /admin/File/pictureUpload. La manipulaci\u00f3n del archivo de argumentos permite la carga sin restricciones. El ataque puede iniciarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse. El producto afectado se conoce con diferentes nombres como 07FLYCMS, 07FLY-CMS y 07FlyCRM. No fue posible ponerse en contacto con el proveedor antes de asignar un CVE debido a que la direcci\u00f3n de correo electr\u00f3nico no funcionaba." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9905.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9905.json index 277f27df1df..77d1602eed7 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9905.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9905.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9905", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-13T03:15:02.357", - "lastModified": "2024-10-13T03:15:02.357", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as critical, has been found in SourceCodester Online Eyewear Shop 1.0. This issue affects some unknown processing of the file /admin/?page=inventory/view_inventory&id=2. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en SourceCodester Online Eyewear Shop 1.0. Este problema afecta a algunos procesos desconocidos del archivo /admin/?page=inventory/view_inventory&id=2. La manipulaci\u00f3n del argumento id provoca una inyecci\u00f3n SQL. El ataque puede iniciarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9906.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9906.json index 487c7021030..dfe82741ab6 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9906.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9906.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9906", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-13T04:15:02.473", - "lastModified": "2024-10-13T04:15:02.473", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as problematic, was found in SourceCodester Online Eyewear Shop 1.0. Affected is an unknown function of the file /admin/?page=inventory/view_inventory&id=2. The manipulation of the argument Code leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad clasificada como problem\u00e1tica en SourceCodester Online Eyewear Shop 1.0. Se trata de una funci\u00f3n desconocida del archivo /admin/?page=inventory/view_inventory&id=2. La manipulaci\u00f3n del argumento Code provoca cross-site scripting. Es posible lanzar el ataque de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9907.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9907.json index 43a50eafac5..aa9234c2ceb 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9907.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9907.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9907", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-13T05:15:02.493", - "lastModified": "2024-10-13T05:15:02.493", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability classified as problematic was found in QileCMS up to 1.1.3. This vulnerability affects the function sendEmail of the file /qilecms/user/controller/Forget.php of the component Verification Code Handler. The manipulation leads to weak password recovery. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "En QileCMS hasta la versi\u00f3n 1.1.3 se ha detectado una vulnerabilidad clasificada como problem\u00e1tica. Esta vulnerabilidad afecta a la funci\u00f3n sendEmail del archivo /qilecms/user/controller/Forget.php del componente Verification Code Handler. La manipulaci\u00f3n da lugar a una recuperaci\u00f3n de contrase\u00f1as poco segura. El ataque puede iniciarse de forma remota. La complejidad de un ataque es bastante alta. La explotaci\u00f3n parece ser dif\u00edcil. El exploit se ha hecho p\u00fablico y puede utilizarse. Se contact\u00f3 al proveedor con antelaci\u00f3n sobre esta revelaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9908.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9908.json index 5d8ddd2f2d2..6b9c901260d 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9908.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9908.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9908", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-13T12:15:10.087", - "lastModified": "2024-10-13T12:15:10.087", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as critical, was found in D-Link DIR-619L B1 2.06. Affected is the function formSetMACFilter of the file /goform/formSetMACFilter. The manipulation of the argument curTime leads to buffer overflow. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha detectado una vulnerabilidad clasificada como cr\u00edtica en D-Link DIR-619L B1 2.06. La funci\u00f3n formSetMACFilter del archivo /goform/formSetMACFilter est\u00e1 afectada. La manipulaci\u00f3n del argumento curTime provoca un desbordamiento del b\u00fafer. El exploit se ha hecho p\u00fablico y puede utilizarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9909.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9909.json index a0fc44c7d71..d5d85423d64 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9909.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9909.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9909", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-13T14:15:02.857", - "lastModified": "2024-10-13T14:15:02.857", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability has been found in D-Link DIR-619L B1 2.06 and classified as critical. Affected by this vulnerability is the function formSetMuti of the file /goform/formSetMuti. The manipulation of the argument curTime leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad en D-Link DIR-619L B1 2.06 y se ha clasificado como cr\u00edtica. Esta vulnerabilidad afecta a la funci\u00f3n formSetMuti del archivo /goform/formSetMuti. La manipulaci\u00f3n del argumento curTime provoca un desbordamiento del b\u00fafer. El ataque se puede ejecutar de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9910.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9910.json index 1a9e6dadd20..b4786a73cc8 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9910.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9910.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9910", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-13T15:15:11.117", - "lastModified": "2024-10-13T15:15:11.117", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in D-Link DIR-619L B1 2.06 and classified as critical. Affected by this issue is the function formSetPassword of the file /goform/formSetPassword. The manipulation of the argument curTime leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha detectado una vulnerabilidad en D-Link DIR-619L B1 2.06 y se ha clasificado como cr\u00edtica. Este problema afecta a la funci\u00f3n formSetPassword del archivo /goform/formSetPassword. La manipulaci\u00f3n del argumento curTime provoca un desbordamiento del b\u00fafer. El ataque puede ejecutarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9911.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9911.json index 0fc89211f28..f012a1363c7 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9911.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9911.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9911", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-13T16:15:02.867", - "lastModified": "2024-10-13T16:15:02.867", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in D-Link DIR-619L B1 2.06. It has been classified as critical. This affects the function formSetPortTr of the file /goform/formSetPortTr. The manipulation of the argument curTime leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad en D-Link DIR-619L B1 2.06. Se ha clasificado como cr\u00edtica. Afecta a la funci\u00f3n formSetPortTr del archivo /goform/formSetPortTr. La manipulaci\u00f3n del argumento curTime provoca un desbordamiento del b\u00fafer. Es posible iniciar el ataque de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9912.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9912.json index afefa0863ad..1c025226ae1 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9912.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9912.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9912", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-13T17:15:10.813", - "lastModified": "2024-10-13T17:15:10.813", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in D-Link DIR-619L B1 2.06. It has been declared as critical. This vulnerability affects the function formSetQoS of the file /goform/formSetQoS. The manipulation of the argument curTime leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad en D-Link DIR-619L B1 2.06. Se ha declarado como cr\u00edtica. Esta vulnerabilidad afecta a la funci\u00f3n formSetQoS del archivo /goform/formSetQoS. La manipulaci\u00f3n del argumento curTime provoca un desbordamiento del b\u00fafer. El ataque puede iniciarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9913.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9913.json index c681255b99f..445bbdc267f 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9913.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9913.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9913", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-13T18:15:02.807", - "lastModified": "2024-10-13T18:15:02.807", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in D-Link DIR-619L B1 2.06. It has been rated as critical. This issue affects the function formSetRoute of the file /goform/formSetRoute. The manipulation of the argument curTime leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad en D-Link DIR-619L B1 2.06. Se ha calificado como cr\u00edtica. Este problema afecta a la funci\u00f3n formSetRoute del archivo /goform/formSetRoute. La manipulaci\u00f3n del argumento curTime provoca un desbordamiento del b\u00fafer. El ataque puede iniciarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9914.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9914.json index 50d9144f78c..cc4172aaac2 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9914.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9914.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9914", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-13T18:15:03.090", - "lastModified": "2024-10-13T18:15:03.090", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability classified as critical has been found in D-Link DIR-619L B1 2.06. Affected is the function formSetWizardSelectMode of the file /goform/formSetWizardSelectMode. The manipulation of the argument curTime leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en D-Link DIR-619L B1 2.06. La funci\u00f3n formSetWizardSelectMode del archivo /goform/formSetWizardSelectMode est\u00e1 afectada. La manipulaci\u00f3n del argumento curTime provoca un desbordamiento del b\u00fafer. Es posible lanzar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede ser utilizado." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9915.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9915.json index b7a0c31b39a..b61256ba9e0 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9915.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9915.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9915", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-13T19:15:10.963", - "lastModified": "2024-10-13T19:15:10.963", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability classified as critical was found in D-Link DIR-619L B1 2.06. Affected by this vulnerability is the function formVirtualServ of the file /goform/formVirtualServ. The manipulation of the argument curTime leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en D-Link DIR-619L B1 2.06. La funci\u00f3n formVirtualServ del archivo /goform/formVirtualServ se ve afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento curTime provoca un desbordamiento del b\u00fafer. El ataque puede ejecutarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9916.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9916.json index 0ac196b949f..a6e75a3ad48 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9916.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9916.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9916", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-13T19:15:11.240", - "lastModified": "2024-10-13T19:15:11.240", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as critical, has been found in HuangDou UTCMS V9. Affected by this issue is some unknown functionality of the file app/modules/ut-cac/admin/cli.php. The manipulation of the argument o leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad, que se ha clasificado como cr\u00edtica, en HuangDou UTCMS V9. Este problema afecta a algunas funciones desconocidas del archivo app/modules/ut-cac/admin/cli.php. La manipulaci\u00f3n del argumento o conduce a la inyecci\u00f3n del comando os. El ataque puede ejecutarse de forma remota. El exploit se ha divulgado al p\u00fablico y puede utilizarse. Se contact\u00f3 al proveedor con anticipaci\u00f3n sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9917.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9917.json index 23170de1df6..67b02d091f8 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9917.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9917.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9917", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-13T20:15:03.593", - "lastModified": "2024-10-13T20:15:03.593", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as critical, was found in HuangDou UTCMS V9. This affects an unknown part of the file app/modules/ut-template/admin/template_creat.php. The manipulation of the argument content leads to deserialization. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Se ha descubierto una vulnerabilidad clasificada como cr\u00edtica en HuangDou UTCMS V9. Afecta a una parte desconocida del archivo app/modules/ut-template/admin/template_creat.php. La manipulaci\u00f3n del contenido del argumento provoca la deserializaci\u00f3n. Es posible iniciar el ataque de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse. Se contact\u00f3 al proveedor con anticipaci\u00f3n sobre esta revelaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9918.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9918.json index e63af3d4508..27a8afd05b3 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9918.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9918.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9918", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-13T20:15:03.853", - "lastModified": "2024-10-13T20:15:03.853", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability has been found in HuangDou UTCMS V9 and classified as critical. This vulnerability affects the function RunSql of the file app/modules/ut-data/admin/sql.php. The manipulation of the argument sql leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad en HuangDou UTCMS V9 y se ha clasificado como cr\u00edtica. Esta vulnerabilidad afecta a la funci\u00f3n RunSql del archivo app/modules/ut-data/admin/sql.php. La manipulaci\u00f3n del argumento sql provoca una inyecci\u00f3n SQL. El ataque se puede iniciar de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse. Se contact\u00f3 al proveedor con anticipaci\u00f3n sobre esta revelaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9921.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9921.json index e54156846d0..d78a9d24ff2 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9921.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9921.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9921", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-10-14T03:15:10.400", - "lastModified": "2024-10-14T03:15:10.400", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Team+ from TEAMPLUS TECHNOLOGY does not properly validate specific page parameter, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify and delete database contents." + }, + { + "lang": "es", + "value": "Team+ de TEAMPLUS TECHNOLOGY no valida correctamente los par\u00e1metros de p\u00e1gina espec\u00edficos, lo que permite que atacantes remotos no autenticados inyecten comandos SQL arbitrarios para leer, modificar y eliminar el contenido de la base de datos." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9922.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9922.json index cef28d4cb80..5bc438d6be9 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9922.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9922.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9922", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-10-14T03:15:10.683", - "lastModified": "2024-10-14T03:15:10.683", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Team+ from TEAMPLUS TECHNOLOGY does not properly validate a specific page parameter, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files." + }, + { + "lang": "es", + "value": "Team+ de TEAMPLUS TECHNOLOGY no valida correctamente un par\u00e1metro de p\u00e1gina espec\u00edfico, lo que permite que atacantes remotos no autenticados aprovechen esta vulnerabilidad para leer archivos de sistema arbitrarios." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9923.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9923.json index d648205e91a..fe1f77afd48 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9923.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9923.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9923", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-10-14T04:15:06.070", - "lastModified": "2024-10-14T04:15:06.070", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Team+ from TEAMPLUS TECHNOLOGY does not properly validate a specific page parameter, allowing remote attackers with administrator privileges to move arbitrary system files to the website root directory and access them." + }, + { + "lang": "es", + "value": "El Team+ de TEAMPLUS TECHNOLOGY no valida correctamente un par\u00e1metro de p\u00e1gina espec\u00edfico, lo que permite a atacantes remotos con privilegios de administrador mover archivos de sistema arbitrarios al directorio ra\u00edz del sitio web y acceder a ellos." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9924.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9924.json index 88a2a417f06..871e3a96aae 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9924.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9924.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9924", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-10-14T04:15:06.353", - "lastModified": "2024-10-14T04:15:06.353", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The fix for CVE-2024-26261 was incomplete, and and the specific package for OAKlouds from Hgiga remains at risk. Unauthenticated remote attackers still can download arbitrary system files, which may be deleted subsequently ." + }, + { + "lang": "es", + "value": "La correcci\u00f3n de CVE-2024-26261 no fue completa y el paquete espec\u00edfico para OAKlouds de Hgiga sigue en riesgo. Los atacantes remotos no autenticados a\u00fan pueden descargar archivos de sistema arbitrarios, que pueden eliminarse posteriormente." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9925.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9925.json index 4232877edb0..ab21533a551 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9925.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9925.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9925", "sourceIdentifier": "cve-coordination@incibe.es", "published": "2024-10-15T09:15:03.990", - "lastModified": "2024-10-15T09:15:03.990", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "SQL injection vulnerability in TAI Smart Factory's QPLANT SF version 1.0. Exploitation of this vulnerability could allow a remote attacker to retrieve all database information by sending a specially crafted SQL query to the \u2018email\u2019 parameter on the \u2018RequestPasswordChange\u2019 endpoint." + }, + { + "lang": "es", + "value": "Vulnerabilidad de inyecci\u00f3n SQL en la versi\u00f3n 1.0 de QPLANT SF de TAI Smart Factory. La explotaci\u00f3n de esta vulnerabilidad podr\u00eda permitir a un atacante remoto recuperar toda la informaci\u00f3n de la base de datos mediante el env\u00edo de una consulta SQL especialmente manipulada al par\u00e1metro 'email' en el punto de conexi\u00f3n 'RequestPasswordChange'." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9936.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9936.json index 132d3e282be..c2a1d72a2af 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9936.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9936.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9936", "sourceIdentifier": "security@mozilla.org", "published": "2024-10-14T14:15:12.553", - "lastModified": "2024-10-14T14:15:12.553", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "When manipulating the selection node cache, an attacker may have been able to cause unexpected behavior, potentially leading to an exploitable crash. This vulnerability affects Firefox < 131.0.3." + }, + { + "lang": "es", + "value": "Al manipular la cach\u00e9 del nodo de selecci\u00f3n, un atacante podr\u00eda haber provocado un comportamiento inesperado, lo que podr\u00eda derivar en un bloqueo explotable. Esta vulnerabilidad afecta a Firefox < 131.0.3." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9944.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9944.json index 43ac2d8a13f..6523a2b595e 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9944.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9944.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9944", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-15T06:15:02.967", - "lastModified": "2024-10-15T06:15:02.967", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The WooCommerce plugin for WordPress is vulnerable to HTML Injection in all versions up to, and including, 9.0.2. This is due to the plugin not properly neutralizing HTML elements from submitted order forms. This makes it possible for unauthenticated attackers to inject arbitrary HTML that will render when the administrator views order form submissions." + }, + { + "lang": "es", + "value": "El complemento WooCommerce para WordPress es vulnerable a la inyecci\u00f3n de HTML en todas las versiones hasta la 9.0.2 incluida. Esto se debe a que el complemento no neutraliza correctamente los elementos HTML de los formularios de pedido enviados. Esto hace posible que atacantes no autenticados inyecten HTML arbitrario que se mostrar\u00e1 cuando el administrador vea los env\u00edos de formularios de pedido." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9952.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9952.json index 60d750dd03f..574c6360f0c 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9952.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9952.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9952", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-15T02:15:03.403", - "lastModified": "2024-10-15T02:15:03.403", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in SourceCodester Online Eyewear Shop 1.0 and classified as problematic. This issue affects some unknown processing of the file /admin/?page=system_info/contact_info of the component Contact Information Page. The manipulation of the argument Address leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad en SourceCodester Online Eyewear Shop 1.0 y se ha clasificado como problem\u00e1tica. Este problema afecta a algunos procesos desconocidos del archivo /admin/?page=system_info/contact_info del componente Contact Information Page. La manipulaci\u00f3n del argumento Address provoca Cross Site Scripting. El ataque puede iniciarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse. Tambi\u00e9n pueden verse afectados otros par\u00e1metros." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9953.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9953.json index 6c951d0dc44..464bfb7ae81 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9953.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9953.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9953", "sourceIdentifier": "cret@cert.org", "published": "2024-10-14T22:15:03.957", - "lastModified": "2024-10-14T22:15:03.957", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A Potential DOS Vulnerability exists in CERT VINCE software prior to version 3.0.8. An authenticated administrative user can inject an arbitrary pickle object as part of a user's profile. This can lead to a potential DoS on the server when the user's profile is accessed. Django server does restrict unpickling from crashing the server." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de denegaci\u00f3n de servicio potencial en el software CERT VINCE anterior a la versi\u00f3n 3.0.8. Un usuario administrativo autenticado puede inyectar un objeto pickle arbitrario como parte del perfil de un usuario. Esto puede provocar una posible denegaci\u00f3n de servicio en el servidor cuando se accede al perfil del usuario. El servidor Django impide que la desinstalaci\u00f3n del pickle haga que el servidor se bloquee." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9968.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9968.json index 4b18f9017ba..0d10b83580a 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9968.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9968.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9968", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-10-15T03:15:02.360", - "lastModified": "2024-10-15T03:15:02.360", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [ { "sourceIdentifier": "twcert@cert.org.tw", @@ -16,6 +16,10 @@ { "lang": "en", "value": "WebEIP v3.0 from \n\nNewType\u00a0does not properly validate user input, allowing remote attackers with regular privilege to inject SQL commands to read, modify, and delete data stored in database. The affected product is no longer maintained. It is recommended to upgrade to the new product." + }, + { + "lang": "es", + "value": "WebEIP v3.0 de NewType no valida correctamente la entrada del usuario, lo que permite a atacantes remotos con privilegios normales inyectar comandos SQL para leer, modificar y eliminar datos almacenados en la base de datos. El producto afectado ya no recibe mantenimiento. Se recomienda actualizar al nuevo producto." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9969.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9969.json index 1dfcb60b8fe..5924371047e 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9969.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9969.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9969", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-10-15T04:15:04.413", - "lastModified": "2024-10-15T04:15:04.413", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [ { "sourceIdentifier": "twcert@cert.org.tw", @@ -16,6 +16,10 @@ { "lang": "en", "value": "NewType WebEIP v3.0 does not properly validate user input, allowing a remote attacker with regular privileges to insert JavaScript into specific parameters, resulting in a Reflected Cross-site Scripting (XSS) attack. The affected product is no longer maintained. It is recommended to upgrade to the new product." + }, + { + "lang": "es", + "value": "NewType WebEIP v3.0 no valida correctamente la entrada del usuario, lo que permite que un atacante remoto con privilegios normales inserte JavaScript en par\u00e1metros espec\u00edficos, lo que da como resultado un ataque de Cross Site Scripting (XSS) Reflejado. El producto afectado ya no recibe mantenimiento. Se recomienda actualizar al nuevo producto." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9970.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9970.json index 1de6073de41..fac37122072 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9970.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9970.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9970", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-10-15T04:15:04.793", - "lastModified": "2024-10-15T04:15:04.793", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The FlowMaster BPM Plus system from NewType has a privilege escalation vulnerability. Remote attackers with regular privileges can elevate their privileges to administrator by tampering with a specific cookie." + }, + { + "lang": "es", + "value": "El sistema FlowMaster BPM Plus de NewType tiene una vulnerabilidad de escalada de privilegios. Los atacantes remotos con privilegios normales pueden elevar sus privilegios a administrador alterando una cookie espec\u00edfica." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9971.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9971.json index 2796d77e658..5b76f679509 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9971.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9971.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9971", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-10-15T04:15:05.080", - "lastModified": "2024-10-15T04:15:05.080", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The specific query functionality in the FlowMaster BPM Plus from NewType does not properly restrict user input, allowing remote attackers with regular privileges to inject SQL commands to read, modify, or delete database contents." + }, + { + "lang": "es", + "value": "La funcionalidad de consulta espec\u00edfica en FlowMaster BPM Plus de NewType no restringe adecuadamente la entrada del usuario, lo que permite a atacantes remotos con privilegios regulares inyectar comandos SQL para leer, modificar o eliminar contenidos de la base de datos." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9972.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9972.json index 5e5c75676c3..9695529866d 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9972.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9972.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9972", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-10-15T07:15:02.750", - "lastModified": "2024-10-15T07:15:02.750", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Property Management System from ChanGate has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents." + }, + { + "lang": "es", + "value": "Property Management System de ChanGate tiene una vulnerabilidad de inyecci\u00f3n SQL, que permite a atacantes remotos no autenticados inyectar comandos SQL arbitrarios para leer, modificar y eliminar contenidos de bases de datos." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9973.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9973.json index da748862315..b185293d3b7 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9973.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9973.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9973", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-15T10:15:04.297", - "lastModified": "2024-10-15T10:15:04.297", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/?page=reports of the component Report Viewing Page. The manipulation of the argument date leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad en SourceCodester Online Eyewear Shop 1.0. Se ha clasificado como cr\u00edtica. Se ve afectada una funci\u00f3n desconocida del archivo /admin/?page=reports del componente Report Viewing Page. La manipulaci\u00f3n del argumento date provoca una inyecci\u00f3n SQL. Es posible lanzar el ataque de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9974.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9974.json index b9172fdb7d8..d1a406e27b4 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9974.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9974.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9974", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-15T10:15:04.777", - "lastModified": "2024-10-15T10:15:04.777", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file classes/Master.php?f=add_to_card of the component POST Request Handler. The manipulation of the argument product_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad en SourceCodester Online Eyewear Shop 1.0. Se ha declarado como cr\u00edtica. Esta vulnerabilidad afecta a una funcionalidad desconocida del archivo classes/Master.php?f=add_to_card del componente POST Request Handler. La manipulaci\u00f3n del argumento product_id conduce a una inyecci\u00f3n SQL. El ataque se puede ejecutar de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9975.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9975.json index 88955d9d04b..05324683727 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9975.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9975.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9975", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-15T11:15:14.310", - "lastModified": "2024-10-15T11:15:14.310", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in SourceCodester Drag and Drop Image Upload 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /upload.php. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad en SourceCodester Drag and Drop Image Upload 1.0. Se ha calificado como cr\u00edtica. Este problema afecta a una funcionalidad desconocida del archivo /upload.php. La manipulaci\u00f3n permite la carga sin restricciones. El ataque puede ejecutarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9976.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9976.json index c6b79e2fa27..a17860c6b7d 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9976.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9976.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9976", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-15T11:15:14.570", - "lastModified": "2024-10-15T11:15:14.570", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability classified as critical has been found in code-projects Pharmacy Management System 1.0. This affects an unknown part of the file /php/manage_customer.php?action=search. The manipulation of the argument text leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en code-projects Pharmacy Management System 1.0. Afecta a una parte desconocida del archivo /php/manage_customer.php?action=search. La manipulaci\u00f3n del texto del argumento provoca una inyecci\u00f3n SQL. Es posible iniciar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede ser utilizado." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9977.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9977.json new file mode 100644 index 00000000000..f32f31345a9 --- /dev/null +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9977.json @@ -0,0 +1,137 @@ +{ + "id": "CVE-2024-9977", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-10-15T13:15:11.457", + "lastModified": "2024-10-15T13:15:11.457", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as critical, was found in MitraStar GPT-2541GNAC BR_g5.6_1.11(WVK.0)b26. Affected is an unknown function of the file /cgi-bin/settings-firewall.cgi of the component Firewall Settings Page. The manipulation of the argument SrcInterface leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. We tried to contact the vendor early about the disclosure but the official mail address was not working properly." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.1, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 4.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "MULTIPLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 5.8 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 6.4, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/peritocibernetico/VivoCodeExecutionFirewall/", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.280344", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.280344", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.423561", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9980.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9980.json index d6360664a4e..3c5a0e613f8 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9980.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9980.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9980", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-10-15T08:15:03.163", - "lastModified": "2024-10-15T08:15:03.163", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing remote attackers with regular privileges to inject arbitrary SQL commands to read, modify and delete database contents." + }, + { + "lang": "es", + "value": "La clase ee de FormosaSoft no valida correctamente un par\u00e1metro de p\u00e1gina espec\u00edfico, lo que permite a atacantes remotos con privilegios regulares inyectar comandos SQL arbitrarios para leer, modificar y eliminar contenidos de la base de datos." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9981.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9981.json index 7da882cf09b..79202f38fa0 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9981.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9981.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9981", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-10-15T08:15:03.377", - "lastModified": "2024-10-15T08:15:03.377", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing remote attackers with regular privileges to upload a malicious PHP file first and then exploit this vulnerability to include the file, resulting in arbitrary code execution on the server." + }, + { + "lang": "es", + "value": "La clase ee de FormosaSoft no valida correctamente un par\u00e1metro de p\u00e1gina espec\u00edfico, lo que permite a atacantes remotos con privilegios regulares cargar primero un archivo PHP malicioso y luego explotar esta vulnerabilidad para incluir el archivo, lo que resulta en la ejecuci\u00f3n de c\u00f3digo arbitrario en el servidor." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9982.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9982.json index ed2b075dcea..04ba056bae0 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9982.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9982.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9982", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-10-15T08:15:03.603", - "lastModified": "2024-10-15T08:15:03.603", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "AIM LINE Marketing Platform from Esi Technology does not properly validate a specific query parameter. When the LINE Campaign Module is enabled, unauthenticated remote attackers can inject arbitrary FetchXml commands to read, modify, and delete database content." + }, + { + "lang": "es", + "value": "La plataforma de marketing AIM LINE de Esi Technology no valida correctamente un par\u00e1metro de consulta espec\u00edfico. Cuando el m\u00f3dulo de campa\u00f1a LINE est\u00e1 habilitado, atacantes remotos no autenticados pueden inyectar comandos FetchXml arbitrarios para leer, modificar y eliminar contenido de la base de datos." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9983.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9983.json index c9413075897..a3da62cec12 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9983.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9983.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9983", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-10-15T09:15:04.243", - "lastModified": "2024-10-15T09:15:04.243", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Enterprise Cloud Database from Ragic does not properly validate a specific page parameter, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files." + }, + { + "lang": "es", + "value": "Enterprise Cloud Database de Ragic no valida correctamente un par\u00e1metro de p\u00e1gina espec\u00edfico, lo que permite que atacantes remotos no autenticados aprovechen esta vulnerabilidad para leer archivos de sistema arbitrarios." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9984.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9984.json index fa3391c0d02..89d0fbdc613 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9984.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9984.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9984", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-10-15T09:15:04.480", - "lastModified": "2024-10-15T09:15:04.480", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Enterprise Cloud Database from Ragic does not authenticate access to specific functionality, allowing unauthenticated remote attackers to use this functionality to obtain any user's session cookie." + }, + { + "lang": "es", + "value": "Enterprise Cloud Database de Ragic no autentica el acceso a una funcionalidad espec\u00edfica, lo que permite que atacantes remotos no autenticados utilicen esta funcionalidad para obtener la cookie de sesi\u00f3n de cualquier usuario." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9985.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9985.json index ba7cde735d6..e477ca82367 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9985.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9985.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9985", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-10-15T09:15:04.693", - "lastModified": "2024-10-15T09:15:04.693", - "vulnStatus": "Received", + "lastModified": "2024-10-15T12:57:46.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Enterprise Cloud Database from Ragic does not properly validate the file type for uploads. Attackers with regular privileges can upload a webshell and use it to execute arbitrary code on the remote server." + }, + { + "lang": "es", + "value": "Enterprise Cloud Database de Ragic no valida correctamente el tipo de archivo para las cargas. Los atacantes con privilegios normales pueden cargar un webshell y usarlo para ejecutar c\u00f3digo arbitrario en el servidor remoto." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9986.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9986.json new file mode 100644 index 00000000000..704887be3f7 --- /dev/null +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9986.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2024-9986", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-10-15T13:15:11.790", + "lastModified": "2024-10-15T13:15:11.790", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file member_register.php. The manipulation of the argument fullname/username/password/email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The initial researcher advisory only mentions the parameter \"password\" to be affected. But it must be assumed that other parameters are affected as well." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 6.9, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 7.5 + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://code-projects.org/", + "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/Lanxiy7th/lx_CVE_report-/issues/16", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.280349", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.280349", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.423887", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 63d0cc391eb..6915a2d2219 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-10-15T12:00:19.737638+00:00 +2024-10-15T14:00:18.621893+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-10-15T11:15:14.570000+00:00 +2024-10-15T13:58:19.960000+00:00 ``` ### Last Data Feed Release @@ -33,39 +33,51 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -265580 +265587 ``` ### CVEs added in the last Commit -Recently added CVEs: `17` +Recently added CVEs: `7` -- [CVE-2024-45271](CVE-2024/CVE-2024-452xx/CVE-2024-45271.json) (`2024-10-15T11:15:11.420`) -- [CVE-2024-45272](CVE-2024/CVE-2024-452xx/CVE-2024-45272.json) (`2024-10-15T11:15:11.673`) -- [CVE-2024-45273](CVE-2024/CVE-2024-452xx/CVE-2024-45273.json) (`2024-10-15T11:15:11.940`) -- [CVE-2024-45274](CVE-2024/CVE-2024-452xx/CVE-2024-45274.json) (`2024-10-15T11:15:12.247`) -- [CVE-2024-45275](CVE-2024/CVE-2024-452xx/CVE-2024-45275.json) (`2024-10-15T11:15:12.487`) -- [CVE-2024-45276](CVE-2024/CVE-2024-452xx/CVE-2024-45276.json) (`2024-10-15T11:15:12.760`) -- [CVE-2024-47674](CVE-2024/CVE-2024-476xx/CVE-2024-47674.json) (`2024-10-15T11:15:13.073`) -- [CVE-2024-47945](CVE-2024/CVE-2024-479xx/CVE-2024-47945.json) (`2024-10-15T10:15:03.973`) -- [CVE-2024-49382](CVE-2024/CVE-2024-493xx/CVE-2024-49382.json) (`2024-10-15T11:15:13.153`) -- [CVE-2024-49383](CVE-2024/CVE-2024-493xx/CVE-2024-49383.json) (`2024-10-15T11:15:13.423`) -- [CVE-2024-49384](CVE-2024/CVE-2024-493xx/CVE-2024-49384.json) (`2024-10-15T11:15:13.643`) -- [CVE-2024-49387](CVE-2024/CVE-2024-493xx/CVE-2024-49387.json) (`2024-10-15T11:15:13.860`) -- [CVE-2024-49388](CVE-2024/CVE-2024-493xx/CVE-2024-49388.json) (`2024-10-15T11:15:14.063`) -- [CVE-2024-9973](CVE-2024/CVE-2024-99xx/CVE-2024-9973.json) (`2024-10-15T10:15:04.297`) -- [CVE-2024-9974](CVE-2024/CVE-2024-99xx/CVE-2024-9974.json) (`2024-10-15T10:15:04.777`) -- [CVE-2024-9975](CVE-2024/CVE-2024-99xx/CVE-2024-9975.json) (`2024-10-15T11:15:14.310`) -- [CVE-2024-9976](CVE-2024/CVE-2024-99xx/CVE-2024-9976.json) (`2024-10-15T11:15:14.570`) +- [CVE-2024-48278](CVE-2024/CVE-2024-482xx/CVE-2024-48278.json) (`2024-10-15T13:15:11.000`) +- [CVE-2024-48279](CVE-2024/CVE-2024-482xx/CVE-2024-48279.json) (`2024-10-15T13:15:11.083`) +- [CVE-2024-48280](CVE-2024/CVE-2024-482xx/CVE-2024-48280.json) (`2024-10-15T13:15:11.160`) +- [CVE-2024-48282](CVE-2024/CVE-2024-482xx/CVE-2024-48282.json) (`2024-10-15T13:15:11.227`) +- [CVE-2024-48283](CVE-2024/CVE-2024-482xx/CVE-2024-48283.json) (`2024-10-15T13:15:11.283`) +- [CVE-2024-9977](CVE-2024/CVE-2024-99xx/CVE-2024-9977.json) (`2024-10-15T13:15:11.457`) +- [CVE-2024-9986](CVE-2024/CVE-2024-99xx/CVE-2024-9986.json) (`2024-10-15T13:15:11.790`) ### CVEs modified in the last Commit -Recently modified CVEs: `3` +Recently modified CVEs: `352` -- [CVE-2023-22644](CVE-2023/CVE-2023-226xx/CVE-2023-22644.json) (`2024-10-15T11:15:10.860`) -- [CVE-2024-34010](CVE-2024/CVE-2024-340xx/CVE-2024-34010.json) (`2024-10-15T11:15:11.257`) -- [CVE-2024-45698](CVE-2024/CVE-2024-456xx/CVE-2024-45698.json) (`2024-10-15T10:15:02.853`) +- [CVE-2024-9918](CVE-2024/CVE-2024-99xx/CVE-2024-9918.json) (`2024-10-15T12:57:46.880`) +- [CVE-2024-9921](CVE-2024/CVE-2024-99xx/CVE-2024-9921.json) (`2024-10-15T12:57:46.880`) +- [CVE-2024-9922](CVE-2024/CVE-2024-99xx/CVE-2024-9922.json) (`2024-10-15T12:57:46.880`) +- [CVE-2024-9923](CVE-2024/CVE-2024-99xx/CVE-2024-9923.json) (`2024-10-15T12:57:46.880`) +- [CVE-2024-9924](CVE-2024/CVE-2024-99xx/CVE-2024-9924.json) (`2024-10-15T12:57:46.880`) +- [CVE-2024-9925](CVE-2024/CVE-2024-99xx/CVE-2024-9925.json) (`2024-10-15T12:57:46.880`) +- [CVE-2024-9936](CVE-2024/CVE-2024-99xx/CVE-2024-9936.json) (`2024-10-15T12:57:46.880`) +- [CVE-2024-9944](CVE-2024/CVE-2024-99xx/CVE-2024-9944.json) (`2024-10-15T12:57:46.880`) +- [CVE-2024-9952](CVE-2024/CVE-2024-99xx/CVE-2024-9952.json) (`2024-10-15T12:57:46.880`) +- [CVE-2024-9953](CVE-2024/CVE-2024-99xx/CVE-2024-9953.json) (`2024-10-15T12:57:46.880`) +- [CVE-2024-9968](CVE-2024/CVE-2024-99xx/CVE-2024-9968.json) (`2024-10-15T12:57:46.880`) +- [CVE-2024-9969](CVE-2024/CVE-2024-99xx/CVE-2024-9969.json) (`2024-10-15T12:57:46.880`) +- [CVE-2024-9970](CVE-2024/CVE-2024-99xx/CVE-2024-9970.json) (`2024-10-15T12:57:46.880`) +- [CVE-2024-9971](CVE-2024/CVE-2024-99xx/CVE-2024-9971.json) (`2024-10-15T12:57:46.880`) +- [CVE-2024-9972](CVE-2024/CVE-2024-99xx/CVE-2024-9972.json) (`2024-10-15T12:57:46.880`) +- [CVE-2024-9973](CVE-2024/CVE-2024-99xx/CVE-2024-9973.json) (`2024-10-15T12:57:46.880`) +- [CVE-2024-9974](CVE-2024/CVE-2024-99xx/CVE-2024-9974.json) (`2024-10-15T12:57:46.880`) +- [CVE-2024-9975](CVE-2024/CVE-2024-99xx/CVE-2024-9975.json) (`2024-10-15T12:57:46.880`) +- [CVE-2024-9976](CVE-2024/CVE-2024-99xx/CVE-2024-9976.json) (`2024-10-15T12:57:46.880`) +- [CVE-2024-9980](CVE-2024/CVE-2024-99xx/CVE-2024-9980.json) (`2024-10-15T12:57:46.880`) +- [CVE-2024-9981](CVE-2024/CVE-2024-99xx/CVE-2024-9981.json) (`2024-10-15T12:57:46.880`) +- [CVE-2024-9982](CVE-2024/CVE-2024-99xx/CVE-2024-9982.json) (`2024-10-15T12:57:46.880`) +- [CVE-2024-9983](CVE-2024/CVE-2024-99xx/CVE-2024-9983.json) (`2024-10-15T12:57:46.880`) +- [CVE-2024-9984](CVE-2024/CVE-2024-99xx/CVE-2024-9984.json) (`2024-10-15T12:57:46.880`) +- [CVE-2024-9985](CVE-2024/CVE-2024-99xx/CVE-2024-9985.json) (`2024-10-15T12:57:46.880`) ## Download and Usage diff --git a/_state.csv b/_state.csv index bd488110854..5babac0f697 100644 --- a/_state.csv +++ b/_state.csv @@ -216822,7 +216822,7 @@ CVE-2023-22640,0,0,bd489a39603c5d23b31d9b5ee12d139bde6001d0c1d32d2cb5119fde253f2 CVE-2023-22641,0,0,1e228d65883df51cf784990d2778ea4ba97f9d975c10be7d7fd7ce54d28bad55,2023-11-07T04:07:11.987000 CVE-2023-22642,0,0,defffa7af3331d9c7c15abe5d4b3862be6522fc8885c2a8dec349a1ff10af1b1,2023-11-07T04:07:12.220000 CVE-2023-22643,0,0,0a5291009977bdb914af9600d8c3f87950ec6768617925fd41156911df12a77c,2023-02-14T23:29:13.810000 -CVE-2023-22644,0,1,3fa149a581580508d5ad6228598c8120eb4005c76ab14d063ba27a770b31a5cd,2024-10-15T11:15:10.860000 +CVE-2023-22644,0,1,cd0e2fd7e494b4f0a9e6be145ecbbbd71ac7bfcc687c69351c8f912d282426ca,2024-10-15T12:15:02.520000 CVE-2023-22645,0,0,98c54d8f7492de84ea534bda447d0a2e6c33352ecae4e300edd6bdf72922ced2,2023-04-29T02:15:41.093000 CVE-2023-22647,0,0,0681a89ef45e77cb88370b6be3b7fa1bc36fb3f322132affe5240d43f6147e4b,2024-10-09T09:15:03.133000 CVE-2023-22648,0,0,efcbdf59a79cc8b674d3df58e9203094276b2160da909666a01d8f83b10e10b0,2024-10-09T09:15:04.260000 @@ -219117,7 +219117,7 @@ CVE-2023-25577,0,0,5ee92e0558fbce9bd773a8afe897565bfdaa982c0f4ad7e71e954409a79ac CVE-2023-25578,0,0,a34c5a3bd74c9feff4c9c3173b48f4aebcbdb41926b496db508268725eb1d80a,2023-11-07T04:09:01.430000 CVE-2023-25579,0,0,a6c9e68a845dd568c2130b08183545a22df0a4df1e1473c0c5450b50e5f8d3f7,2023-03-03T15:09:20.680000 CVE-2023-2558,0,0,b36d9018fbad440af935b7a05f8181b9f5920728ee39953642c99c7cad89beda,2023-11-07T04:12:52.760000 -CVE-2023-25581,0,0,2f307ec38a4fd1b79324cc31396a449b2c79ac4aa94a91e410ac72b56607117d,2024-10-10T16:15:04.923000 +CVE-2023-25581,0,1,7b88395f26bc3d76df2f1c3e480436f1bcb77e5456a83133122a4580d0310d2c,2024-10-15T12:58:51.050000 CVE-2023-25582,0,0,232d943891f8f503b5ec3e85110e47e18b7fb6075027f0a7fcc0c9807f79fac9,2023-07-12T15:05:19.617000 CVE-2023-25583,0,0,90cb5ae4facc7427ba0ec7a3aba488de3ea49316450585c3a592993efe3ec3d7,2023-07-12T15:18:34.447000 CVE-2023-25584,0,0,28b5e4e1071105b09a7a0fe37c814dcf7b81d264417fa64df5b4f0851185a205,2024-02-23T18:51:09.787000 @@ -231956,7 +231956,7 @@ CVE-2023-4213,0,0,21c428add2eda2eb8d9843e8f25c420113e0faf0f2737e6835262686538173 CVE-2023-42130,0,0,0241b38800c234ec8e4a2ff16f40e83d68c56ec86a9b4257cd78b46e40a43fab,2024-09-18T19:15:36.470000 CVE-2023-42131,0,0,4e0f01a335565af1d2caffbcb3515b0a5bc3abdb5520eb1e67adabde374601fe,2024-09-18T19:15:36.553000 CVE-2023-42132,0,0,b3614605e58c2ad6bb3381e3dd9a9ae21953bc0309c61010e3af35ddfe93114f,2023-10-03T20:56:24.067000 -CVE-2023-42133,0,0,af5e56659245d888956ffab722dc3e53b1277918d2fce2e5939ff12d4c40a42d,2024-10-11T13:15:15.190000 +CVE-2023-42133,0,1,e68f5e6b420f15646a3b3836bf0c8c486c3cee39aae1324a2bea8bd1b99c7aa4,2024-10-15T12:58:51.050000 CVE-2023-42134,0,0,4ee57071d16fbebb2fd73b2c73a537f320f9d80ad77a4c87162327571d527be7,2024-01-19T16:14:39.460000 CVE-2023-42135,0,0,afc51742bb55c141f44e3c071a949b928f7fc168a8f3df1a2cc739282f45f1b6,2024-10-10T16:15:05.690000 CVE-2023-42136,0,0,3cb425be70508b6a679f0aab3db264515ab3c51689b6da64cb1007c415646915,2024-10-10T16:15:05.880000 @@ -235904,7 +235904,7 @@ CVE-2023-48068,0,0,d2ed6581af62c4b74ef3f8171b12ae6e16910b36aa9ccf062a942fd093c09 CVE-2023-4807,0,0,3de0d677ebbf00153cefbfa374c0ecc381ecf722c89be68b57b7df074a7f14d7,2024-10-14T15:15:12.213000 CVE-2023-48078,0,0,0d9dcf5cb116c36b06b2365e4b759d1ca0ba54345b6daa32e108a2d9f4c48031,2024-08-14T19:35:13.890000 CVE-2023-4808,0,0,4a43f94f49b00a1ded4942c432a3569f5fcf99624dd900f508f8d30286fbcfa9,2023-11-27T16:33:33.237000 -CVE-2023-48082,0,0,96034bbad322c5ad209cad6de9d973e6bc853cef3ec2bc988c9623b055860d55,2024-10-14T19:15:10.780000 +CVE-2023-48082,0,1,50ea90ffaa83ecd161d3b96f18ad6d96bd37fb0a34b21f04cc269851263ee9b5,2024-10-15T12:57:46.880000 CVE-2023-48084,0,0,459a90979a07550a284aa3e1863b171726a2debcb2ae1cda3b39790a2d652b29,2023-12-19T18:41:44.493000 CVE-2023-48085,0,0,ad24d46a2c7d3c2e30b77344324b90919c3f0291c86071ef906b236a00e55787,2023-12-19T18:41:59.183000 CVE-2023-48087,0,0,9729ddec6f348b3a3c6a59a1ffe393a6cd2fd40ee60944b2ab3b3e235f9546cb,2023-11-21T02:42:52.163000 @@ -237795,7 +237795,7 @@ CVE-2023-50777,0,0,df0d9de6b8a0baaf3efff27900ebb62bf75a216074a2617fe71f734fe044c CVE-2023-50778,0,0,4c2b380d1452ab879c0bb2f5c89c5ce489b1f3e5d975b71bfe4549f784edbd60,2023-12-18T19:10:26.547000 CVE-2023-50779,0,0,a0c5abaaea21dffc7e5a857a3cc8d6fdf18a54e29bad4eca92e474cb6a42116d,2023-12-18T19:09:28.547000 CVE-2023-5078,0,0,44af65139afdd3e9781ce81372f6fd64997c761012986369ca4fdcdd6cdd5a3c,2024-09-16T15:15:15.367000 -CVE-2023-50780,0,0,997ce97484e991ac4325541ba8de0cd441dbe9708d3ca1f82502bec6f09a06cf,2024-10-14T16:15:03.477000 +CVE-2023-50780,0,1,c16a87f5c648c3058ffaca07ab4bfbf4e9d01368183c447f1d04ab3f57ca89cb,2024-10-15T12:57:46.880000 CVE-2023-50781,0,0,4cd11cbf33226a1d3a67a681c39cb955b0d7b7bd73503eb21db0ba61d3e9a3f9,2024-02-26T16:27:47.760000 CVE-2023-50782,0,0,658725b86153a9f539275c901096223b399321aeaa417b3e344f544d03067a46,2024-09-27T19:15:09.603000 CVE-2023-50783,0,0,6b32c482163913116bd4c154365475f6fbb1c73c4268388823017e442458c167,2023-12-28T13:45:11.130000 @@ -241358,7 +241358,7 @@ CVE-2024-0116,0,0,a6cbe3db55579100922047f237b056c0420ed7fe26ca2d3a7e613c461d3443 CVE-2024-0123,0,0,b5d565031402caa204bf1a28725c0c192ecd3daa1b8bc8f4d37470664175216b,2024-10-04T13:50:43.727000 CVE-2024-0124,0,0,65a7ca3fa08b021f3ead82c3260c63de7cee799b77a5f239ccc73202de671521,2024-10-04T13:50:43.727000 CVE-2024-0125,0,0,4cf16bcca0b2fb9dbeaeffe86943f72316182719c400fbcdf4c939215efb61c9,2024-10-04T13:50:43.727000 -CVE-2024-0129,0,0,da878527e9e40edb8030b6db6ee4f28c62b9b6081e68ec42ac4928a9b65112dc,2024-10-15T06:15:02.520000 +CVE-2024-0129,0,1,6ed61392ba79f5db5fcce1c9578b2019ba40cb0d76cd37c2f6f179769672e354,2024-10-15T12:57:46.880000 CVE-2024-0132,0,0,f1d27ee91d38f95f18265c56576359c7b74449c09c2448ac9270cfde0a145c24,2024-10-02T14:45:36.160000 CVE-2024-0133,0,0,1869d101f5a07bee8a308ca6354c7bbc691223866612cf3986da3052ed18f6e1,2024-10-02T14:43:22.433000 CVE-2024-0151,0,0,e688008e47f7f2b2995cf15f9fce74bb525b3898f5e47db0ad5b6ce2aa86a255,2024-08-09T19:35:02.910000 @@ -244252,8 +244252,8 @@ CVE-2024-21530,0,0,1cd9789884a1ce72dfeb1a860d1947cabd2b932563c54dc2308d1b3820957 CVE-2024-21531,0,0,556b4244c50c270222e18b4d703d3656d63fc81c95a1cab5391fb75a68df3d26,2024-10-04T13:51:25.567000 CVE-2024-21532,0,0,a24d27f47c5298fab706ab72282873a260fc61d5e510f460d432a2b7b9c38bac,2024-10-10T12:57:21.987000 CVE-2024-21533,0,0,b6d94b5290ee8a666e06ea3154c21a82f3a037332835b4cbc04bf2409f97ee11,2024-10-10T12:57:21.987000 -CVE-2024-21534,0,0,7edd88deeb19b219ecc2b90a3976d54902d3b9e86766a1e32c231ec19796b637,2024-10-11T21:36:23.557000 -CVE-2024-21535,0,0,77b63b874e7db44dae4667146b1a652bfb8aaf69315a52aade7762c8e795542c,2024-10-15T05:15:11.530000 +CVE-2024-21534,0,1,fbfd2c9efbdef3792dc1f4e6bcdeb527f71693fa6f6530e9cd12d16dcbf1069d,2024-10-15T12:58:51.050000 +CVE-2024-21535,0,1,dd690d7709ed4ced0a9a8cbf1f59dfc2612ba8c6a810d6d21ffc9a3f5e9a7d9a,2024-10-15T12:57:46.880000 CVE-2024-2154,0,0,ab5f0b39bb38e5c25606bad964d563e0edda059ff34db22b99ca2b3670b021ff,2024-05-17T02:38:04.970000 CVE-2024-21545,0,0,614ed901d7a98204a096c9331020afa9e58729de6a0c722ccca7898674ea9a4d,2024-09-26T13:32:02.803000 CVE-2024-2155,0,0,499612150b3a1be829ef430bb3388eb54a55d7bb52271f37f2a76ceb8af6c56f,2024-05-17T02:38:05.063000 @@ -246971,7 +246971,7 @@ CVE-2024-25618,0,0,521c40d6483be23c844eadaa045ad9d81526af9d0f0bb15136fa0c5a206a3 CVE-2024-25619,0,0,8779b5460540f75c401ccd25f8dbe7701a4130884fad041c3d9ce354daffff0f,2024-02-15T06:23:39.303000 CVE-2024-2562,0,0,19a87309d0aee720c095694c940b1c491bc221c82ab64cac6db44d1a3b485bf7,2024-05-17T02:38:19.323000 CVE-2024-25620,0,0,300c4d5071efb47a78a0fb6f763869e8a3b4f9eb84a3a8b58578d91ae7032adc,2024-02-15T06:23:39.303000 -CVE-2024-25622,0,0,5b63bd8ab3671727fc4934263e53e235153dc89d47440a1ef7a84ade69598f31,2024-10-11T15:15:03.947000 +CVE-2024-25622,0,1,f2a5329af5cd209b4e18843d05ddb38961d1673868f0917f591975c2cbbf9f39,2024-10-15T12:58:51.050000 CVE-2024-25623,0,0,f8aa2dcefcad5cecc7d7e57a874064d3a0b27ee38334e8a58338063ed42280e1,2024-02-20T19:50:53.960000 CVE-2024-25624,0,0,f71711e300e3eaed808809e7a9b2c0205a6a35fe783a8ef447c3f23895a43c9c,2024-04-25T17:24:59.967000 CVE-2024-25625,0,0,aeab25de3fe3426b54f1a4e56db1601e91367a113c3d5e8c5bad9b4b6dbc113e,2024-02-20T19:50:53.960000 @@ -249331,9 +249331,9 @@ CVE-2024-28684,0,0,ad6bf053cac6fb6852a9113f5958a7b88b0baa069360a39369fc3cdf983cb CVE-2024-28698,0,0,396cba3e1e1963c7f40bf85fd9f50e44dce9235019edfebcdaa211dedffb5752,2024-08-01T13:49:12.527000 CVE-2024-28699,0,0,0b9a4e0b313e8b2e6ec1b9d8b9287e8c737e0019e26671b77c33fd8106965c4d,2024-07-03T01:51:45.310000 CVE-2024-2870,0,0,c7537b0655353d8eeb90f5c17425f30e927a579834f6ada2ebebb0410684ac2c,2024-08-01T13:49:56.253000 -CVE-2024-28709,0,0,3b618d4e76ec8bda51caf7210942d20675172504ac43b24e48363f42c62af724,2024-10-07T17:47:48.410000 +CVE-2024-28709,0,1,f66f8e457eee6538fb24fd5f4c6e3582c7655c01401e6aecd64f27a8453bb1d0,2024-10-15T13:19:03.740000 CVE-2024-2871,0,0,a7a747cc7e44787061231b304b7fa297ab3e10c5c0c5d67f97a2b8176c2eaee9,2024-04-10T13:23:38.787000 -CVE-2024-28710,0,0,d1cf98c15a366b3a62c4a416416372ec2ed33d8ae9e4b3434c4415330555edbd,2024-10-07T17:47:48.410000 +CVE-2024-28710,0,1,37258802389771ce5daeb07f171c9a4fb959527137b532fa4593ddc7beadbbc9,2024-10-15T13:18:44.027000 CVE-2024-28713,0,0,60631bbe8556f08b6ffb1706b8163672bc95d30ca176d374b79cb9df294abe1f,2024-08-27T20:35:27.150000 CVE-2024-28714,0,0,18b853be5dc2833c618e4ddbd9bb373d963fc65628b928a515e70d080b0e0346,2024-08-01T13:49:13.347000 CVE-2024-28715,0,0,8a4e847dfd6a2992ee749163f8e2418cfe72ffb7ce2c517ef803a6aa5b491d0f,2024-03-20T13:00:16.367000 @@ -250339,7 +250339,7 @@ CVE-2024-3011,0,0,c4846fd2702ef9f4bfa13037695154c3570856acd954e92705194ddf548246 CVE-2024-30110,0,0,a07e687d8cc25234136155156054fc7c4d3e910119afb02b600c596b9dc2e496,2024-06-28T10:27:00.920000 CVE-2024-30111,0,0,2d23b069061a9f03f5bbdc50f3bb24e02ba7cc17cb7c96642572c4ddb7c10c61,2024-06-28T10:27:00.920000 CVE-2024-30112,0,0,b1be3742a46d695d3f82f4d182e1b02e2a0a297ddb2b6a4bf1d69911e3eb1b94,2024-06-26T12:44:29.693000 -CVE-2024-30117,0,0,3002b57de7d9e12f5b41e11065fe3521f99b1366de60896899a22442622353a9,2024-10-14T23:15:11.407000 +CVE-2024-30117,0,1,5750947159765838811df13bd11790156649709f7dec77e94d2aa1a56733e948,2024-10-15T12:57:46.880000 CVE-2024-30118,0,0,a600cbc3312207feafbf7858618a61f6dd2c38296d39ec303171804559f68377,2024-10-10T18:50:54.383000 CVE-2024-30119,0,0,4baed8c508a821c818525782701105249753896feab644ba3efffba269f578b9,2024-07-03T01:53:51.120000 CVE-2024-3012,0,0,ae30314159430e25e9f2b09f2e0a440cd8bb99b7d72b62fa4eb73b4affe20188,2024-05-17T02:39:40.620000 @@ -252836,12 +252836,12 @@ CVE-2024-33574,0,0,fc0d46b6052dd50132e8c494ba6e5e246282e5f24b82957996e49ca052563 CVE-2024-33575,0,0,6a75bb9bdd105f2786ec0ae657e4af1bf461cec4cfee8d43e8f3d7320405726c,2024-04-29T12:42:03.667000 CVE-2024-33576,0,0,94aae9ee2f0c33dcb6f6efff3d9d5ea4ef9ca359d6b87f7a468dec43b642bb3f,2024-05-07T13:39:32.710000 CVE-2024-33577,0,0,aa1fe480f03b15b5790c3fe3746d5e0b22858ec01ccebcd9fc758219d9e476bc,2024-07-09T12:15:13.437000 -CVE-2024-33578,0,0,ff9a2c95d4feb0ae70c6d5cce551ebbc3dbf0a382ff1d756901e0bf7e3c43a14,2024-10-11T16:15:05.277000 -CVE-2024-33579,0,0,d086f107803b11a086e850badbc4a051f2a8e14fbc3c3449ceac2caa07c393f1,2024-10-11T16:15:05.523000 +CVE-2024-33578,0,1,649523bc9b661f2e10ffda78092aacd5a2d4d51c3c943255cab1ff9aff5b2174,2024-10-15T12:58:51.050000 +CVE-2024-33579,0,1,c9378d83291aa7f8b28324c66253b59ab1733be3fb3fd25c1f975f268dad3b1a,2024-10-15T12:58:51.050000 CVE-2024-3358,0,0,23527163c1f6e0e94b0385ffe56587c3bd4a94e2413e00c71a4ba5f8a69e7bad,2024-05-17T02:39:52.340000 -CVE-2024-33580,0,0,9f2a3b6bcf81be4de421cb75b205020698133f5e942ecbea64a5beecd6be7d9f,2024-10-11T16:15:05.730000 -CVE-2024-33581,0,0,ebb03f3bf5d0d72a973ecd6345cb597b9535f5d409856fe127487de929eb6186,2024-10-11T16:15:05.943000 -CVE-2024-33582,0,0,e40406303f562aaae495610a8d9feda7203ae75a97c2f2562bd95ecf9a8ffcde,2024-10-11T16:15:06.147000 +CVE-2024-33580,0,1,c9a983f26fee03388920e5c681d2f120ef748c095d68ca9758624bec1d7100ab,2024-10-15T12:58:51.050000 +CVE-2024-33581,0,1,9485ef30b85b3f9ab79525b22bf4f24344455fb10fbe0b0431a37c32e4abd3dc,2024-10-15T12:58:51.050000 +CVE-2024-33582,0,1,53f3a417a379c49e14d1acc9d0be9bc6ad05eae9aa6470bf11aee31cc529a864,2024-10-15T12:58:51.050000 CVE-2024-33583,0,0,38272dcd4c11b3ceb59d346922b95e7d819f9730abaa6f62d3bb43a2c2f1f72f,2024-06-11T12:15:16.220000 CVE-2024-33584,0,0,3bb5bf6abdca2bf5d5334941cdf5ce6c6206e90c8384d56ad541db48f2bfd2e2,2024-04-29T12:42:03.667000 CVE-2024-33585,0,0,3c777c6a9b9a4a2e67efd6f7841cfd33983939bdb79e8fad41b131b2d622243e,2024-04-30T13:11:16.690000 @@ -253160,7 +253160,7 @@ CVE-2024-34006,0,0,395648fff5e3bb9db979037721cab37ad30235177e6b8c53ee620b321ccc7 CVE-2024-34007,0,0,b193bd3933e880da74a203387cfe44d08196c4dc5fd2306355cb180bcdb9cbcb,2024-06-03T14:46:24.250000 CVE-2024-34008,0,0,12468a64ece54d2177f4be3e63a53a42505149e2cd5b611cb491f1103f12dc16,2024-07-18T16:41:31.227000 CVE-2024-34009,0,0,18bf6e117b9495c5fa8c40d17d2639b8385c3310650f6b1c3c8a3528c0ec36c0,2024-08-01T15:35:14.680000 -CVE-2024-34010,0,1,7772431fddbfa4456518c6f3c79bfb5e61dd9e04f9a0c45164641cb3c48c81cf,2024-10-15T11:15:11.257000 +CVE-2024-34010,0,0,7772431fddbfa4456518c6f3c79bfb5e61dd9e04f9a0c45164641cb3c48c81cf,2024-10-15T11:15:11.257000 CVE-2024-34011,0,0,1cdf95201b7c3fac8642eb93e0c0ec77c02ae32f22e51c68db8a6f76ced93031,2024-04-30T13:11:16.690000 CVE-2024-34012,0,0,5230526342507ce0f85dd47c2323d42603a1fbec4e476f393dfaf1722db209eb,2024-08-07T15:33:46.150000 CVE-2024-34013,0,0,31f555436f56628c9b80feda54af6c121f0002b6c021c0928728c76ed328d68f,2024-07-19T13:01:44.567000 @@ -253989,7 +253989,7 @@ CVE-2024-35198,0,0,7592c428e1bf061ba03a09a77c9fc676ecc19ee3535a3f1dd84fdd07d6a08 CVE-2024-35199,0,0,10d88a39b30b98eb1ab39fdfe91d64eca78a834d79f0e8d397aca33bb33c48ea,2024-08-07T16:15:44.737000 CVE-2024-3520,0,0,4d2ca8beda165968cfea3b64e955c18436397c1b54474f7a64b510b5eacd13fe,2024-05-02T18:00:37.360000 CVE-2024-35200,0,0,4e081bc266f3339c234fd0d9836610e298ca5ba3771760c1147fa5a32be6afdb,2024-06-10T18:15:34.983000 -CVE-2024-35202,0,0,69990fb5aa1a56a354b12414319025d2c1a39f309f633ac5e271aae5c1a31f46,2024-10-10T16:35:11.390000 +CVE-2024-35202,0,1,4af51be94f170b8c7faf730b20ffce243593310efdd5d249d08c2d764ada1552,2024-10-15T12:58:51.050000 CVE-2024-35204,0,0,2ea5b7f3f64c9f31f0a98ec693d23952b0be3ff72b74340b9fa74f103be148a8,2024-09-26T16:15:07.840000 CVE-2024-35205,0,0,b114736c6ce96d182acaf33482dfa6527b14733d7c35394119539255eedf2feb,2024-08-20T14:35:21.557000 CVE-2024-35206,0,0,2d45311ddac58ab7849b5dcc4f34358defb99853941e437129eca208b1798608,2024-08-06T15:02:05.777000 @@ -254160,12 +254160,12 @@ CVE-2024-35510,0,0,caaffeb522a9243cb4a1bb41637eced11d63455c55d5f889189d39467161e CVE-2024-35511,0,0,0925e571054fff897af51a6c91c2579c2749b26c74104183a16b37d4fa6c6517,2024-07-03T02:01:47.583000 CVE-2024-35512,0,0,b896e4527afcecfdf8ee8b9a5d8645a7997efcebb8181c42302f1215247b04ab,2024-08-22T21:35:05.483000 CVE-2024-35515,0,0,0a6259433dc8b772a7751534ecb780dbd399dd4b702a82474be04ca505d614d4,2024-09-20T12:30:17.483000 -CVE-2024-35517,0,0,bfec791a0cb04e3630fa083b2e569215c8722a3346743b806d1ebf61c836a0f3,2024-10-11T22:15:03.930000 -CVE-2024-35518,0,0,7fa27be39321af8e45199f17e2237d4203ee8e8bc4d352607f4d2d2e04bbe49b,2024-10-14T22:15:03.320000 -CVE-2024-35519,0,0,58e4f17cec91bb1fc227c3af675575b49852ceb83aa9c209a7010b359bb94279,2024-10-14T22:15:03.543000 +CVE-2024-35517,0,1,5e355a88cabbea9041751bb9dfa9abdf819091f76e70bc186bfc7e1152b6c0b0,2024-10-15T12:57:46.880000 +CVE-2024-35518,0,1,25857930fed4d73ffca749d769d6b36ae52427482ea8d056d7cf204af7a77736,2024-10-15T12:57:46.880000 +CVE-2024-35519,0,1,9d9ca739946472dfce1d14670130517630c36a536a923bec6eef5cd5a99d7f34,2024-10-15T12:57:46.880000 CVE-2024-3552,0,0,b573d704f72bfadd96d903b41988b7617b9a930535c0b223b9c260b4778dcd0d,2024-07-02T14:45:34.543000 -CVE-2024-35520,0,0,2307c8964a0318367d34a80378fdc9376b35045a2a51dc1571d9e8fcfe6557ba,2024-10-14T22:15:03.727000 -CVE-2024-35522,0,0,22d6e02f9325c21ee5222c88289910f8f2671497792135b8ac5269387a1004a7,2024-10-11T22:15:04.117000 +CVE-2024-35520,0,1,3d46c88515b1bb1e6888dd29d9fdc5bd25d8fa9bf70552138f129782c8b5cf15,2024-10-15T12:57:46.880000 +CVE-2024-35522,0,1,34366b5f945ea7a68b4c3471f6df4ea553780e697f01f277b62e0c28f30476a1,2024-10-15T12:57:46.880000 CVE-2024-35526,0,0,45f791392c66ed8c499767ccc3e4221d8293b29407aac62d7317c3cd0f64f171,2024-06-26T12:44:29.693000 CVE-2024-35527,0,0,72600462defbad3d94b9b914561cd106abcd4f14940c552d4d0bd67292ce0acb,2024-08-12T19:35:08.817000 CVE-2024-3553,0,0,d92b272ac91b29131b7e7854674ae1f210f8268a2cb6312d80e7312af083b77c,2024-05-02T18:00:37.360000 @@ -256285,7 +256285,7 @@ CVE-2024-38360,0,0,62fab844597ca879d16a5f3bb413c82dd98eca8f8a8f42f5a5f8581c90bd1 CVE-2024-38361,0,0,f382ebba7fc984c6e86107cb94ceaca8dedca184f9f6123ffedcd7094bb741b0,2024-06-21T11:22:01.687000 CVE-2024-38363,0,0,4ba5b34714c88cf806284a26eaf8261d70f03ee7392713aa1b260c885e54e80f,2024-07-09T18:19:14.047000 CVE-2024-38364,0,0,2279d9d422aa31a74e603806d16ace0153ff248c4a5fbe8796ad93e25cd4d53d,2024-06-26T12:44:29.693000 -CVE-2024-38365,0,0,e2d69c29dbd1ce8181392b9491fee732216a7aff80840aa22fe10aaaace6d17a,2024-10-11T20:15:04.733000 +CVE-2024-38365,0,1,5e8f0e207b5596e0673060b1504e801f4c47f87d63c258d30590bb3e158f2e21,2024-10-15T12:57:46.880000 CVE-2024-38366,0,0,da439faf5ff6d8122b959647a313a26dc3be85c3289475c82985c89c575c78f2,2024-09-18T15:22:55.753000 CVE-2024-38367,0,0,ef3b5309f2c711755f4bc1341d871d57dcb340a68f69961e0160dca4bb6dc7ac,2024-09-18T15:16:27.733000 CVE-2024-38368,0,0,2f8143f8d00d367476eddebe8b3c5595b38d7c9548f03fa31bf0b2530474a056,2024-09-18T15:23:00.507000 @@ -256672,8 +256672,8 @@ CVE-2024-38859,0,0,de323bde3647e4f305c3b46157fa86379bf5b570b3bfbebf89dea8495917b CVE-2024-3886,0,0,637917caac7fdeed5913d854d310583d9de4da2bf7f910a461c6efc8f1bacf15,2024-09-03T18:48:14.927000 CVE-2024-38860,0,0,266a5ea7baf50ab92e42d7685db3a6cf2803dcca1365001a34024abb32b3b89e,2024-09-20T12:30:51.220000 CVE-2024-38861,0,0,c849569e1ce9ba1b5e191f651dac8e0341ee6fab90d6f85280ffa2b71faa4392,2024-09-30T12:46:20.237000 -CVE-2024-38862,0,0,21e6e45750161fcbd8074e4c8cd8e28a23245d7b3d28ac0a5b2f458bfe8bde9f,2024-10-14T08:15:02.563000 -CVE-2024-38863,0,0,947416fda2d0a99f106acd269148d3595950b0b341d0cf7a5a9aadd2889371ca,2024-10-14T08:15:02.823000 +CVE-2024-38862,0,1,3bc5ae93f1a59ab8e5497540a76b21f2d9979e17d6c603e124efd9747fd40156,2024-10-15T12:57:46.880000 +CVE-2024-38863,0,1,4e07247c679d45b02eb8d79d50dd0caedb400217644fbadd1dac778936846513,2024-10-15T12:57:46.880000 CVE-2024-38867,0,0,0587553b0e73bb3d7fb83caa644dbd7ff748ca26af84fce237e8ae38fe20168b,2024-08-13T08:15:10.817000 CVE-2024-38868,0,0,f5122b748e151420a9f3845d24af4920bd437f9bfb8619e2cdc643a0cfcffcd9,2024-09-04T19:13:29.983000 CVE-2024-38869,0,0,c0f887639cd5f8290b163362347e9df211e2de0bfae6dfee57ed54004469d16e,2024-08-30T18:15:07.150000 @@ -257070,15 +257070,15 @@ CVE-2024-39522,0,0,b66709e6535a7cdadc12e252ab229dc8e8aef04f48261d0268655457d17fa CVE-2024-39523,0,0,a3811f47c02311cb1b3e9c779434ecc435f3ef774dbaecf23095150720747474,2024-09-23T13:41:41.567000 CVE-2024-39524,0,0,f81747ca72ff72ed34e537ded9b51c09a5f97f91401f1ade11ec10102c46443b,2024-09-23T13:42:49.947000 CVE-2024-39525,0,0,d775dd232fca82d89a27908f99c7ab9fcee2b3e4a09a48f8a86e162a59a4cd74,2024-10-10T12:51:56.987000 -CVE-2024-39526,0,0,e24e07695772824ae2947ac316ca5cb88441fec6694d5014cb866c5eabe1ecf6,2024-10-11T16:15:06.440000 -CVE-2024-39527,0,0,e8f0c6d34f46b9a4a2767c72bccf6729487307c7aa9dbb80f33738f44307b174,2024-10-11T16:15:06.707000 +CVE-2024-39526,0,1,7372e2c605d63d2bf1a674b1e3e2cb465e899c578e34e33e6c63b9abf375c0fc,2024-10-15T12:58:51.050000 +CVE-2024-39527,0,1,d86aaecd0b469edddccd80ab953d92e0a44ff9bf0251150ad0c05ee6eb311502,2024-10-15T12:58:51.050000 CVE-2024-39528,0,0,e38a4ee98e70571927c02a6972041282f229d4485e62ff8801fae59946fb79e3,2024-09-23T14:01:41.367000 CVE-2024-39529,0,0,00f43e2c27d890f4599c7f0b79b4f6e627b99f8bce970eddcf5a09f2b2c7a075,2024-09-23T14:08:47.240000 CVE-2024-39530,0,0,1c9b47723a95ee2e38c28a71dbdfbc0698029b0ae899f35456744c3d18947342,2024-09-23T14:13:14.507000 CVE-2024-39531,0,0,8b14b9ed4e884f3f41331eddcb8409f2e477ec19086cf663db8016dae35a5ed5,2024-07-11T18:09:58.777000 CVE-2024-39532,0,0,9e2f90de2b6756658f7c58bd14832ce3e9b82ec713cc3bcefd6d19325399f7bc,2024-07-11T18:09:58.777000 CVE-2024-39533,0,0,e6c26263dc6a9a850b1bca40535a85280c37c6059ff56ee0dc8524a61354db40,2024-07-11T18:09:58.777000 -CVE-2024-39534,0,0,85f3ed898312cca90321477173a295a54fd8ccd1a248a0590df6b91d9bcde0cb,2024-10-11T16:15:06.970000 +CVE-2024-39534,0,1,18be7cc9751e7cbce4ba9afe2166b0bf8fb2f1d98c4ab8a5a39e572967f769f6,2024-10-15T12:58:51.050000 CVE-2024-39535,0,0,83b12ccf84942d42e34000d1d8fe739916dabf0e1193a243a1f5f9242bfde519,2024-07-11T18:09:58.777000 CVE-2024-39536,0,0,fcedd5a4fda577505833805e7e4997c8473247086d79366725456756ee1a42c8,2024-07-12T15:15:11.040000 CVE-2024-39537,0,0,2402364b51defda98213c86ffffe14a816de6c89624e0dba8c995959e18bbb67,2024-07-11T18:09:58.777000 @@ -257089,10 +257089,10 @@ CVE-2024-39540,0,0,be0d416d14fb6707481af829a3c595b98223f4ff2afe56ae608c0f2f113c5 CVE-2024-39541,0,0,2c2065cc472b958869a59744fd25c5b1d10d8a3e999984d3fe7f8909dda21c0b,2024-07-11T18:09:58.777000 CVE-2024-39542,0,0,a20b733120c9407fac7cfbf8a11db6e6be29fbe8139b8b0238845f4359f20a12,2024-07-12T16:11:52.420000 CVE-2024-39543,0,0,aaaad3e02df0b0d6d56ce697644f4ead0224422eef8d860010b2b8a0e7c3b779,2024-07-11T18:09:58.777000 -CVE-2024-39544,0,0,e67a5470e5baeb2bcc59640c1c904b4a74c11180f78c6e04a7362c515eac41c0,2024-10-11T16:15:07.240000 +CVE-2024-39544,0,1,131ea3eaf5cf8a9ba6747342f67643af53121ff9d7c74e7ff384abb8e4465d76,2024-10-15T12:58:51.050000 CVE-2024-39545,0,0,1eb5c972b938ca677d55ad154dd167ed070fc69afd56e645990ea5adac9fd888,2024-07-11T18:09:58.777000 CVE-2024-39546,0,0,e16dcfa4fc66ceb6eb147443dbf92ba41be6e9e538dcfdb9345e3a289eefbf1c,2024-07-12T16:11:53.397000 -CVE-2024-39547,0,0,1fa8faf13c1e73e82c112b5dac3fd568c65ce819724267b4d6568a0c720bd9a7,2024-10-11T16:15:07.483000 +CVE-2024-39547,0,1,4384a9c8e1089a4db1473e9ce9c5a419cd77cecbdcad5c989bfd9d6485e29af5,2024-10-15T12:58:51.050000 CVE-2024-39548,0,0,f508a41c267f71c0128d6c49ba38f3ffa926a8d4647ec725429fd94a8d643cbd,2024-07-11T18:09:58.777000 CVE-2024-39549,0,0,dcfe0b098a69d3d25bd93373dc59a343ea9177e8f9ca55cd75f53b1d197ea475,2024-10-02T22:15:02.533000 CVE-2024-3955,0,0,1980afc805b9b5d168ea6a08c34d1a9d581fd505fecdd9c097016e585c054b35,2024-07-03T02:06:56.087000 @@ -257110,7 +257110,7 @@ CVE-2024-3956,0,0,a3cb09bf1f28d977327946dc32f9ea686f27cbe51075fc0453b6840e64eb9d CVE-2024-39560,0,0,23f69d2135add515835b57e80ed861f5b71ea1c4537140e0184db49c17a20902,2024-10-01T20:15:05.170000 CVE-2024-39561,0,0,2d6669fd46e5f06a296436c07948ef96b496b18cd802d54459b89b3379cbcb51,2024-07-11T13:05:54.930000 CVE-2024-39562,0,0,e28be33d8ed9a3514708585e09c3a2a79edf6f92ad582e3763ed1e2ed2b7847b,2024-07-11T13:05:54.930000 -CVE-2024-39563,0,0,f785c5da4ce5fdb70b21df661dc4ad07e4508fbca67fc337a09ff141d3e2a43f,2024-10-11T16:15:07.740000 +CVE-2024-39563,0,1,76fc2b9662916d4e8f899c7dfe85d083006718d95500dbba45fdbabac484136a,2024-10-15T12:58:51.050000 CVE-2024-39565,0,0,67e95ad66ccb875a343c94a008ae24e95d194b8d007cd8f237d44ba36352b116,2024-07-11T13:05:54.930000 CVE-2024-39567,0,0,4a57ded9184af902b793d10964e38343dbe75d3e891132b111e62e60ba12ed7c,2024-07-09T18:19:14.047000 CVE-2024-39568,0,0,f8994573b47195905c9ccbf8be81e7fc1ac765b7d83d3cc49f6dd1813186217f,2024-09-06T21:26:14.400000 @@ -257777,7 +257777,7 @@ CVE-2024-4088,0,0,61cc31924b86843bbd20c326ef7465dc1aa394b548458b2e1a9fc62c09ede6 CVE-2024-40883,0,0,8855b9ba6890db3f512189380b135e2bd398db6f2ac8377c169993238c8e17e7,2024-09-26T05:15:11.973000 CVE-2024-40884,0,0,c8797b81ca17f130e9b15061a257e8838b29d835c417f35d4ed5fe661f9275fc,2024-08-23T16:18:28.547000 CVE-2024-40886,0,0,366f3546e42ed526b269e117ba5fde90b643767db321194ac7a300a3dda42364,2024-08-23T16:09:31.887000 -CVE-2024-4089,0,0,5c937f455213a850bbd3c1f9200144ba3ce7ed0d658b961e7847711b4f044541,2024-10-11T16:15:13.633000 +CVE-2024-4089,0,1,9d3c88a6551c3b382d216265a454707e6b223ac5294e3018bbb7b6a68aba61fd,2024-10-15T12:58:51.050000 CVE-2024-40892,0,0,80f2c69eafcb531435cc671447d237ff8792f374d8c58f10182688d813811ab4,2024-08-21T18:15:09.710000 CVE-2024-40893,0,0,3220dba971e1861a31a0659deabcf8dc81ec736d5ed6a5b82a9eb1d0c8650fcc,2024-08-21T18:15:09.803000 CVE-2024-40895,0,0,8c1e79c4f9b4c4aa0a454566e9355d762509535d530511413d5b712e02da1fc1,2024-08-01T13:58:15.617000 @@ -258100,12 +258100,12 @@ CVE-2024-41281,0,0,acd5274a5314a460f4482234d2c8af8da53f6324e375946a6feb8a82983d1 CVE-2024-41285,0,0,f9d8e2fe08b82d3f5c7f4ac42e37bd0268ac10deb583909c52659b72a2361eca,2024-08-27T16:03:16.043000 CVE-2024-4129,0,0,f2fba94e29dd925b8a56a23f2711717731ea628ca4457222b442fc21c3f8c80a,2024-05-14T16:11:39.510000 CVE-2024-41290,0,0,c49f8cd5603807c9b54528f3054e83df63373e1eca850d7e76d84e26592de69d,2024-10-04T13:50:43.727000 -CVE-2024-4130,0,0,2f47f7439ca290ef13cfb454941d3fbce6eeb562f898a226accf73d9e3dc0108,2024-10-11T16:15:13.840000 +CVE-2024-4130,0,1,4254f62b6a9f8647eb8ae6d184e599da475e73338202f507ba5389c2a237bd45,2024-10-15T12:58:51.050000 CVE-2024-41304,0,0,97c8e67643f8470191a2e05ce641725b816a8cc5ff59a9e38a00154810fc7f9e,2024-08-23T16:35:06.883000 CVE-2024-41305,0,0,44375e3d9aedae768570d453a5746b314221c07760efe679991b65a52a72cbb1,2024-08-08T14:36:06.423000 CVE-2024-41308,0,0,0cfb1f5a539d1b3ab56fa248bc4e6b56744120f3ffd7eb646c940bb1f8d27a55,2024-08-08T15:04:28.510000 CVE-2024-41309,0,0,b9bc578a75924505757e6c223f9b414f575de364b8af8a3b843d1bd2707bdb26,2024-08-08T15:35:19.553000 -CVE-2024-4131,0,0,cf19987c1526c38802b5baddc10395ed1c5bf282cc2b3c098f087ba13906bc4b,2024-10-11T16:15:14.050000 +CVE-2024-4131,0,1,9a9dc3f28ed3cf5dc60a06ac74f038b77e708c032afa1341b54f35e0fc68ae43,2024-10-15T12:58:51.050000 CVE-2024-41310,0,0,dab67ac1aeab1ffb95f812e4938961307c6ce203d52330d45800d09dd75058c0,2024-08-28T17:42:01.190000 CVE-2024-41314,0,0,db53d1cfc39af554879f83e26dbe36479a0a26172379fc4a043735d6cb186ac0,2024-08-01T13:58:28.057000 CVE-2024-41315,0,0,2d4182edc23b3ca5f23da4066941e10349788ef80e0dc9d84cb1c30a4edf0d37,2024-08-01T13:58:28.840000 @@ -258113,7 +258113,7 @@ CVE-2024-41316,0,0,fdd83ec8e5f08975a0e0f1c308e905edc7588e4137c92360541a6835aa02f CVE-2024-41317,0,0,52395d4b73d1f3333bd86d331ce69b48cfe0221d866f68e6f5d1a7dd650e810d,2024-08-01T13:58:30.410000 CVE-2024-41318,0,0,9b1c1d0472f281a532ac7cd9f50c0be0ec0f55b0327046bb10ee1709062e9e40,2024-08-01T13:58:31.180000 CVE-2024-41319,0,0,1899a3684e8a27d8d6402d107bc11ca910ee14276fc605936dd401557907d526,2024-08-01T13:58:31.957000 -CVE-2024-4132,0,0,85cbee6170a9ca4792c56240782c4771addca3acda0c50c5f1d7c9c598148d99,2024-10-11T16:15:14.243000 +CVE-2024-4132,0,1,72c018b5852035c5c3e98155b5a9e6b387989411f97a3bf3c840deb5ea6cd385,2024-10-15T12:58:51.050000 CVE-2024-41320,0,0,6629b2c1bbc9cd1b160b7b0f9c935334633b6b47708e3a65ad0ff69abde9e8ce,2024-08-01T13:58:32.723000 CVE-2024-4133,0,0,809a3aebbf4e63405fb2f0740c9908f3dfcf1d711b93379e5d465ea9e56d3cba,2024-05-02T18:00:37.360000 CVE-2024-41332,0,0,0c297902d1fd2e33f0ac4f9fcf27ea849083281238ee0df040d97531f7646dbb,2024-08-21T18:53:15.927000 @@ -258503,7 +258503,7 @@ CVE-2024-41990,0,0,a9d3bfe1152ea007eb5df4a4d15c3972fabe2ab7cf6c4dc84957655472913 CVE-2024-41991,0,0,c38f7b679bd3e48c46db9fd1c6390ab9383b0c22d8669d807f374055f46ee42b,2024-08-07T20:48:22.403000 CVE-2024-41995,0,0,79638f0d10c16b237f07db3242d98d294e87bf4205be8c6d9c3c7b90790704bd,2024-08-06T16:30:24.547000 CVE-2024-41996,0,0,29b8c50df43b1c66bff4b5734acbca34adccc097a107dedf36398e589357d13d,2024-08-26T16:35:11.247000 -CVE-2024-41997,0,0,feb93180957d926c3a2515af9caa2596a5a805e498da40f2eabee214b9d19034,2024-10-14T16:15:03.640000 +CVE-2024-41997,0,1,84df8118b29b34cdc8faf73e33107460ae4ddccf285b98bc5e63560a742aef86,2024-10-15T12:57:46.880000 CVE-2024-41999,0,0,a370380ae5e595c1d409f5d8d8f92b14e0e23ae9708051ce0a7058f9d91625a3,2024-09-30T17:35:09.340000 CVE-2024-4200,0,0,4cd240b08c44457e11ab7d0e46f05e7d4edddbc268bf54e61982ff7b6b50f3a4,2024-05-15T18:35:11.453000 CVE-2024-42001,0,0,fcbbb9fe256b159250061e78a0e74ebb6632e1ed1a0fdada8381ebf9439eb017,2024-08-20T16:37:05.447000 @@ -258515,7 +258515,7 @@ CVE-2024-42009,0,0,8775464dacf05b07f164d9bf135cafdb2ba4b40a363a5d9db69127bd2ae3f CVE-2024-4201,0,0,ee0badf63a3e9c653031fb01c45e3bab9160ffb251dc5a875d128957347bb089,2024-07-18T19:39:50.667000 CVE-2024-42010,0,0,f347d4c1e17b119f6d9851ca0a7b1b017e286c890135bf10b6afdc7ab31c6734,2024-08-12T14:15:07.370000 CVE-2024-42017,0,0,7f9a4913b1239026519e3fb7d6fc6d114e8e4e346f101e97cc1469132655da88,2024-10-04T13:51:25.567000 -CVE-2024-42018,0,0,ed031212f83e34a8c531eee2c5ca50b726abe310c71af7d547da2b7a4be172f5,2024-10-11T17:15:03.573000 +CVE-2024-42018,0,1,48c29334c5da2098d436407e3b178f068ba556edf0bd6315b98cc5d6fe724ba8,2024-10-15T12:58:51.050000 CVE-2024-42019,0,0,00604c99ddf544da3b62d7a84887b798a81cb0c15ced1dcc5fdbfa92f5dd8022,2024-09-09T17:35:05.247000 CVE-2024-4202,0,0,614a40ef1052d861451b397b9533024f5e9aecccff7f20e945fab06926a9f188,2024-05-15T18:35:11.453000 CVE-2024-42020,0,0,256c5ebd865730f43a9d1e31df527e38a101d62b918b1916a8bc092516adbeb9,2024-09-09T13:03:38.303000 @@ -259017,7 +259017,7 @@ CVE-2024-42637,0,0,91efd00f3a0c93af0bfc6d360416502bb044589161185dddb1564bcf24f65 CVE-2024-42638,0,0,f05422802d125b3ce266da31a9abfdc3602d6bb3aba7eee20387c1a0cbe79fd0,2024-09-11T12:53:03.987000 CVE-2024-42639,0,0,1a5c2259211b7b8d7a3c9ad7a85700d339edaffc744195b682680689ea5c39c4,2024-08-19T18:35:13.310000 CVE-2024-4264,0,0,aceade487dcdf82d5a23a178a070b3c07d4cce69337175854977fa24341a320c,2024-05-20T13:00:34.807000 -CVE-2024-42640,0,0,43bf314c049537d4f45fb4b911ed2d057757762fd4c0b2ab5961911c22291a33,2024-10-11T16:15:08.040000 +CVE-2024-42640,0,1,53db873e284184c4481b32472a00e7fb4465616468cb68150aef759bbad2bd19,2024-10-15T12:58:51.050000 CVE-2024-42642,0,0,368dc5dc34a16a5f055bfb8f43121adeaf05034c9b1b73657cc5e8228e1781ec,2024-09-10T13:46:25.733000 CVE-2024-4265,0,0,674cb78ce8c95e07c05495b52772b5d4a079c608362a6e67c2dfb567e6b8517a,2024-05-02T18:00:37.360000 CVE-2024-42657,0,0,7a9e5456dd66d94be3a75e811d67a1de5788317e788930f1ba2e8b5887d23144,2024-08-20T16:13:12.413000 @@ -259630,7 +259630,7 @@ CVE-2024-43697,0,0,cfe52331ac6a90710fe2dc00d201bf0d4a824c6a2a13622442c0a8b269f0e CVE-2024-43699,0,0,78534d33d290678062dddcdfe24e803feecb99e21dbcb3ac97f746608e5c52e4,2024-10-08T15:44:29.183000 CVE-2024-4370,0,0,3c1f5b342c087fc6587c8bc9012541b58d80e50fdee9d14eea44daecdec82901,2024-05-15T16:40:19.330000 CVE-2024-43700,0,0,7d9ad3bdf541499d627305e5fd2f4d5ebf1292f98ea79760d8a63eda3d4aed15,2024-09-06T22:52:41.727000 -CVE-2024-43701,0,0,0b7bfe2ed77e2c251473de6714fa1acab50dcb23fe20e59ca100fb21a202d1d1,2024-10-14T09:15:04.157000 +CVE-2024-43701,0,1,2556ac53e56daf7e0f6799972431b69b1e6033a6f76054961b55da7b651ea935,2024-10-15T12:57:46.880000 CVE-2024-4371,0,0,a0b0e0fb8c98057b2328743d7da5c32e9a585001a67e08f1632ceab0df487dfa,2024-07-15T16:42:39.107000 CVE-2024-4372,0,0,9ae4f43bf2d0d90214ce2e4715e0031799e31627a4319bb26ad2a73cf60988cf,2024-05-21T12:37:59.687000 CVE-2024-4373,0,0,95ffe3cd6afce20664a5281c9740358c7cd9b7c7a4c9be8031ba5b0e36cac33d,2024-05-15T16:40:19.330000 @@ -259973,7 +259973,7 @@ CVE-2024-44151,0,0,54a719217bc8b8ee4e32503231faaae29cd72902e5e2fca3e1446643fb218 CVE-2024-44152,0,0,b3dfe3e6aad4927c4120819b90ad93e4589e439a4acd3f9652fbd2503123fc62,2024-09-24T15:55:06.100000 CVE-2024-44153,0,0,b4cd2fe3eed07a503bba11676bf795575e23a0692dcefb729ec0053f448cf187,2024-09-24T16:19:32.593000 CVE-2024-44154,0,0,52420e716bdaf0c7fece3d5feef7b52e02f0f1fb32372b8f2d13dde79a13206d,2024-09-24T16:16:39.947000 -CVE-2024-44157,0,0,a28989cfff089fdc5c64928ba655211032121c3d0b825d46ac43db40236fab2c,2024-10-11T18:15:08.030000 +CVE-2024-44157,0,1,54b7eaae22cc723d9512082a021bbcf9fac9a1834f12b61c750023716d8a31f9,2024-10-15T12:57:46.880000 CVE-2024-44158,0,0,9d7e2fa5cd578734634a4ad7f07935a9c77533bae7cbf9b59ee2c2f082d12524,2024-09-24T15:50:25.083000 CVE-2024-44160,0,0,111306ea6d5f4cd614ad1f97ebba8b9ebd1a48c26d38996100c4c5802f2b5bd6,2024-09-20T12:31:20.110000 CVE-2024-44161,0,0,7c1aadaed2bcadc65ac3b4a310e13a88d0da6d821bc96d21705d61516e8bb478,2024-09-26T13:56:51.110000 @@ -260050,9 +260050,9 @@ CVE-2024-44408,0,0,bceaf662d92e59640c5be45332f34cf4bf71aab9d4c102f8b4268d666b8b7 CVE-2024-4441,0,0,ac0779300bad801b6c25a6a11418596c16f707acafd8505b85edf037d6de9dc4,2024-05-14T16:11:39.510000 CVE-2024-44410,0,0,6c57a9bf372d97a29932dc411b42421130ab7221dd0f704bdc840e2d9eac456c,2024-09-10T19:00:29.527000 CVE-2024-44411,0,0,598fa2c90c1fcb2e76dc9bbaf4d1053ce6ab00db76daa7f3174af16794b4965c,2024-09-10T14:35:06.690000 -CVE-2024-44413,0,0,98007b7f42bd9dd2b67db2d4d0a20a162d5bedc49eb5cd3230e65681cbeadef2,2024-10-11T17:15:03.790000 -CVE-2024-44414,0,0,a7b9ca1dd549414d7968613c2793c071af3ecd185bb74b28866d8c4b42541001,2024-10-11T21:36:31.953000 -CVE-2024-44415,0,0,ad755f39731002ab77617b43d94507b284d67e3ad7779c6cd8a779e287ac63c0,2024-10-11T17:15:03.967000 +CVE-2024-44413,0,1,65f2e8e22133659e3a7937580fccddc1fa58bd167ce5cbf4cb585b1f7a67f796,2024-10-15T12:57:46.880000 +CVE-2024-44414,0,1,cd610a7106dcc832e2a39a0515b94b8e03a77d238ac215270113c2f6bc9117c6,2024-10-15T12:57:46.880000 +CVE-2024-44415,0,1,655af819c0debce238dfa0f7f56d452f9b59bdd69a7f2941e748ce3cef284d2c,2024-10-15T12:57:46.880000 CVE-2024-4442,0,0,9c1eda6fa3435f8c4d08218c5481ff931fe1467531bf106c3f2c1021638ef5a8,2024-05-21T12:37:59.687000 CVE-2024-4443,0,0,844cc6ae76fc91b0a9b2c7cc836e7c7382ecc4895f252d76709d68a22aac17cb,2024-05-22T12:46:53.887000 CVE-2024-44430,0,0,f640e237da24007d6a0c1a8b89d52bdbc13fc34691f8dcc93f05041c29090cb1,2024-09-19T01:38:06.317000 @@ -260131,11 +260131,11 @@ CVE-2024-44724,0,0,8275388c9a55c7b39cc91e96ee195961c5f04dd9487a0f8921294249f0634 CVE-2024-44725,0,0,a55d2d013099f06bab136286a0540186f6f582fe646bcd5f9a3d4c9c9074736c,2024-09-10T12:09:50.377000 CVE-2024-44727,0,0,519c6edd63986291fddd28777499b5bf49fa3688edaaf8c8b5736fac2c095d2c,2024-09-06T13:15:09.567000 CVE-2024-44728,0,0,cb7a7604dfcd48f9cda73a0c69d9a24576616f565cbb7b44a1dd956c1a2540eb,2024-09-06T13:23:23.743000 -CVE-2024-44729,0,0,3dcf77781f61f4cbdf84dc014570b01dd5649b4d221ac540d450428ff4e45bdb,2024-10-11T16:15:08.150000 +CVE-2024-44729,0,1,82a845314db2731430cebe0643ff5c389c92dda056d1b90bcb5f0077e1c3918a,2024-10-15T12:58:51.050000 CVE-2024-4473,0,0,8a0cf4a98efdbfb5770862e11c920028f2e3a9a43c44eb843685fb5ef0c3f72b,2024-05-14T19:17:55.627000 -CVE-2024-44730,0,0,bb569c89296a90bc7c7ad7e7a6a55009f8bd0bf9a4fd1a58d711d12d3039cc27,2024-10-11T16:15:08.250000 -CVE-2024-44731,0,0,8f32c47f12795de1bbfcd47f4c68f72cda0ed66965511dcb203c578a657a9f5e,2024-10-11T17:15:04.080000 -CVE-2024-44734,0,0,ae2abe4d6b083ab9918eabee5329e8d275cafa6899dc9e8104664bdd5793b739,2024-10-11T17:15:04.157000 +CVE-2024-44730,0,1,c0e983cb86f8072ef66556a5230b144b363896e7c046982bb431e66af6c9b6fa,2024-10-15T12:58:51.050000 +CVE-2024-44731,0,1,84a9da96da62ef0fd19671f44ccbd7806fe97a6aa159a56e60da9946ddc9c890,2024-10-15T12:57:46.880000 +CVE-2024-44734,0,1,e37750dcc20c78bda58b48488aa56b30f2ec5cbc21a9a491c00ebcb8d98d9052,2024-10-15T12:57:46.880000 CVE-2024-44739,0,0,48da2c283a8d53275b8fef0ca13127577bd8ad3471472700794962cf357a3ab6,2024-09-06T16:46:47.907000 CVE-2024-4474,0,0,f8c1a36ad14efe96f98dae06e1720ed737c744e50cd9a9e3991eaed9f98aef96,2024-07-17T02:48:04.213000 CVE-2024-44744,0,0,83942cbf0bc52b807dc374447d58331fdab7ca8540cec1aa4efb11011d74c6f7,2024-10-04T20:15:07.203000 @@ -260156,7 +260156,7 @@ CVE-2024-44796,0,0,2932c57e25f9e35c74ce36b128d46acb3231e7bd610d9d98769e690ee695d CVE-2024-44797,0,0,045624a726ff5e1b8db30d7af17e11b2221f6b7d4bdca61ca2fe7511b3f6e808,2024-09-06T22:27:16.177000 CVE-2024-44798,0,0,52c8ec12ad71f918e4568fe73d09fd21beb43d7a2334844f4fb68f12913c2757,2024-09-16T13:19:38.393000 CVE-2024-4480,0,0,046ee1f51773a8c0ac4a6c81ddd78c147b0ada165d730df7b9b8d85146172347,2024-06-17T12:42:04.623000 -CVE-2024-44807,0,0,810975d199c77bf9871ff49351113ab0bf71110290c932592e13dd1febb2d984,2024-10-11T18:15:08.133000 +CVE-2024-44807,0,1,e8c5b3c4d9a3d80972d1eb031e969004994163dce986814689fc511ebbb9f025,2024-10-15T12:57:46.880000 CVE-2024-44808,0,0,53ee5f88da9d15aa3ffd696fc5703153aab92dbb219aaccde4dc48186abdbb68,2024-09-05T12:53:21.110000 CVE-2024-44809,0,0,424c650381a963ac60378eaa5a7cd36fd86829e33f994f3d0227dc416ec44e82,2024-09-04T14:35:12.707000 CVE-2024-4481,0,0,c2852db732c7c65c13524ea22e5406663429c55dff3bfe0d5bbffa299f48bbd3,2024-05-14T16:11:39.510000 @@ -260434,7 +260434,7 @@ CVE-2024-4518,0,0,64c3b6e6e74f6d9fd929463119875b686279109a997143c5dd3ad8e2c1af13 CVE-2024-45180,0,0,08348c7b1382a66372a71879585bc4b470bbbe0e7bc2a628091dcf790778caba,2024-09-13T19:55:54.477000 CVE-2024-45181,0,0,c1b3f50892c5ad2964a42f2f7c4bb1e591fc78d268d80e02244df3b7c3d3d502,2024-09-18T20:26:26.873000 CVE-2024-45182,0,0,9a85c862314a6425e6060387f72c5f336d253a6faf88611dfadeddbd5da8c540,2024-09-18T20:26:11.023000 -CVE-2024-45184,0,0,62cc6d98bd66c7827ea33f57294b4d8f4d5634bae628f9d5a75d79bfa4694c18,2024-10-11T21:15:06.947000 +CVE-2024-45184,0,1,2cf234e0a6e14825f232aaef12e4c1aaad3da08547a4333f332ffe8186f4ef37,2024-10-15T12:57:46.880000 CVE-2024-45186,0,0,77c3f8977c3993383fb80894e402f55d5d22584cb41b5e73c31c8d88ae8792cc,2024-10-04T13:50:43.727000 CVE-2024-45187,0,0,b29c34a9281e147a1f2b33bdd2a8c272cd39081d36dd9d0273787cf191e54024,2024-08-26T12:47:20.187000 CVE-2024-45188,0,0,b715e0fd98dc9de103c52fc47a055822268226fc14af5f0a01f3a3eab3db9def,2024-08-26T12:47:20.187000 @@ -260484,12 +260484,12 @@ CVE-2024-45265,0,0,0bfdc3ea11a3a8b692c725170390e0ed5e5bfa861ba7586668c7c78868fd4 CVE-2024-45269,0,0,930c2dda66909b7393cc3daf8d8e0bcb8066c589d45124dd784354d0c2c32ffd,2024-09-04T11:49:36.950000 CVE-2024-4527,0,0,c7ad79186f39af6c4287cf90f197f2ec298291b738fc5af7e4ddede8b4e9adfb,2024-06-04T19:20:41.810000 CVE-2024-45270,0,0,c7af37af49333c30529c68858eecc171381f5cb95414149d25997e187a81c107,2024-09-04T11:51:30.887000 -CVE-2024-45271,1,1,8eb13f6e3d8197f268bd826098e2af7ec5e57959df70af6e60e76b7510366bdf,2024-10-15T11:15:11.420000 -CVE-2024-45272,1,1,a9d0514694aa9bf33b1e17a6029ea94a9e6d7cffe22a3d890a6a82e3fab446c7,2024-10-15T11:15:11.673000 -CVE-2024-45273,1,1,8a285f35bc564f990a2a79aa26b9af4b5089717bb15f4a9120f9705f09a88503,2024-10-15T11:15:11.940000 -CVE-2024-45274,1,1,0f0dfdadbd9621df4b8239bb06643f6765a2ce9de5ba9fb0c0a49618efb544a1,2024-10-15T11:15:12.247000 -CVE-2024-45275,1,1,c72f99054d037d2cc1295e9503bdbc4a04732b7b6dd23488ba7b69183b9bd7f6,2024-10-15T11:15:12.487000 -CVE-2024-45276,1,1,da7e615f9c655793970ccbb052c46489750b7445a13d6fde2602962fbc95008e,2024-10-15T11:15:12.760000 +CVE-2024-45271,0,1,3021ca2e7fc969fed6650b64acb31a0dafe0588682c14757f354bfd7e755e1f8,2024-10-15T12:57:46.880000 +CVE-2024-45272,0,1,b865f55f578c2171ec1ea73f889db437591ffeb03e29c65c5e680b53f924fca3,2024-10-15T12:57:46.880000 +CVE-2024-45273,0,1,ee1a954dd021c261ba13758da2eb3fceaddc2b6e2644b46e6ea1dd424d6a950c,2024-10-15T12:57:46.880000 +CVE-2024-45274,0,1,11288f6d6aed1bdee822c3c26dbdd1798952eec97aebccae4e3171e5e329cdba,2024-10-15T12:57:46.880000 +CVE-2024-45275,0,1,ce3adef583f0b95cf0465c3b95b51366c43b4e3c5e3841d8cb85272090862e09,2024-10-15T12:57:46.880000 +CVE-2024-45276,0,1,97dcbe9b53aa93be33cd20d38e0eaab54ee3d043ac254e7bfb1b51f9d8d79617,2024-10-15T12:57:46.880000 CVE-2024-45277,0,0,e59672aa770debbf38edd82e3007eefc83b77323731018a054ffb9ae4fa6db2c,2024-10-10T12:57:21.987000 CVE-2024-45278,0,0,306a421217da69225ab7b4db93f5577ae95b1c3748beccda69beb75f2432361a,2024-10-10T12:57:21.987000 CVE-2024-45279,0,0,d1e01ad73c7c0fcb7dd9f385faab2f84a1522d644234e290f3ff403f5eb9a4d9,2024-09-10T12:09:50.377000 @@ -260529,9 +260529,9 @@ CVE-2024-45311,0,0,31e4f90acb3914bc5f26ccdbeff62c6d2144f0789887b6397c99591eab2be CVE-2024-45312,0,0,ef764c6defa41a6edf70254d24eaf293afa21b3c3fa7a94ab70b620cdfc67947,2024-09-25T18:37:23.867000 CVE-2024-45313,0,0,4968bb4eb1a02bcbcbe90803b30cccb5c26bf5a74af49d29e0350cd8e0738664,2024-09-25T18:12:53.543000 CVE-2024-45314,0,0,2f1c9dd8ac80290a1853d4f2b69fb0ae8e68e38eb15e5edeb668cb7a47ecee3c,2024-09-12T16:39:53.690000 -CVE-2024-45315,0,0,ba3d6bb772ee39d6bc5499016a92ac1f8c569adfb2fb030be2d2783f6d06e78e,2024-10-11T13:15:15.883000 -CVE-2024-45316,0,0,917b9a2d81b07be65e7e4444a9aa32a338810fa9c3b1c434251c47ee009c89db,2024-10-11T21:36:32.947000 -CVE-2024-45317,0,0,275e9c03739456c391fe81ca5fee61b756e8c635c4f5a6c7e3a5dd1910911ac8,2024-10-11T13:15:16.103000 +CVE-2024-45315,0,1,5e8750ed6f9cf033921de3f6d7afc0c452e27604c8be5234487fdfc818ed126c,2024-10-15T12:58:51.050000 +CVE-2024-45316,0,1,4ecfd9e7fa59bfdd4734e2d4185781d6d4be914b03dfd0489df8aa5f6a42264d,2024-10-15T12:58:51.050000 +CVE-2024-45317,0,1,cf582da0518aca65335a8c43cb4d83f1a02fd5797437525cbc0cf86d6da8db4d,2024-10-15T12:58:51.050000 CVE-2024-4532,0,0,4fd2f02f0358f1c611846b77f1b0e80bcb1985e07f23fa6a21a71cc25593500a,2024-05-28T12:39:28.377000 CVE-2024-45321,0,0,385b3d1e3bf54e8ae2af5d5796ef0b1ffaf17d58c18e0fbe7542c0dcea09b2e4,2024-09-06T22:30:19.337000 CVE-2024-45323,0,0,c7408403154d2d18fc914b88a9df254c03b0863b353ec16a1e5cdd4039b8f75b,2024-09-20T16:23:51.397000 @@ -260563,15 +260563,15 @@ CVE-2024-45392,0,0,9fbc5e30fa3bc562debe7349b4449c2781517f74b4c1565d7b7acedf814cb CVE-2024-45393,0,0,6f436bc32d420db4f8aef33efc64d5a86243ff621c73802c298c0db31d80b7a3,2024-09-10T15:50:47.237000 CVE-2024-45394,0,0,087a53dae86480e9cc9b0f35c92b2e1955ad080485b753f37f05c38b033a4e79,2024-10-09T15:15:13.600000 CVE-2024-45395,0,0,5d56a4af61ec059101686b1e7cb37e5e2b811fdef7d02e3f80cc3ab9c9de60ec,2024-09-24T16:50:07.930000 -CVE-2024-45396,0,0,abc3a56de497c3db1e9c719057589373f50ec3488667ad449d86758239d1ace7,2024-10-11T15:15:04.457000 -CVE-2024-45397,0,0,ba9520d135d5b299165373f021d4c7e18285bf6fe4c285c8a95f632fc301f1f5,2024-10-11T15:15:04.690000 +CVE-2024-45396,0,1,6dd675c87b2e1227fcfe3f31ed5f824cb6c1442cfdf5adf443dadd8dc96e6a55,2024-10-15T12:58:51.050000 +CVE-2024-45397,0,1,976f4825b8c3f8426e18867ba9ae6d9acb68fa74d718c807376a8714ae877bc9,2024-10-15T12:58:51.050000 CVE-2024-45398,0,0,7d0ffef7297178b253d2c7dc1d3134ea1f5d20b5e1c2ba29b34a3e96958f60bb,2024-09-25T19:20:52.527000 CVE-2024-45399,0,0,00e25ddf2914c9fa87aad2e5386f06040c0acda61d936c8ae5f89b710f3a24c9,2024-09-24T16:48:10.083000 CVE-2024-4540,0,0,56ac6cff101cc91d96d8daf4bfda0c052b655471dc0698e77d798366d59b9124,2024-06-03T23:15:08.930000 CVE-2024-45400,0,0,23d149ef7bada976fce9d2c89ea0cb38e5ff315577519b49e805da7db09942df,2024-09-19T18:04:36.627000 CVE-2024-45401,0,0,954ab622986edfe93d770dee5aae8a96aecaff4645097c85021d65007f0d9f05,2024-09-19T18:12:52.220000 -CVE-2024-45402,0,0,5faab78cba4c9a6e607d0e81f8111307b37f2eedf4e571c4a57ad4c467db3e04,2024-10-11T15:15:04.903000 -CVE-2024-45403,0,0,39d857cd7bc12bdf5b626798796853ec2e5da6755b289b55edc31256410da729,2024-10-11T15:15:05.123000 +CVE-2024-45402,0,1,7483978a1da40c4cf710372cbf23c94319b8b6cc4f6b68f7409c7b0607520da8,2024-10-15T12:58:51.050000 +CVE-2024-45403,0,1,2e861be4c43e672b345b681bbb08a740e6626269bb63f02e9c136edde83231da,2024-10-15T12:58:51.050000 CVE-2024-45405,0,0,fcb9dae5692e8d4d27671ebdd5ac9faa600b717293c20df4e46e96d26ca1730f,2024-09-06T16:46:26.830000 CVE-2024-45406,0,0,fccecd6532f18f7e1ea06f6cc62abb2faeaefa7fcd57ba441a0597b2a31370da,2024-09-13T15:30:45.380000 CVE-2024-45407,0,0,761b4924e4b46db1752cf42f388ca76c7e573211ea8b116cb02c0d2e460e33eb,2024-09-20T16:18:46.717000 @@ -260708,24 +260708,24 @@ CVE-2024-45694,0,0,6df0853247a969905230185a9047d7f0b5d3157f1a7bc76614dde5322218c CVE-2024-45695,0,0,da601d84ea417c0c9279d85654ade81af5192308ba1ba5409f7a2b21c121a433,2024-09-17T18:40:38.573000 CVE-2024-45696,0,0,15dc5b5bd95cf2badd72adb77d96e01d4ef86e61af344574364ee75cad060ea9,2024-09-19T21:42:36.557000 CVE-2024-45697,0,0,f5a37290219fae59e8d61a5bcf73769a3b20c61fab40a7e37a2a1d321507c010,2024-09-19T21:40:37.357000 -CVE-2024-45698,0,1,f6526298a3f199ded6c907356b8dd6f5db94f0696639cd8ae5a504a08cbeae04,2024-10-15T10:15:02.853000 +CVE-2024-45698,0,0,f6526298a3f199ded6c907356b8dd6f5db94f0696639cd8ae5a504a08cbeae04,2024-10-15T10:15:02.853000 CVE-2024-4570,0,0,c1cc5ae154200d1c8cbc554d2bd91b7f0d0e2fb1c25faf550303ad23eb2c106c,2024-06-28T13:38:13.630000 CVE-2024-4571,0,0,76823bb120333d1d68e24e57a18868a62bd826931cb118db3f1630877d1250ae,2024-05-14T15:44:05.750000 CVE-2024-4572,0,0,6754f54e88e479a744a4367c8d1d2577fd697a90d0783dabcb9fc508df61090e,2024-05-14T15:44:06.153000 CVE-2024-45720,0,0,9a958c282ef360c53e2ab2db366594f7b62a7ef8d528ac6998de122fd3a653b0,2024-10-10T12:51:56.987000 CVE-2024-45723,0,0,63a77b3806467261b762149cf38436dbbeeccf91520557e4f16dba13005bb2d7,2024-10-07T17:43:52.783000 -CVE-2024-45731,0,0,64f3b076e1ba73dffdf0c460512babb747cd809745bbab294692b67d6edcedab,2024-10-14T17:15:11.177000 -CVE-2024-45732,0,0,4e5072a835dfaa21d6aa1c1f6e7186ca3a2566f20a3b2446f1311cd0df57600a,2024-10-14T17:15:11.410000 -CVE-2024-45733,0,0,26b12148a3d1f105c07f5ec4d630a2627962ac0992e8874fa66efb919b028102,2024-10-14T17:15:11.657000 -CVE-2024-45734,0,0,60f6ad0bd39b15a28edbbec8142bfd65f3dd6893675910d2f5a63b73b1510f5b,2024-10-14T17:15:11.850000 -CVE-2024-45735,0,0,d1f5a904ff4ce2124f50a1bcd5480da3acc1d59dfb44c552ef8762f57a0c1d19,2024-10-14T17:15:12.053000 -CVE-2024-45736,0,0,f78c0cba5a890982b2563a6304d5814ab3232334c5657217d2788ee254c5ee03,2024-10-14T17:15:12.253000 -CVE-2024-45737,0,0,6f1419b68d8eca19f450336f3fec46602dda1e328d1cee2a20bb0db8b44f3328,2024-10-14T17:15:12.453000 -CVE-2024-45738,0,0,5d1da984cf863288c52eaff3ff6108b50ab539a8a304723020a2fd2eac1740c7,2024-10-14T17:15:12.660000 -CVE-2024-45739,0,0,01a43068fb72c181b3efa5733fc8e8be54627ae8a8ac05fdef7e7315f4ba75ed,2024-10-14T17:15:12.860000 +CVE-2024-45731,0,1,837f8c79b7a5f9d2dadd8823431576dec7771f04f77c365fcfdf6e96b68488ed,2024-10-15T12:57:46.880000 +CVE-2024-45732,0,1,58eb38190ddbf3877e15a1f26f2eecfab037a7f76420ec49567111f156e0c36e,2024-10-15T12:57:46.880000 +CVE-2024-45733,0,1,c488d1c8bdf4acedddea558b0e00160ff6f018ba0ad7e1b4b5ba4afde45a7867,2024-10-15T12:57:46.880000 +CVE-2024-45734,0,1,f8114259d38efc845edf6074c9b14be937cce734dd608d15f9cc70ea3e1474f9,2024-10-15T12:57:46.880000 +CVE-2024-45735,0,1,83aea650cc43eafcfa09c379135234cd72fc7385594b1fb43270db65c6257751,2024-10-15T12:57:46.880000 +CVE-2024-45736,0,1,70d48b414d03d69b52a33965c9030383527873a2bd72aa08e7ca7bf4a58c72a3,2024-10-15T12:57:46.880000 +CVE-2024-45737,0,1,751e2d708e26b5bf7f05996835ae9014aea82ac39e18c3ec1fffd4afacd76df2,2024-10-15T12:57:46.880000 +CVE-2024-45738,0,1,91bc78933fad218b7f0821f1540f5679206b638397b93572061a3d4cce361384,2024-10-15T12:57:46.880000 +CVE-2024-45739,0,1,79f31f89bae88c8aded1413c7f1583ad059ce20c0f043bfef0e2dce3b0399b01,2024-10-15T12:57:46.880000 CVE-2024-4574,0,0,5bc00996fe57104150ae610f292ff224de65f0948423aca3282fe7d917884520,2024-05-14T16:11:39.510000 -CVE-2024-45740,0,0,9d225636a0ff30313e82d40744acf0f9d64b6da60e9d3a775ea47d422a68fd76,2024-10-14T17:15:13.047000 -CVE-2024-45741,0,0,2446936f73030d260e2103cbcab9418fbd70c8e0a8e075e9a5a2ac2e64abaf06,2024-10-14T17:15:13.250000 +CVE-2024-45740,0,1,6332ec886f1d3b4a11286b46951405ed44d3d91884b15ede0f3f405ec57a1a73,2024-10-15T12:57:46.880000 +CVE-2024-45741,0,1,b5015e9a0725134d3a6a4b0d67310b503d318ba2f83754e4d28f43cf49db1735,2024-10-15T12:57:46.880000 CVE-2024-45744,0,0,ec4698c6891bd67c723c11e0dc841a026f8c5da574327fdd441b22164fa47c9a,2024-09-30T12:45:57.823000 CVE-2024-45745,0,0,095415295fb9e908dbd1bbbd24ecc8e41cf81936c17bbb0aa6290e6785ab228e,2024-09-30T12:45:57.823000 CVE-2024-45746,0,0,902861897e83a8721d85c8381c9fc33c107d622749f6a985c29d3f01f324f690,2024-10-11T21:36:34.350000 @@ -260733,7 +260733,7 @@ CVE-2024-4575,0,0,9d22d248e877183fb374174504fab6bfc500414f16c234b88b687abe10cd48 CVE-2024-45750,0,0,f86fce6cd4045728a00882dd42402a213a9d23f5fcb44064e442c5967c556b92,2024-09-26T19:35:17.850000 CVE-2024-45751,0,0,cc5d68fd09f5f304456a6be90ad821b34bc4a7f1a983b99ed7260cdb2141f184,2024-09-10T12:15:01.857000 CVE-2024-45752,0,0,c56d2e99daff13fa264a8e02ee453ba88231a536487b9dd847b13fefb0df4a91,2024-09-25T16:54:27.520000 -CVE-2024-45754,0,0,8640c6bfccb63c37900b2a06f890f53e60ab7feef5bd9c9ab044d090e3df76a9,2024-10-11T22:15:04.337000 +CVE-2024-45754,0,1,362a026d6bbd238af9f5182d00a68f87c556e19e46dff416d9375d97128f2aea,2024-10-15T12:57:46.880000 CVE-2024-45758,0,0,e058696ef4ee1e11dde5d7f4a1626a6964f9190aeabab6642796a352a4a3c2cd,2024-09-06T18:35:13.043000 CVE-2024-4576,0,0,bef0c1eb81bb0f4c3eef72c993d9a673f04f17bc2d954741979507814d4ccd99,2024-07-02T14:41:30.777000 CVE-2024-45769,0,0,8008e87928d7d924cb6edc7a002ab7d174233b35bc221ee2578339101437b36f,2024-09-20T12:30:17.483000 @@ -260870,7 +260870,7 @@ CVE-2024-46083,0,0,73f6a059a5ba6bc696db7247d8909675528ea79771aa3e324116789f85257 CVE-2024-46084,0,0,b76e6b13523e15b76b374f65868a92b58cdd010c840abd828b2c93c894b78869,2024-10-04T13:50:43.727000 CVE-2024-46085,0,0,c40bf34999e41384db415b4f8361df5bc1a972c059bfcf483e35e9bef50d8457,2024-09-20T12:30:51.220000 CVE-2024-46086,0,0,504c7f52322e487d2224c0cc449e69a05fcab67f7a93912f7189c1bccd5d3802,2024-09-25T17:08:41.937000 -CVE-2024-46088,0,0,2a3f5b7161cfeaa0d531006e4014cfdcbe258baba00e87c6174d7dbe11360903,2024-10-11T21:36:35.423000 +CVE-2024-46088,0,1,1b91c555dfb394872dd1e817cb620b5758475e8d3c7304fb65a23e81862e7c8f,2024-10-15T12:58:51.050000 CVE-2024-4609,0,0,b6f3fd3db9085553e8d026a562774e21d6dc7bb2eb7a9a6cfeb43138546783c0,2024-05-17T18:36:31.297000 CVE-2024-46097,0,0,512a1e36bd43b76dc23993f25084db214121a78b92f1064375f403c11dada0c4,2024-09-30T12:45:57.823000 CVE-2024-4610,0,0,43047990281e26a04055de4ace6574603f0b08f61a7727d9acdec64f6d8d9784,2024-08-14T17:06:24.800000 @@ -260886,7 +260886,7 @@ CVE-2024-4618,0,0,c37ae26f2e1f44a703054cee4816ca3bf0ad845eefa4a632c5bbef4a4e755f CVE-2024-4619,0,0,4a40c989d02466215a13e8ebc90eedd665aa01db8dc0a625ac187e77f54f90ad,2024-05-21T12:37:59.687000 CVE-2024-4620,0,0,1935a4a456c9356aa20baa9af9ee846c5d3912db31523d71d257746ce19dd702,2024-07-12T16:12:03.980000 CVE-2024-4621,0,0,2ba6d981e4d5b6f91910837209ceaa779e2d1828d6d78fc3d542c33aa869820e,2024-07-03T02:07:50.963000 -CVE-2024-46215,0,0,0edb1c764d687d6040f8379d963624cdf40d57ffe4221c99522530dbb9fe9b8e,2024-10-11T17:15:04.260000 +CVE-2024-46215,0,1,6088b1af2b5f56d01d9a229189ca9bdc4f06d4663db151735c4a445892a1cace,2024-10-15T12:57:46.880000 CVE-2024-4622,0,0,7ee7f5b0dbbae0efd9526a317b5150a2af537411986feb7d056b697fe5fc8d53,2024-05-15T18:35:11.453000 CVE-2024-4623,0,0,c53a127683caa8cc49c11a88cc217ef787af901116f1ba89c4741730eb1cc926,2024-06-20T12:44:01.637000 CVE-2024-46237,0,0,a0f64eb1e4641e71cda28150c6a7085b4f541a320eaa50e27b069ce565fe1cfc,2024-10-10T12:51:56.987000 @@ -260957,7 +260957,7 @@ CVE-2024-46451,0,0,d3a56959d528545e5d37d75143f0c1e0141235a2bd503adf0162594e2e188 CVE-2024-46453,0,0,f2e65264e0b1a5c3ff7f710d8d23db018673f8328ef08ecc489a300ea4d9bf1f,2024-10-07T13:53:04.767000 CVE-2024-4646,0,0,368f6c8b75aa07d035e1b1b12d3ee4faeb304323401bbcc5aa2596217dc42f5b,2024-06-04T19:20:44.390000 CVE-2024-46461,0,0,cc86f5c42464c26c4a36c6d59fbb4ac13932ea21683a14dbd86ef949d78638fc,2024-09-26T13:32:02.803000 -CVE-2024-46468,0,0,677d6c831974a29d35fc0b66c11bf3eda1ab300e218b909f570b915ecb893dd4,2024-10-11T21:15:07.040000 +CVE-2024-46468,0,1,590f99179c67e59eb42f50e717dee3e2d00e317ae2f74cf7e2e6cc04e0418e38,2024-10-15T12:57:46.880000 CVE-2024-4647,0,0,abfff49b4d0bc1323cd8c136d2663c14e45b73cbc22df4c684f6d02301cae0cc,2024-06-04T19:20:44.487000 CVE-2024-46470,0,0,4aeda2c990e579b9008226e62d5cbdc47a22a0fa6603152064e359fb3aa1bf47,2024-09-30T12:45:57.823000 CVE-2024-46471,0,0,470c933b4642dc2897ace8d3fcae6cce28009d5c4dc28b3858aee18cd52a08d7,2024-09-30T12:45:57.823000 @@ -260975,10 +260975,10 @@ CVE-2024-4651,0,0,745218d04b1207995e3df340bed9abda2dd0952b7a1b22fcaaa17a8ad8b7b0 CVE-2024-46510,0,0,bb46a7737029f26392a246097a18ec9ca317101031432da9b686fbbec181f9e7,2024-10-04T13:51:25.567000 CVE-2024-46511,0,0,78cf785de24718da0c0ea71257e191470c834e4be61ca79ad4d72c264c3c4729,2024-10-04T13:51:25.567000 CVE-2024-4652,0,0,8fd7af949b4c89aa1e5f9f8bc7784e47292323116a1f6a56ecb880f3c410a541,2024-06-04T19:20:44.873000 -CVE-2024-46528,0,0,473262510e24cb9558455fa1fe479cce4ec5b58505162ffb48d8cf9e8eef11a5,2024-10-14T18:15:03.847000 +CVE-2024-46528,0,1,e008ee055fc244c62f6620ac80480bf6446a0368ad534e522637438a666b1ebb,2024-10-15T12:57:46.880000 CVE-2024-4653,0,0,7b6d5c0913690c5b51d844fc9718b4208eaa5f352f244fd41eee7be1add5e3bc,2024-06-04T19:20:44.990000 -CVE-2024-46532,0,0,3cc4b0eac6406170fdb3268901170209dd1adc3b3b14e5bfd21137ddfc4e89d7,2024-10-11T18:15:08.267000 -CVE-2024-46535,0,0,236faad90efb2cca4a33db405473a6420ce807a7b23b2f487d5ed937562d9418,2024-10-14T17:15:13.440000 +CVE-2024-46532,0,1,c6e0d455d21a04879d4eb03cbf11fc55f7b3d1c74ff8ace5dcd3df8ff8b6f824,2024-10-15T12:57:46.880000 +CVE-2024-46535,0,1,90dccc58d65e5ca1d7e7bda6ffb01ff42cabf889fb08380da874595b0e496075,2024-10-15T12:57:46.880000 CVE-2024-46539,0,0,2d2c57643421ecf3202df41ca86f61b87e91435ec045a273724c1fd7bed0cf14,2024-10-10T12:56:30.817000 CVE-2024-4654,0,0,0088d34096b2578204ff98fe71c1f702e4c8866653411407f72fe940a56448df,2024-06-04T19:20:45.100000 CVE-2024-46540,0,0,82bd73e280c5a23d3b35406dd5a042ddc542cc53d99831f15d05d7d862ed5067,2024-10-04T13:51:25.567000 @@ -261006,7 +261006,7 @@ CVE-2024-46567,0,0,dedf59b7bdc5b2e51a36cbc666014cae7f626ef481966bf02a77cd072fada CVE-2024-46568,0,0,2301bebc09919b1fb68167c3b63854080045492699033fe0b4e9e2e63dbdb0e5,2024-09-24T16:42:01.687000 CVE-2024-4657,0,0,e4551eb50aadbad4e8d70da122e3e5b28a0bd348b1d5555c6dab0b92557cea7b,2024-09-26T13:32:02.803000 CVE-2024-46571,0,0,d8c3af383191fcf5562e605a727b1592f14cb20acc9bc8714597971ea66958fd,2024-09-24T16:42:03.157000 -CVE-2024-4658,0,0,fa00630875db0efccba13c0100e841db98c8129cccb6c452ad93d82f90c19c29,2024-10-10T14:15:05.587000 +CVE-2024-4658,0,1,4ea9bff1d03f665c43346d847ffd5c6997ba0b1fbb9880e26098f95d20dd7346,2024-10-15T12:58:51.050000 CVE-2024-46580,0,0,4ef81a3a666be4ae5d59b8240dbfdd552f675698f9d209378d8692d698660973,2024-09-24T16:42:09.207000 CVE-2024-46581,0,0,16117c2b2643f1e7cb6f228f7ad68d76a739f5581aa486deed15d00461c03fe3,2024-09-24T16:41:36.533000 CVE-2024-46582,0,0,4dc729b9802e75f61b77ace705aeb5edeb4d2f366d0a6bce4afc576e2ee3fa8e,2024-09-24T16:41:29.377000 @@ -261278,8 +261278,8 @@ CVE-2024-4688,0,0,52289ed8c0286442cd44c00a18386eec964a66f3ff263d13f6b3a47ad78257 CVE-2024-46886,0,0,a928062ae00bc94e4a7abf511f66b23a1126250ea4d99006bdee4b18a22b92db,2024-10-10T12:56:30.817000 CVE-2024-46887,0,0,b7a0812e4d4a8d09f6eb4da630d645c25b0d554f80d4c4a4c7b07d79f22299bd,2024-10-10T12:56:30.817000 CVE-2024-4689,0,0,a13cc88d2e9b12d452cf9b42ce57cc1735d851f3f551a07c40e7bb0f2ee113b8,2024-05-14T16:11:39.510000 -CVE-2024-46898,0,0,090feab6ab67318cf45d1da40d0b0a4cc89bf6e9bd659fd8b09f201f565aa04f,2024-10-15T07:15:02.267000 -CVE-2024-46911,0,0,c13f8d0102a83918280aa942c5da64550069a7b55c4abc0be81f9b5adedd122a,2024-10-14T09:15:04.297000 +CVE-2024-46898,0,1,178516bca9b3803fd722575d81e840fc784815250e7c43f8bcadd42fc4592993,2024-10-15T12:57:46.880000 +CVE-2024-46911,0,1,611952a6b1126b54cf024e9a99d67e12cb7d1e8ec93fd9b8c3fb7fb963b348cf,2024-10-15T12:57:46.880000 CVE-2024-46918,0,0,bb2eeb1c2eb1e1757cf1750044772f91012857866544e10c0b718da276cf0057,2024-09-20T18:14:23.897000 CVE-2024-4693,0,0,e3d9266511ed640ea0a2750bbbe8d9b8b25eda5f77b693324e75ee95f4a7a307,2024-05-14T16:11:39.510000 CVE-2024-46934,0,0,39cd5d62e62d306b30cc42f4b07a71f98f69814db0958da38caca7a2aa0c372d,2024-09-26T17:41:09.580000 @@ -261302,14 +261302,14 @@ CVE-2024-46977,0,0,5fe07ded9851f376d26307ff56bac27430f6dca48e690a88893ad782618f4 CVE-2024-46978,0,0,3012612591065cdf72fb760bb9d34692ccfd8a93c66cdc7533522797108e3ef1,2024-09-20T12:30:17.483000 CVE-2024-46979,0,0,bd5b4b491d76f1da7f15e1f5aed6e68afd31ea61b239078722a0e41874b565fd,2024-09-20T12:30:17.483000 CVE-2024-4698,0,0,9dba1ffb097faf0537551ac7612916f547965c7b253baf1637388ba1ee83ae86,2024-05-20T13:00:34.807000 -CVE-2024-46980,0,0,4358f5ee462e64b5eb817d966373f64a4f1673d26f80265233783ad704c84fb6,2024-10-14T18:15:03.947000 +CVE-2024-46980,0,1,122e658278b63ef1ec3444bb04e932587df9041b7495084575eec7e02332119d,2024-10-15T12:57:46.880000 CVE-2024-46982,0,0,3d9f669d24afb928408eff7284c81bba148f4b4b0d8de4608d668ca1c9286073,2024-09-20T12:30:51.220000 CVE-2024-46983,0,0,ec8817c062e2bbc441fd890e19bc6c98486be5ca90653148f7abcab9b4d72f76,2024-09-25T17:46:48.927000 CVE-2024-46984,0,0,8ed08a9f75ebb534fe57273695d27a9994db3769e0e07c54bfc9165453c74828,2024-09-25T17:49:17.007000 CVE-2024-46985,0,0,f289d0c2db76b1e0a673c959417469497f1df2bc55eed06198e333b29817e22e,2024-09-27T16:35:25.473000 CVE-2024-46986,0,0,b1e8ecab8ee8344e09d3e8f66f5ec81add204bc763f66591964d8fcd8895b71d,2024-09-24T16:30:55.167000 CVE-2024-46987,0,0,3e51e4a66f91f3c1a320e0df76dd0f9bd2a4c4e56143ff227719b395a8a10371,2024-09-24T16:27:30.457000 -CVE-2024-46988,0,0,2f93d243a7a11386b1f2ea8d381c5e14aa755bbb7c5aa2eeb1f6c8d7965581ed,2024-10-14T18:15:04.173000 +CVE-2024-46988,0,1,fa233f3ce3eb15aa1abd93d32f6cdba9eb32c4ff5e5546b2ce757c26829c6dd6,2024-10-15T12:57:46.880000 CVE-2024-46989,0,0,fa29cba3c1dce457e1dbba7936349383199f9bdd1c6535b099705e0bc06fa139,2024-09-20T12:30:17.483000 CVE-2024-4699,0,0,094a3293d1ad6c00b8f42deb1643b829befd633ab0dcef49a183da331debaad7,2024-08-06T19:15:57.580000 CVE-2024-46990,0,0,a651df2006ba8ce24b06699e6e89ccb4decc32abf73ae7975ae4d0581b357bf8,2024-09-20T12:30:17.483000 @@ -261351,7 +261351,7 @@ CVE-2024-47069,0,0,255d89cbb652b594a7eefdca5524a576b519375e297f09c89870c40566f1b CVE-2024-4707,0,0,8435cc27f87132831b9d3f5ec9dd9fe3cf2e85b8b55db14f2e03c7e1023e49fc,2024-07-24T17:59:29.230000 CVE-2024-47070,0,0,eb4e046cb0db7f50fe7115a81e47e9b3e2a8d6720f2cc6fa65783765e5390106,2024-09-30T12:45:57.823000 CVE-2024-47071,0,0,2a2727cf2aa9f31ddc31166413e132f87e7e569f257fdb08eb6f77a7cd1bf2ac,2024-10-04T13:51:25.567000 -CVE-2024-47074,0,0,6aee76412b8391ab2444040d9063f8b7e2e0a9e3d5a524462cecc27bf455c642,2024-10-11T15:15:05.353000 +CVE-2024-47074,0,1,c235393b42c4b6df5eccda6c9c87286d920054a08fd0159e7304cbc69442da06,2024-10-15T12:58:51.050000 CVE-2024-47075,0,0,fc6fb563183ec73ff3cc748ab21f019299b633a8e98bafeae8d21bcd8012663d,2024-09-30T12:46:20.237000 CVE-2024-47076,0,0,82c29f0b96fa3aec0681c5bff18d4d64d621f66fcd11bafc7be54b1c376fa105,2024-09-30T12:46:20.237000 CVE-2024-47077,0,0,da6225ab755733389945bc8204b7e8eb730152eea799320a5a148837369aa9ea,2024-09-30T12:45:57.823000 @@ -261360,7 +261360,7 @@ CVE-2024-47079,0,0,d8ccb016ae09801690996b7754595e296560f1a65a763da55e97f54fd5c7b CVE-2024-4708,0,0,c271dbf72bf72946f8191932c0e7ad58bd2ebed6dfb7e2f3f6882e8c7f0da7d3,2024-08-29T19:31:56.517000 CVE-2024-47082,0,0,1308a2a31af2cc56619224d4839a59b43bea81793244865a2d1ff9a5500281b8,2024-10-01T20:01:13.367000 CVE-2024-47083,0,0,9f0f8f8e78b5ed1a065825a55f34b3ef3e9db7af7ca41f6fc7c1cda9271f0e45,2024-10-03T15:11:29.913000 -CVE-2024-47084,0,0,c91f3788bc5087705813b85d003c13c63debf5f452a8a5262c26afca227c363c,2024-10-10T22:15:10.263000 +CVE-2024-47084,0,1,d06a827dd421741f7cdd21a2858b53ed6dacfa5f4639a2d5832032b40efef3a2,2024-10-15T12:58:51.050000 CVE-2024-47085,0,0,52609fda0dd3268fb54a4c4835942301029b5f82b7a9256b81c2395928ebbe9b,2024-09-26T15:30:47.787000 CVE-2024-47086,0,0,170e19d2a5f94228d179fe1c43d4342418d894a17ee62d0745e0ba04130a0c3e,2024-09-26T15:29:47.233000 CVE-2024-47087,0,0,00c0418dcbaa10bdb3121773be01ff0430232cec071716dead5062981f005e75,2024-09-26T15:25:51.467000 @@ -261393,11 +261393,11 @@ CVE-2024-4716,0,0,17dd73abada87214ed7c4da9787dcdd43aa5089416e4d3395c3029d4b8a776 CVE-2024-47160,0,0,c1aad4fed9b1c25a1ac730f435c0afe6164d933ac9e43b9a1caf75e24768ef64,2024-09-24T18:03:48.370000 CVE-2024-47161,0,0,b4f14ace0eaf8823c777465f809d23f928c4c28c11d0aa00813c7f2bf032d71e,2024-10-11T19:54:07.317000 CVE-2024-47162,0,0,322233fc16cb60b7afacb06e9a8b8faccd2cf3bd8a5ab8537cf655de3bfbfae0,2024-09-24T17:57:43.827000 -CVE-2024-47164,0,0,a1ec447043bd1dddc74e93bb9e6c6b48e1f0868e56517262031fca74fde471e0,2024-10-10T22:15:10.437000 -CVE-2024-47165,0,0,98c6f117034019d1f7723263cfdc6b1a538da8f36b9f6b9f746611e2ba975e0d,2024-10-10T22:15:10.680000 -CVE-2024-47166,0,0,3e7db29af66e64a4932ab8b1cdd42ddbc6f7782210754f14f9d6c6e640b4e7ce,2024-10-10T22:15:10.833000 -CVE-2024-47167,0,0,f07c25cff4fad7154b4ecff7fd13aa8364de2905f0f9193f46e7d72c04a4cb3f,2024-10-10T22:15:11 -CVE-2024-47168,0,0,fc89e113267c2850c58d8a8e3babcecaca76ef967c8b509906151afd8ae9d7be,2024-10-10T22:15:11.173000 +CVE-2024-47164,0,1,36e3991fc4e56c87444f03b478ec84fe746a574b08b3ebef5404e91bc9bb0334,2024-10-15T12:58:51.050000 +CVE-2024-47165,0,1,7df44f1ab0c32002f9de8b3a5b7fe8259154c501ac6e8ed5c64c421ba3da9291,2024-10-15T12:58:51.050000 +CVE-2024-47166,0,1,4da4887bde82bb512884fa300b27b6c5fc11bb4ac77d61536b79879d2f64575a,2024-10-15T12:58:51.050000 +CVE-2024-47167,0,1,712deec86f3b3196f0f6133b062739435fa8a96bdbb9f35a471305a5c1a2680b,2024-10-15T12:58:51.050000 +CVE-2024-47168,0,1,b372cf4d843ee6122e68de8068d78bf4b1bc438870a7c8d2d9afc61f9b91b331,2024-10-15T12:58:51.050000 CVE-2024-47169,0,0,3d7d577c82be13838843013d038c262ca65c719ce4179d733fb886eea7d8c747,2024-09-30T12:46:20.237000 CVE-2024-4717,0,0,7921e256cd1b57dcd690590999b44ca8d29db58a18405deda5f12fdfca691aaa,2024-05-17T02:40:34.317000 CVE-2024-47170,0,0,5b51e77bbaf0aa4d73aaed7035aaf98c0f3c0e8a355756474eeb1aa8a1be9c4f,2024-09-30T12:46:20.237000 @@ -261473,7 +261473,7 @@ CVE-2024-47327,0,0,c538510929aaa1efef8590e5c0955bb05270eb6eca4d47152891a99d515cb CVE-2024-47329,0,0,8f9cf4ad2ce9c10f9ea9bbbdd9112304e1d41b0ef8826075f80f55633e097d19,2024-10-07T17:47:48.410000 CVE-2024-4733,0,0,bab73609d3aaa55dacedcdd69b9c9d83fbc709adf98853b3adb423b13daf2498,2024-05-17T18:36:31.297000 CVE-2024-47330,0,0,8e1bb94d03c47cc1936bb0a3abc1d94c591039097eebb503639095132d634032,2024-10-02T17:26:49.470000 -CVE-2024-47331,0,0,596c791ac8b0a95707c17084b5d3daf2eae269336f00917824d2d3797b89022e,2024-10-11T19:15:09.783000 +CVE-2024-47331,0,1,407e750d1989e683e236deff0838b4e791295832cd6aebe80372c3e2e15da3dd,2024-10-15T12:57:46.880000 CVE-2024-47332,0,0,ac5ed213fd921095ee0b8be4048aa454f8ac7fdcdf6a18756d3c0921bb781874,2024-10-07T17:47:48.410000 CVE-2024-47333,0,0,512f6769e7250dfb91a8929703f1237d3beaa36f2d8957fee001943383c80c30,2024-10-07T17:47:48.410000 CVE-2024-47334,0,0,b009b1e08524049ac674c8aea8d43b565f40269928fb41da018eb521c9e21ecc,2024-10-10T12:51:56.987000 @@ -261496,8 +261496,8 @@ CVE-2024-47349,0,0,6da76508c4a0edbacdd1aadc3d9c5ffadfd8b03541318b01a097fae87e059 CVE-2024-4735,0,0,74f4fbd101bb46efdc880f338cfb70c8fd3a6ef365bd7732d2107c79fb3d78b8,2024-06-04T19:20:48.397000 CVE-2024-47350,0,0,4ec04dd8de1c81002acaaacdfa3f1b4c07e386a17889b06998ea063c2136e635,2024-10-07T17:47:48.410000 CVE-2024-47352,0,0,45b79099f1ba5aa681217933df202e8d205195991ef3874185e6485b2240d914,2024-10-07T17:47:48.410000 -CVE-2024-47353,0,0,46323252c46ba333ea4f36816ab9a80f2389e9d61296f8594ed082165cdc29c1,2024-10-11T19:15:10.003000 -CVE-2024-47354,0,0,33bc5db8ff7cce132ca8035946199c9320e0d22066d309b78b0ec6bd824d75c6,2024-10-10T19:15:16.837000 +CVE-2024-47353,0,1,d741f1e1b662f00888a036482f543a291b93f9a45bea0fadab05d49a3f134ce7,2024-10-15T12:57:46.880000 +CVE-2024-47354,0,1,6134434fa97da25d9165870f5853ccace7086e06da2c04b706195994fa4c1880,2024-10-15T12:58:51.050000 CVE-2024-47355,0,0,12a7099a9d6cdd27b256bc5c48c3a41afec28615356ab2b2ea1493ea2e2ae12f,2024-10-07T17:47:48.410000 CVE-2024-47356,0,0,ca86bef3a64488bb151757babe27aa9ffdd4ef292d24e939d9d6f108a98fd589,2024-10-07T17:47:48.410000 CVE-2024-47357,0,0,ef34fc816e0519499aa111866aaf198aae04b83f86c74c4b0f6800883576b819,2024-10-07T17:47:48.410000 @@ -261562,27 +261562,27 @@ CVE-2024-4745,0,0,54a19ac018881ab94cc09206a38557755449249c459a354d473ddea48bafd7 CVE-2024-4746,0,0,764da2d2faf52d5d8b005efc01764a8e4bfb42f0a65f0b328618a43b312322fb,2024-06-12T16:17:42.223000 CVE-2024-4747,0,0,071c88b133efa29a5bceaf4f1781edaa635d35ede69008d4aad9361c37e95f56,2024-05-14T16:11:39.510000 CVE-2024-4748,0,0,5ce71114653bf2c9cc6586a0117b72827b192c4aa4e8e27ac2b81ed4a0b190af,2024-10-10T16:15:08.630000 -CVE-2024-47489,0,0,40082c9ea6af3f95e3adaa23bf06b126d7d87faf58740e252c8c8f8380cc9e40,2024-10-11T16:15:08.533000 +CVE-2024-47489,0,1,b60e5447ef49080d8bcb541a004c5061338369ecebcb53ef8b0c02387b615511,2024-10-15T12:58:51.050000 CVE-2024-4749,0,0,21df5bc0093c94425462a6e59e75544f486b5326a781fcb494e0f25aa2f7ef93,2024-08-01T13:59:33.520000 -CVE-2024-47490,0,0,aff460f2bb886b0c556320292bceb775329712483804e9b0338b4de254980cea,2024-10-11T16:15:08.803000 -CVE-2024-47491,0,0,61f380aa4eca71a114d68c477d91523642fbf583891c87c81bdfdf5f3974483e,2024-10-11T16:15:09.060000 -CVE-2024-47493,0,0,063925c1520d3414cb1ee69e964adb1f030ea403a77cefa25ff0439a08cd554d,2024-10-11T16:15:09.320000 -CVE-2024-47494,0,0,8fcd878ee54fa8b3d09223b7f4989139aacc792aebad87e2d9a254682982f88b,2024-10-11T16:15:09.580000 -CVE-2024-47495,0,0,4bef553e872359b4fc95e80c4cad4802591e7ba939bdd2d42a18e474509bef36,2024-10-11T16:15:09.830000 -CVE-2024-47496,0,0,e7b7c70aa0cca27791bbe9b8a83ce0cab9d16c184db2ffab4569a96982e74314,2024-10-11T16:15:10.080000 -CVE-2024-47497,0,0,8e5c86f378bb0e59f8301ddf4e1a53b153439ef401b68284b482ae56c6bfa753,2024-10-11T16:15:10.340000 -CVE-2024-47498,0,0,e7bda161b4d7d50f70ebd7d3725d035b1af79c053ff8bbb7e0def421f3062737,2024-10-11T16:15:10.590000 -CVE-2024-47499,0,0,b647a152c1d0f43218070f7f35e867edcad3f8df28d7b82fd5e10073a0081635,2024-10-11T16:15:10.850000 +CVE-2024-47490,0,1,e3601f25126ea5528355c875251d16d0b06252aacf2c95cdc691bd121e53f290,2024-10-15T12:58:51.050000 +CVE-2024-47491,0,1,c5bdca18c30a9ba208f809b0aa08faf5519658a01650b1fff2102e5fa2bbf4ef,2024-10-15T12:58:51.050000 +CVE-2024-47493,0,1,ed6769741c9bc056929e2eb15f1510df379ba8b3f689fe0808d79765a5856c40,2024-10-15T12:58:51.050000 +CVE-2024-47494,0,1,6c1e51ae430441f137484fa6d1c393b939839687e6f7362eb07f2dabc39d9f4b,2024-10-15T12:58:51.050000 +CVE-2024-47495,0,1,8400ccc05e720ac6238e1947d4541f548ec20019312994ed40be8d16020de4cd,2024-10-15T12:58:51.050000 +CVE-2024-47496,0,1,8318ebc03487e106db1d9a1cf656b2d590141f326264aa8e735642b41da38572,2024-10-15T12:58:51.050000 +CVE-2024-47497,0,1,4a968475a9d4046c8145480c7cf65afadf7fe414de3e2f48744236840766e127,2024-10-15T12:58:51.050000 +CVE-2024-47498,0,1,45e62fca9f239ff40a8628be8e2b2cd83b6836cceafa3b0704779e8f4277ab3a,2024-10-15T12:58:51.050000 +CVE-2024-47499,0,1,be067ef46830077479304d85c9cbb7067ce0338774dd848a6abe3ff5df9a9fe1,2024-10-15T12:58:51.050000 CVE-2024-4750,0,0,e7d885dbb56d4f9fc74f5666b8e26860ce8baddd6593d5428816201f1663fb5f,2024-06-04T16:57:41.053000 -CVE-2024-47501,0,0,9d38ac9f30fb2461dc751986403d7cdc00216bd867c8656968e9be69d8b71af1,2024-10-11T16:15:11.167000 -CVE-2024-47502,0,0,0ac9bcdae916367f6e77292960a91cefbb0144dd122c43ecf5c03c4bb09c9e82,2024-10-11T16:15:11.413000 -CVE-2024-47503,0,0,33465613ee6f1265bc32ac702d6b48b093fd4231944e5c74d21db846f4ca534b,2024-10-11T16:15:11.663000 -CVE-2024-47504,0,0,13c78f1c6a691ed1435e84bf51120f6b3f9dd22512be8521af4970708cea2e9d,2024-10-11T16:15:11.900000 -CVE-2024-47505,0,0,554c1f48d9e1d8b28639e92fb32cbf6c0e445c179896e914c73d119fae3f9970,2024-10-11T16:15:12.210000 -CVE-2024-47506,0,0,1039f5e5572938c5f5f0e4f895df2d0e18fb82cbad2b8c7b5d75af3c751a54e4,2024-10-11T16:15:12.450000 -CVE-2024-47507,0,0,e36465efacc62969f058c438513d0ae9beeda7602752398c7d2a3be2531233f7,2024-10-11T16:15:12.700000 -CVE-2024-47508,0,0,9d17e4d6464fec53e39a71d9b3bff6a30234fe14e729bcc9c1f57ff29bdd62a2,2024-10-11T16:15:12.957000 -CVE-2024-47509,0,0,43e64569532dc69d5e1f5381f9f6dbc47e6b577336d03b81f0c24e659d0fa33b,2024-10-11T16:15:13.187000 +CVE-2024-47501,0,1,b53d6a9de5765edf19502f12791470d4c4a096ce1885bbc9513b8b8c6b0469bd,2024-10-15T12:58:51.050000 +CVE-2024-47502,0,1,1fb924902a87102b084567c3c3d10b050eee2f88d3a9e03c5680b6357cc7883d,2024-10-15T12:58:51.050000 +CVE-2024-47503,0,1,38b77807c89088c295e38737911b39bf766df9199d03f44b518b7f457f21b276,2024-10-15T12:58:51.050000 +CVE-2024-47504,0,1,efc4d7b233c9c39d3e6b7c1a4f4c9d742229ae13fec237a137846862be6c65e0,2024-10-15T12:58:51.050000 +CVE-2024-47505,0,1,fc270f1a5fb766dda50412e0ee4b89690cccce181d13131b85c7c2ecce6f7fea,2024-10-15T12:58:51.050000 +CVE-2024-47506,0,1,a48598017b5c77d05f7222c980b2bc4e1b13a493ce04d282df188e54f6bb7a51,2024-10-15T12:58:51.050000 +CVE-2024-47507,0,1,115ff9548609c470e7ad97471fa1aaf7144ddb41f9321c7965bf9acff450f532,2024-10-15T12:58:51.050000 +CVE-2024-47508,0,1,429956ab48f11c14bf051f4f1bacba4ac8df38416461ca7db82bee8d071ff281,2024-10-15T12:58:51.050000 +CVE-2024-47509,0,1,76ece07115d6fe55eea56c310deff86334b962222c61b334eea857efd424bcd0,2024-10-15T12:58:51.050000 CVE-2024-4751,0,0,258479d9744cea39d1125b819c638c567793396e05305e64bbc0e320bde2cbf7,2024-08-09T19:35:10.473000 CVE-2024-4752,0,0,6bc9a9ea56288a6bdc9797f778ecc1371bb94f8257819cae6e07cdc5634a3ca3,2024-08-01T13:59:33.713000 CVE-2024-47523,0,0,22d43e6df5f74e6749ea10e7fe6523466b29bb84b684bbdd4f0562f87b193f88,2024-10-07T19:07:30.287000 @@ -261644,7 +261644,7 @@ CVE-2024-47631,0,0,2f5538e06e1703745ac31e3e4aff85429449cb6536170f3449d5c71969226 CVE-2024-47632,0,0,86e12c89344fd18c9940736a7e6a5db1287861f4d951d9a231cba9485bf7a1d1,2024-10-07T17:47:48.410000 CVE-2024-47633,0,0,7b59299b7ab0b71990c59d871565371c288abbd036b35f6cb6499efd86c70120,2024-10-07T17:47:48.410000 CVE-2024-47635,0,0,f0938227f4d08edb6147f27db4a3110fa41d32874c7b3f4eb3d409a9071f6c87,2024-10-07T17:47:48.410000 -CVE-2024-47636,0,0,40e2673332d0fccd09fa7d073f6fcd41cf460262cdbaeadb311021b5ee617d45,2024-10-10T18:15:07.920000 +CVE-2024-47636,0,1,300b53ad3b56bdfe242daa94b07eff6e5ccd9aa8581554b844321a4f299321e6,2024-10-15T12:58:51.050000 CVE-2024-47638,0,0,f0c22183891875150f00de26c51ae04bc878b43d7b02fc8f2c1801fe764630f5,2024-10-07T17:47:48.410000 CVE-2024-47639,0,0,4ec7325cbe24ae0ca33ddb45827142885ef58b3113bb6ddb4d5e479f788b21cb,2024-10-07T17:47:48.410000 CVE-2024-4764,0,0,d4513c07467374a5b389bb93120fcb2ac353ef34ecf409f85646dd7a83574a17,2024-07-03T02:08:04.193000 @@ -261654,7 +261654,7 @@ CVE-2024-47643,0,0,8a3ec59bba07c503924b1001c49d13f876ea3327bd5600be5208638f48d0f CVE-2024-47644,0,0,fd711aaea76127f15b2ba3d3dbc77e4b5102355ce0d5450815f1f781ee51f5f7,2024-10-07T17:47:48.410000 CVE-2024-47646,0,0,01dc941ba058056f80ebe31f50a37207cf5e1478b0e71cd2c82bbad9118a33a9,2024-10-07T17:47:48.410000 CVE-2024-47647,0,0,750a75d1d0089daf3b35f7acd85a584959bc0ef829ba0528ba953f2948970aa5,2024-10-07T17:47:48.410000 -CVE-2024-47648,0,0,50edcdb2f5567029ba5ab94a2307a7bbf958b3010b1a42ed3d78abb3161b4785,2024-10-10T19:15:17.067000 +CVE-2024-47648,0,1,a27f534f62d175d66d367eaa4d0e9a2adc1f079ffc79c13f5a343d0c9d2859de,2024-10-15T12:58:51.050000 CVE-2024-4765,0,0,2cc9c7bf1e2c28194496aab966e3be262d91c35cfd4edb32adc2df596a464b78,2024-08-29T21:35:11.807000 CVE-2024-47650,0,0,03cd193463056cd00bb497e04d4746a9d06b43100915cce839c17df72217d8de,2024-10-07T17:47:48.410000 CVE-2024-47651,0,0,2a67e121f3a9ddab317c97af10a93f430699735ffe494d2404661e90ec37663c,2024-10-10T21:01:39.413000 @@ -261682,7 +261682,7 @@ CVE-2024-47670,0,0,3808be82d0985888c046ebc631823764190a0a3d7c8c54c521c26152a8636 CVE-2024-47671,0,0,ef38c9ae9b57481091c31f7825ba62e74b63579bd2a15d0a85cfd70b484a4c68,2024-10-10T12:51:56.987000 CVE-2024-47672,0,0,0061ac38e47ed590bc7042c04a07c964c3e5abf1b018d9949821a17c0890d14a,2024-10-10T12:51:56.987000 CVE-2024-47673,0,0,674bb9b511fb55eb70aa196f390d2016971968e37ca3be330ea31912ee22077f,2024-10-10T12:51:56.987000 -CVE-2024-47674,1,1,5421849376deba2df7d05c9fc67aafe4f723f7f625d24966ef7747a9612f5a1d,2024-10-15T11:15:13.073000 +CVE-2024-47674,0,1,ee0a7c429ec3c39a6fbfbd0c0b885172106efa91919bb1815a389a02c78a19cd,2024-10-15T12:57:46.880000 CVE-2024-4768,0,0,eca965b33b3bb965dbc6e4fa576e2b459dc24fb57cb15a91596443aba7e291e4,2024-06-10T17:16:33.883000 CVE-2024-4769,0,0,27e569a8d015b1733830e438c3e7532f74e5dc1a595d9d72a9cda524aaf6545e,2024-07-03T02:08:05.617000 CVE-2024-4770,0,0,9501f8bb52643b4bcadd7b11da17e463cda395ec382733177c6b60e7ef1c0b7b,2024-08-01T13:59:34.293000 @@ -261696,8 +261696,8 @@ CVE-2024-47762,0,0,faf4eb81ce6d805e421dff7a7d50a27f6affd6a56e4bb98171a2180279fc1 CVE-2024-47763,0,0,0009d92633a66a995666b904976a3f571897c7b107ff706ed2173ff97f66c3ef,2024-10-10T12:51:56.987000 CVE-2024-47764,0,0,b7aba4870e1203663c4fa6abc120a30e41523fde8e72997d929896b167fbbd57,2024-10-07T17:48:28.117000 CVE-2024-47765,0,0,a65b089ee1fbe8158413dce3d4bb6a7a005d6b3f8045c2a8b0cf8a91ea4da578,2024-10-07T17:48:28.117000 -CVE-2024-47766,0,0,57911a4df8a8f028164d131f0c029fd91ac3b0145f90492c1fa63dd87585d098,2024-10-14T18:15:04.387000 -CVE-2024-47767,0,0,f79a911452d49bd371c9f3a339c89ed6f90934ea80af345395502aaf28c03395,2024-10-14T18:15:04.593000 +CVE-2024-47766,0,1,421ab38915d5ba49f89a1081cf3d8a3ba6f443d67dad56e6641cfea0dd057b09,2024-10-15T12:57:46.880000 +CVE-2024-47767,0,1,9af27c7c3746a91762dbd43bd1bdd93db1f293ef5650b0e96c4aac72ab44cf86,2024-10-15T12:57:46.880000 CVE-2024-47768,0,0,f403a0de6ad99844ca2cbb93a58b82a840eb5e868f9e8f1d631547e4814a24ea,2024-10-07T17:48:28.117000 CVE-2024-47769,0,0,89e2e7df1b1b68f8d9732f48769437016eda3284d5a81e91e9482d5022e6eda8,2024-10-07T17:48:28.117000 CVE-2024-4777,0,0,96d0d896ebb105a32ed437e794c8fc4ba926ad921436ba17bdb49a1a49737be4,2024-06-10T17:16:34.070000 @@ -261727,11 +261727,11 @@ CVE-2024-47818,0,0,4d7e5ae8d80cd68e1a4826a976dd1a317a0485050783b2b6d50912171135a CVE-2024-4782,0,0,37dcdb14f7d23ae467b62646ac8eb504448e2a7781e3c175892c72dc54d3aebf,2024-08-19T13:00:23.117000 CVE-2024-47822,0,0,659225121d6760adf8eca1f83c834e75b86ebec31d9e1e0ebc639ac3cc87e33f,2024-10-10T12:56:30.817000 CVE-2024-47823,0,0,aba6c10bf903d75799cabb92b24bf5cc826ec4b52223e2aab9a9f7d8d8298a07,2024-10-10T12:56:30.817000 -CVE-2024-47826,0,0,83afdde2058bfb9fc96f1a52c30a662ccb9fb41bc80740663697467d19d9d5be,2024-10-14T18:15:04.800000 +CVE-2024-47826,0,1,e0e92319bd7ff9f0b6142ef26fd12487604c5bd0a7b38d2c0ea52634274a8fe7,2024-10-15T12:57:46.880000 CVE-2024-47828,0,0,20037a2831594572185910fec3fa22739c3e04d0ddf5a1652087e64bcac4c0e3,2024-10-10T12:51:56.987000 CVE-2024-4783,0,0,413c0436e6758a988a0c847533b21e34b17a9d936626eba8cda1a5d1f87e0181,2024-05-24T01:15:30.977000 -CVE-2024-47830,0,0,078fd3f57c1e124fe25812fa092e081898b54bb5455f5ac15a9ac7b0028bfea1,2024-10-11T15:15:05.613000 -CVE-2024-47831,0,0,dc0d5b8907a903b7c42dba23600b340d59f3c682425d0c124126175bff3792ec,2024-10-14T18:15:05.013000 +CVE-2024-47830,0,1,457ed410238dd49134235c9291fcb215f555d7bf33b38d5e70e7cf82b4377f0f,2024-10-15T12:58:51.050000 +CVE-2024-47831,0,1,8378040ad1670275264457c73829ff18d4decae710e794487e001c672444fba8,2024-10-15T12:57:46.880000 CVE-2024-47832,0,0,2db718b13b3751bc3ef92e2930bbfe31f27f0a24beb6f2f6f579c1ed94f36d1a,2024-10-10T12:51:56.987000 CVE-2024-47833,0,0,c198216a715effb211db9429fe892ad76ab094f250667361ca1b8e1df62c0332,2024-10-10T12:51:56.987000 CVE-2024-4784,0,0,4cc2a5a387e2d44a289947f3cae3cd294fd9977dc8f62a4a2754567f4ad78544,2024-08-23T16:59:30.430000 @@ -261747,18 +261747,18 @@ CVE-2024-47850,0,0,9d437471ee4f1be7fe8d8f91eb2162f8d4a45526c516c7abe8fcc5930f99b CVE-2024-47854,0,0,31b9ee1e6861649c0043a7af7c7a50d8ef5e295b98593959cd182d2901e547c2,2024-10-06T21:15:12.920000 CVE-2024-47855,0,0,ff52cc8efd16010ace1ca5c24f7c166f3d1a0b5862371f0cb96dbe810ee6ad58,2024-10-04T13:50:43.727000 CVE-2024-4786,0,0,bbc8c5b9b549878acd4ee1e5896d7add0ba995b55e84e619083dd37cca26f8f1,2024-07-29T14:12:08.783000 -CVE-2024-47867,0,0,f42a803b31137b24c2f133247ede4e885c372baa9f6c51df5b396292bc22df5e,2024-10-10T23:15:02.640000 -CVE-2024-47868,0,0,ce847dbdca90d2f3046069d195345a2918d8f1b9cacc37823b52869cb6cbf2f0,2024-10-10T23:15:02.797000 -CVE-2024-47869,0,0,273b02fd2418c383bd636d5cb8d7a85ed8d4c7bd160b9757d96a29c9f88dc725,2024-10-10T23:15:02.930000 +CVE-2024-47867,0,1,ab930a5134ec2749c4c7aeddae39ca362d9631d50a282f941fbaca32a5ca7733,2024-10-15T12:58:51.050000 +CVE-2024-47868,0,1,66ac8b472cc3b8cf928977b0545e25a3d05153246d1bdec31058dff118e2b1d4,2024-10-15T12:58:51.050000 +CVE-2024-47869,0,1,98bc455a5914aeb217bfb3850deba6e950ec8a903a5fe240eaf1a7e322f45a87,2024-10-15T12:58:51.050000 CVE-2024-4787,0,0,6e9b8652de9328ef9248746b2fe52f715cb97566c59048ae6277a1aaed304f45,2024-06-20T12:44:01.637000 -CVE-2024-47870,0,0,3bd8e3ceefe027463d8073976e4ea0e45726dde193352e4459352a612c5ac20f,2024-10-10T23:15:03.070000 -CVE-2024-47871,0,0,95adbf9ac785fa5b2f18110f4003b42d3e890a95b9e88d98d036b6ca07657bf4,2024-10-10T23:15:03.187000 -CVE-2024-47872,0,0,c26c31f2f196ed1a4c9e7492e5637832173768d10758e37f15a9efc77da8dbe1,2024-10-10T23:15:03.303000 -CVE-2024-47875,0,0,078af0f210e8e30655ff63e30537d1f8dba962d087e301c359afca4f246d0946,2024-10-11T15:15:05.860000 -CVE-2024-47877,0,0,7531e66ff0397e313d2f97552017c7592a6d7da9498d96e0b29b6c2d6bd21145,2024-10-11T17:15:04.450000 +CVE-2024-47870,0,1,1cd8b567f779c035bc02695f74b97afb3b466e52ad5fdfb83f9ad4c9d6c2565f,2024-10-15T12:58:51.050000 +CVE-2024-47871,0,1,c330cbf3bccdc411e72d0c9fdb93f2acf8aa015186f3acc4a33480b7d49f7295,2024-10-15T12:58:51.050000 +CVE-2024-47872,0,1,fab9cb24e0cb00ac19ee7c8a7191edcbcecc81dc5861aabc369822430797585f,2024-10-15T12:58:51.050000 +CVE-2024-47875,0,1,7d3f699a2dfd28fae24f11f0ffebcb02477b8963ab93d8f474f9ee88d14cf58e,2024-10-15T12:58:51.050000 +CVE-2024-47877,0,1,42d52e9a067bcb9f8cadc0b4324eaa32d4b8c11c11d62f0e9296f0c93d92bc00,2024-10-15T12:57:46.880000 CVE-2024-4788,0,0,036e4ce9e476328c73022572d41365684f416f1f77ea3a1f5e72bdd2454ce2ec,2024-08-05T20:23:52.467000 -CVE-2024-47884,0,0,8ad0ffb865c1d8a187664122ed1b8bd87a0aaa3d88b8a0a88659a06bdd059aed,2024-10-11T20:15:04.993000 -CVE-2024-47885,0,0,bdbb62e5df9db89022a0d9d9152e29bbacf763b43b550618bca00b5a48f9fc68,2024-10-14T19:15:10.903000 +CVE-2024-47884,0,1,4b7292fdbf8233f599cca6380416fda96798ff386a0442d2b37eeea12dd398ed,2024-10-15T12:57:46.880000 +CVE-2024-47885,0,1,0d40ba494c86913544c4c9553c55befe8904b360cb2214c55ae6a6aeadb78d12,2024-10-15T12:57:46.880000 CVE-2024-4789,0,0,991c3c0809892f7a4ebcc223f96155782fc07af160e30bd64d5fbc63735bec50,2024-05-17T18:35:35.070000 CVE-2024-4790,0,0,96aecd7cd4f769c190cdd6309a2627db4d493e5cf9efda536a135cb9a7f4eb96,2024-06-20T20:15:19.883000 CVE-2024-4791,0,0,45f7f0badd9eeca0c08f0ffcf78bd3c1e9a171e1e79fba42777d793a804985ff,2024-05-17T02:40:37.090000 @@ -261768,20 +261768,20 @@ CVE-2024-47913,0,0,dc38cdbfa262901d16ea1ec6ec0c83500e8aa0e3d84f1c11ffa637c829ee0 CVE-2024-4792,0,0,d367db616eff60413675ec0cb96dcf5072899c5126e3ab7b85dd0b323d2aa0a3,2024-06-12T20:15:13.643000 CVE-2024-4793,0,0,d7ea24a63b045e67640f8521c21cc9fd0113236775183a92ddafb3253726675a,2024-06-04T19:20:49.390000 CVE-2024-4794,0,0,ae0da7f20a3f797e26793f17108eae7df40bf3f3b44a06ce135aa4fe4b35db7e,2024-06-04T19:20:49.487000 -CVE-2024-47943,0,0,890a7884af54e824a2f9052b4c7295e5968f1cf6b9933822f115e45ecff537b0,2024-10-15T09:15:03.357000 -CVE-2024-47944,0,0,4cc491cfb0de2d1573af314df6f52c376ef92b726be631162f11831ad2cc5f8e,2024-10-15T09:15:03.580000 -CVE-2024-47945,1,1,9a67e9050220210203d219db2230a65572c5b69e3dc74415f7547b68867d0d80,2024-10-15T10:15:03.973000 +CVE-2024-47943,0,1,d4d5358ab48548c04867b54233602bd267d194af91388df45333461289a48f25,2024-10-15T12:57:46.880000 +CVE-2024-47944,0,1,6ff4437c15a66a3efa85ad85ea8e03e4232d0befeedeb06c7ce05fedff51f93f,2024-10-15T12:57:46.880000 +CVE-2024-47945,0,1,fbeefdf943e2b9720bab0d5aa13609768ac30c6b1be4a22584ed4d67e88238f2,2024-10-15T12:57:46.880000 CVE-2024-47948,0,0,aafd0e8fc979ea94b2b8df4bf3f1f60d1fa5454036169ceb387558bd65bac363,2024-10-11T19:56:44.863000 CVE-2024-47949,0,0,8ba4c45c98cb1da5a81b6d150df81b78f598bd9353dce1414e0f42eb2bdd7632,2024-10-11T19:57:06.207000 CVE-2024-4795,0,0,2bcc48011ff4ecb8dd1cdbe375174bc480d75b3ad4f0c787cda1ca7cd904e298,2024-06-04T19:20:49.590000 CVE-2024-47950,0,0,0333163b5a9f356fc60964ffdf9e21e2c5a0fd650f8b847ccf42b9907218b9aa,2024-10-11T19:57:16.883000 CVE-2024-47951,0,0,e529fafd02710d7ac35ac8b78eedca3443695e348ede4d153aabc61ddef6e118,2024-10-11T19:57:58.937000 CVE-2024-4796,0,0,964ab3d12855a9ebe6833342f869532f4dbb88319fd169505c04f4586bfbb727,2024-06-04T19:20:49.720000 -CVE-2024-47962,0,0,dc4fbcf3f22ddfba51fad765b6c5159d786cd666d52391ebe5da8540c6e194c3,2024-10-10T18:15:08.183000 -CVE-2024-47963,0,0,52bba57e5a73d859adf5de752f1a6558abffc6499de100597906d6f195886408,2024-10-10T18:15:08.330000 -CVE-2024-47964,0,0,0f3e5ee231a2aedf013ec18ba21715ab3240166e15344de5fa0bcdc451497973,2024-10-10T18:15:08.470000 -CVE-2024-47965,0,0,23f74e9778c1caf16c562741e7a60f410ffe118388c341f6c841b21d1c139ce1,2024-10-10T18:15:08.587000 -CVE-2024-47966,0,0,277b88fa0f86054b94eb01913fb8ee3f438909497de7a90f695b0ac163f09520,2024-10-10T18:15:08.710000 +CVE-2024-47962,0,1,443f492f88ceb2acaeec6bfb838abaf1b21cb21cd1763f32d8dbd5e8a98b0830,2024-10-15T12:58:51.050000 +CVE-2024-47963,0,1,778f29eb56ce2a3c64dc84406c8819697888b563e8efde20d61bca0dfe5ca322,2024-10-15T12:58:51.050000 +CVE-2024-47964,0,1,4177d0eaf92b220ae0a3f5b5f98ea76e2cf125e9584578b31d69a186b4b447c3,2024-10-15T12:58:51.050000 +CVE-2024-47965,0,1,40101bff222b13b61dc19df7fc55cdc789847ab2accef262368ebfa07a23a193,2024-10-15T12:58:51.050000 +CVE-2024-47966,0,1,79948f83d733f1f1af5167badb2aea9fb46cdf176247635a4b3d4afdefa4fc1e,2024-10-15T12:58:51.050000 CVE-2024-47967,0,0,a1330cc114fe2e48a56c50da9857d953b86ef030556f660ace8207b5a6ff6caf,2024-10-10T12:57:21.987000 CVE-2024-47968,0,0,4fff8938b14b264b8114ea788e4702165e516bca6198626b64c35403b2d1f728,2024-10-10T12:57:21.987000 CVE-2024-47969,0,0,cca9607f354104b423066ece0dc4ef5cb988716d253447be49d5f3344fccc48a,2024-10-10T12:57:21.987000 @@ -261797,12 +261797,12 @@ CVE-2024-4799,0,0,bef187df7ab031f873bee32f009cee90466081192edf9662131655f9488e20 CVE-2024-4800,0,0,46f73cb5132c32f542b67f61b6f2138522f24eb42a7d5cb9e69a7f683ef97724,2024-06-04T19:20:50.013000 CVE-2024-4801,0,0,2bcdaba0a3afa2888c47ef732ae4862e81c0c79cd78d2076198cb242d0df3f0e,2024-06-04T19:20:50.120000 CVE-2024-4802,0,0,9f23c738b4e7167dada064b214f9ad2d560e5cec48c7eaa4346088c33abc9143,2024-06-04T19:20:50.247000 -CVE-2024-48020,0,0,829c283ecb63389e2cff1a1741c3e7cb21cdcddc68038d515211bb86aa4c455f,2024-10-11T19:15:10.220000 +CVE-2024-48020,0,1,dcbd5af80fa4e0ff77a2481b211c24b4aca48d4b01a6d0de815360ac1c5ff406,2024-10-15T12:57:46.880000 CVE-2024-4803,0,0,9495051e0864e5e76c8973a987e9e6eb1b1cb49bec9a5ab21c9648610125fd4d,2024-06-04T19:20:50.353000 -CVE-2024-48033,0,0,43f4a76b8fc3610a7c182a16ab14a36b8f68d177db87ed6fd3f19819fe34cc88,2024-10-11T19:15:10.430000 +CVE-2024-48033,0,1,8f5c8e0edb7dcfae09a626cf6444750e299103bc74d1c2eb25573eea6cddec47,2024-10-15T12:57:46.880000 CVE-2024-4804,0,0,27889f6e71f31f5b5cb9daf7c221df1ea26a19e5d20319852f304f02b73ccaf6,2024-06-04T19:20:50.450000 -CVE-2024-48040,0,0,c57148f5b85311d99b66a455ed18d7c7ea6a3284758e530142be56984028b4db,2024-10-11T19:15:10.660000 -CVE-2024-48041,0,0,7cbfa9b2e3220db83ef3d6eff7a331f4c12bafdd869428a04141ba479dedb179,2024-10-11T19:15:10.880000 +CVE-2024-48040,0,1,75285ff1778ed53ff4f87c50cadf2623354cdbd73a2ea1e7e03f15540cde1f0e,2024-10-15T12:57:46.880000 +CVE-2024-48041,0,1,9636470c5937ff2a206ba0bfcba752cadd8615816ee98049f50969b87891e79a,2024-10-15T12:57:46.880000 CVE-2024-4805,0,0,a2ff69b1db9dd7c01e8bcdbe532fffb4f68853ea688982e077b1b01529f57c85,2024-06-04T19:20:50.553000 CVE-2024-4806,0,0,f8a0e203429c4f99450a15aa6a4b26ee8c7effa68e79948138bc0eccf2af8e7f,2024-06-04T19:20:50.670000 CVE-2024-4807,0,0,e5ccc41d46958232939be978f4766518ab72a806619364a653b00c23b63fbc68,2024-06-04T19:20:50.770000 @@ -261810,16 +261810,16 @@ CVE-2024-4808,0,0,9e98599f6886b9041c106d3216212c5c382436edfce35f9a1807d5234e020e CVE-2024-4809,0,0,27fb5be7556d421437500c3c993a8fe2f6b8b07eb589d66da5852c85ddbdadf0,2024-06-04T19:20:50.867000 CVE-2024-4810,0,0,67f5293ce6e2b07ebd74483d90aa4bd648288e3b70a7100b0946bf9b81e90029,2024-05-29T08:15:33.960000 CVE-2024-4811,0,0,8f7cba70fec134bbd5d6693fb99cf5ba1e86f11c73cf50479f15d27ff9c0c5a5,2024-07-25T12:36:39.947000 -CVE-2024-48119,0,0,5a61747aca6c21835c2f6c3a203be63c2093664c3f6f566c13d1fe431a2fd5d0,2024-10-14T14:15:11.597000 +CVE-2024-48119,0,1,91983fb09dc3775c9139671c3c1253717b336036174f5a3aef288d9728dadb3b,2024-10-15T12:57:46.880000 CVE-2024-4812,0,0,96f0244e64d02e8b825789000f88a75dd5b3d67c4d6e5fa4b2230b6ad5599e15,2024-06-18T18:49:19.783000 -CVE-2024-48120,0,0,c62e5be74f0d961b12e910dcf29c3c75e41c7914cfe890c3077ff6c43d8c87f9,2024-10-14T14:15:11.780000 +CVE-2024-48120,0,1,b30ea883345c8712adfc5777f807c96b020a6e8f9506889ba49da527f9b7e6e9,2024-10-15T12:57:46.880000 CVE-2024-4813,0,0,ffced1bec51c6384e79d75317b856f32e05abf0a3cdd3adf718b586086ffad4a,2024-06-04T19:20:50.970000 CVE-2024-4814,0,0,6ed65b628d782e4c0035f27d12907232951228fb5dd63de02df922628089b508,2024-06-04T19:20:51.077000 CVE-2024-4815,0,0,a12a3714528f7b768c4c9101b510e3e25b21fa14abf883b4fca5d245888d3088,2024-06-04T19:20:51.183000 -CVE-2024-48150,0,0,19f1376e02c9f64643f71be368bb63d9dab50859eebf81f919523183a5c16d63,2024-10-14T16:15:03.750000 -CVE-2024-48153,0,0,3cfd46a773704ab0a351a2b6ce72427b77a3ce4f0b94a6c1ddac6ddeed3918df,2024-10-14T16:15:03.840000 +CVE-2024-48150,0,1,b39b648afac72dc871989091599298fb14b0cd23a221bacefce98a5af2fb48a9,2024-10-15T12:57:46.880000 +CVE-2024-48153,0,1,0115bd5a7f787b918c5b80970e16ea447bfa931e6c66b1d9675f3a387f3eea27,2024-10-15T12:57:46.880000 CVE-2024-4816,0,0,8565abd2d0a6378ede6981ddf7bac1f2251b8eaa5cb7a310b72a2f14c255bb14,2024-06-04T19:20:51.290000 -CVE-2024-48168,0,0,a09a7c75736c5a01c0400c19554fc92c3c8fd8dbfe7d3f38b5cf9ce5962080e1,2024-10-14T17:15:13.520000 +CVE-2024-48168,0,1,f27413fa4ecdf3292c3ff8b006d02ea55f19ae53cb446014e3f827da714f762d,2024-10-15T12:57:46.880000 CVE-2024-4817,0,0,34b565d993de0f23b2da3e66a459da3d9e976182c7f2db8f77c4f90d033797ec,2024-06-04T19:20:51.393000 CVE-2024-4818,0,0,3fe1d5f18f9b194d5b3db8480cedce43b94847211b0e14441f0f1578988c6d95,2024-06-04T19:20:51.510000 CVE-2024-4819,0,0,bc26e072d222c9731ee42bb1198fec18f8f3236e713c07e319d531bbf6577caa,2024-06-04T19:20:51.613000 @@ -261828,15 +261828,20 @@ CVE-2024-4821,0,0,dc7d4132f68a39a1fe6c6bac80c0ac3156e2e90bf5e433ad24749311cb9093 CVE-2024-4822,0,0,35737e7a1acb373d4b9b0a7db2a81b8ded4d641f08c88a2e676b684417908472,2024-05-14T16:11:39.510000 CVE-2024-4823,0,0,0c5de98ac761e11f69c407a8dbff0028d3fe4b31e8abb3e2bfd72a91e6adb2ed,2024-05-14T16:11:39.510000 CVE-2024-4824,0,0,e31432116aed0554c3dc4b1001cfc03d00512889f9f84533cba85f3e0d8e9591,2024-05-14T16:11:39.510000 -CVE-2024-48249,0,0,5f69ad216423d88721630184efcc3b6780298c2281ef45447866af266eeaf31b,2024-10-14T15:15:13.760000 +CVE-2024-48249,0,1,4f26a9d3cbe208cbdd9ea727b661bdba3e562618b583ee76b0512b4afadfe7dc,2024-10-15T12:57:46.880000 CVE-2024-4825,0,0,155a89a5474625dde1ab63dcac3020c23f71c92d3744c7dbee990f6fffb4feb0,2024-05-14T16:11:39.510000 -CVE-2024-48251,0,0,dda6068c3aec0a58728fe7bffc3300b768a57547cce716fc09ce51fb41c159b8,2024-10-14T15:15:13.857000 -CVE-2024-48253,0,0,bc18a0e22f877a0da30943ce059ebde5cc7ada183f875ccf73bea55ec5d9c5dd,2024-10-14T14:15:11.857000 -CVE-2024-48255,0,0,0a8ed856e42477c3dd884c692f58730bafdfb919692cb5c3147aec3949e7e20f,2024-10-14T14:15:11.937000 -CVE-2024-48257,0,0,a1a727e578e5771b374c2be34c1390e71a4865969de7420f02809bdd4b7dbea9,2024-10-14T15:15:13.947000 -CVE-2024-48259,0,0,ec456a1c6c04e1393013f41c2dc440ffed601fb5f055ca35b2d9252dd23e0a84,2024-10-14T15:15:14.033000 +CVE-2024-48251,0,1,4d098db24396007455b29406aa1659eb8d5f46a48fef3576943743462426dc0d,2024-10-15T12:57:46.880000 +CVE-2024-48253,0,1,608bd21fa837eef2492e5d98929070282bc787c93de4ba72bd7c51001703024e,2024-10-15T12:57:46.880000 +CVE-2024-48255,0,1,313b410d31dd8621f0d7faab3c11bc5341a96c35dca7329f3a83e566161ad534,2024-10-15T12:57:46.880000 +CVE-2024-48257,0,1,aaadd224a47f274d472be6ce08b5d69075572392f21cee0f372452df54632bb8,2024-10-15T12:57:46.880000 +CVE-2024-48259,0,1,2a0e952e0f673f38e8090e544a78e235a41eeb6627f4c6a5736da1f86a9b4045,2024-10-15T12:57:46.880000 CVE-2024-4826,0,0,deaf8fdab596ba1219725251282b0367e2dd73462b62b55f2e950ae3725565c5,2024-05-16T13:15:48.163000 CVE-2024-48261,0,0,c50173bdf25e4741bc510b2698ace8c3db8c27162251f6faafaff8896241ef72,2024-10-14T15:15:14.130000 +CVE-2024-48278,1,1,7a5e7815501111fc6a28aa08598394ebec800fba6434ca048129793b44e97e3e,2024-10-15T13:15:11 +CVE-2024-48279,1,1,836b22d50d0c71ab72b510502d9f06b9a535b00a032eb5b470036de63377d978,2024-10-15T13:15:11.083000 +CVE-2024-48280,1,1,7df51b63772afeedec24f4a6d72fdbe9724f4d5fd8014ad27389c83ca7b2fde3,2024-10-15T13:15:11.160000 +CVE-2024-48282,1,1,5ca20ae554a27275efe6835b4228c9869617ea4727d36d8bdf1ff4a89cb07dc4,2024-10-15T13:15:11.227000 +CVE-2024-48283,1,1,5c590786fad510411f38515b8c46d649f1c940db91dc322c6df3bc0bf79bfaca,2024-10-15T13:15:11.283000 CVE-2024-4835,0,0,b63c1e2c2f2232a6ba415444f30303ee4e5ea1a45d737d79b2133d2755ec709c,2024-05-24T01:15:30.977000 CVE-2024-4836,0,0,6397d82c08a27dc6d1e4828623f7dccd401e56dd97e62d291cde8c73c9f6f8bd,2024-07-02T12:09:16.907000 CVE-2024-4837,0,0,e7f6212a3767856f93e80078aa36a8d58ae9b0d6d87727b0b71ea9bfd6a3b44b,2024-05-15T18:35:11.453000 @@ -261874,40 +261879,40 @@ CVE-2024-4873,0,0,acc2d485a3cc66f2d361ddda92f62901a8108a4490dc81ea4acfb7f60771d8 CVE-2024-4874,0,0,4b5967df7915507c9b0020b0ee4984332d2c23e37a57b9a262a2ae6c5b300f4b,2024-06-24T19:41:12.293000 CVE-2024-4875,0,0,5a9bf10de46e2f944321ed00fa6d17c799716a219001f5797c9cce4abb6a2b7b,2024-05-21T12:37:59.687000 CVE-2024-4876,0,0,6c7ef7cd93a9d659be2199330000de11a6027348fd6a9308e40ba12083e70d2c,2024-05-21T12:37:59.687000 -CVE-2024-48768,0,0,f49a3d229d332d1aeaab22a310afec1dc3a25e549cecd7c835037f404c4ef2de,2024-10-11T20:15:05.253000 -CVE-2024-48769,0,0,f5f7709345dde987cbb78c184038995c0f3efe3656a1fa47254269b76e7f5bd6,2024-10-11T20:15:05.353000 -CVE-2024-48770,0,0,eaf5f12c2e9d07a9fecc8d94181f5eabee6e28619c96df91735489ba947f01c1,2024-10-11T20:15:05.450000 -CVE-2024-48771,0,0,a1657baf9f208adee3965a78a9c892c46093c662114a218d0a28379196fe5fe7,2024-10-11T20:15:05.537000 -CVE-2024-48772,0,0,32f12fd8a1c4a633e62e5136b96048f77dd39e9830a108f380dec8524b539408,2024-10-11T21:15:07.127000 -CVE-2024-48773,0,0,fb9691a9cbeb3dcf7d35171104667e63d6590496f59d7608ed0f35159a5ac59a,2024-10-11T20:15:05.637000 -CVE-2024-48774,0,0,e09b2721d24693a01b4152318714272955f6ddb265558eb5b7bdfef8acd488c8,2024-10-11T20:15:05.720000 -CVE-2024-48775,0,0,b8e85984d5af1131eaf26bd74e5d84ceee535ea1566997eda307a15588016b47,2024-10-11T20:15:05.810000 -CVE-2024-48776,0,0,6d16bb28cf85e57cb7bf03baf362d7efa13854629c0f178451275913f461e9e1,2024-10-11T20:15:05.903000 -CVE-2024-48777,0,0,f05bd4946b95fd59502390168a95058f9f6f02568ecf6644e1ddccf18dfd7bc1,2024-10-11T20:15:05.997000 -CVE-2024-48778,0,0,876de449628179f0742b7e4aa6cb3314ccd387243c9b4fe010bd2b31547ce555,2024-10-11T20:15:06.090000 -CVE-2024-48784,0,0,413a91fa2c4a61a33f7467c2f5b8058034c18bbf6bb09d8c92a1fe8bc838384d,2024-10-11T20:15:06.180000 -CVE-2024-48786,0,0,c860c3ab3f85be5742131f9576a41113cc68380c4baa10b74833d50923537b25,2024-10-11T20:15:06.277000 -CVE-2024-48787,0,0,7a215e7cb70a1e88ac1a7855c7c78ffe9117f0eb6f9844010ee3a49bb152ca60,2024-10-11T20:15:06.407000 -CVE-2024-48788,0,0,d531b63d24b558dcbfd8469ce1a5194d6aa29d693230d82c5c128cd8fc89dcbd,2024-10-11T21:15:07.220000 -CVE-2024-48789,0,0,f753d881cee613229d5c0d3513312e6c1c29bd865f11c631f5344baf63c91d31,2024-10-14T18:15:05.230000 +CVE-2024-48768,0,1,ca8de8e07b0f4e68695a45f656c413c10b94b260fe52ed672054ce66c06a9fb6,2024-10-15T12:57:46.880000 +CVE-2024-48769,0,1,987a65bc7023bf5f10fdfa37f57f702552f2716842ca04ff68a0022a049e643d,2024-10-15T12:57:46.880000 +CVE-2024-48770,0,1,e97e4564a0377ff6a011e89e33095620369e388796cdba62c88da9b77cbaff14,2024-10-15T12:57:46.880000 +CVE-2024-48771,0,1,7cc16fb1e7b182ba1707e039c92b376a12b4f5c194ecd59d33b42309a06ec623,2024-10-15T12:57:46.880000 +CVE-2024-48772,0,1,0bfd137924b2aa589f0b388aa2a4bb6e650e0bed2b66f58add5dd08c77edb7d0,2024-10-15T12:57:46.880000 +CVE-2024-48773,0,1,fb43d7aa77de082965363f581f54c3d061652fad69676731f89ae7cab058f131,2024-10-15T12:57:46.880000 +CVE-2024-48774,0,1,d20edaaf1d024afe7f584acc048e0777c96bfc6984585e77dc1e01adfd6f8e5c,2024-10-15T12:57:46.880000 +CVE-2024-48775,0,1,f5669ae425289b72e71d7a60ceabc6022280b7646d6dac15ce5178659cbc0334,2024-10-15T12:57:46.880000 +CVE-2024-48776,0,1,b89d40e78c84d47e76ba1de04c88609484eadc9d4130b8e88457197ed2b471ee,2024-10-15T12:57:46.880000 +CVE-2024-48777,0,1,c4fd7419a3ee8a4dc369b6738eac4d7c9ae9e2f6d34315b5881974062a04c73f,2024-10-15T12:57:46.880000 +CVE-2024-48778,0,1,3adfe5983eab4dfdbe6a86e78e52319129a13c83d51e2776521d179f4e595d91,2024-10-15T12:57:46.880000 +CVE-2024-48784,0,1,fa927cf3db9565e61ab3bb2bed2d088f6b1d62d2eee7fc3578b18973620e71aa,2024-10-15T12:57:46.880000 +CVE-2024-48786,0,1,be06c2f94ca958b0210a50f1a2dbe5d1b27730c8a2625e641cf00ec903aaad96,2024-10-15T12:57:46.880000 +CVE-2024-48787,0,1,b8fcef644dedfdb63d84c8688c4e6efacc4f55e42f9d5bb1eea0f9ffeb39921f,2024-10-15T12:57:46.880000 +CVE-2024-48788,0,1,7ec1f33a068dd41f1e24941aa0c74f54e34cb2634cb32491fce6c1ee79242159,2024-10-15T12:57:46.880000 +CVE-2024-48789,0,1,c49aaa0df735004c0ab3feb1b7d6cd534707f243cf6fe52310c7bb088302c890,2024-10-15T12:57:46.880000 CVE-2024-4879,0,0,49a8b41ea605df8bd1da4063a7058b50435504f1dbecb0dc4bcc8efa8c8e8867,2024-07-30T15:13:39.720000 -CVE-2024-48790,0,0,f3b14bd2d7bf479628eda81581339ad913ebd0b311d16b7ddbbe1576a0ef3128,2024-10-14T18:15:05.323000 -CVE-2024-48791,0,0,9ad30c1d188d7db43e25626cfed907eb29cd4a02dd903861370ef046be560a27,2024-10-14T18:15:05.420000 -CVE-2024-48792,0,0,b0a9215b342225ce7704838f7f4c2596ad3588455e6f3d7e3207337c7025ccac,2024-10-14T18:15:05.520000 -CVE-2024-48793,0,0,3470fd35bb5bb600bfdc8ad59a815c1314223a35d16eb72c69bb7a341d166458,2024-10-14T18:15:05.620000 -CVE-2024-48795,0,0,f11405ce0a78a5199503fe7a48897f37ce37a249acf7cf38f391d3859ee7938c,2024-10-14T18:15:05.717000 -CVE-2024-48796,0,0,7879f1aa8bab9a14d016d74ec58af4d0baf4610a66493dc7e696e44b7ca1bc91,2024-10-14T17:15:13.610000 -CVE-2024-48797,0,0,a42b610d7f725207e7958ca937816046c91c2ceb35bdd5acafea0351793590bf,2024-10-14T17:15:13.690000 -CVE-2024-48798,0,0,f8e79fb9df797037d2a83f075374be88a20179dcf01384173fccd3a6fc8fb0f0,2024-10-14T17:15:13.770000 -CVE-2024-48799,0,0,a3b8aa531325723a40f231e31c933f25fd306c627d1f496d1ce1b3883fd1201f,2024-10-14T17:15:13.857000 +CVE-2024-48790,0,1,ceda703837f83637982efb81eeabebf961c0a8457d3c931aa6c365425a142c37,2024-10-15T12:57:46.880000 +CVE-2024-48791,0,1,f6ff87a5c8124ebf6860ea2bef308823a2c1157f4a394a572d48207878b98c69,2024-10-15T12:57:46.880000 +CVE-2024-48792,0,1,e7fd88b2ecb7852424d8b14ae1ed08f57cef46c87dca9980c9fdf6d3e41cec0f,2024-10-15T12:57:46.880000 +CVE-2024-48793,0,1,dae7e208b54b46b9b3b2ea5a99cfd6703dd4b418e372d8815ac028cc55c60587,2024-10-15T12:57:46.880000 +CVE-2024-48795,0,1,3ba44c809bccc74424c36040f3837b0bb086ec1f910a55507b2cf216568d50ad,2024-10-15T12:57:46.880000 +CVE-2024-48796,0,1,410e0774662f24e6d5b55d89d64d1e6033f623905d8dc5a8dec14f7645394993,2024-10-15T12:57:46.880000 +CVE-2024-48797,0,1,3664438132f3ad53f7e766208fa100c3f832f33f72eddced84fa243c051820ad,2024-10-15T12:57:46.880000 +CVE-2024-48798,0,1,95010d130dda6fe3807b0800e1c3ae2df4011bae82c1a5092b1287f4502edfb9,2024-10-15T12:57:46.880000 +CVE-2024-48799,0,1,a693a0c1e744c2567242715aa19069ad4f29ff4683a13b4a36584f2105c90807,2024-10-15T12:57:46.880000 CVE-2024-4881,0,0,70a5432f5c5a777364201296899d588f04c479b317d8edcefa9e35906d6586a3,2024-06-07T14:56:05.647000 -CVE-2024-48813,0,0,738900377884500d6e48ef86e8a92a90f8f38c9de5c7e8958544d021c7ce9ab7,2024-10-11T21:36:43.527000 +CVE-2024-48813,0,1,b3275c3656b3f4746c55f236fa34d6d816026c088db796644a052e298f356a4f,2024-10-15T12:58:51.050000 CVE-2024-4882,0,0,a4855f599041359b65e48a15f937a27e2ec2e91d9343d627eb58fe60c3b171c1,2024-07-09T18:19:14.047000 -CVE-2024-48821,0,0,bd98abae1066b4c52ee4d77f1a5d1d3597fcb78c458a0a16c5ddd93d7c050639,2024-10-14T21:15:11.710000 -CVE-2024-48822,0,0,ab16e3e40e7baabbd389431205ca126c5f35e13b64ddc3cf4c9c809af89383f6,2024-10-14T21:15:11.813000 -CVE-2024-48823,0,0,319fd40e692e186d55f85d13279252355a834d467bf7e71abf9e149b0922b0e8,2024-10-14T21:15:11.903000 -CVE-2024-48824,0,0,58e69225f41fd68bacba06092dcde66acbd2d0ae5da6a59476ce922bd0b8572d,2024-10-14T21:15:11.997000 -CVE-2024-48827,0,0,0692485b3e9c4ae06dd4ee6f885c25457f723f018116fcc7fc99c51a1476d31b,2024-10-11T21:36:44.280000 +CVE-2024-48821,0,1,14325bcdfcc8d041e6d65a762c194c6646d36df03890d156f247bfb83d711825,2024-10-15T12:57:46.880000 +CVE-2024-48822,0,1,309bf06166e848b442806418bc2d2692df45ed2d77b40432253788ddac2f9507,2024-10-15T12:57:46.880000 +CVE-2024-48823,0,1,d001a2dcda3cf4b82578f80f099044ba322e013357e854010b7ffa82239fae53,2024-10-15T12:57:46.880000 +CVE-2024-48824,0,1,a100e7a7298d41cc87654fa1f04563cce7e2fac6434b6cfcbabecefa02ab31eb,2024-10-15T12:57:46.880000 +CVE-2024-48827,0,1,b8784c14c4c0a2af4d656264bee611472f424ecc32bdba68ae4a9cb4ecb6178a,2024-10-15T12:58:51.050000 CVE-2024-4883,0,0,66fd0c7113b75e4613bf51e6b10a097cc5dcf57aa3f97b3df0e5c31c4210be62,2024-09-06T22:46:17.103000 CVE-2024-4884,0,0,a2dcec8e16e916f3e6bf44fbf27e64f395ae27ac96c65779b6d04fbf5173b4c4,2024-09-06T22:45:59.233000 CVE-2024-4885,0,0,2608f2aa7fb5189467bda7bb610d4e03f1b43256b775a84e60ba9a3b8ac9b260,2024-09-06T22:44:27.840000 @@ -261917,14 +261922,14 @@ CVE-2024-4888,0,0,52d3f21edee01fa1b7d50228c23ad770da0e07dcc70157700a078948f8463c CVE-2024-4889,0,0,dc396989938962dc001a5281d191cbfae52fbf722fa7438f9288c8cc16167175,2024-06-07T14:56:05.647000 CVE-2024-4890,0,0,ee7720239380ab5c638f0803999a779457a74687c16e858d2acf0798605f57a2,2024-10-10T20:11:44.610000 CVE-2024-48902,0,0,4705ef2c55813b3d84116179c2f627380e6bdeb3958de084a14cde58a5b57f28,2024-10-10T12:51:56.987000 -CVE-2024-48909,0,0,081f7d082603f158c742dff50aa2360f01feba63edf81ab8ed5bea713d0aa3fb,2024-10-14T21:15:12.080000 +CVE-2024-48909,0,1,9f043bbad446a771de31685005b4aaec51407994137d3dc87a7597202df7de61,2024-10-15T12:57:46.880000 CVE-2024-4891,0,0,f3940d673165429e16eea192398cf8ad711af9d91140d48fc15ea6e438b5c077,2024-05-20T13:00:34.807000 -CVE-2024-48911,0,0,f63dfa216265fc74597b90c3fd1f0bafad67f1d784ea320279b4ff13e2337b0b,2024-10-14T21:15:12.323000 +CVE-2024-48911,0,1,e0b0f376339137788c8f5f310259d6e022437aed42d17513390da35e83b91690,2024-10-15T12:57:46.880000 CVE-2024-4892,0,0,86d55410ceaf3ecac0b7906bf27b918d65f0ae499a5475505564f001e752dae0,2024-06-13T18:36:09.013000 CVE-2024-4893,0,0,c4900f559bdc4a1c952ec15ffc0a407a7d0fc758594c29af597940962bf437f6,2024-05-15T16:40:19.330000 CVE-2024-48933,0,0,26e7fffc7245fc28a7fbe658a2efc943aeace159e18ee8e57ad42a85fc085d33,2024-10-11T21:36:45.080000 -CVE-2024-48937,0,0,3c1c422bd05f20d9fa785840c74e61f1a28cdb3ffb554b324e1e75358cf0328a,2024-10-11T21:15:07.307000 -CVE-2024-48938,0,0,2e142cf0915aad58cd815110a1eaf58520f2037c9760e54acc76c236a9314228,2024-10-11T21:15:07.387000 +CVE-2024-48937,0,1,fb3aa1360cb042294647ae67e18ab591b2f48004999a7cd6a26f133ca6565fb4,2024-10-15T12:57:46.880000 +CVE-2024-48938,0,1,3d30d33d5321768a3f65e3940b0730e05bbd4ff5e3d997465431f4cb5c46177b,2024-10-15T12:57:46.880000 CVE-2024-4894,0,0,1906244d072f236ffca4e7ab82222b86cb7f201e42e01d4517f3ab933ca907f5,2024-05-15T16:40:19.330000 CVE-2024-48941,0,0,96d5eae18aed5942dcf07fb408430a3860f6be4f858a12cc1546cac40f719d2f,2024-10-11T21:36:46.327000 CVE-2024-48942,0,0,8e0a2bf9dd24a5a385f196f7b0656ab299e53cb741eb92aa617f57ef48ee5dff,2024-10-11T21:36:47.090000 @@ -261935,7 +261940,7 @@ CVE-2024-48958,0,0,92a426e369946b14ff79b98b6fb42dd0c692d3b7d45d68198a4072bdaadf4 CVE-2024-4896,0,0,20cc2dc19f323150528d4fb3a23b846b2e602fa65e075afe5dc2b86cb95d9c94,2024-05-22T12:46:53.887000 CVE-2024-4897,0,0,b80483aa02f533d1f5c4695afa1f7ec5dae4ecfa8b472cf561efa5d05f8ff11d,2024-07-02T17:44:45.700000 CVE-2024-4898,0,0,a64ada88476e7dbd5dca1f8ed9406bed15a3acb87fadbe7d9a4f3102502b7a67,2024-07-23T17:50:44.033000 -CVE-2024-48987,0,0,64f424ee48af139e34e17a3e5ae2f9d63d1fe08eda899c76ffae57a1fbf10f3f,2024-10-11T21:36:49.470000 +CVE-2024-48987,0,1,bb1285db59c3075341f96aec62f9b4ce4709041d90082c7f3534792a4d32fb84,2024-10-15T12:58:51.050000 CVE-2024-4899,0,0,7d0ca1543842829897b22c32fd7c3ea389ea1c85b28761d045bc30da0b354462,2024-07-03T02:08:16.280000 CVE-2024-4900,0,0,2074e15c0050e8989f750822fa85e67702dc13ece861470c246a4c4acb047889,2024-06-24T12:57:36.513000 CVE-2024-4901,0,0,038977315c18c98069a655ab35eb2b501ae92d62e5deb196337fd2891dd989fe,2024-06-28T13:18:19.407000 @@ -261957,10 +261962,10 @@ CVE-2024-4916,0,0,7f9c97d60056af6520ce5e52312d7e3a0a1a6112ce8355fa197ec22854a966 CVE-2024-4917,0,0,6cef1f1b9c67b0bba74556ced18fc262fe370a97a734fa36d53272fcc01b0da0,2024-06-04T19:20:53.527000 CVE-2024-4918,0,0,d46f8a4fb764a0404096a5c058a93218c921ca6c4bf015a8f26430856edda636,2024-05-17T02:40:42.037000 CVE-2024-4919,0,0,c726f606173904c8377395d864d6d1f0bfcdbe8df42cdb4cc2d61ca12557d877,2024-06-04T19:20:53.633000 -CVE-2024-49193,0,0,2851afa7c225e08bb86128aa4f7b999842e89112e2dd59d18a0e218abc776b3b,2024-10-12T14:15:02.753000 +CVE-2024-49193,0,1,2fb765324a8f2d36d4e9310c3432afa1ec5d25e41e48c037c8d4a9b584ba6a95,2024-10-15T12:57:46.880000 CVE-2024-4920,0,0,fb11a98a98fcee227749c982e12efa14a4a4b18da858cef87f2552ce91a0c62d,2024-05-17T02:40:42.227000 CVE-2024-4921,0,0,1060b5013f8dc8547f0f33cabd337061fb69f6fcf324e5387138007cbeb6a9c1,2024-06-04T19:20:53.730000 -CVE-2024-49214,0,0,4cff2d2a23a5724109fdb699f8b8b4b4c0760595978e5de8e9994dcfcca4cf71,2024-10-14T04:15:05.853000 +CVE-2024-49214,0,1,4421e2282d31894802376d02d8bd5564e11b8590218433c4394ddc3df2a81c0d,2024-10-15T12:57:46.880000 CVE-2024-4922,0,0,692b7adcf322621580a484f8f9b29edc18ffd7d0d7aa81554818742dd70afb00,2024-06-20T20:15:20.020000 CVE-2024-4923,0,0,c83198e21d781e3384db11f118092c5fbfa4a06f25d53a21adb6fe23f4380f17,2024-06-04T19:20:53.833000 CVE-2024-4924,0,0,1be75affb45c8b20da2e31570d5662533bb5af7060cf2ef9bdabbaa6aefcbc3f,2024-06-13T18:36:09.013000 @@ -261975,11 +261980,11 @@ CVE-2024-4932,0,0,c4279e0e81804cf3f06e3c52edfd706c295877ccc3771ef54ad83261fb500b CVE-2024-4933,0,0,4d4c0ec531cab6a4561c767f5a9082d29f26ceefaadcc74bb08507bf05ca5d17,2024-06-04T19:20:54.643000 CVE-2024-4934,0,0,fd5d4b9709dde517f56a9aae7369c165c45ceba9bcf88bee680213c2fc56b62f,2024-08-01T13:59:37.220000 CVE-2024-4936,0,0,51b2c41822c3ce01e84bd55c02328ac3499013d52d632d2af56d406c35d5a658,2024-08-06T18:29:27.013000 -CVE-2024-49382,1,1,f39364143496949ce9e58a5a6fabb94ec08f3a80936186bf666765b4b26a30bc,2024-10-15T11:15:13.153000 -CVE-2024-49383,1,1,077137e3f8c2e10f14c94b1203ac678531002c6b53f2db23cdf6b5aea764552b,2024-10-15T11:15:13.423000 -CVE-2024-49384,1,1,b6bd4505b1b3fc8e140a8330ec25d085fa063b77d3c28579290224d186c91277,2024-10-15T11:15:13.643000 -CVE-2024-49387,1,1,8eb2e1e754c63746b7974dc0766b9113cf29d7cd28054a8e4f3654a2aaaa5ac8,2024-10-15T11:15:13.860000 -CVE-2024-49388,1,1,0dce26bc1f7a6686753515ccc830e7bf9d3200d992b1d6b68c91844d03de0e1c,2024-10-15T11:15:14.063000 +CVE-2024-49382,0,1,d6d3194a27b37c7540514c4731f1be0a1c4e00dff5b6d95578bca9d91ca2adeb,2024-10-15T12:57:46.880000 +CVE-2024-49383,0,1,9a79c1b14e996faf6e99c8814b1479907260de1955f2d41c586fc188ea94710f,2024-10-15T12:57:46.880000 +CVE-2024-49384,0,1,4f909b9909488641b14ba38aff1dfbd6065c34f23247c00f8c1f18bb284334ce,2024-10-15T12:57:46.880000 +CVE-2024-49387,0,1,b58241a7bb7721b4c23910b730295514abba830656a2629f22dda0812caa40ad,2024-10-15T12:57:46.880000 +CVE-2024-49388,0,1,dc8dff73536c142e42fd08217246ea13bb1218d9c1300e136efa90f7b42bc08d,2024-10-15T12:57:46.880000 CVE-2024-4939,0,0,02ebdbdecbb04fb797cb0e62af7790a7212959b717e5fa68d9d371341b4150c3,2024-06-11T17:08:33.350000 CVE-2024-4940,0,0,4accffc853c801fe14d0f801549945291e8d9583e559383dea39b767fc7e6ff0,2024-06-24T12:57:36.513000 CVE-2024-4941,0,0,4a44b53eeef21b9bcc4a70f0f12e019011a282ac818fbf5410cd9bce445ce09d,2024-10-09T16:24:24.433000 @@ -262031,7 +262036,7 @@ CVE-2024-5001,0,0,d13fccabd833b06301db98a96a793d9305ac650b09885bcad3ab7a5e90e7be CVE-2024-5002,0,0,28b740bd033d1abfd76c98a370fcc8a1a0efc6df8c7198f0eedf875190207207,2024-08-01T13:59:37.720000 CVE-2024-5003,0,0,657f01af6ae4ffebd5508957e0a4ee664437c9c42d64fc0c4eaff54aefed6593,2024-07-18T16:18:33.020000 CVE-2024-5004,0,0,dbb46916d3eaa00ba190ac36848b4f73f0fcf9ebf3415c8f81f52119cf8e2d54,2024-08-01T13:59:37.913000 -CVE-2024-5005,0,0,e9dd73ffa50e0cdeafd34f8309b57c5a00750a217333583677cda9600bcf87a4,2024-10-11T13:15:16.317000 +CVE-2024-5005,0,1,28bdb1683e492d24b33087981d0823dd42f49eeb8c271eabba28b1e925e506ca,2024-10-15T12:58:51.050000 CVE-2024-5006,0,0,275a7db4a7750ed7acf4e95109b09b599d0f03c3ae61db2773b61bbc80a38eed,2024-06-11T17:36:24 CVE-2024-5008,0,0,41c3cff745583fe16908c309126d70e41415ad78f2790f83925cbb0a70eb9065,2024-09-06T22:43:49.557000 CVE-2024-5009,0,0,4fd7bfd86519955de695550b550ff6287bae2637bb330aab0edb8e0b318761f0,2024-09-06T22:43:04.747000 @@ -262462,7 +262467,7 @@ CVE-2024-5470,0,0,6ad8fffdbc9fc3c2ca94bc381d3be223e310676e26148212c497e243b6c174 CVE-2024-5471,0,0,b5058f52e9634b68f4d4000cb97858db03cd2fac3d75cd140cb047a19da1c69c,2024-07-18T14:09:17.740000 CVE-2024-5472,0,0,cbeafb08776655e35d6e47fe8a75d08cb39135639adca55be0cfb4cff69e0ec6,2024-08-01T13:59:47.140000 CVE-2024-5473,0,0,7a9289264d1a834c0b8e9151c353ddcb7a22a22f6b7d360897c02053aaaeb88c,2024-07-03T02:08:57.860000 -CVE-2024-5474,0,0,43a83dbafd311c5d5ae6228d64db4d0c4ac6ffef3f20fddca84b77e4de9c971f,2024-10-11T16:15:14.440000 +CVE-2024-5474,0,1,0261380472823b7ef383b7b05cfdc57f13f0ff67f622b2c501faca79b6c35eba,2024-10-15T12:58:51.050000 CVE-2024-5475,0,0,e09a66bd4d026df38a62a9d0642b82f2a5b9bf49c6a2d9e0e1e141414790fdd3,2024-07-03T02:08:58.050000 CVE-2024-5478,0,0,c601a39452cb705e9035daa72131a8a960693dee4deccdae668f9ad5d8466d4f,2024-07-19T18:29:50.137000 CVE-2024-5479,0,0,7bf7a94732a4ce28b83209c9d21f799503dcb5933696ba21b8f4bc98737c6d69,2024-07-09T18:19:14.047000 @@ -263043,7 +263048,7 @@ CVE-2024-6151,0,0,12ec1aee3f7de6ecf0a62e21606cbd6e357a6a7e92793df8af534b3f4e67d7 CVE-2024-6152,0,0,c1506a96f086f74002edf68148148e3e99d50eb834b579ad16316f4c018a0385,2024-07-29T14:12:08.783000 CVE-2024-6153,0,0,b02d5a7d2cf437976ce0fc2bf9815bd6144fa47956956037cde293abd053addb,2024-09-25T14:44:14.567000 CVE-2024-6154,0,0,dc8e40c1ebb3902f0ae8583b2bff8d4b47a9e71d6b236591b7095fe43b4769aa,2024-09-25T14:40:26.970000 -CVE-2024-6157,0,0,0a46c38daa9e9cd16116a68fe90bde9b3eb1a120c739c8fd6a0f1b6a00a66d30,2024-10-10T13:15:14.370000 +CVE-2024-6157,0,1,ba718bca331edf44e8731f065ed2c561d20fff24c3c6339fba42788f35999054,2024-10-15T12:58:51.050000 CVE-2024-6158,0,0,a61a49c74eea3cf7b2f2776e552d3388d81c1dff0a3ef5d79b498d50b6e785a3,2024-08-13T15:35:29.740000 CVE-2024-6160,0,0,ef1a3b3e7f3366ded429b369db1d335204ba1e5aa345b7b6a0087f8051f2471a,2024-06-24T12:57:36.513000 CVE-2024-6161,0,0,4874ef369326f57ebaead3e865a12df6057ceb7ec30e698c3deb9b52e2b10028,2024-07-09T18:19:14.047000 @@ -263089,7 +263094,7 @@ CVE-2024-6203,0,0,3b9c553aeaabf6b65504ab651e97d9d81983015dea0894c7aa9459e33da609 CVE-2024-6204,0,0,03d37f06023f0b3304d0d42810d35c838ae110ad51b8135626af35ef3589502f,2024-09-19T15:41:37.263000 CVE-2024-6205,0,0,f32ee6375b433f4c8b075d7f2127800e855cae97c6ef2c703b09eff01b808353,2024-08-01T14:00:15.120000 CVE-2024-6206,0,0,6f603126f815a80c6debdb2c8fc884bf16912b4470febb5eed843e2704856d15,2024-08-08T14:35:13.290000 -CVE-2024-6207,0,0,b39cfdd768db07cbfbdcbd2168c41b831db4817215f3caef8946cae11bb323f5,2024-10-14T21:15:12.460000 +CVE-2024-6207,0,1,08bb4d30e77cafa1bbe47d47c0589c64ddb4c025c33c4b431b68c48f4f82f769,2024-10-15T12:57:46.880000 CVE-2024-6208,0,0,b702d385d6dc69624ae253d69a727703b76fa8f218fc0fa3e0a52d494810eb10,2024-08-01T12:42:36.933000 CVE-2024-6209,0,0,dde817e69ddab612402867a39af366fc36713e43c4758f0a34432256fd885f93,2024-07-08T15:35:25.837000 CVE-2024-6210,0,0,d08d160d43811c5bb8dcf64fef0c280a0a7b1e98d094babc485e09ce9fa86125,2024-07-11T13:05:54.930000 @@ -263476,7 +263481,7 @@ CVE-2024-6653,0,0,d93d31cbf15b722e8213bd0a1f350049b73a325a73fea026c81bdae5013a3c CVE-2024-6654,0,0,33944ebc74d30c3cdd06834dbc588c95f63dc73814119ce0f62926870f548873,2024-10-09T09:15:06.713000 CVE-2024-6655,0,0,a32b97bcdf109b29c8d77151fae7b1b28b3012a09ea60dee2c55a3acae47acc7,2024-09-25T01:15:45.070000 CVE-2024-6656,0,0,fccb6ec07442f587d9028dc0c59041af34b9eaf4dddb92d180741d5c3d5aee87,2024-09-19T13:05:44.953000 -CVE-2024-6657,0,0,f9f1eb8afc0fcee1648ff3b1592d9c7d58198951ffaa3d5eddbf57bf7a2d64a5,2024-10-11T14:15:05.770000 +CVE-2024-6657,0,1,f7bfb8c7f988c02efa056f01906af1e9b4c649c510ad07863c97de37a1ac514c,2024-10-15T12:58:51.050000 CVE-2024-6658,0,0,c59a5bc453b7b50f1c8c3eefda7e3a6df21ab1a88b2d2e9df9362f9733c6e2a7,2024-09-23T20:15:05.560000 CVE-2024-6660,0,0,caad23d7b98522c6f22294c27dcab3f8925f974b7a7faae66643c3e06a0d6672,2024-07-19T15:48:14.040000 CVE-2024-6661,0,0,b1af44a52f9370b6a9eee52c0900f8f875202dae713119fd68b00889cf9d23b8,2024-07-29T14:12:08.783000 @@ -263546,7 +263551,7 @@ CVE-2024-6743,0,0,d20423ae34ef7edd843a6cb67ab6563bdeae21fb73206254415d2c0219c744 CVE-2024-6744,0,0,db4e7b937d3d03ea3e3b2b15edbfe780a0b875b3fdcc47905faa685f3164112e,2024-07-16T18:06:51.390000 CVE-2024-6745,0,0,1617c1b62a6985e7cfd1493a4e6106081b5b226c76f4caaa1064224772ef702b,2024-07-19T18:04:47.363000 CVE-2024-6746,0,0,a07904c7ab441e8aefcdf67187efe0701752648d282a9adf495048d9805d0f66,2024-07-19T18:02:29.417000 -CVE-2024-6747,0,0,8b616df13e4df1f1e762a9c85cd0dbe82d8a7b051198b89f21b0da450045528f,2024-10-10T12:51:56.987000 +CVE-2024-6747,0,1,0000c09077cd962795fbde814978916c566d78ff452661411d71146a95e7ae22,2024-10-15T13:22:17.563000 CVE-2024-6748,0,0,3165cdb659bfb317f070ab6b5ff0ffe08f8676c2d4210e086188fb527771a712,2024-07-30T13:33:30.653000 CVE-2024-6750,0,0,259befaacfd3ee023627d5e60a86696c98cc4bb58920e9f36a409d03ab7792d0,2024-09-03T21:40:22.460000 CVE-2024-6751,0,0,65709f0db2fc5964de358cedefb78e4090d836ca670fed7f74fbf34d4a07dbbd,2024-09-03T21:39:06.433000 @@ -263555,13 +263560,13 @@ CVE-2024-6753,0,0,3e76b8f2ff884d366f5f73b3a783b6736bdd13f40eb3c8470772b1a85363db CVE-2024-6754,0,0,ccfecfa3a2f8a8cd4ba4f7ec7c001b4a7a2641aaa0e77c47a00426973251ea32,2024-09-03T21:35:50.437000 CVE-2024-6755,0,0,4434ea155c9d8cebbd60bda517677bb77b6d6f010c67ddfc3ed39aaa445357f2,2024-09-03T21:34:33.083000 CVE-2024-6756,0,0,fa0fe14081662fc33911ee3a0e4b2970b04961552ab67c6e139fa887872f5da8,2024-09-03T21:29:36.693000 -CVE-2024-6757,0,0,a454ce213bdf17868e3c4f191611622b2943ee93ab580739ddf50a2bb7442885,2024-10-15T02:15:02.653000 +CVE-2024-6757,0,1,41fc6dfa5931bcdc21b4f65dd3c69b2293e138d06b21a2205099349621592581,2024-10-15T12:57:46.880000 CVE-2024-6758,0,0,eba9276bccb667ada2a9e6cadd00c35035c829f464cb8fc5793fac965ac82fe4,2024-08-13T14:58:47.857000 CVE-2024-6759,0,0,e7cd1780cd31aac9820013b04e76a14ca6ed66e984c4afbf1fe81690ab6c39a6,2024-08-13T15:08:27.780000 CVE-2024-6760,0,0,2363997d66d6496a6d94c4263cbac8f525a5e902af0a9a7389048de6fc4d9b78,2024-08-13T15:08:51.977000 CVE-2024-6761,0,0,f38b3ccdc89aa0093bd659ba31741817a9ff74cb3bee1ce8404957bf0a35b578,2024-07-29T11:15:10.140000 -CVE-2024-6762,0,0,053cd62e78397cb397f65a69e92749587baeeba6b06a23b25c2cde3a3e8e2412,2024-10-14T16:15:03.930000 -CVE-2024-6763,0,0,2e3832a111ef9e1563172f5ed131b6afed3503a9ae140bbd5550f3cc5f769987,2024-10-14T16:15:04.163000 +CVE-2024-6762,0,1,fcaaf729db45af2612bf9f46b8e278194cef379f27ee7baaa80c09eaa2d6af12,2024-10-15T12:57:46.880000 +CVE-2024-6763,0,1,fd31d3c0fd752e1a07a116124e51ff424968e796839048241e4dcd5afc3e0580,2024-10-15T12:57:46.880000 CVE-2024-6765,0,0,582116fb1612a7c43e0b570dc3dd773f185a6bed827d147d00793764d2f2774e,2024-07-17T14:15:04.327000 CVE-2024-6766,0,0,4e69f4c5d546bbff4d97a532e9e5f675c0139ba3a0fba76f00597bc0bd516b20,2024-08-06T16:30:24.547000 CVE-2024-6767,0,0,e624184eb5b85e1f323682c46b24401770f3ecb164370e5143c01069a4262025,2024-08-21T12:30:33.697000 @@ -263714,7 +263719,7 @@ CVE-2024-6955,0,0,a26f625ecf124adff42bb43bc9f1e0c8d32b78d7fbf99f165aa453f32a4235 CVE-2024-6956,0,0,402b3b90bc0ef6eea6fea2da2c73e896560064f50f2a4d52cad793cf96bb3277,2024-08-21T17:35:59.550000 CVE-2024-6957,0,0,b4f44e4de7831c46c7995591b032592b6aa63f3442f007561464731699c5213c,2024-08-21T17:33:42.753000 CVE-2024-6958,0,0,815ebcc0d5fc84aab6c67001f06fe76ce9152d116a343e60ea5524ee95f4434e,2024-08-21T17:42:29.697000 -CVE-2024-6959,0,0,021cf5aa79b268589e0c20396563e26d84d5c16a23f10cdd935d279d800ddd31,2024-10-13T13:15:10.880000 +CVE-2024-6959,0,1,2d507ef0069751205bb97c9ef93c39693f6744826f85fe313e0bf93a0aefee43,2024-10-15T12:57:46.880000 CVE-2024-6960,0,0,932ef4036cbd886ee22297597ffd985e884d3c0cad50613ff0bd32ecdcd39a17,2024-08-01T14:00:50.973000 CVE-2024-6961,0,0,c26f41db6b5c6e22104567980ea901ebcdc3d0c6ac8c59905ee37ac020ae3afe,2024-08-01T14:00:51.710000 CVE-2024-6962,0,0,b8054e2d59ceccdcd4628c1dbc900d3f0c22ab58e2eaf33700d9d63f648dd237,2024-07-25T15:47:18.363000 @@ -263726,7 +263731,7 @@ CVE-2024-6967,0,0,57fa919e819063e047f2b3f1e91ca78ed8e25c795dd23e1130d79afda274d9 CVE-2024-6968,0,0,dcf4fdd98b06a8e0045757b1e3508bd497797b584b272df840a344f24010b384,2024-08-19T17:49:54.017000 CVE-2024-6969,0,0,a98e2b6f93f948b11fce949d5d2bf2ae38a52860637730f6865f49bf11e07542,2024-08-19T17:50:03.167000 CVE-2024-6970,0,0,4194a84f3c5724b9bace97395e0f8e6456cd70a8d0cf3d46afccc165b27983cb,2024-07-25T15:36:44.567000 -CVE-2024-6971,0,0,cdd9ef25f6aa6f7b77c5d87fd6b384bb2995225b4dbdd54002171c4e418ac2ad,2024-10-11T13:15:16.537000 +CVE-2024-6971,0,1,346df1f4db22192bafdd8dad3e8e6dd546900aca70756297f1c21f81883f62a1,2024-10-15T12:58:51.050000 CVE-2024-6972,0,0,136930c91bb85ebbdb27bc99dae627302f90363fa18ab987405ebabe27d12e99,2024-07-25T12:36:39.947000 CVE-2024-6973,0,0,9bcac54b07f64371109cf6c17f16f57c8cc24336c737269dc5d4e2a7b649dbb8,2024-08-27T15:34:18.620000 CVE-2024-6974,0,0,87e35dfa7758fb3e456f51ae7c2c1005342757b141d54c95c0eb015bf95a4e2c,2024-08-27T15:36:40.667000 @@ -263738,7 +263743,7 @@ CVE-2024-6980,0,0,f6625eb84b24e1b38c56cc3bb53a8be195d62bb4e9db2a7b8e6feb6123dc76 CVE-2024-6981,0,0,510d4c4925a1eb3b58785bbc8ab5a73c80a24b4283cae4ebe7ab898a6ac026fd,2024-09-30T12:45:57.823000 CVE-2024-6983,0,0,26d1c914038fe83b8e6a8b16fb4211c387129700e5470999eec99bc2e4f2518e,2024-09-30T12:45:57.823000 CVE-2024-6984,0,0,923e45bdbdeb390a80e72f79f52c794d2a4658d69ca6fdf4fb6edad3e12c000f,2024-09-11T16:39:37.253000 -CVE-2024-6985,0,0,5f21d30928cf28a33075885772aedefd7da288599a590670b4dbd0a400096eb8,2024-10-11T16:15:14.657000 +CVE-2024-6985,0,1,725ec504770a2860bc10fde289ec9c08990ebc76d2606157fcd4e8d4fef9068d,2024-10-15T12:58:51.050000 CVE-2024-6987,0,0,330d8660e6c8d71a307c7f147e933f5e3b64b2ed81a202f0c00b33c60663824c,2024-08-08T13:04:18.753000 CVE-2024-6988,0,0,7c7b8d3e1cf6e7ad313fbb0065550bb07b14482a1596e2d1017c6e1750b4a915,2024-08-07T20:51:56.167000 CVE-2024-6989,0,0,ade79451132400d31d7ae605ff13fce7650d6dfcad5f07960cf60cc71279c505,2024-08-07T22:10:20.423000 @@ -263811,7 +263816,7 @@ CVE-2024-7092,0,0,e9e7e1c22eeddb38238cff178e26d1e84cd16a1ecd7c31190a29d77a32325d CVE-2024-7093,0,0,2af97c55d7ffe283d233de8149da5391663d6c7f2b6f21acff51e16815034b7f,2024-08-02T12:59:43.990000 CVE-2024-7094,0,0,d8ce6991dc787cf1fc8f383d7f348b0cc8c833a282f09c60355b50a58a302aa6,2024-08-13T12:58:25.437000 CVE-2024-7098,0,0,a1c49ab120800ed86f2025110e68f50c456d030c99d6739576f8a1d2cc80570d,2024-09-20T17:14:53.063000 -CVE-2024-7099,0,0,3531347402be51141d70d05f6ed07e94b7e707e80ba342b6bf8e71aa90601930,2024-10-13T21:15:10.957000 +CVE-2024-7099,0,1,5d6c81553e2fb6656d6d91ce9f8e5404921b4fa0c31793be68e62500288af8b7,2024-10-15T12:57:46.880000 CVE-2024-7100,0,0,dcfec02e0ae4a6f64f97ae0297c66dfbc0aebe11e663bfc596e9b5b147ad741e,2024-07-30T13:32:45.943000 CVE-2024-7101,0,0,5454c1208509de59c11b3527ed3914e0b9b453785a2425c8a2e412da33d0d539,2024-07-26T12:38:41.683000 CVE-2024-7104,0,0,65dfc462223ed34264e8700eb7e9171b84ef85c656f444224981a91d9956a19c,2024-09-20T14:44:18.010000 @@ -264125,7 +264130,7 @@ CVE-2024-7481,0,0,029caf1b5321966d6fff7b258f5edb21656af3703408123f2c0a2bb28c2a7f CVE-2024-7484,0,0,922e65f90a754867bdae2807b60c4750519990bf6adcc62fb148334df21e54c7,2024-08-06T16:30:24.547000 CVE-2024-7485,0,0,0b34fc91c3d825ea4087a792a0e5c6d839cf66a581a05d0c60df64b0af48f97e,2024-08-06T16:30:24.547000 CVE-2024-7486,0,0,e2579b82a31704160b51da6f8b3285ef5bff1d765f5e0369c7378c4f856658fb,2024-08-08T13:04:18.753000 -CVE-2024-7489,0,0,6bee47903e820549e5e90c739107dc8047ac1f65bad2428fe064821e77e6f9e3,2024-10-12T06:15:02.337000 +CVE-2024-7489,0,1,341a29664669d2f318513ff8b093c515b394889e69e4fbd9e07e0e906b70ff29,2024-10-15T12:57:46.880000 CVE-2024-7490,0,0,2dbd6717a12bca522d1065ac017f63874351831b0b05b9f6e750116d667cf962,2024-08-12T15:22:20.267000 CVE-2024-7491,0,0,d689a374fb3537e15633f4540eb868e4dc80670c3ee0d8274c63d44d12227824,2024-09-26T13:32:02.803000 CVE-2024-7492,0,0,6476a74ce2975ad097c7a45c1f2f905cc77480bec2260de48447ae3a8b41df62,2024-08-08T13:04:18.753000 @@ -264145,7 +264150,7 @@ CVE-2024-7506,0,0,8ce5e793bea3ef05c090588e0452278f00c3b03b884fc5816b50a2fc0825ed CVE-2024-7507,0,0,6bc1191146772bbaa999b0d6a827100d208121d95729ccca9fad3126c9340161,2024-08-15T13:01:10.150000 CVE-2024-7512,0,0,64969c8356c27f20386cdfa0c38d50ded85817d5026c9d96e7d342b04fbd9f28,2024-08-30T18:19:01.187000 CVE-2024-7513,0,0,9e0dea33b007eccb273e626ffa6cce86e938d130dbfcfa937121ca05aa4099ce,2024-08-15T13:01:10.150000 -CVE-2024-7514,0,0,69b1748af2de10381664303f051e51fd916f2db8bcda8cccf3fa904fe275ad04,2024-10-11T13:15:16.800000 +CVE-2024-7514,0,1,655c87ffa4ff4008320c4821d9c63bb232bfab91cd0bfa739db07a9e11bd1757,2024-10-15T12:58:51.050000 CVE-2024-7515,0,0,3a174c853c7ff7ac11f06a078625d3fec604b25f74f3c9dd6a512b7295373686,2024-08-15T13:01:10.150000 CVE-2024-7518,0,0,3d74948c02d4c957921d5b67aab57df80b7795ebc72bd26ca456b0a500d24f9e,2024-08-19T17:52:53.887000 CVE-2024-7519,0,0,d6b76960785055c5e3c2658ffad1f8ba4c01f9383c9459dab1efa4da32737657,2024-08-12T16:04:20 @@ -264416,7 +264421,7 @@ CVE-2024-7843,0,0,1916845a00ac6d864acb448c0fe39fd74d4023a097dc2d81074d929455ca18 CVE-2024-7844,0,0,b930ca741640f5c7b3b0ce1c61bb7f4e94c485b2638d8e79f4794845e86ce235,2024-08-21T14:12:43.497000 CVE-2024-7845,0,0,2b4134672992a5057330a35c489891fcdc0ff66c466c2c96e09ea314c06bb030,2024-09-26T15:10:57.870000 CVE-2024-7846,0,0,8e15bdd83a5e179d37b373daa0289519d9b1688a7106bd69b16fbadef1928218,2024-09-26T13:32:55.343000 -CVE-2024-7847,0,0,c4a5e56225f9502b32f4cf902921ba916babb59c986821e50770707689fdbf7b,2024-10-14T14:15:12.020000 +CVE-2024-7847,0,1,fa2838cb37cd4673730c1cd210c96d2b7578226eef2e5f7560b84d67b96bb61f,2024-10-15T12:57:46.880000 CVE-2024-7848,0,0,b79248ef369f661dc93f45ab33fbf95a9110e81107fbfafbebe6c98477861dfa,2024-09-26T22:12:13.457000 CVE-2024-7849,0,0,e63d24df06d5f4555672e0892a25c4e5c95ca031f7861c25398c177add1bd8f5,2024-08-19T13:00:23.117000 CVE-2024-7850,0,0,eac62d06d40978b154610fb0b8829f684d203615f4f5ebfcbc586877034ad096,2024-08-20T15:44:20.567000 @@ -264569,7 +264574,7 @@ CVE-2024-8056,0,0,7d94e922f5f6064358baece439e000bb5b536e03070693d567d210e7b17a44 CVE-2024-8059,0,0,bdae740e9708e98c12d1deb7f7b4958a4e9e21cc3d70a47ecc6f19d9246061d0,2024-09-14T11:47:14.677000 CVE-2024-8064,0,0,9afbec42e91ccdf5ae5f9527bb691367cd47bbf3ee2caa0cb5423b43e5fdd860,2024-08-30T16:15:11.120000 CVE-2024-8067,0,0,21c0729ad9dc772677b9fbf75bb24db3bcf4512001a88b1eef9d39bf31f69153,2024-09-26T13:32:02.803000 -CVE-2024-8070,0,0,8e18dcc720d55046523b0c48e01e92ac7c82ee71efe03b21badf0f17db57f3fe,2024-10-13T20:15:03.360000 +CVE-2024-8070,0,1,fe9b454067f74b13c9d22e1bfea14cc77320169fffe5e56dce182517c870c1a6,2024-10-15T12:57:46.880000 CVE-2024-8071,0,0,ac7c2c7e7df896f6bfe7f17a6e74f8de236e5ec843865384cdf53fde1e533098,2024-08-23T15:34:53.913000 CVE-2024-8072,0,0,08fafb0bed7b0568fefcb8938e0e01cf4acf3cb153d4b847bc3e1d9427344a62,2024-08-22T14:35:18.797000 CVE-2024-8073,0,0,10b7625a2313189ee3b842662d1479fc9c76da034a2ab4b4a904df4cf34a67e5,2024-09-12T20:58:56.413000 @@ -264657,7 +264662,7 @@ CVE-2024-8175,0,0,93cd36c03979068837f469bd77e40d2775fae2df59f7cba10d5c6e9b4e387e CVE-2024-8178,0,0,ba572c1f8157c41d405fb002c7b6f163f2d56dcc78fed52d2bcc31657caf5604,2024-09-06T17:35:20.203000 CVE-2024-8181,0,0,493690832b830d715024bac2c57cbeb9d316626844b43ee44a3d0839b5d01d36,2024-09-06T15:35:07.267000 CVE-2024-8182,0,0,9ca161eed16086dd999c3dcdddb12be07c44a0882f46a0d2167122ca829615b9,2024-08-30T13:53:52.197000 -CVE-2024-8184,0,0,8c163146049144fdada87d362eb75f578744ca06a2fab167b1d676e981e40114,2024-10-14T16:15:04.380000 +CVE-2024-8184,0,1,d48d558194844a1f751cae7594bf18c33ea7d327e56afa5866ea86b36313537e,2024-10-15T12:57:46.880000 CVE-2024-8188,0,0,bf948f939efb55d2700c81c8fb5cefa3fc31038462bfeb7ac3e161719faca6b2,2024-08-26T20:15:08.760000 CVE-2024-8189,0,0,63668eb3e5fc8ff94f956bfec9b936178c3cdc9b685d09571c582433c179a1da,2024-10-07T15:44:45.110000 CVE-2024-8190,0,0,b93c21c7e68b63ff1a05425b35ca8850e4059906d4d0de60465090c0528ebe7c,2024-09-16T13:44:18.173000 @@ -264794,7 +264799,7 @@ CVE-2024-8372,0,0,ed7416684bf8c992c4344af2dee1225532302d263529a8756259e179ed722a CVE-2024-8373,0,0,d1a5cc99924a2151520a8ea490fb3d660801248a7f2168e9fe7f0fc9057db80c,2024-09-17T17:32:33.380000 CVE-2024-8374,0,0,d48dc520ae709311b13e321521d105dda894c6710801eb063d42db744b0094d0,2024-09-16T16:44:42.403000 CVE-2024-8375,0,0,58cea17ca7f7a98f8126bafea3caa90f64ce326ce0b828e067a1c86c7d982ac6,2024-09-20T12:30:17.483000 -CVE-2024-8376,0,0,9dd45ea5eb890d621b52ba6a952a2bede7fd684c24943263c6e7f11bc65ec39b,2024-10-11T16:15:14.860000 +CVE-2024-8376,0,1,bbf16835f6f3aa10a7af4872c5b5167c731ff01012cb5251b279466a1d91cb59,2024-10-15T12:58:51.050000 CVE-2024-8379,0,0,085298af9559a314a9f72b50c0919e14d810bca9e3bf6d4dab66f461020341e6,2024-10-07T15:49:54.653000 CVE-2024-8380,0,0,036c8c11a05ec98776794766e58c3583b3eabb4c67c37c1216e0519e7baf5609,2024-09-04T14:58:49.450000 CVE-2024-8381,0,0,71cd6342a2b6c00c154431956e1e93b11926fd4f87284990ba91ff899e315a4c,2024-09-06T17:15:17.573000 @@ -264867,7 +264872,7 @@ CVE-2024-8471,0,0,d4cac4daadf018326a13905f788e8fc27e503497a3cff6ab0ea980773a6f76 CVE-2024-8472,0,0,a896e0fd54ff62d16feed47be0f08dd27e23a8a4def269ca8073766b75918cef,2024-09-06T11:44:34.543000 CVE-2024-8473,0,0,0d318dfea88475fed5cabdbe761e188358c3ae35cd6d226ef3fe46f2f9041c00,2024-09-06T11:44:45.017000 CVE-2024-8476,0,0,092ef960d66528d11d9417cebbf68782d16f414858b72459c24698ae73498ac1,2024-10-02T17:31:00.583000 -CVE-2024-8477,0,0,1faf02f48a6c137929c410bfef3e9ca70772a04b4f45e1a2889fbe2e2cd3997a,2024-10-10T12:51:56.987000 +CVE-2024-8477,0,1,fd7fe23c5bc5692ff12d15f6b09bc0e4ea6369607695d48fe0bc54875874eb65,2024-10-15T13:30:52.877000 CVE-2024-8478,0,0,175c7b9f94662d755813fa2228cd0539f44691d1180c4633af22a35129eb9a32,2024-09-26T15:53:44.297000 CVE-2024-8479,0,0,895a7d94fd595e323b99eff6522688473ca450b242af8c3d5ea382e2a282a9b2,2024-09-27T16:12:10.427000 CVE-2024-8480,0,0,73de76891190d432c360d36e1da93720f2abf11adbca08499bebf4ffb87eb2bd,2024-09-26T18:13:58.470000 @@ -264886,7 +264891,7 @@ CVE-2024-8504,0,0,8357da8291f04353fac31874868f2eb40b31e26be1555ef771437bf9554e80 CVE-2024-8505,0,0,1c04e90354babae2df3035dc354852183330b8445c04d1f2331a89a32b3e4a48,2024-10-07T19:26:53 CVE-2024-8508,0,0,095cff01fb00165e2108ed0a6b3f940edeffb7916515f1cc0f2ea48f2031a7c8,2024-10-04T13:50:43.727000 CVE-2024-8509,0,0,72b678ade46a23d1db65e1dfb65526568e7875d83752ef0a47b4a7edfeaf5ddf,2024-09-09T19:15:14.837000 -CVE-2024-8513,0,0,5e0bdda1c0b018ba91d0f10ae70eb6cfa8ecb6f600f283b8c321173de6280941,2024-10-10T12:51:56.987000 +CVE-2024-8513,0,1,910ae7d47a27f3be55b8ebbee4133c06edee61ebde300e418feb96105acdd2ce,2024-10-15T13:33:14.333000 CVE-2024-8514,0,0,c58a76f0057441ba23f8e2f32e326770fb9d4e75db425aee0ab9e343556d5997,2024-10-02T19:59:17.080000 CVE-2024-8515,0,0,2860d4fc2403ef731ebb5d2e3d51ef0155fe3387c99bac76ffcaa85980c8d253,2024-10-02T19:22:00.953000 CVE-2024-8516,0,0,4c7cc8475226568ec7dcbebdfbb30107ff8998ef4ef82c2cfacac984d895c7fe,2024-10-02T19:22:44.933000 @@ -264898,8 +264903,8 @@ CVE-2024-8521,0,0,65485edaf907369f60ded6330bfa86fc3cb4b0554a8f781a990c000b1998cc CVE-2024-8522,0,0,2ab431c4f2cf5ab967664e41dd1dc524f59071081def8323632354294bee4f38,2024-09-13T16:12:30.497000 CVE-2024-8523,0,0,97cab60ebb5ec07bfc3fbe69bde3146d8e6846c5d869fc10534b5a2c3c29806e,2024-09-09T13:03:38.303000 CVE-2024-8529,0,0,12671b61ed295efe6d3d38d0b158765da76f16b719201c5bbfb86ca5ed8c38b9,2024-09-13T16:11:25.400000 -CVE-2024-8530,0,0,6f70a04c33a47c6b2d9ca700997a218001fbbbbfcaad3aa47eccbbbdc529e1b7,2024-10-11T14:15:05.970000 -CVE-2024-8531,0,0,bde030e3249e7673e1400e4ea79ce391a49b7805603c284567aa0e282874b56a,2024-10-11T14:15:06.173000 +CVE-2024-8530,0,1,5cbf4b30a0ece93db500dd3f52e859197f6064be344f9481ef25107f4686b11c,2024-10-15T12:58:51.050000 +CVE-2024-8531,0,1,6247771452e4454422e50e876a5da9e38ac5a7aad08135621b5b288e87bf9b96,2024-10-15T12:58:51.050000 CVE-2024-8533,0,0,ceba1d609043d018dd2a5c62af783c64aebd2125e63ee811ba18e8a1d6a8510b,2024-09-19T01:57:23.830000 CVE-2024-8536,0,0,a7b1e09acaf4ac1b8946f962d2bb0e6dee99d2fed00608df37ed579fb4435262,2024-10-03T18:16:17.740000 CVE-2024-8538,0,0,037a1de419d434bcf3dba0ee797a8b9a465b537393317b1c47cc2bb770ec2f49,2024-09-26T16:28:02.990000 @@ -264942,7 +264947,7 @@ CVE-2024-8584,0,0,f2bfb960200b98001a53756524046d766d8acbe67d6e46dee6e73d41f4473a CVE-2024-8585,0,0,e17d232ed4a4084d03c537d4bccfc260c2e2f4d1c4cbcfdf334e4783c2ee46f9,2024-09-11T15:53:35.693000 CVE-2024-8586,0,0,23468ff8a51a574afa4ccf040ef08b97cdacf6166e19d71118517f5f68bba004,2024-09-16T13:28:03.400000 CVE-2024-8601,0,0,350a6e2c691d4290217990f07e5aa1eab0aea03118253c9c9cd54625cff0b36e,2024-09-17T17:54:39.767000 -CVE-2024-8602,0,0,4eeda86fadc2aa14b25662e1edaef238609ac66c3a06646af8bc061f10c582f4,2024-10-14T14:15:12.400000 +CVE-2024-8602,0,1,26fdf37285981a60690805f7d4493045b3ed4389334ade9ac0bbb8a88e3fc190,2024-10-15T12:57:46.880000 CVE-2024-8604,0,0,011a82fa33d28627d93910a4b1b240e8b61f649834230335b18a4a93ce8a99bf,2024-09-10T19:14:57.017000 CVE-2024-8605,0,0,2abdfde3fad91633012e2fbc4796f8bda82aa939ecbbf9c2890b650d01ffd42b,2024-09-13T15:31:52.140000 CVE-2024-8606,0,0,20f69def3ac5362a6447befa6462591ee01c298b230281fd326f40893e51c1a1,2024-09-30T15:32:34.647000 @@ -265028,7 +265033,7 @@ CVE-2024-8724,0,0,41e3dd453fbe3c0072e7ab470e5d529ac122f059bb60a2be671564b989c496 CVE-2024-8725,0,0,bda4a6515a704fa51f2d759f535270e57676d8c1b87d3a5cc5dc6f9e3d99ebf6,2024-10-01T14:16:42.727000 CVE-2024-8727,0,0,cb79e2fb4f4e8ddff2e3cdbb1cbb30b7c8fce0689b3d497e10ebbff2e74dd2da,2024-10-04T13:51:25.567000 CVE-2024-8728,0,0,d061a0a3e4a793bdc334c9b032908af2152405a24e9b06b2723d960e58ba5c92,2024-10-04T13:51:25.567000 -CVE-2024-8729,0,0,e912efc66bdc104956ebf2aee531ee4293a718aac50c9b7bbda50b8d04130d71,2024-10-10T12:51:56.987000 +CVE-2024-8729,0,1,d5e2470679c3739002ae67f8937e40f51aaa077d58da9fcd25b709dc6eb342aa,2024-10-15T13:40:37.917000 CVE-2024-8730,0,0,ff380ede7d530472d7457d72280d0377e58fe499631b78029fd0dcbdd667a7f4,2024-09-26T19:58:33.353000 CVE-2024-8731,0,0,17c6adda5eb698d4c05886ce56b7c8d24eb85ac20af08445719f350b3f8c3e38,2024-09-26T19:43:33.110000 CVE-2024-8732,0,0,fdb5356750581bee2cd15ce9454648108e6d01424f144ebcf561e47c2245eaa8,2024-09-26T20:01:02.290000 @@ -265045,10 +265050,10 @@ CVE-2024-8750,0,0,6aa000b45a0c694359dda91e7e992492dcd4e93d6e7b8c131ee0a86fa36b56 CVE-2024-8751,0,0,dd4f77422f5dc981129a2e765da3e243ee86648b85be15172cd0c4e6601f992a,2024-09-13T14:06:04.777000 CVE-2024-8752,0,0,be5f97c0edf8e6ac8b5e8514ff7047e0f4fcd958517cc5377fbff739f62f1969,2024-09-20T22:42:20.367000 CVE-2024-8754,0,0,f8a4ca9a3c8c6c9af2a693c6565fade1a53b2c08d2db63ea33e154699f832b1a,2024-09-14T15:40:20.583000 -CVE-2024-8755,0,0,d48cd781a066209d88f0be43bcbea7039d3c727125dd2ea2d4b21d6a406c14cf,2024-10-11T15:15:06.150000 -CVE-2024-8757,0,0,3a84789f1983e99dbc7bc6577d5feb00e16e25314b27dd6c28a4a95ab66898ef,2024-10-12T10:15:02.687000 +CVE-2024-8755,0,1,6df715314b1336790c7d97e006488029fc046357f7768aca9e76af35c90a4cf5,2024-10-15T12:58:51.050000 +CVE-2024-8757,0,1,ac7b458a171f940d51c6f598fa3e7660be88f90768b34e80d2717be5212da2e2,2024-10-15T12:57:46.880000 CVE-2024-8758,0,0,fea72da3ec447aa80df355b080e42aa6b936f28594d975635bc512eef8e85985,2024-10-07T21:35:03.193000 -CVE-2024-8760,0,0,03352c1eb2ac9432712a82db712313c58c37383e2280bbd1ef44383c1d23d33f,2024-10-12T09:15:02.677000 +CVE-2024-8760,0,1,9ea2fbe1bce76fe8b787c65fe635c22c7a5af9164ae399ebf90a4b05706537bf,2024-10-15T12:57:46.880000 CVE-2024-8761,0,0,848a595fd57d8370e05b835997d27866b56b6fe7dc68e418780d166762e6c8fc,2024-09-27T18:41:43.043000 CVE-2024-8762,0,0,2877f4481d10e26d4e6bf50e010d02152cab4d90b2c2329689bb4edd4b768ea9,2024-09-14T15:54:10.687000 CVE-2024-8766,0,0,b5c86feebeb7f4c2ef3d57aeff024553a8b8afab58619c1ddcc92e275588dfe2,2024-09-20T12:31:20.110000 @@ -265108,7 +265113,7 @@ CVE-2024-8891,0,0,aa12a440054ffbd9bbb7dd25787b2c9efe1fc6e33a09eaeb1daa5594da775b CVE-2024-8892,0,0,b5404a9c6df12d8f66b57eddda13f138d35d7b48bdd71ae1e8b3a805c49716e0,2024-10-07T17:10:26.673000 CVE-2024-8897,0,0,73bf9affb964d11dd95d3adbb34f86a16b9ae0fd786e64b4bbd48b1e4387bb49,2024-09-25T19:49:02.493000 CVE-2024-8900,0,0,7e1ef63767445d80c050e52e96753e1c9a46fb23d2b1e0137f2a2c5bdcba53e3,2024-10-01T16:15:10.293000 -CVE-2024-8902,0,0,20bd308a683d9cf61f2fe6b88a2625f78a9616f8f272c8988dc5e56b8501fced,2024-10-12T10:15:03.810000 +CVE-2024-8902,0,1,e5dace8ff5577040ad4e028bf354543120981f772810138844b5cb4413778526,2024-10-15T12:57:46.880000 CVE-2024-8903,0,0,2ce54562e46551a15b98a64a6437d41656e447939ac76ef855f5d59decf764b8,2024-09-26T13:32:55.343000 CVE-2024-8904,0,0,d8dcf25b3cbae62dbf75fa5380e6989346805c7240b139b8d28c46adffd353f1,2024-09-20T12:30:51.220000 CVE-2024-8905,0,0,625d5bb69a9f76fcb9a2cd22498ac865437c911f131708c6085adf66bce9c960,2024-09-20T12:30:51.220000 @@ -265118,10 +265123,10 @@ CVE-2024-8908,0,0,814a632e733410078b07e9411999ce68ca7ad8b9d3cd0621cbfe771be63227 CVE-2024-8909,0,0,164deeef11f6495a80d20f0aa7bd15b53f984d767860039b14665a9aa77c7c0d,2024-09-23T17:51:11.790000 CVE-2024-8910,0,0,381e6285f77cbfcd68b12e9f3c36f92b4377fd4642413a4087debb4746eed093,2024-10-03T17:34:27.913000 CVE-2024-8911,0,0,3e740b3cf92ecc1f17356bd7912ea5093c6c60b7cb91fb7bff5c155129d89dfe,2024-10-10T12:56:30.817000 -CVE-2024-8912,0,0,cc754920a66c9505b940e8219b2e4d1d89e8006fc7a2b380aec11b363ea547b9,2024-10-11T19:15:11.110000 -CVE-2024-8913,0,0,a55fc5932b647838acfa904d967ecbcbbf1a8451e2d81f1f3b7968e9aadf354c,2024-10-11T13:15:17.040000 +CVE-2024-8912,0,1,a4286937675e049e61563468e21e8ee394eb8618a71f95672d8446231a80ed03,2024-10-15T12:57:46.880000 +CVE-2024-8913,0,1,fca416d77c5623788a9db07f1a3764802595b9fed9406445b458bbb4d1cd4d8c,2024-10-15T12:58:51.050000 CVE-2024-8914,0,0,c67ce2c8d24044b482c9bbb33384856203ff5bb870309850d7df3d6267c1b679,2024-09-26T13:32:02.803000 -CVE-2024-8915,0,0,3d7924a02140bffa633b7bd8d59b4b3fbe9f92ae6bde22761e2a4adcfdb52420,2024-10-12T09:15:02.950000 +CVE-2024-8915,0,1,80988e61f2deb23ce0d3db6a9db0275f7f6c7eec9c9b53e27317ff9faa29da01,2024-10-15T12:57:46.880000 CVE-2024-8917,0,0,32a69b030ac61cd4e144a233fc55362cc6115ccb6ecca5ec236644320a2aecf1,2024-09-30T14:30:38.687000 CVE-2024-8919,0,0,e01b61fd584c4fffdfd8e5db7a09e1be1033f5c7df5b5418d10948726a2bc540,2024-09-30T15:08:14.077000 CVE-2024-8922,0,0,8e0e34187cf2453e3fbc920fc9b2ec5c27a6978605c90cb2daa5d0ef90213fbe,2024-10-04T19:11:47.217000 @@ -265147,20 +265152,20 @@ CVE-2024-8964,0,0,c8fc4fc0d8f6e4149ea3cd0239ed4708c78c8d6f77eb0df4938d6649d94bf7 CVE-2024-8965,0,0,fcd9a7faf9aba17ebbc93d83d1389f5891b9c0797caaf85615a1a91da1ce5a78,2024-10-04T19:04:03.157000 CVE-2024-8967,0,0,0e61388d89e65d4552c8513d8ec8c307c7a4bc14fde1f860df9e7663ba49f28c,2024-10-08T18:47:12.110000 CVE-2024-8969,0,0,98dd6be27cce2c3412495467ecb9257ef6e673bce29c0f376bf0c342ca11f9e9,2024-09-20T12:30:51.220000 -CVE-2024-8970,0,0,01220d239772239c552efb8067c56a2081891e04faac8e9af54c0668dd9acf39,2024-10-11T13:15:17.270000 +CVE-2024-8970,0,1,ac6a340d484c123a9130b7a8da1b91e0090b1836f7865857c5a2324dbb60a434,2024-10-15T12:58:51.050000 CVE-2024-8974,0,0,47fcb9de64a47ab7d6fd39981189c5f91c3407e2aae34c6aae2197da9ba195e7,2024-10-04T17:30:18.803000 CVE-2024-8975,0,0,e9dab26a838a0dd237537c2cbdba69bbaa5b6602743bc0ca17e054f95d0f2b70,2024-10-01T19:20:21.103000 CVE-2024-8977,0,0,b30f5e9773cbebd8f8eab1c578a3df324c4584c4e480d99e81a4dd652a649813,2024-10-10T12:51:56.987000 CVE-2024-8981,0,0,72a5e946545b01f6f5b55bd9be0a66c4964926bf866e85b9f0e826b5c8f5cfe7,2024-10-04T13:51:25.567000 CVE-2024-8983,0,0,a5894726a3c72e301955e62952254bf05f92543b19c3d4bf59f7d30236266e8c,2024-10-10T12:57:21.987000 CVE-2024-8986,0,0,072cf1f180fb390d1b4b3d2d50dea4c4259a9c38757ddb70b883e21ef9d81f01,2024-09-20T12:30:17.483000 -CVE-2024-8987,0,0,2e15a6866a11249df44905a7c91db802da346d4704f12cdcd4f7c5e157d2854e,2024-10-10T12:51:56.987000 +CVE-2024-8987,0,1,d4b77e4f4c2044761be428fee6d519c8ab2f4f0a204428b1e0f3be72f25674a9,2024-10-15T13:45:29.510000 CVE-2024-8989,0,0,caae46233d26ee2b67df93becf3adf518208e6bbacfb542b8b2dd6d9f605994c,2024-10-04T13:51:25.567000 CVE-2024-8990,0,0,ebe58ed4a084d59384bf44303a373b31562e7163a1320c584d218212811f287c,2024-10-04T13:51:25.567000 CVE-2024-8991,0,0,36ea31132f642cce3da65bf6a2c52220b14f1ba567442136b19c870ca92cc82c,2024-10-04T18:56:30.583000 CVE-2024-8996,0,0,b0907780bcace0477557b6ba9bb55a2aefa2e27bdc88e1eb50e40fe332316c17,2024-10-01T19:16:02.793000 CVE-2024-9001,0,0,3414d6649893c69be27afcf1e3dc2327433e2ecaa7ac9013879a0b1b05bf0f03,2024-09-24T16:14:30.190000 -CVE-2024-9002,0,0,0d06cbf5f4a846a907b6a2a43d11d3555b8d2bcf703850c328ef4cac300ffef6,2024-10-11T14:15:06.397000 +CVE-2024-9002,0,1,3f629bc956535f32d1eb8c86c2d354b7aabd03ffd61f180e0e15319ef9feb09a,2024-10-15T12:58:51.050000 CVE-2024-9003,0,0,7fb287df6f780d926de841fbcfd340e6c80a68c0faa41b54a6866e1139b43c05,2024-09-25T17:18:44.523000 CVE-2024-9004,0,0,94d0f2582229b176f297294b273867d83b4f75c60353b6fab8e5029183cf84e7,2024-09-23T17:29:20.827000 CVE-2024-9005,0,0,61099b22866a74984f444f0a6d108911a7f5d019e3cfe0c7b08ac38e148f742f,2024-10-10T12:56:30.817000 @@ -265193,13 +265198,13 @@ CVE-2024-9039,0,0,2a46914eca39fc29da2da7edd5c8d5e2462d724fc7b13f9f758dbc7e741a3a CVE-2024-9040,0,0,0fb966ef41b73391708aea4bb41bcdf22035487df6b2f9dfc89d7d54ff500837,2024-09-27T15:53:28.333000 CVE-2024-9041,0,0,99f9003688843669abe0778fb23af0702d95d6892437f5bbf3a35f1e206f8b48,2024-09-27T15:57:55.073000 CVE-2024-9043,0,0,585c2a6b7b38dff44f8f31bab3e4cca50893ebff20d4d599fedd4ef31bc82eef,2024-09-25T17:54:05.297000 -CVE-2024-9046,0,0,ccf29b7f950c2068a983470342fd395555ea1d4320e405e4ca055421117646d1,2024-10-11T16:15:15 -CVE-2024-9047,0,0,236d4a938dbf8360d416199184100e319df421426259a181e4669f68aa2f4eed,2024-10-12T07:15:02.170000 +CVE-2024-9046,0,1,9e0d1f2c16bb3549b3af5cc8782ec889e150a5e95e549d28c3aef7a0f43a7e12,2024-10-15T12:58:51.050000 +CVE-2024-9047,0,1,4ea7d0b1b11f6de8ec31e11947f5e76892006c92ffae382a37fca981e56bba3b,2024-10-15T12:57:46.880000 CVE-2024-9048,0,0,f4eeb8fc17937a04134cb85e4ff1d8e798c7887dad672c6adf3a86ffdd0c5d34,2024-09-30T13:00:48.613000 CVE-2024-9049,0,0,43c64cc2e53580aadfacb0d92c10ebf9c72fa78495b0a90bf4d0f0f029260a77,2024-10-04T18:53:10.910000 -CVE-2024-9051,0,0,cd9f5066c63e39d4ce5479a5ea7f24fe1eed0d9db90cc0d316834afb0392bf0a,2024-10-11T13:15:17.477000 +CVE-2024-9051,0,1,e0f892f6090989bc65bfe2c27d48e7e51216899c12a8aa5d44d38bf2b4829ddc,2024-10-15T12:58:51.050000 CVE-2024-9054,0,0,632533b0b073919c9f25cb14ed4a8d11056b8ec4f59845703ce4b59b194b976c,2024-10-10T18:46:08.743000 -CVE-2024-9057,0,0,7120f445795029b2d9232bc6d376088813a1d971ec2cc3805c4f8c6e80f0ae9f,2024-10-10T12:51:56.987000 +CVE-2024-9057,0,1,1e7730ffd6c424e386d911bdf2bfee9e4291e522521f210193a354376f62eabc,2024-10-15T13:58:19.960000 CVE-2024-9060,0,0,362dff7d92c4f79cdb773c7965db43bbd7eb0923ce5f0445c06b15d2c9fc0e79,2024-10-04T13:51:25.567000 CVE-2024-9063,0,0,df96d256cb802a721004c9ac9223f80a26c192f9136fb3599130ecff1f9d6c94,2024-09-25T01:15:48.670000 CVE-2024-9064,0,0,3690c7b55d27fee8e350cfbaac84424d2ddbe800d1e2e12ef6772fb08a20e1ee,2024-10-10T12:51:56.987000 @@ -265248,8 +265253,8 @@ CVE-2024-9125,0,0,178fee32dc964661b9c65fa72adfd723833bc712092eacf5141ac942799ac5 CVE-2024-9127,0,0,2a57398f5cef1966c50482248e5fdb86e0eae0bed7d0a3c554fbb9c182ab0a8a,2024-10-01T14:09:26.017000 CVE-2024-9130,0,0,c55ec493e0918bdc6346df7de1c7b50119b1912e830881716d5b60020f91e1cd,2024-10-04T17:18:59.130000 CVE-2024-9136,0,0,9b9746749b73403d8dc2b7a33b5935315a467feb0aa3698e70e44d08c2289a1f,2024-10-01T14:28:31.027000 -CVE-2024-9137,0,0,9065b9986e350cb1955cfbec462f81d3d3a9a0cca2dc3d030de4540532f9abca,2024-10-14T09:15:04.403000 -CVE-2024-9139,0,0,09eb3f13c3e60192800512c2b76c94742b9d9d7d743e90f5437ddfac8bcedf34,2024-10-14T09:15:04.693000 +CVE-2024-9137,0,1,264d67370ab0f50b8c3f1048814084fcd11d0d542a946dd3f8623532739c7355,2024-10-15T12:57:46.880000 +CVE-2024-9139,0,1,4ad68147a5d9ea2e8ca6916d944791ed9c6e2cb907a5644b5fb819f412e605c8,2024-10-15T12:57:46.880000 CVE-2024-9141,0,0,1186d93c71ba2b76e7029b0455d3828535e51a6f22b721a65c3963a052cae512,2024-09-26T13:32:02.803000 CVE-2024-9142,0,0,143ad6ae744fa593642be06138ba59f5a3ac64fb0a6f22e5d0ade004fddfc127,2024-10-14T16:35:01.033000 CVE-2024-9145,0,0,666aa1000539c0391187e882757d18372cd0bce4cc6b153bd670793f8325f34a,2024-10-04T13:51:25.567000 @@ -265260,7 +265265,7 @@ CVE-2024-9156,0,0,bcd53d2df74817387f5c7b903fa39072b4201c0e9cf3669f3b4311525ede5f CVE-2024-9158,0,0,4fc7d51e8c01309b5be37e99b987b450b97283230cd81ff5464aaed45b24a100,2024-10-07T16:13:49.027000 CVE-2024-9160,0,0,dcb08097a2707d90887b21cc5ab80eb6cf86ff84abb571a9a69f82310c298b71,2024-09-30T12:45:57.823000 CVE-2024-9161,0,0,b475702d9da1cd18a82129e88647b71b0425c30925f01e0c024257c76be8d651,2024-10-07T17:48:28.117000 -CVE-2024-9164,0,0,9992870700450aea4f4accfed1feb88e203e45183a15e0b94e4dc0ae91688c8d,2024-10-11T13:15:17.700000 +CVE-2024-9164,0,1,22a852044a02fa2bf2a1f004c8f4e0e1dbd359605b1a68593f6ac0ec4a57bdec,2024-10-15T12:58:51.050000 CVE-2024-9166,0,0,b24f9ebc4650fb7d123f858805d8b1a753ef6a732064f8b14cd979bccf2c240a,2024-09-30T12:46:20.237000 CVE-2024-9167,0,0,c76cdd3c3965eaf83c5e43b4dbbb850b39e5a19995695c4b4450dc70c8263305,2024-10-10T12:56:30.817000 CVE-2024-9169,0,0,3e58e76dfb6d40928d7a81777e9f17fdbdc857f6ee99a9600a6d563079322d8f,2024-09-26T13:32:02.803000 @@ -265269,8 +265274,8 @@ CVE-2024-9172,0,0,061cdfe5504cd57ff23c615d7882c5ec428decc2bc25b474b7bdd44e1c6c93 CVE-2024-9173,0,0,35b89a81311ca677fe554b85f50232d9274c2631e7208ee1d074802a8dbdb506,2024-10-01T14:12:41.293000 CVE-2024-9174,0,0,70fba8b83f62f6c4709cde03a07baa90e2b7205b145527e48fd4fbdcbf5b21e3,2024-10-04T13:50:43.727000 CVE-2024-9177,0,0,c4277901c0a37ba57d19438c33c0231133f774b6681a96af5a3a31a338af68ef,2024-10-03T14:32:46.150000 -CVE-2024-9180,0,0,09b2e0f3c1799965da79dc62f3f7016950c58ffc6f92cb270d955982c4115202,2024-10-10T21:15:05.010000 -CVE-2024-9187,0,0,2781007ebf5b70adc7be2615b0370144f38bf44011cf16033b8612315f867048,2024-10-12T06:15:02.803000 +CVE-2024-9180,0,1,f5e0821b2debc3c255056411f9bf179456f8a11955388738e100a69bfcad1cdd,2024-10-15T12:58:51.050000 +CVE-2024-9187,0,1,ec7d5f1d630d180582cea6b34ef03e6ee8cc268d8686e0a61f71186e80a87f38,2024-10-15T12:57:46.880000 CVE-2024-9189,0,0,589dc859bd1b4dfe4aefe62d286159acb6f430185a125dd81b1568310ee1bb88,2024-10-03T17:26:19.397000 CVE-2024-9194,0,0,94d0f5f267ad180c0cf40bc9b87cc59bf3002f59241057e5b89ba1ec25bacf82,2024-10-04T13:51:25.567000 CVE-2024-9198,0,0,f43e7cbf5ad8264654a856d8df5069cea0145a66becd85052219123b3f2b7d6c,2024-10-02T14:33:52.780000 @@ -265283,16 +265288,16 @@ CVE-2024-9205,0,0,2342f85567b7ae33e437901f9d4f9c8c67422cd91ed15f39888babdabed280 CVE-2024-9207,0,0,bd62704ef4d107f23b43db57d93a8ad3934422c7bcac5afce9ae8c29eef576cd,2024-10-10T12:56:30.817000 CVE-2024-9209,0,0,02f8d10156b55c480185cf79dd6fdc61c3ca58517fd3619bf848f85895c40b93,2024-10-07T19:20:32.777000 CVE-2024-9210,0,0,3a96d77d31ae9d7d03fb36944bbc08403b6a23f29847ff9570c75435783fa55d,2024-10-08T15:34:42.060000 -CVE-2024-9211,0,0,b40f65a60be2c6015da846de87bd7d5129944a725366b63bfd4757957621ff10,2024-10-11T13:15:17.883000 +CVE-2024-9211,0,1,2701fea91f9be8cf1cd1e5693145c9b46f27f6fcdb96052a4b980af632a066a4,2024-10-15T12:58:51.050000 CVE-2024-9218,0,0,1fe5a0dc5cbc5663db71bfb2b02fdc2baeca2012618f21fc2618b5a68d78cab6,2024-10-08T15:33:58.617000 CVE-2024-9220,0,0,6bac7ddea6b917eb69cb1f74123e8b2dddc4799202193b6b6e16b0128e05e777,2024-10-07T19:19:59.487000 -CVE-2024-9221,0,0,096077e96e1fded3052ea04bb5a52b3671cedb20c32d84a0cd53af348fda881a,2024-10-11T13:15:18.100000 +CVE-2024-9221,0,1,feb1b16d88be55b92259cd20b799cece7abb9935cf5adfed4d1f38e82a4356d4,2024-10-15T12:58:51.050000 CVE-2024-9222,0,0,aa75daaaa6f167f771e02be32b7ac6d9115eba757cf38ea3ae7fe336f82931ef,2024-10-08T15:34:13.250000 CVE-2024-9224,0,0,1efb870d30ff5afb9078703fdeff1bc29463ebfa0c91ad435c25d902219ffec9,2024-10-07T19:19:38.157000 CVE-2024-9225,0,0,d9b0065994459fe38d594a136ae9cff90cf19d12b5b0208b359cee9d6c2409ea,2024-10-07T20:24:41.420000 CVE-2024-9228,0,0,cb0dad29f14eeb8fed9baf1de8b4ba619c5e35c4fffb0932ef40f0c6748e195d,2024-10-07T19:01:04.960000 -CVE-2024-9232,0,0,addd3c21da65f2294fcd06790057fabd158db76d23e6e63a31e06745dd1630d7,2024-10-11T13:15:18.313000 -CVE-2024-9234,0,0,93ca479c6177293a6648dd18b24eccaa34af7d9740240888030f5df11e97e9ea,2024-10-11T13:15:18.530000 +CVE-2024-9232,0,1,a07f526496bb68b184ee001c7d6cd9744d3cb563b91260e8d60bd9b70cac4bda,2024-10-15T12:58:51.050000 +CVE-2024-9234,0,1,304bee6ceb91eca0cdc00d7cdc49b4c339c82fe3a2287348525c06a570d629da,2024-10-15T12:58:51.050000 CVE-2024-9237,0,0,0e85c2cf89b7facf78d32fd32a25dffbbf4b2d8fbf5d6b7c796412387e496c24,2024-10-04T13:50:43.727000 CVE-2024-9241,0,0,6c5cc70c23164aeead7a2ffa985d7e69869a7cd0428a8503a9e9f624c0c87b24,2024-10-07T18:51:20.950000 CVE-2024-9242,0,0,2931ce38d642cfa320383051a5a41609f3e037ff0fe51760f16b233825fad051,2024-10-08T16:26:06.147000 @@ -265330,7 +265335,7 @@ CVE-2024-9300,0,0,8cf4fd8be1a68079d9b09593a267df47fb69eec7140ede32d9eeb623680961 CVE-2024-9301,0,0,8bd5a6d252ad4356c723578db918b42e690d26a3308bebd8024d27b2807bcd16,2024-10-07T13:12:48.953000 CVE-2024-9304,0,0,f4e2b697051bb54ba85260a74446cf2ab04e7ed5a9a99551a585b1547839152d,2024-10-04T13:51:25.567000 CVE-2024-9306,0,0,ac26ad903bb36889edec0c6ea9a2822945801fec7c4fdd4634c75606f4fc1bfd,2024-10-08T16:25:29.877000 -CVE-2024-9312,0,0,3dfa1fb61896254be60d93c0c360284db6fd2a50f4dc389d43297e0673970fbc,2024-10-10T14:15:05.863000 +CVE-2024-9312,0,1,65fdcc0be3189c3ff0a528696e09ee6d93e5e818e1f4d380b9150324071206f9,2024-10-15T12:58:51.050000 CVE-2024-9313,0,0,8eab8e6a12fcb7dddda62f8c34fd34d547229d6ef4cec2e38f61189642da0e5f,2024-10-04T13:50:43.727000 CVE-2024-9314,0,0,00d364d543c4cb2126acf6cc95de2d0f1b151f0a7217d33f64bbbac89a01f5f5,2024-10-07T17:48:28.117000 CVE-2024-9315,0,0,dcae3590349756096f3149f913fcd278d961f7a38fe3ece525d39bf3aa5da14a,2024-10-01T13:33:59.480000 @@ -265352,7 +265357,7 @@ CVE-2024-9333,0,0,29d3d497691b594c7c49948d48e229bbe8c23108f2eef552b2f92cd89acf1f CVE-2024-9341,0,0,d189ad1f5a137e8ae5c8357f3191cc9111f21b931f4eff48979046ce5164f4a3,2024-10-14T15:15:14.373000 CVE-2024-9344,0,0,d870e129ed50c7683cdbbee07d60a73dcd8b852b9805e9d5932c8a41008c379e,2024-10-08T15:06:57.470000 CVE-2024-9345,0,0,b08be38bdc65e7df784af6af5cf36510583fc49f8a0ab62bc24aed87f83f55d0,2024-10-08T16:10:17.567000 -CVE-2024-9346,0,0,54562034e717f93a9c89f6030e73e47fb9b9d7abbbde9d33821c04e2f0a85d64,2024-10-11T13:15:18.740000 +CVE-2024-9346,0,1,62d32d35d45fd426e51a0ed8886468a70178025d3407ee17aee209be78f55958,2024-10-15T12:58:51.050000 CVE-2024-9349,0,0,7fb570a958bfb5f024d701411e107c7a9174d92283208cc2689922c41cd2d99b,2024-10-10T20:25:57.580000 CVE-2024-9353,0,0,64ddffc3239a0d67e3b79e48af9889b2f8d89027aa9c53de3cc5595dbd6f2fd7,2024-10-08T18:50:51.357000 CVE-2024-9355,0,0,2335659835f921193e44d10d2f6efb8c86e6209b896584e38b7b031dda2058dd,2024-10-04T13:51:25.567000 @@ -265392,7 +265397,7 @@ CVE-2024-9421,0,0,c9b1d003792a28014f7a9846d6ca15c83ef06308c8117d3bc2489a9bd808c1 CVE-2024-9423,0,0,080f0a87d4561f3316974a1b5473f0b3836e39e629c6273c7813cc62b41d4a31,2024-10-04T13:50:43.727000 CVE-2024-9429,0,0,39a47d098a68b52cf32f59e1969df9e75a8cf523aa1e072e6df455fffe62a5c0,2024-10-07T20:15:10.567000 CVE-2024-9435,0,0,c0164287b46d3e8531339252132cc16d0c7cce06943117749d5b9ae676e40cd6,2024-10-08T16:22:40.780000 -CVE-2024-9436,0,0,c614d641db09eb93f3fa9273339ad3a45d703acf00dc31c9fb2c75feea753153,2024-10-11T13:15:18.947000 +CVE-2024-9436,0,1,e30b504278d7461ced9f3cdf7218be31f384e3265b531ba87e7d14e133fbe3e1,2024-10-15T12:58:51.050000 CVE-2024-9440,0,0,843a4b0691140c8544f03abfab0d72b48e96752c7147156cb98041d58d09b93a,2024-10-04T13:50:43.727000 CVE-2024-9441,0,0,1eef796e7a879df6819e9c253093e433508e2bb2fbba7042830a70bc7a4951a7,2024-10-04T13:50:43.727000 CVE-2024-9445,0,0,8f3ba5381bff25a0e78ae3572f156125ecb8ba69b50a9e6b24cc0100c7b0aa9b,2024-10-10T20:58:04.907000 @@ -265415,8 +265420,8 @@ CVE-2024-9481,0,0,dce581617d5cf6edbc62a2fe02f71507870c412f67698e0495feb9e6b8ee09 CVE-2024-9482,0,0,10c3c4a119489ce5d129acd1f72184e55e1f72d2675c976690dcbbc5d407b533,2024-10-04T13:50:43.727000 CVE-2024-9483,0,0,6a9a1cfe421d679c621a2969a64278be9b39bdca7774e9b4a3235c5640b6357b,2024-10-04T13:50:43.727000 CVE-2024-9484,0,0,3f1e4bdc376cc95b97b5c0150a8d7b1a17051d92adc32b058eb06edb62f443eb,2024-10-04T13:50:43.727000 -CVE-2024-9487,0,0,beb73b3d8f97bc0f66467815a7110c8dfb30965bcc0c7eab6e8cf6800448a2fa,2024-10-10T22:15:11.357000 -CVE-2024-9507,0,0,8206bf7bacd235440b174401074873d20230c205313133d40f97129830221ccb,2024-10-11T13:15:19.160000 +CVE-2024-9487,0,1,e3a385658c66fc500363f16f3c27f6fce25e7b265fffe42414ebb85b7cd7e9a7,2024-10-15T12:58:51.050000 +CVE-2024-9507,0,1,9477ee329318032ff294d196e1a50966e1c5d89bdb9b9dc24092f58cf1f5f346,2024-10-15T12:58:51.050000 CVE-2024-9513,0,0,8bf69fcd896ef2c6d740d4e3fb7359c13bcd3037f3f5c5ca172d72ee575fdaa7,2024-10-07T21:15:19.450000 CVE-2024-9514,0,0,a0c385c9cad31170054b57880ea14385102aa94e9ee1a9b5619f4982b4ac92e4,2024-10-09T11:19:25.577000 CVE-2024-9515,0,0,b319f60f83e92c55aa0a25714009b76d6e0da4210ce3c744b2eab53a0f6a8b5b,2024-10-09T11:19:00.897000 @@ -265430,11 +265435,11 @@ CVE-2024-9533,0,0,483ea201fb3f13623de51b6a803ec3c9d4b4a9f8d222ab5b1546c8a9a88ca7 CVE-2024-9534,0,0,c826e79c155e2dcea2a83d95fd56ee360f3177c126ff744e515a5e5c9099e0fc,2024-10-09T11:18:23.607000 CVE-2024-9535,0,0,4a71ba0a2572a89f39d0b54033731c76d4c93435778a2b1285d18249bf7f619d,2024-10-09T11:16:35.487000 CVE-2024-9536,0,0,56b0d71a5e1f747b35f1ac4fcfd42bf040a735cf796864344938e26d90f6930b,2024-10-07T17:47:48.410000 -CVE-2024-9538,0,0,09ff8d828136926273e234a7df0de9f7df3e277701497c2d4680e9ae80291314,2024-10-11T13:15:19.373000 -CVE-2024-9539,0,0,8966fc6636af6152e0414eab130e86797be15626adebb04d75d77ec16901db50,2024-10-11T18:15:08.887000 -CVE-2024-9543,0,0,0c6f45a8dc106427c9aa4a27ce0a99c89f29e67e9019a384d028eb17f2682b51,2024-10-11T13:15:19.577000 -CVE-2024-9546,0,0,6aac64b1102c33c774b76b25f0b6a6b87033dee1a7d18ff9f9ac75cc4a818f9c,2024-10-15T00:15:21.763000 -CVE-2024-9548,0,0,232fa192560e4c430950e1265a5cdfa1cfba698aec21b94c5cb7438516c743b3,2024-10-15T00:15:22.047000 +CVE-2024-9538,0,1,11f6571425b77352661bef56e196d840faf334a919cdd5771fb07fb3f313a4e6,2024-10-15T12:58:51.050000 +CVE-2024-9539,0,1,a0cbd26a327675fb40fcaea93c0a3ea911dbc683021df526355995459666c7a0,2024-10-15T12:57:46.880000 +CVE-2024-9543,0,1,2a7de8e1e43a15761699f58c8b8bbb57c7e560a2fb555c13127ead0f3f3c7fd9,2024-10-15T12:58:51.050000 +CVE-2024-9546,0,1,bf353c5a5978f7f8468721bb633c8599b93f34e5026cc20c4dc4e5683c7393da,2024-10-15T12:57:46.880000 +CVE-2024-9548,0,1,c926d1965d0fc43d341cc5174337c64b2123a47e21014504a2a02f5aaf1cda9c,2024-10-15T12:57:46.880000 CVE-2024-9549,0,0,de2015c0f448716988568c7b5dd774c121a80649e44094dfa56d887e4c1906a6,2024-10-10T13:14:51.793000 CVE-2024-9550,0,0,910b684d766fc00d3bc835188c16842c5e64a2ca110db17b68c67c53481422d4,2024-10-09T11:15:52.520000 CVE-2024-9551,0,0,7b5500ec170a7497f673defff182e65008fa33c1b82ef626dcc76f8e4cb7177b,2024-10-09T11:15:42.060000 @@ -265464,118 +265469,120 @@ CVE-2024-9574,0,0,a60670a65a4470a80e62c618e77fec3e5e5071e32e3c874874eb23f89671df CVE-2024-9575,0,0,902a179ba291c73f1ff19f974c0569ed05c8dbb3d8914c4f7409455feb2bd5d7,2024-10-14T08:15:02.970000 CVE-2024-9576,0,0,7a96a155cd09492144b259aa00c523497a7aeb66fdb84ed492d68f7654aa3880,2024-10-07T17:47:48.410000 CVE-2024-9581,0,0,7e794ddfbd39982571ae3eb7a6ed31de2e39b9b68467940cf54765cbd34b4390,2024-10-10T12:51:56.987000 -CVE-2024-9586,0,0,4368833d576d2d29a3be207ba4d3db2b319533357ac5aa66b9912c07cc7722e0,2024-10-11T13:15:19.823000 -CVE-2024-9587,0,0,38b4a379414497cd2c9f8e85abebac51b195781f8244dd7e6f13a7498e2e9af2,2024-10-11T13:15:20.043000 -CVE-2024-9592,0,0,0f39969df8cdd7221e2f8596842e380d11b968fb83c9650c71ea7d95ce8c2502,2024-10-12T03:15:02.243000 -CVE-2024-9595,0,0,038cc18ae435612d58f078c33771272fd0e9d6928588729ef19a0045b7a00bbd,2024-10-12T09:15:03.230000 +CVE-2024-9586,0,1,a482a25f032ea940edbd74f8dc11272d0d4fecf517c5613466c04b8bd798dc3e,2024-10-15T12:58:51.050000 +CVE-2024-9587,0,1,081ae6ebdba381265a40b327141c3458d6ec1c5b94d7fb86236bf633a93923d3,2024-10-15T12:58:51.050000 +CVE-2024-9592,0,1,6f7f83fab1eebba9a1f954ec84a1bbaa3c51a5f9b9c0e4a02c7010d63a53fba8,2024-10-15T12:57:46.880000 +CVE-2024-9595,0,1,6e91591cc8fc6f8664de9cf116e0c3ff35185abd26eee85b7100e07838bd2f63,2024-10-15T12:57:46.880000 CVE-2024-9596,0,0,e9ee6223c4ba2626fe5acdfa0aeb59c3c18c32202e4516b5ff779e917fbff784,2024-10-10T12:51:56.987000 CVE-2024-9602,0,0,296483daa0f02222bb5f79446d51c7890118dbb294ec1c3853abb9b3dfc7ffb2,2024-10-10T12:51:56.987000 CVE-2024-9603,0,0,f06afeee14d2c3a95b2fa9bd06bec0b0c1ce9ce3a2d2cc5d2614c0b7bfd8287c,2024-10-10T12:51:56.987000 -CVE-2024-9610,0,0,86e6c47ecc50e652a252993dda4297709b0c2c74d4c2c73b4a97df11b17992ff,2024-10-11T13:15:20.257000 -CVE-2024-9611,0,0,4e24a5039fd5c970ef5777a01dadd4716b2307ab72d3f68640d9aef596a61e09,2024-10-11T13:15:20.487000 -CVE-2024-9616,0,0,427d25c8d45ea418bf8a87056898c397d29d771d358dfd779d3089cf093d9b7f,2024-10-11T13:15:20.703000 +CVE-2024-9610,0,1,c2ae8ad13a32a2ecc4cf7a3cb852077ce2d6eff8b7bb2625c3e46911eeeead24,2024-10-15T12:58:51.050000 +CVE-2024-9611,0,1,f16a109b2beda9ef97e16997885b40d38db6eba42b8291e32288f7a269b19f0c,2024-10-15T12:58:51.050000 +CVE-2024-9616,0,1,7955b22811f75fe98c8bca32dc5925d116cea5c2846865e9f0c5f52b96467c10,2024-10-15T12:58:51.050000 CVE-2024-9620,0,0,6bab3b47a8124e2f6e45a39c3f1a067698db02be0764fadf48434470b2bdf728,2024-10-10T12:56:30.817000 CVE-2024-9621,0,0,9e376b0f3dfa34027ae088e771a22694180917eee238e690ac2f4896caf46a6b,2024-10-10T12:56:30.817000 CVE-2024-9622,0,0,616f2c897f0ea8915fa743288697302d927eccd4a4b981ffaaf2224bd032869d,2024-10-10T12:56:30.817000 CVE-2024-9623,0,0,3386578fca7f2c1b9b8b4f00f8a9cc0d38eb476692ac8c36aa3c531d95d34930,2024-10-10T12:51:56.987000 -CVE-2024-9656,0,0,a26feea40e7851e228d42b73e4b177c0c2083535fb7c5011d1e1dbc8247518bf,2024-10-12T06:15:03.077000 -CVE-2024-9670,0,0,467e4a0d60b3ea8b5613919329bb37afd090c0014621c671b410e31a2a2a3636,2024-10-12T06:15:03.347000 +CVE-2024-9656,0,1,0baa2843f7043c4ebd829d23f2741f972b762b755442a0f0f83539eb7761035b,2024-10-15T12:57:46.880000 +CVE-2024-9670,0,1,f306c0fbbcbde1e6a65006fd3bdd50d366f02be816ff2a6f00ef3348b3b76328,2024-10-15T12:57:46.880000 CVE-2024-9671,0,0,421f1b0ad6825ff096efd81ac122f33bafcdf7b21693a85f65613389bca55f89,2024-10-10T12:51:56.987000 CVE-2024-9675,0,0,cd830de46e01fce71654106f4dc61863debb474230c2cb4969fc123764df58c7,2024-10-10T12:51:56.987000 CVE-2024-9680,0,0,a011127e762167171e169cf1c5c34d37941413b66fef20ba90b60170aec9759f,2024-10-11T13:15:21.013000 CVE-2024-9685,0,0,e6c5702d4decca35be66ea71703aa60deb1f2e59d98c7d4ddb3a3f46548916f6,2024-10-10T12:51:56.987000 -CVE-2024-9687,0,0,781a9aca6790af8a2c9eadd244238cc09ff8a5288ec96ae8bb9cb4fe4bc843c4,2024-10-15T02:15:02.920000 -CVE-2024-9696,0,0,a63df99df1f6813fb55c58d350483f24d63b6efd0cdffde98a71bd76ffa94a8e,2024-10-12T09:15:03.590000 -CVE-2024-9704,0,0,eac985eabca9a3c6a15dbb5a4e611613c412ae3dd37df6667fc5aafbc6bc84d5,2024-10-12T07:15:02.570000 -CVE-2024-9707,0,0,5022899338c6a36d44072ae7018b6a919d11834b1f5740a300f73a64606c0150,2024-10-11T13:15:21.233000 -CVE-2024-9756,0,0,68b121e1aaaab7f10ceb18cbdb5136f7cd438a7e04d1f722b0583aec18b45115,2024-10-12T07:15:02.820000 -CVE-2024-9776,0,0,fd96ce126483e0639392cf2b3a5f9adb3f107706002f2ef2a96dfd4212d77df7,2024-10-12T06:15:03.640000 -CVE-2024-9778,0,0,70f493b0089ba6ea3e74556b332f92784788d5bac40eef0d2025e5998ec03b8d,2024-10-12T06:15:03.930000 +CVE-2024-9687,0,1,892b3ec492b9f76dc48c1c64fed3d122004a3f16f1ff48bd4dbf12570db9abe9,2024-10-15T12:57:46.880000 +CVE-2024-9696,0,1,78e7cb06b620e1544d9c6811ae0c44cf981cc195d0067b351c711666292c356e,2024-10-15T12:57:46.880000 +CVE-2024-9704,0,1,44ebf677ae69495b92126e2eb8d9d17c07544c8235e40f4412f83b24b48e2f3a,2024-10-15T12:57:46.880000 +CVE-2024-9707,0,1,cde0816a76e7682ea9f7dc3a69f12238a4d95599cfec418d205198361a6879cf,2024-10-15T12:58:51.050000 +CVE-2024-9756,0,1,8173cad728731052b89b4b59f3b4da8665b01e9fe6a8b575d907d967b2da6473,2024-10-15T12:57:46.880000 +CVE-2024-9776,0,1,82a616b68a2c5818c813f35d61772c622935aa1b119f178b9eaa21355bac63d9,2024-10-15T12:57:46.880000 +CVE-2024-9778,0,1,0fe7ee5860b89dbc53027fbdd06b191ad5c5e349a3553ba6bc5769975646dd12,2024-10-15T12:57:46.880000 CVE-2024-9780,0,0,25bf552fe0c333aee728201cd43bb68d618a3e48e236e5efa31a0a1b0261438b,2024-10-10T12:51:56.987000 CVE-2024-9781,0,0,05e99923aaee7e014ef4a84addb9f9dd84cfde4cf7dabf943a828b781dac6231,2024-10-10T12:51:56.987000 CVE-2024-9782,0,0,a647756d6fcead0657d56793fff80f8144a3adeb5979df9472867cd15d19cd02,2024-10-10T12:51:56.987000 CVE-2024-9783,0,0,13e7034f9055b0f2c56f936acf9ad88d36eee40b386732a2eb83179a3ce66864,2024-10-10T12:51:56.987000 CVE-2024-9784,0,0,91e0e46d054da9c3ea59f4b335d0cd5349e4658a9b75e5d0746d094b4b189598,2024-10-10T12:51:56.987000 -CVE-2024-9785,0,0,fd639a2e9bf760f78badc73cd07bc3da9ded552d5924a1da855caffd4c7baf0d,2024-10-10T13:15:14.583000 -CVE-2024-9786,0,0,fc39bdde468573e86a4d3b51599704f3509d6e432d1e6235372e2b5c301c9530,2024-10-10T13:15:14.860000 -CVE-2024-9787,0,0,cedc929ac0efd081e45837503dfdcb22269362674c6e9b69ca78b4cda3cacaf1,2024-10-10T14:15:06.243000 -CVE-2024-9788,0,0,6ab14d4b0fbe0e3d48c7d1b3983dd5487bf6a8072602049b4d3170a57e77c445,2024-10-10T14:15:06.537000 -CVE-2024-9789,0,0,4bf4634ef84c461da1ee08bc086ab48b6ff44b8f16163317f0e6f8fe47a201d9,2024-10-10T14:15:06.803000 -CVE-2024-9790,0,0,ec5bd65fadee5dfd78446f0b19aa81fddfabaab4a1496263ad72bd9134a05000,2024-10-10T15:15:15.457000 -CVE-2024-9792,0,0,b1f8b594309a8e572c809ee6eeae17e743a9d00156d7a90242221bb037d452df,2024-10-10T15:15:15.710000 -CVE-2024-9793,0,0,f4be3eea9df90dd25421bc3b464141cc157f9a6b8230a59d93479f45a4f5dfc6,2024-10-10T16:15:09.080000 -CVE-2024-9794,0,0,ebcc55daf490db589bc9a3ee9a0d04ee59574fbb449c188f7ef7bdc498369468,2024-10-10T16:15:09.350000 +CVE-2024-9785,0,1,86121f5a6007002fdfbe90d15babdda1c3a19b568f6b456e7ae238fe15dfd86d,2024-10-15T12:58:51.050000 +CVE-2024-9786,0,1,13ac90f2d5dc042c6a3455e44cb35465793a3b07925d94064d4dfa4e83b1aaca,2024-10-15T12:58:51.050000 +CVE-2024-9787,0,1,36006c5683023b0a550c9d990c27b32cd453733ae048071aa69db8f35e1b00c1,2024-10-15T12:58:51.050000 +CVE-2024-9788,0,1,96df18c35bdceac36fb7d33946aade8bd1004414578fce326fb6a8ef336dd604,2024-10-15T12:58:51.050000 +CVE-2024-9789,0,1,0b7e270cf4baeae63b135180c0b00e3345c02df6dc92f399d94198cc5dcc2f59,2024-10-15T12:58:51.050000 +CVE-2024-9790,0,1,14c4372898279ac90fde78cce4001f6f1e8b4b9eda1cf1e99e5ebf775cc5b4c6,2024-10-15T12:58:51.050000 +CVE-2024-9792,0,1,d68aca032770f3ab555b174d9c980d2b9c8b7e1f4d87418bf0969c937a5a85c0,2024-10-15T12:58:51.050000 +CVE-2024-9793,0,1,0f71c88bb614b0080f91ce00289e6f60c39b1d1486897ebc6c960c3d831b128b,2024-10-15T12:58:51.050000 +CVE-2024-9794,0,1,3f24c240ccf8d574723ec3c16ceea804867b41065e67eb7dc8dc6908830adede,2024-10-15T12:58:51.050000 CVE-2024-9796,0,0,899ce363196ddc68e5b47cda88813fdcdfeceffcc5f5079fa63ff41ce27f0d98,2024-10-10T15:35:16.310000 -CVE-2024-9797,0,0,84673663129f30c78d322c8d2b54641e46cf8cfe4c2f447d7a3d68d53d0af307,2024-10-10T17:15:16.063000 +CVE-2024-9797,0,1,3b99b39be435a5eb019ee3dccac3de76ed79cc37733e7af970c6749ada946336,2024-10-15T12:58:51.050000 CVE-2024-9798,0,0,3febb0a28d43e578aad44b3750e6bb700172b4872cbf44fcb44e8e31ee8a3f5a,2024-10-10T15:35:16.493000 -CVE-2024-9799,0,0,70a07086124572dfb20e37331c344e8aa7308b329d17278a70fdb0307949efd1,2024-10-10T17:15:16.390000 +CVE-2024-9799,0,1,7cb01e604d6eac6e5a3859204aba429f0c165ddde47994b62794b11c93d01e84,2024-10-15T12:58:51.050000 CVE-2024-9802,0,0,910302f36fb69e8f01391eff3ef481a357455f77408333b222c68051948beb77,2024-10-10T15:35:17.230000 -CVE-2024-9803,0,0,3767ab1e5da4ee86ee92ecd5c8c7f6657e2043873230a5cb4282e6c9ae4bf517,2024-10-10T17:15:16.730000 -CVE-2024-9804,0,0,d6defafc916cc20e2469b9c6c441348aa6a83ad8642135554648e89ae98d08a6,2024-10-10T18:15:09.150000 -CVE-2024-9805,0,0,0ef36e4f1e196e798f2ffd9e2d2c646e17b01eda6d5b9761d72d36a5aec93ff2,2024-10-10T18:15:09.440000 -CVE-2024-9806,0,0,efdadd0d0c62aafea2f174c2e98ea7984e83090cc704f9962412f51d57f5f423,2024-10-10T19:15:17.520000 -CVE-2024-9807,0,0,a3342b851be40196413c0d2766c3fb6d4cc91143e5325c1fa5c5daa2bbf000dc,2024-10-10T19:15:17.797000 -CVE-2024-9808,0,0,52f9a7e4754c2578c0deca847d4c374fdc7907c1277957d3d7ccbceb7ae55df4,2024-10-10T20:15:05.003000 -CVE-2024-9809,0,0,81a47f9de766837329f41e1391f223059a07ae7a7adb301f7078822f28c17bda,2024-10-10T20:15:05.267000 -CVE-2024-9810,0,0,0131de762872f04e0c6afb81c7dd4ce48810c97eade123bdbe9cb857683067b9,2024-10-10T20:15:05.517000 -CVE-2024-9811,0,0,98fe842d5a0df6409fc000c20ccaa6448a9e5bbe9018a03a582bf0eb9a2d9b09,2024-10-10T21:15:05.383000 -CVE-2024-9812,0,0,3d7043953b24d84b403fc69f4f128726d4abfe3819f41e63fd8d94798cf39e7b,2024-10-10T21:15:05.677000 -CVE-2024-9813,0,0,2496e1b4e0270910db5140e4e86cea599277054dbb1c6f71b5d8880dd7004cf7,2024-10-10T21:15:05.963000 -CVE-2024-9814,0,0,309499688253f0e12bf6699e7606c8bdd64efc012b09f74f9f74f8472a6839ae,2024-10-10T22:15:11.570000 -CVE-2024-9815,0,0,acdb2eea5487476eecdd8d88a221ef2e739cf1c612e45186b5ced05a7a6264d4,2024-10-10T22:15:11.917000 -CVE-2024-9816,0,0,24f7ee2c16fe348d340e7bcf315ed256344d7d90e5e0b7dcdaddb90504eefe81,2024-10-10T22:15:12.230000 -CVE-2024-9817,0,0,aa4071cf5ce97bf162c1cca4a7f07d25d51157e1698481fe4534c2979d4a7e22,2024-10-10T23:15:03.410000 -CVE-2024-9818,0,0,0b4965dc9157be1c79882236820da1fc50a01232d912ae1b867d598f551f291b,2024-10-10T23:15:03.680000 -CVE-2024-9820,0,0,60851f27b9908cfc9f3c26505c33604da2935e2d7e4b8e1efd449e88611c4e5e,2024-10-15T02:15:03.170000 -CVE-2024-9821,0,0,0fe84d15377a57feb9c16456d9d6e98b8f06d72079455451a6924d64eac80b40,2024-10-12T03:15:02.507000 -CVE-2024-9822,0,0,31c5fa39db5fe31c5cd7802827b5c169adace5e7cdcfe1c09d420a2a1af019c6,2024-10-11T03:15:10.967000 -CVE-2024-9823,0,0,797ad589a845f20d3c764555cd88dd01739b03d274a2154c13310668db597c99,2024-10-14T16:15:04.653000 -CVE-2024-9824,0,0,1fdcf28970a03200ea0750edfb27b712eac3be59fe088b6edf6f98bda2457c29,2024-10-12T06:15:04.230000 -CVE-2024-9837,0,0,1cfa30f7e375b5b4e7024f1f6f75695f15940a31ad53caeb445306b9b69a7881,2024-10-15T08:15:02.910000 -CVE-2024-9855,0,0,74811d4bb31eb0ad4289dbfb3b216d12eb73ec4e1a7f9bf880a5813c9b568440,2024-10-11T13:15:21.460000 -CVE-2024-9856,0,0,b5fbe1e11cd8120594b10c6f2c9ff297b13257bca69885420fdeff5341bb84c9,2024-10-11T13:15:21.883000 -CVE-2024-9859,0,0,4c2e27e83d096af209ad8d4a7ba60ec60caaadb1032a58969905b29c3c0c3d1f,2024-10-11T17:15:04.677000 -CVE-2024-9860,0,0,9c9c6a59ce227b8b9c92f258ea8c8577b19c36b99b060db27cd4697c8991bf8d,2024-10-12T03:15:02.757000 +CVE-2024-9803,0,1,c198e0f40a9e86d3c4f20656e7a7e2143c76b9f81b8509b1d0c40b2503cd6b64,2024-10-15T12:58:51.050000 +CVE-2024-9804,0,1,6e0b935f7d4d0bd3e6a861a26d364dc1d0bbd2a1f958a831798b240f7388a4c5,2024-10-15T12:58:51.050000 +CVE-2024-9805,0,1,728f8ef41df59eb6c440577d1152338661bdb36bd0caa1806c03d834f72ea70e,2024-10-15T12:58:51.050000 +CVE-2024-9806,0,1,2a19b98163bbc19db8559bafff0a76ba4932387d3b8511ad3780630baad612c8,2024-10-15T12:58:51.050000 +CVE-2024-9807,0,1,78a38d043b1962fb3571036d21641177bef4e7c8d56e6b70ccb1a7373eaaec64,2024-10-15T12:58:51.050000 +CVE-2024-9808,0,1,311d5115d832756e9b44bf5fe7ba9a357d1137429465846f82fc9b575361de88,2024-10-15T12:58:51.050000 +CVE-2024-9809,0,1,85839514d9e2e34531395152e5827a30d9a81a82feda2b6bf75dd600826a8637,2024-10-15T12:58:51.050000 +CVE-2024-9810,0,1,dd3b09561c8ce39b0b50eac1926d846f85a1af249d5af07bb373f1e84f72204c,2024-10-15T12:58:51.050000 +CVE-2024-9811,0,1,43216b70b942216744f7e944e2535e1f9673f3f0f5fcdfbb23c789be8d44cea5,2024-10-15T12:58:51.050000 +CVE-2024-9812,0,1,32a7aede18aabe98855d3e6f664137855d2bd57fcaaf0e07bab05866e8e1c2e0,2024-10-15T12:58:51.050000 +CVE-2024-9813,0,1,c30d72a6a117fc5a327572b4f7f1abf516303c5f833d23ab47c0fa5dd3840a48,2024-10-15T12:58:51.050000 +CVE-2024-9814,0,1,909acc5669e0933797959b0f41ad905b48ee6338c8fb12bc92a4d2dcabca5f68,2024-10-15T12:58:51.050000 +CVE-2024-9815,0,1,3efadeccbd9056fc1482d694efde2ac99851dc1cec21b9808ae962cd6dc508bc,2024-10-15T12:58:51.050000 +CVE-2024-9816,0,1,cb20564cea99b9db0854ced1c2220742827ad9a1167949cee8f49b0272321d69,2024-10-15T12:58:51.050000 +CVE-2024-9817,0,1,bf0efd3eecbd975c4e2731e1e4452fcaa78bd2e83c79684a0e1c6020d1a28566,2024-10-15T12:58:51.050000 +CVE-2024-9818,0,1,5e665513e8640faf133a133a121b07737ffbca6bc6cc1ee02db0c759caa8a32b,2024-10-15T12:58:51.050000 +CVE-2024-9820,0,1,c22b46da93045e22f5f97bf5b4993e0dc2f63090b44292f14c224c2d87098856,2024-10-15T12:57:46.880000 +CVE-2024-9821,0,1,847982287e8db8d54661c5522d18fa833c3d9091b2ddb2afe78ab1e8077a47cb,2024-10-15T12:57:46.880000 +CVE-2024-9822,0,1,3245ced109c1c371c55834b9b14d881a9e8b7fd7c32c19b6e9a742506d7d4c79,2024-10-15T12:58:51.050000 +CVE-2024-9823,0,1,918595934cb9b43f50abc93ebc9bbb9148088fae18c39570ebc344ac634d3e40,2024-10-15T12:57:46.880000 +CVE-2024-9824,0,1,0b6b46e52b34b071e6f48e5304d76a541526a4368e490338503476fca424894a,2024-10-15T12:57:46.880000 +CVE-2024-9837,0,1,bb8fbc31e530027dfddbaf6dae2f5d1b4333d91b7cafcea32a3d82a1ea54dea9,2024-10-15T12:57:46.880000 +CVE-2024-9855,0,1,f4067d5f9739a4a46f27ed071acd023bca1d9a27db9968d98f329af2e8d70e8b,2024-10-15T12:58:51.050000 +CVE-2024-9856,0,1,531963d8959dcaa0b68edaa5a63ce972541a941d9ad2303b1c288946d989ee89,2024-10-15T12:58:51.050000 +CVE-2024-9859,0,1,5e0dfd360014bd094ecef0a7ea3370cee2da248303a5356ea1a2ff0850990355,2024-10-15T12:57:46.880000 +CVE-2024-9860,0,1,5146b7a0224d680f933516d3f319e5a1a7abd782ae32358fb855e1c62c4df555,2024-10-15T12:57:46.880000 CVE-2024-9869,0,0,2195387ef9aab560e210893ad1e9f3295c5808c9d50c0ada4fa1d17778d3d1ae,2024-10-11T15:15:06.500000 -CVE-2024-9894,0,0,e4e640fa9b528f08dc5c5d33be8f6b79ae250b3934762a705b5583518e0f59c7,2024-10-12T13:15:13.737000 -CVE-2024-9895,0,0,bbb0fde2d291fa2f8ce842d002fab1313eb58afc87a61aa8304695acb53f32ec,2024-10-15T09:15:03.720000 -CVE-2024-9903,0,0,58f302b12a47dd7ead8fa1f9333271cdf28eca910f8797ea587621aaa127ff01,2024-10-12T23:15:11.027000 -CVE-2024-9904,0,0,50f6f4882220d4c8849cc257d9163a28312ac875f0e252858462cd5dc02e907c,2024-10-13T02:15:15.257000 -CVE-2024-9905,0,0,c0097ee89146c52d426cb05812cc5979708f04b7bbc0590dfa12a0f461909ca0,2024-10-13T03:15:02.357000 -CVE-2024-9906,0,0,b8b12ad8759bf1007e1cfdf4ea1ad62f0938f515d119e896b70b10a63c4a4ac5,2024-10-13T04:15:02.473000 -CVE-2024-9907,0,0,b4a306f8d3bc361a4d35b0d0c9746136d1969ea0a6c6aea23f6ad7a41d8a202f,2024-10-13T05:15:02.493000 -CVE-2024-9908,0,0,86835401d14de34741608d6f8a2a15eabd690fa9d9de4f33be75b85d7273d544,2024-10-13T12:15:10.087000 -CVE-2024-9909,0,0,0117d9c3dc8af32fc2bcfba3e6cfeae13b61897a2bc0d83e07f7c55dd96fb71a,2024-10-13T14:15:02.857000 -CVE-2024-9910,0,0,1b159cab4596ebaa2f06d61d8a9081dad9c3a47f61a028b021f4e0d66d7e78a9,2024-10-13T15:15:11.117000 -CVE-2024-9911,0,0,ab75a1eaef30299e1437abd4303183b5eceeb1baff2d9cebda9182d534c97c61,2024-10-13T16:15:02.867000 -CVE-2024-9912,0,0,c4032b4d1ddb0723ca86b6a33784bf5cebe979dd1cb167b412605db560fa1198,2024-10-13T17:15:10.813000 -CVE-2024-9913,0,0,20e6ca337decc94903b1507523437ff803e6ad6ee9098ed5951397a6bec9b500,2024-10-13T18:15:02.807000 -CVE-2024-9914,0,0,f6508c276c77826bdc97b76b6e45ac8127da088a72c46c39cf02d074f3026ff0,2024-10-13T18:15:03.090000 -CVE-2024-9915,0,0,63e26bd6dda529bb1b35cb19ae962b0ed45afa7922ddadd06d2d3fbacf9244f0,2024-10-13T19:15:10.963000 -CVE-2024-9916,0,0,a730a2f771d7ff99d35c7fab951eb613504b99ec32a2fa78db351f9ebbb4bc4a,2024-10-13T19:15:11.240000 -CVE-2024-9917,0,0,b95369e739f1d0e87281f665b0fbe602b511bf4da9ce5a03247e979a67c869de,2024-10-13T20:15:03.593000 -CVE-2024-9918,0,0,3b1543a1bc4f2002f8c314cc6d23e587e4e37abb46c87f452c1a1b708c0d1212,2024-10-13T20:15:03.853000 -CVE-2024-9921,0,0,006acd4b794e2adfef5d9ee2d65bed2b1e2281b0d23f9374b3500a3b648fc690,2024-10-14T03:15:10.400000 -CVE-2024-9922,0,0,38a9a769415efbcfedd53b122b48fa65b5e1f382fdf217a030bbaee2ce3081e3,2024-10-14T03:15:10.683000 -CVE-2024-9923,0,0,54d0eb71a24239c4cf72f6c8d2d43f40cc27d7ae4dae943f2db0568ffd629c72,2024-10-14T04:15:06.070000 -CVE-2024-9924,0,0,5d7f89079afc3d9ca8548ebb3725e799ef08b64b7b5fd0fc7f3c47978b6a83d8,2024-10-14T04:15:06.353000 -CVE-2024-9925,0,0,5fa7f5578518a2abb6329d119d438acc67284ffb4f7ed6b3dd7adb020f0b691d,2024-10-15T09:15:03.990000 -CVE-2024-9936,0,0,84f1422b67bbaa43c4b2b921a0bd24fe5cb86e5da956c7f811c06ae275078cda,2024-10-14T14:15:12.553000 -CVE-2024-9944,0,0,6b29c411c0e11286ac8186be38395b8b416c0e9124d101cf44b19765cc980b19,2024-10-15T06:15:02.967000 -CVE-2024-9952,0,0,6c9b73a8e4b10cb99cb5c164ba7fa12c94692c23e6d970a37d505df0c13bbb91,2024-10-15T02:15:03.403000 -CVE-2024-9953,0,0,4a504a26518c946bdd00df6aaba3929049f6fb7ebb2fe638799eca1ccb235ae3,2024-10-14T22:15:03.957000 -CVE-2024-9968,0,0,717d3c358e767369a770843606e1e4d5483d80687e292f6016fca8579965de7a,2024-10-15T03:15:02.360000 -CVE-2024-9969,0,0,cecfd308ad2e03f71dc5b9d4ea26ee57ff6f453836fcfce8973e360b5170dab6,2024-10-15T04:15:04.413000 -CVE-2024-9970,0,0,da32accfb2d25120b84c063f3a64982453a9afe6c85fcc9f83f58303dcf83157,2024-10-15T04:15:04.793000 -CVE-2024-9971,0,0,9e45feb9165a3cb00f61704141ebcf4fcf4e2bd7aeaf74a94f0ef43cd5d8b449,2024-10-15T04:15:05.080000 -CVE-2024-9972,0,0,b9b1dcedc769cf07af2b8c5d428605d09e4263e66eab68f5743c47b89c5a9cf1,2024-10-15T07:15:02.750000 -CVE-2024-9973,1,1,a54381389badd8451dd27f01857a0fc1f94f131045d4e5fbecb55c64946e5975,2024-10-15T10:15:04.297000 -CVE-2024-9974,1,1,e5c964968727cc940aa4587b8a667e07e3d54c3c4376938fe79e8f62f4edff20,2024-10-15T10:15:04.777000 -CVE-2024-9975,1,1,7b7ba7db23fa0a03042169e70e388d43188ceba5c009497eed26b22b8558bfd8,2024-10-15T11:15:14.310000 -CVE-2024-9976,1,1,9201f708b0bb0dbdf7670334edd277e3dd7b9ba4698907874eeee1d93eaf7225,2024-10-15T11:15:14.570000 -CVE-2024-9980,0,0,4369ae49241df7252adbc647b1d60f165de20419528bce9cb7f8107448baa31d,2024-10-15T08:15:03.163000 -CVE-2024-9981,0,0,72852dca5997243bb84f0e41832c90fce2921f42657295969c058089e5b96da6,2024-10-15T08:15:03.377000 -CVE-2024-9982,0,0,63c3ff8e9fb6c005d4cefea6dea77ca88582c9a0aa2a35dde5abe44a7a2bd0b7,2024-10-15T08:15:03.603000 -CVE-2024-9983,0,0,f3b20497a73c36aac3fe68b7bfd2524b4620874b4d99e236b3bb38d3a5b06300,2024-10-15T09:15:04.243000 -CVE-2024-9984,0,0,7cea1767ccca6c573ead43ffa5425ca816981252460f87677b0b36d068034521,2024-10-15T09:15:04.480000 -CVE-2024-9985,0,0,9717a604ed6ebedd4f1eed22fc9aeb47e67f7c02c3f74f873e9eba194c83fe3f,2024-10-15T09:15:04.693000 +CVE-2024-9894,0,1,14c1a187244ef98f70dad85c66b4e9e50b1523e45b13c684f05d8920a1d43b87,2024-10-15T12:57:46.880000 +CVE-2024-9895,0,1,1804aadc601cefc0a637c4245324ad03665b7298686ff057930daf35aa0b9bfa,2024-10-15T12:57:46.880000 +CVE-2024-9903,0,1,244e0ad624c75743e190bc7da6a1b45fe195aaf738d59f8decfde97c8722448f,2024-10-15T12:57:46.880000 +CVE-2024-9904,0,1,b8f5bdf1fde920247f061f9c3939c42469f53e3148abd589ac11ba36d4728079,2024-10-15T12:57:46.880000 +CVE-2024-9905,0,1,86b87924fc77be9b86e28e31f7f260bc02ed1789ea53bacc1dc28ab364f126fe,2024-10-15T12:57:46.880000 +CVE-2024-9906,0,1,dfa3e6a99db75a62cc25f201ce729677807202bc4538d3feac90d1059ef62027,2024-10-15T12:57:46.880000 +CVE-2024-9907,0,1,b44cf105c165257c7fd640aa1e6812e5903dc63fda09adbe3b2e993ea04b6e4b,2024-10-15T12:57:46.880000 +CVE-2024-9908,0,1,b68e1b95ef607118eec511b4114cddee39b037fb030ffac02f3a00bce7b4c088,2024-10-15T12:57:46.880000 +CVE-2024-9909,0,1,2372d65b015170eafaa7a0ed5b2c38d4bc33393da77b501fa5df2a13282660a6,2024-10-15T12:57:46.880000 +CVE-2024-9910,0,1,415f101bb466d855400f584e05f371df281e2f9c7345072f0a54ecb9e3b9fa6c,2024-10-15T12:57:46.880000 +CVE-2024-9911,0,1,3af4d00be1e1f5f7908ae7a82ba2e26d05aac896ac2389e8206ae45646987323,2024-10-15T12:57:46.880000 +CVE-2024-9912,0,1,e5d1b9034ef482bd7aeacc31dfcdbae660672e6b1aa9266d24664c0cd1a45b67,2024-10-15T12:57:46.880000 +CVE-2024-9913,0,1,4f7c3993b4be2513f92444633ff42f88ccda276e7faec1dd9a75ea5e8d1305be,2024-10-15T12:57:46.880000 +CVE-2024-9914,0,1,5e9c85296147637e52b2a34d3391575c3713d806d9df90f22472b08becee5aff,2024-10-15T12:57:46.880000 +CVE-2024-9915,0,1,92bba9f526742196c3b395391f75dc1c0995fe961c287e13b4bb61f60c0b8ba3,2024-10-15T12:57:46.880000 +CVE-2024-9916,0,1,23c62cb63dac8fc383abd3409d80c89fb1a17b7905e13a1697a0262e37d3d027,2024-10-15T12:57:46.880000 +CVE-2024-9917,0,1,e06c5f2290dde2c480dfd5279bf7af728748ed1cce2dada4dd959acd43d28cbb,2024-10-15T12:57:46.880000 +CVE-2024-9918,0,1,9d45e1cb8de1e89780e42f78757cafce4488daed13a10d562b3ce1b45fe7cb66,2024-10-15T12:57:46.880000 +CVE-2024-9921,0,1,d5fa8ba14110b36abff915ff379383d93c6a7e93e96911164ba94ff4a727ad7f,2024-10-15T12:57:46.880000 +CVE-2024-9922,0,1,88ad74a9a80ef6250cad160a6da905c26f5539449069265fbdbc38c65f6e6925,2024-10-15T12:57:46.880000 +CVE-2024-9923,0,1,1744d806aab87c1cbef5524d43cf9cad10cdae75dc6a2cfd8b34f2d3877dca94,2024-10-15T12:57:46.880000 +CVE-2024-9924,0,1,4d0aa49bc1047e2e0a23ab80e176dbdf70a0af5e82bea53f63a116cd5905286e,2024-10-15T12:57:46.880000 +CVE-2024-9925,0,1,40ec06885e2cf941cc3fd6c1effc99e4018421341691aa45ec80f48176ade482,2024-10-15T12:57:46.880000 +CVE-2024-9936,0,1,9b9410743fe1ca2f5a844c24ad20043ec989ced54414fa626e93bdc74b6425ff,2024-10-15T12:57:46.880000 +CVE-2024-9944,0,1,0105315be1482473acf9cccf2807cd53dd651f41a7a3739bca8c3d692de03102,2024-10-15T12:57:46.880000 +CVE-2024-9952,0,1,75bf1164383c64f84aaae3ebb54926536c4d8cc1bc9810fac6b8f11ba1e426eb,2024-10-15T12:57:46.880000 +CVE-2024-9953,0,1,15b2632a3afd829c563dc18db0e5d023f5bdadb3d64d25f8d5b15b7c90dfa00c,2024-10-15T12:57:46.880000 +CVE-2024-9968,0,1,9fec2696a80768f737aab9f26a286c9e61b39eb654e16aa50bcb405c6becb33a,2024-10-15T12:57:46.880000 +CVE-2024-9969,0,1,b88b6c4d3144ed615cd4311477b588678016590767983c0a36b38fc380f9987d,2024-10-15T12:57:46.880000 +CVE-2024-9970,0,1,f001ac5abb7acc6ee06697c87a0cadac78ed1edd27d729d7f3d33875ec6b0a19,2024-10-15T12:57:46.880000 +CVE-2024-9971,0,1,0594322115675ee753da27d556fc98ba9a723e7e04d41180f103320a4dd3f2c8,2024-10-15T12:57:46.880000 +CVE-2024-9972,0,1,5672d796a3c0672617371b1fdfcdf3d8d1d30983cb269f7a20c96a13095710bc,2024-10-15T12:57:46.880000 +CVE-2024-9973,0,1,90a4187e6222035204a8094c1c908de4880d8343ba51bb13b56d0fd8dbd825af,2024-10-15T12:57:46.880000 +CVE-2024-9974,0,1,5c2b24e6ab8d26657f725ff3097d3b75619f11c33939e49479ca469fe5e9a9f8,2024-10-15T12:57:46.880000 +CVE-2024-9975,0,1,19a95b0d8594378de1a658f6110dd6917411d1ac6b44da217f59a38aaf420a6d,2024-10-15T12:57:46.880000 +CVE-2024-9976,0,1,a0343d2773336f2452d12e06f8ed1c829d33d78887485939f459af0a85f318bf,2024-10-15T12:57:46.880000 +CVE-2024-9977,1,1,2ff728332776d36f7a0b4f17f71817f48b8215cf8e3f608a790b17fa094fa3ba,2024-10-15T13:15:11.457000 +CVE-2024-9980,0,1,227587e27b79422988a8ba9d0e19869dca70cd6d378d1d6d8beb91efa3b64d47,2024-10-15T12:57:46.880000 +CVE-2024-9981,0,1,4f17f9cebde64aebfffee37111f0ed3f87b0a1a0ecdab20c67d859be411620ee,2024-10-15T12:57:46.880000 +CVE-2024-9982,0,1,d639d3774aff1cdbd050ebd7eeccc640e7241022f36e4718db9aa208221201f3,2024-10-15T12:57:46.880000 +CVE-2024-9983,0,1,550abc98615ddc09f88026fe84312b3542d3cd968cd0f76a752b55233347135a,2024-10-15T12:57:46.880000 +CVE-2024-9984,0,1,aee59dcfaedb9986298d7a3bc956a842195dc61778fd18b49175439a5d4d57b6,2024-10-15T12:57:46.880000 +CVE-2024-9985,0,1,9cfa07817c1e658a82e35b7bd7fbf0c01e1c2daab576a43dacbd3cf771c5ff2d,2024-10-15T12:57:46.880000 +CVE-2024-9986,1,1,5e3fdcd011989d87fb362b72f553ecad0901ee4d89987be838750a5990271eeb,2024-10-15T13:15:11.790000