admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 19:16:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-04-18T14:00:40.539315+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-04-18 14:03:30 +00:00
parent 3e91874454
commit 638f0fd012
107 changed files with 558 additions and 372 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CVE-2023/CVE-2023-36xx/CVE-2023-3675.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3675",
"sourceIdentifier": "VulnerabilityReporting@secomea.com",
"published": "2024-04-18T11:15:36.370",
"lastModified": "2024-04-18T11:15:36.370",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2023/CVE-2023-418xx/CVE-2023-41864.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-41864",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T09:15:11.123",
"lastModified": "2024-04-18T09:15:11.123",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Pepro Dev. Group PeproDev CF7 Database.This issue affects PeproDev CF7 Database: from n/a through 1.8.0.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Pepro Dev. Group PeproDev CF7 Database. Este problema afecta a la base de datos PeproDev CF7: desde n/a hasta 1.8.0."
}
],
"metrics": {

8
CVE-2023/CVE-2023-42xx/CVE-2023-4232.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-4232",
"sourceIdentifier": "patrick@puiterwijk.org",
"published": "2024-04-17T23:15:06.970",
"lastModified": "2024-04-17T23:15:06.970",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_status_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check for this memcpy length in decode_submit(), but it was forgotten in decode_status_report()."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una falla en ofono, una telefon\u00eda de c\u00f3digo abierto en Linux. Se activa un error de desbordamiento de pila dentro de la funci\u00f3n decode_status_report() durante la decodificaci\u00f3n de SMS. Se supone que se puede acceder al escenario del ataque desde un m\u00f3dem comprometido, una estaci\u00f3n base maliciosa o simplemente un SMS. Hay una verificaci\u00f3n vinculada para esta longitud de memcpy en decode_submit(), pero se olvid\u00f3 en decode_status_report()."
}
],
"metrics": {

8
CVE-2023/CVE-2023-42xx/CVE-2023-4233.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-4233",
"sourceIdentifier": "patrick@puiterwijk.org",
"published": "2024-04-17T23:15:07.163",
"lastModified": "2024-04-17T23:15:07.163",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the sms_decode_address_field() function during the SMS PDU decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una falla en ofono, una telefon\u00eda de c\u00f3digo abierto en Linux. Se activa un error de desbordamiento de pila dentro de la funci\u00f3n sms_decode_address_field() durante la decodificaci\u00f3n de la PDU de SMS. Se supone que se puede acceder al escenario del ataque desde un m\u00f3dem comprometido, una estaci\u00f3n base maliciosa o simplemente un SMS."
}
],
"metrics": {

8
CVE-2023/CVE-2023-42xx/CVE-2023-4234.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-4234",
"sourceIdentifier": "patrick@puiterwijk.org",
"published": "2024-04-17T23:15:07.330",
"lastModified": "2024-04-17T23:15:07.330",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_submit_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check for this memcpy length in decode_submit(), but it was forgotten in decode_submit_report()."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una falla en ofono, una telefon\u00eda de c\u00f3digo abierto en Linux. Se activa un error de desbordamiento de pila dentro de la funci\u00f3n decode_submit_report() durante la decodificaci\u00f3n de SMS. Se supone que se puede acceder al escenario del ataque desde un m\u00f3dem comprometido, una estaci\u00f3n base maliciosa o simplemente un SMS. Hay una verificaci\u00f3n vinculada para esta longitud de memcpy en decode_submit(), pero se olvid\u00f3 en decode_submit_report()."
}
],
"metrics": {

8
CVE-2023/CVE-2023-42xx/CVE-2023-4235.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-4235",
"sourceIdentifier": "patrick@puiterwijk.org",
"published": "2024-04-17T23:15:07.517",
"lastModified": "2024-04-17T23:15:07.517",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_deliver_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check for this memcpy length in decode_submit(), but it was forgotten in decode_deliver_report()."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una falla en ofono, una telefon\u00eda de c\u00f3digo abierto en Linux. Se activa un error de desbordamiento de pila dentro de la funci\u00f3n decode_deliver_report() durante la decodificaci\u00f3n de SMS. Se supone que se puede acceder al escenario del ataque desde un m\u00f3dem comprometido, una estaci\u00f3n base maliciosa o simplemente un SMS. Hay una verificaci\u00f3n vinculada para esta longitud de memcpy en decode_submit(), pero se olvid\u00f3 en decode_deliver_report()."
}
],
"metrics": {

8
CVE-2023/CVE-2023-45xx/CVE-2023-4509.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-4509",
"sourceIdentifier": "security@octopus.com",
"published": "2024-04-18T00:15:07.340",
"lastModified": "2024-04-18T00:15:07.340",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "It is possible for an API key to be logged in clear text in the audit log file after an invalid login attempt."
},
{
"lang": "es",
"value": "Es posible que una clave API se registre en texto plano en el archivo de registro de auditor\u00eda despu\u00e9s de un intento de inicio de sesi\u00f3n no v\u00e1lido."
}
],
"metrics": {

4
CVE-2023/CVE-2023-478xx/CVE-2023-47843.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-47843",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T11:15:36.580",
"lastModified": "2024-04-18T11:15:36.580",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2023/CVE-2023-497xx/CVE-2023-49742.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-49742",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T08:15:37.330",
"lastModified": "2024-04-18T08:15:37.330",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Support Genix.This issue affects Support Genix: from n/a through 1.2.3.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de autorizaci\u00f3n faltante en Support Genix. Este problema afecta a Support Genix: desde n/a hasta 1.2.3."
}
],
"metrics": {

4
CVE-2023/CVE-2023-497xx/CVE-2023-49768.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-49768",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T11:15:36.807",
"lastModified": "2024-04-18T11:15:36.807",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-508xx/CVE-2023-50885.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50885",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T11:15:37.003",
"lastModified": "2024-04-18T11:15:37.003",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-68xx/CVE-2023-6892.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6892",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-18T11:15:37.187",
"lastModified": "2024-04-18T11:15:37.187",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-68xx/CVE-2023-6897.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6897",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-18T11:15:37.350",
"lastModified": "2024-04-18T11:15:37.350",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2024/CVE-2024-02xx/CVE-2024-0257.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-0257",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-04-17T20:15:07.407",
"lastModified": "2024-04-17T20:15:07.407",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "\nRoboDK v5.5.4\n\n is vulnerable to heap-based buffer overflow while processing a specific project file. The resulting memory corruption may crash the application.\n\n"
},
{
"lang": "es",
"value": "RoboDK v5.5.4 es vulnerable al desbordamiento de b\u00fafer de almacenamiento din\u00e1mico mientras procesa un archivo de proyecto espec\u00edfico. La corrupci\u00f3n de memoria resultante puede bloquear la aplicaci\u00f3n."
}
],
"metrics": {

8
CVE-2024/CVE-2024-14xx/CVE-2024-1426.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-1426",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-18T05:15:47.787",
"lastModified": "2024-04-18T05:15:47.787",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Element Pack Elementor Addons (Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, Twitter Grid) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018link\u2019 attribute of the Price List widget in all versions up to, and including, 5.6.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
},
{
"lang": "es",
"value": "El complemento Element Pack Elementor Addons (encabezado, pie de p\u00e1gina, librer\u00eda de plantillas gratuita, cuadr\u00edcula, carrusel, tabla, animaci\u00f3n de paralaje, formulario de registro, cuadr\u00edcula de Twitter) para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del atributo 'enlace' del widget de lista de precios en todas las versiones hasta la 5.6.0 incluida debido a una sanitizaci\u00f3n de entrada insuficiente y un escape de salida. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
}
],
"metrics": {

8
CVE-2024/CVE-2024-14xx/CVE-2024-1429.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-1429",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-18T05:15:48.010",
"lastModified": "2024-04-18T05:15:48.010",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Element Pack Elementor Addons (Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, Twitter Grid) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018tab_link\u2019 attribute of the Panel Slider widget in all versions up to, and including, 5.6.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
},
{
"lang": "es",
"value": "El complemento Element Pack Elementor Addons (encabezado, pie de p\u00e1gina, librer\u00eda de plantillas gratuita, cuadr\u00edcula, carrusel, tabla, animaci\u00f3n de paralaje, formulario de registro, cuadr\u00edcula de Twitter) para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del atributo 'tab_link' del widget del control deslizante del panel en todas las versiones hasta la 5.6.0 incluida debido a una sanitizaci\u00f3n de entrada insuficiente y un escape de salida. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
}
],
"metrics": {

8
CVE-2024/CVE-2024-219xx/CVE-2024-21989.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-21989",
"sourceIdentifier": "security-alert@netapp.com",
"published": "2024-04-17T20:15:07.663",
"lastModified": "2024-04-17T20:15:07.663",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "ONTAP Select Deploy administration utility versions 9.12.1.x, \n9.13.1.x and 9.14.1.x are susceptible to a vulnerability which when \nsuccessfully exploited could allow a read-only user to escalate their \nprivileges.\n\n"
},
{
"lang": "es",
"value": "Las versiones 9.12.1.x, 9.13.1.x y 9.14.1.x de la utilidad de administraci\u00f3n ONTAP Select Deploy son susceptibles a una vulnerabilidad que, cuando se explota con \u00e9xito, podr\u00eda permitir que un usuario de solo lectura escale sus privilegios."
}
],
"metrics": {

8
CVE-2024/CVE-2024-219xx/CVE-2024-21990.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-21990",
"sourceIdentifier": "security-alert@netapp.com",
"published": "2024-04-17T20:15:07.863",
"lastModified": "2024-04-17T20:15:07.863",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "ONTAP Select Deploy administration utility versions 9.12.1.x, \n9.13.1.x and 9.14.1.x contain hard-coded credentials that could allow an\n attacker to view Deploy configuration information and modify the \naccount credentials.\n\n\n\n\n"
},
{
"lang": "es",
"value": "Las versiones 9.12.1.x, 9.13.1.x y 9.14.1.x de la utilidad de administraci\u00f3n ONTAP Select Deploy contienen credenciales codificadas que podr\u00edan permitir a un atacante ver la informaci\u00f3n de configuraci\u00f3n de Deploy y modificar las credenciales de la cuenta."
}
],
"metrics": {

33
CVE-2024/CVE-2024-268xx/CVE-2024-26819.json
View File

@ -2,39 +2,14 @@
"id": "CVE-2024-26819",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-17T10:15:08.810",
"lastModified": "2024-04-17T12:48:07.510",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-04-18T13:15:17.797",
"vulnStatus": "Rejected",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm: limit the number of targets and parameter size area\n\nThe kvmalloc function fails with a warning if the size is larger than\nINT_MAX. The warning was triggered by a syscall testing robot.\n\nIn order to avoid the warning, this commit limits the number of targets to\n1048576 and the size of the parameter area to 1073741824."
"value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/438d19492b7f002334573bae43276297eb234c80",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/888a0a46b80fa37eacfe81faf47ba0b83876251d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a891a0621e725e85529985139cada8cb5a74a116",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/bd504bcfec41a503b32054da5472904b404341a4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c5d83ac2bf6ca668a39ffb1a576899a66153ba19",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/cd70175481f63af31901dd463e44386f033c3f4c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
"references": []
}

4
CVE-2024/CVE-2024-269xx/CVE-2024-26921.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26921",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-18T10:15:07.740",
"lastModified": "2024-04-18T10:15:07.740",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2024/CVE-2024-27xx/CVE-2024-2729.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-2729",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-04-18T05:15:48.343",
"lastModified": "2024-04-18T05:15:48.343",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Otter Blocks WordPress plugin before 2.6.6 does not properly escape its mainHeadings blocks' attribute before appending it to the final rendered block, allowing contributors to conduct Stored XSS attacks."
},
{
"lang": "es",
"value": "El complemento Otter Blocks de WordPress anterior a 2.6.6 no escapa correctamente del atributo de sus bloques mainHeadings antes de agregarlo al bloque renderizado final, lo que permite a los contribuyentes realizar ataques XSS almacenados."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-280xx/CVE-2024-28076.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-28076",
"sourceIdentifier": "psirt@solarwinds.com",
"published": "2024-04-18T09:15:11.463",
"lastModified": "2024-04-18T09:15:11.463",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The SolarWinds Platform was susceptible to a Arbitrary Open Redirection Vulnerability. A potential attacker can redirect to different domain when using URL parameter with relative entry in the correct format"
},
{
"lang": "es",
"value": "La plataforma SolarWinds era susceptible a una vulnerabilidad de redireccionamiento abierto arbitrario. Un atacante potencial puede redirigir a un dominio diferente cuando utiliza un par\u00e1metro de URL con una entrada relativa en el formato correcto."
}
],
"metrics": {

4
CVE-2024/CVE-2024-28xx/CVE-2024-2833.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2833",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-18T10:15:08.690",
"lastModified": "2024-04-18T10:15:08.690",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2024/CVE-2024-290xx/CVE-2024-29001.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-29001",
"sourceIdentifier": "psirt@solarwinds.com",
"published": "2024-04-18T09:15:11.670",
"lastModified": "2024-04-18T09:15:11.670",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A SolarWinds Platform SWQL Injection Vulnerability was identified in the user interface. This vulnerability requires authentication and user interaction to be exploited. "
},
{
"lang": "es",
"value": "Se identific\u00f3 una vulnerabilidad de inyecci\u00f3n SWQL de la plataforma SolarWinds en la interfaz de usuario. Esta vulnerabilidad requiere autenticaci\u00f3n e interacci\u00f3n del usuario para poder explotarse."
}
],
"metrics": {

4
CVE-2024/CVE-2024-290xx/CVE-2024-29003.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-29003",
"sourceIdentifier": "psirt@solarwinds.com",
"published": "2024-04-18T10:15:08.353",
"lastModified": "2024-04-18T10:15:08.353",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2024/CVE-2024-299xx/CVE-2024-29951.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-29951",
"sourceIdentifier": "sirt@brocade.com",
"published": "2024-04-17T20:15:08.060",
"lastModified": "2024-04-17T20:15:08.060",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Brocade SANnav before v2.3.1 and v2.3.0a uses the SHA-1 hash in internal SSH ports that are not open to remote connection.\n\n"
},
{
"lang": "es",
"value": "Brocade SANnav anterior a v2.3.1 y v2.3.0a utiliza el hash SHA-1 en puertos SSH internos que no est\u00e1n abiertos a conexiones remotas."
}
],
"metrics": {

8
CVE-2024/CVE-2024-299xx/CVE-2024-29952.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-29952",
"sourceIdentifier": "sirt@brocade.com",
"published": "2024-04-17T22:15:08.080",
"lastModified": "2024-04-17T22:15:08.080",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a could allow an authenticated user to print the Auth, Priv, and SSL key store passwords in unencrypted logs by manipulating command variables.\n\n"
},
{
"lang": "es",
"value": "Una vulnerabilidad en Brocade SANnav anterior a v2.3.1 y v2.3.0a podr\u00eda permitir que un usuario autenticado imprima las contrase\u00f1as del almac\u00e9n de claves Auth, Priv y SSL en registros no cifrados manipulando variables de comando."
}
],
"metrics": {

8
CVE-2024/CVE-2024-299xx/CVE-2024-29955.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-29955",
"sourceIdentifier": "sirt@brocade.com",
"published": "2024-04-17T22:15:08.370",
"lastModified": "2024-04-17T22:15:08.370",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a could allow a privileged user to print the SANnav encrypted key in PostgreSQL startup logs. \nThis could provide attackers with an additional, less-protected path to acquiring the encryption key. \n\n"
},
{
"lang": "es",
"value": "Una vulnerabilidad en Brocade SANnav anterior a v2.3.1 y v2.3.0a podr\u00eda permitir a un usuario privilegiado imprimir la clave cifrada de SANnav en los registros de inicio de PostgreSQL. Esto podr\u00eda proporcionar a los atacantes una ruta adicional y menos protegida para adquirir la clave de cifrado."
}
],
"metrics": {

8
CVE-2024/CVE-2024-299xx/CVE-2024-29956.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-29956",
"sourceIdentifier": "sirt@brocade.com",
"published": "2024-04-18T02:15:06.797",
"lastModified": "2024-04-18T02:15:06.797",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints the Brocade SANnav password in clear text in supportsave logs when a user schedules a switch Supportsave from Brocade SANnav.\n\n"
},
{
"lang": "es",
"value": "Una vulnerabilidad en Brocade SANnav anterior a v2.3.1 y v2.3.0a imprime la contrase\u00f1a de Brocade SANnav en texto plano en los registros de guardado de soporte cuando un usuario programa un cambio de guardado de soporte desde Brocade SANnav."
}
],
"metrics": {

4
CVE-2024/CVE-2024-312xx/CVE-2024-31229.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-31229",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T11:15:37.513",
"lastModified": "2024-04-18T11:15:37.513",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2024/CVE-2024-318xx/CVE-2024-31869.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-31869",
"sourceIdentifier": "security@apache.org",
"published": "2024-04-18T08:15:38.037",
"lastModified": "2024-04-18T08:15:38.037",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Airflow versions 2.7.0 through 2.8.4 have a vulnerability that allows an authenticated user to see sensitive provider configuration via the \"configuration\" UI page\u00a0when \"non-sensitive-only\" was set as \"webserver.expose_config\" configuration (The celery provider is the only community provider currently that has sensitive configurations). You should migrate to Airflow 2.9 or change your \"expose_config\" configuration to False as a workaround. This is similar, but different to CVE-2023-46288 https://github.com/advisories/GHSA-9qqg-mh7c-chfq which concerned API, not UI configuration page."
},
{
"lang": "es",
"value": "Las versiones 2.7.0 a 2.8.4 de Airflow tienen una vulnerabilidad que permite a un usuario autenticado ver la configuraci\u00f3n confidencial del proveedor a trav\u00e9s de la p\u00e1gina de interfaz de usuario \"configuraci\u00f3n\" cuando se configur\u00f3 \"solo no confidencial\" como configuraci\u00f3n \"webserver.expose_config\" (el proveedor de apio es el \u00fanico proveedor comunitario actualmente que tiene configuraciones confidenciales). Deber\u00edas migrar a Airflow 2.9 o cambiar tu configuraci\u00f3n \"expose_config\" a False como workaround. Esto es similar, pero diferente a CVE-2023-46288 https://github.com/advisories/GHSA-9qqg-mh7c-chfq, que se refer\u00eda a la API, no a la p\u00e1gina de configuraci\u00f3n de la UI."
}
],
"metrics": {},

4
CVE-2024/CVE-2024-321xx/CVE-2024-32126.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32126",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T11:15:37.697",
"lastModified": "2024-04-18T11:15:37.697",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2024/CVE-2024-321xx/CVE-2024-32142.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-32142",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T08:15:38.143",
"lastModified": "2024-04-18T08:15:38.143",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Ovic Team Ovic Responsive WPBakery.This issue affects Ovic Responsive WPBakery: from n/a through 1.3.0.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de autorizaci\u00f3n faltante en Ovic Team Ovic Responsive WPBakery. Este problema afecta a Ovic Responsive WPBakery: desde n/a hasta 1.3.0."
}
],
"metrics": {

8
CVE-2024/CVE-2024-323xx/CVE-2024-32337.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-32337",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-17T21:15:09.267",
"lastModified": "2024-04-17T21:15:09.267",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the ADMIN LOGIN URL parameter under the Security module."
},
{
"lang": "es",
"value": "Una vulnerabilidad de cross site scripting (XSS) en la secci\u00f3n Configuraci\u00f3n de WonderCMS v3.4.3 permite a los atacantes ejecutar scripts web o HTML arbitrarios a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro ADMIN LOGIN URL en el m\u00f3dulo de Seguridad."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-323xx/CVE-2024-32338.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-32338",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-17T21:15:09.343",
"lastModified": "2024-04-17T21:15:09.343",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the PAGE TITLE parameter under the Current Page module."
},
{
"lang": "es",
"value": "Una vulnerabilidad de cross site scripting (XSS) en la secci\u00f3n Configuraci\u00f3n de WonderCMS v3.4.3 permite a los atacantes ejecutar scripts web o HTML arbitrarios a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro T\u00cdTULO DE LA P\u00c1GINA en el m\u00f3dulo P\u00e1gina actual."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-323xx/CVE-2024-32339.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-32339",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-17T21:15:09.400",
"lastModified": "2024-04-17T21:15:09.400",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the HOW TO page of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into any of the parameters."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de cross site scripting (XSS) en la p\u00e1gina HOW TO de WonderCMS v3.4.3 permiten a los atacantes ejecutar scripts web o HTML arbitrarios a trav\u00e9s de un payload manipulado inyectado en cualquiera de los par\u00e1metros."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-323xx/CVE-2024-32340.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-32340",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-17T21:15:09.453",
"lastModified": "2024-04-17T21:15:09.453",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the WEBSITE TITLE parameter under the Menu module."
},
{
"lang": "es",
"value": "Una vulnerabilidad de cross site scripting (XSS) en la secci\u00f3n Configuraci\u00f3n de WonderCMS v3.4.3 permite a los atacantes ejecutar scripts web o HTML arbitrarios a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro T\u00cdTULO DEL SITIO WEB en el m\u00f3dulo Men\u00fa."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-323xx/CVE-2024-32341.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-32341",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-17T21:15:09.507",
"lastModified": "2024-04-17T21:15:09.507",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the Home page of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into any of the parameters."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de cross site scripting (XSS) en la p\u00e1gina de inicio de WonderCMS v3.4.3 permiten a los atacantes ejecutar scripts web o HTML arbitrarios a trav\u00e9s de un payload manipulado inyectado en cualquiera de los par\u00e1metros."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-323xx/CVE-2024-32342.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-32342",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-17T21:15:09.560",
"lastModified": "2024-04-17T21:15:09.560",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in the Create Page of Boid CMS v2.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Permalink parameter."
},
{
"lang": "es",
"value": "Una vulnerabilidad de cross site scripting (XSS) en la p\u00e1gina de creaci\u00f3n de Boid CMS v2.1.0 permite a los atacantes ejecutar scripts web o HTML arbitrarios a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro Permalink."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-323xx/CVE-2024-32343.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-32343",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-17T21:15:09.623",
"lastModified": "2024-04-17T21:15:09.623",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in the Create Page of Boid CMS v2.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Content parameter."
},
{
"lang": "es",
"value": "Una vulnerabilidad de cross site scripting (XSS) en la p\u00e1gina de creaci\u00f3n de Boid CMS v2.1.0 permite a los atacantes ejecutar scripts web o HTML arbitrarios a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro Contenido."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-323xx/CVE-2024-32344.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-32344",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-17T21:15:09.677",
"lastModified": "2024-04-17T21:15:09.677",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in the Settings menu of CMSimple v5.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Edit parameter under the Language section."
},
{
"lang": "es",
"value": "Una vulnerabilidad de cross site scripting (XSS) en el men\u00fa Configuraci\u00f3n de CMSimple v5.15 permite a los atacantes ejecutar scripts web o HTML arbitrarios a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro Editar en la secci\u00f3n Idioma."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-323xx/CVE-2024-32345.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-32345",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-17T21:15:09.727",
"lastModified": "2024-04-17T21:15:09.727",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in the Settings menu of CMSimple v5.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Configuration parameter under the Language section."
},
{
"lang": "es",
"value": "Una vulnerabilidad de cross site scripting (XSS) en la secci\u00f3n Configuraci\u00f3n de WonderCMS v3.4.3 permite a los atacantes ejecutar scripts web o HTML arbitrarios a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro SITE LANGUAGE CONFIG en el m\u00f3dulo Seguridad."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-324xx/CVE-2024-32472.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-32472",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-04-17T22:15:08.557",
"lastModified": "2024-04-17T22:15:08.557",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "excalidraw is an open source virtual hand-drawn style whiteboard. A stored XSS vulnerability in Excalidraw's web embeddable component. This allows arbitrary JavaScript to be run in the context of the domain where the editor is hosted. There were two vectors. One rendering untrusted string as iframe's `srcdoc` without properly sanitizing against HTML injection. Second by improperly sanitizing against attribute HTML injection. This in conjunction with allowing `allow-same-origin` sandbox flag (necessary for several embeds) resulted in the XSS. This vulnerability is fixed in 0.17.6 and 0.16.4."
},
{
"lang": "es",
"value": "excalidraw es una pizarra virtual de c\u00f3digo abierto dibujada a mano. Una vulnerabilidad XSS almacenada en el componente web integrable de Excalidraw. Esto permite ejecutar JavaScript arbitrario en el contexto del dominio donde est\u00e1 alojado el editor. Hab\u00eda dos vectores. Uno que representa una cadena que no es de confianza como `srcdoc` de iframe sin desinfectar adecuadamente contra la inyecci\u00f3n de HTML. En segundo lugar, mediante una desinfecci\u00f3n inadecuada contra la inyecci\u00f3n de atributos HTML. Esto, junto con permitir el indicador de zona de pruebas \"permitir el mismo origen\" (necesario para varias incrustaciones), dio como resultado el XSS. Esta vulnerabilidad se solucion\u00f3 en 0.17.6 y 0.16.4."
}
],
"metrics": {

4
CVE-2024/CVE-2024-325xx/CVE-2024-32551.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32551",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T11:15:37.877",
"lastModified": "2024-04-18T11:15:37.877",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-325xx/CVE-2024-32552.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32552",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T11:15:38.063",
"lastModified": "2024-04-18T11:15:38.063",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-325xx/CVE-2024-32553.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32553",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T11:15:38.243",
"lastModified": "2024-04-18T11:15:38.243",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-325xx/CVE-2024-32554.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32554",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T10:15:08.857",
"lastModified": "2024-04-18T10:15:08.857",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-325xx/CVE-2024-32556.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32556",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T10:15:09.053",
"lastModified": "2024-04-18T10:15:09.053",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-325xx/CVE-2024-32558.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32558",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T10:15:09.233",
"lastModified": "2024-04-18T10:15:09.233",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-325xx/CVE-2024-32559.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32559",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T10:15:09.420",
"lastModified": "2024-04-18T10:15:09.420",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-325xx/CVE-2024-32560.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32560",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T10:15:09.610",
"lastModified": "2024-04-18T10:15:09.610",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-325xx/CVE-2024-32561.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32561",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T10:15:09.790",
"lastModified": "2024-04-18T10:15:09.790",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-325xx/CVE-2024-32562.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32562",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T10:15:09.980",
"lastModified": "2024-04-18T10:15:09.980",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-325xx/CVE-2024-32563.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32563",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T10:15:10.160",
"lastModified": "2024-04-18T10:15:10.160",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-325xx/CVE-2024-32564.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32564",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T10:15:10.347",
"lastModified": "2024-04-18T10:15:10.347",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-325xx/CVE-2024-32565.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32565",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T10:15:10.530",
"lastModified": "2024-04-18T10:15:10.530",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-325xx/CVE-2024-32566.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32566",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T10:15:10.717",
"lastModified": "2024-04-18T10:15:10.717",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-325xx/CVE-2024-32567.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32567",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T10:15:10.910",
"lastModified": "2024-04-18T10:15:10.910",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-325xx/CVE-2024-32568.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32568",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T10:15:11.100",
"lastModified": "2024-04-18T10:15:11.100",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-325xx/CVE-2024-32569.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32569",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T10:15:11.283",
"lastModified": "2024-04-18T10:15:11.283",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-325xx/CVE-2024-32570.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32570",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T10:15:11.470",
"lastModified": "2024-04-18T10:15:11.470",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-325xx/CVE-2024-32571.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32571",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T10:15:11.660",
"lastModified": "2024-04-18T10:15:11.660",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-325xx/CVE-2024-32572.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32572",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T10:15:11.840",
"lastModified": "2024-04-18T10:15:11.840",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-325xx/CVE-2024-32573.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32573",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T10:15:12.023",
"lastModified": "2024-04-18T10:15:12.023",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-325xx/CVE-2024-32574.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32574",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T10:15:12.217",
"lastModified": "2024-04-18T10:15:12.217",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-325xx/CVE-2024-32575.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32575",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T10:15:12.413",
"lastModified": "2024-04-18T10:15:12.413",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-325xx/CVE-2024-32576.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32576",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T10:15:12.610",
"lastModified": "2024-04-18T10:15:12.610",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-325xx/CVE-2024-32577.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32577",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T10:15:12.793",
"lastModified": "2024-04-18T10:15:12.793",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-325xx/CVE-2024-32578.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32578",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T10:15:12.980",
"lastModified": "2024-04-18T10:15:12.980",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-325xx/CVE-2024-32579.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32579",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T10:15:13.170",
"lastModified": "2024-04-18T10:15:13.170",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-325xx/CVE-2024-32580.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32580",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T10:15:13.357",
"lastModified": "2024-04-18T10:15:13.357",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-325xx/CVE-2024-32581.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32581",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T10:15:13.547",
"lastModified": "2024-04-18T10:15:13.547",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-325xx/CVE-2024-32582.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32582",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T10:15:13.723",
"lastModified": "2024-04-18T10:15:13.723",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-325xx/CVE-2024-32583.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32583",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T10:15:13.920",
"lastModified": "2024-04-18T10:15:13.920",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-325xx/CVE-2024-32584.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32584",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T10:15:14.110",
"lastModified": "2024-04-18T10:15:14.110",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-325xx/CVE-2024-32585.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32585",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T10:15:14.290",
"lastModified": "2024-04-18T10:15:14.290",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-325xx/CVE-2024-32586.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32586",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T10:15:14.480",
"lastModified": "2024-04-18T10:15:14.480",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2024/CVE-2024-325xx/CVE-2024-32587.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-32587",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T09:15:12.000",
"lastModified": "2024-04-18T09:15:12.000",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EnvialoSimple Env\u00edaloSimple allows Reflected XSS.This issue affects Env\u00edaloSimple: from n/a through 2.2.\n\n"
},
{
"lang": "es",
"value": "Neutralizaci\u00f3n inadecuada de la entrada durante la vulnerabilidad de generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en EnvialoSimple Env\u00edaloSimple permite XSS reflejado. Este problema afecta a Env\u00edaloSimple: desde n/a hasta 2.2."
}
],
"metrics": {

8
CVE-2024/CVE-2024-325xx/CVE-2024-32588.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-32588",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T09:15:12.267",
"lastModified": "2024-04-18T09:15:12.267",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress LearnPress Export Import allows Reflected XSS.This issue affects LearnPress Export Import: from n/a through 4.0.3.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en ThimPress LearnPress Export Import permite el XSS reflejado. Este problema afecta a LearnPress Export Import: desde n/a hasta 4.0.3."
}
],
"metrics": {

8
CVE-2024/CVE-2024-325xx/CVE-2024-32590.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-32590",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T09:15:12.503",
"lastModified": "2024-04-18T09:15:12.503",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Webfood Kattene allows Stored XSS.This issue affects Kattene: from n/a through 1.7.\n\n"
},
{
"lang": "es",
"value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('cross-site Scripting') en Webfood Kattene permite almacenar XSS. Este problema afecta a Kattene: desde n/a hasta 1.7."
}
],
"metrics": {

8
CVE-2024/CVE-2024-325xx/CVE-2024-32591.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-32591",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T09:15:12.700",
"lastModified": "2024-04-18T09:15:12.700",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Daniele De Rosa Backend Designer allows Stored XSS.This issue affects Backend Designer: from n/a through 1.3.\n\n"
},
{
"lang": "es",
"value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('cross-site Scripting') en Daniele De Rosa Backend Designer permite almacenar XSS. Este problema afecta a Backend Designer: desde n/a hasta 1.3."
}
],
"metrics": {

8
CVE-2024/CVE-2024-325xx/CVE-2024-32592.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-32592",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T09:15:13.010",
"lastModified": "2024-04-18T09:15:13.010",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VoidCoders, innovs Void Elementor WHMCS Elements For Elementor Page Builder allows Stored XSS.This issue affects Void Elementor WHMCS Elements For Elementor Page Builder: from n/a through 2.0.\n\n"
},
{
"lang": "es",
"value": "Neutralizaci\u00f3n inadecuada de la entrada durante la vulnerabilidad de generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en VoidCoders, innovs Void Elementor WHMCS Elements para Elementor Page Builder permite almacenar XSS. Este problema afecta a Void Elementor WHMCS Elements para Elementor Page Builder: desde n/a hasta 2.0."
}
],
"metrics": {

8
CVE-2024/CVE-2024-325xx/CVE-2024-32593.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-32593",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T09:15:13.257",
"lastModified": "2024-04-18T09:15:13.257",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPBits WPBITS Addons For Elementor Page Builder allows Stored XSS.This issue affects WPBITS Addons For Elementor Page Builder: from n/a through 1.3.4.2.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en WPBits WPBITS Addons For Elementor Page Builder permiten almacenar XSS. Este problema afecta a los complementos de WPBITS para Elementor Page Builder: desde n/a hasta 1.3.4.2."
}
],
"metrics": {

8
CVE-2024/CVE-2024-325xx/CVE-2024-32594.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-32594",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T09:15:13.493",
"lastModified": "2024-04-18T09:15:13.493",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AttesaWP Attesa Extra allows Stored XSS.This issue affects Attesa Extra: from n/a through 1.3.9.\n\n"
},
{
"lang": "es",
"value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('cross-site Scripting') en AttesaWP Attesa Extra permite almacenar XSS. Este problema afecta a Attesa Extra: desde n/a hasta 1.3.9."
}
],
"metrics": {

8
CVE-2024/CVE-2024-325xx/CVE-2024-32595.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-32595",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T09:15:13.797",
"lastModified": "2024-04-18T09:15:13.797",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mat Bao Corp WP Helper Premium allows Reflected XSS.This issue affects WP Helper Premium: from n/a before 4.6.0.\n\n"
},
{
"lang": "es",
"value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en Mat Bao Corp WP Helper Premium permite Reflected XSS. Este problema afecta a WP Helper Premium: desde n/a antes de 4.6.0."
}
],
"metrics": {

8
CVE-2024/CVE-2024-325xx/CVE-2024-32596.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-32596",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T09:15:14.057",
"lastModified": "2024-04-18T09:15:14.057",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Eric-Oliver M\u00e4chler DSGVO Youtube allows Stored XSS.This issue affects DSGVO Youtube: from n/a through 1.4.5.\n\n"
},
{
"lang": "es",
"value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en Eric-Oliver M\u00e4chler DSGVO Youtube permite almacenar XSS. Este problema afecta a DSGVO Youtube: desde n/a hasta 1.4.5."
}
],
"metrics": {

8
CVE-2024/CVE-2024-325xx/CVE-2024-32597.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-32597",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T09:15:14.317",
"lastModified": "2024-04-18T09:15:14.317",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xylus Themes WordPress Importer allows Stored XSS.This issue affects WordPress Importer: from n/a through 1.0.7.\n\n"
},
{
"lang": "es",
"value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('cross-site Scripting') en Xylus Themes WordPress Importer permite almacenar XSS. Este problema afecta a WordPress Importer: desde n/a hasta 1.0.7."
}
],
"metrics": {

8
CVE-2024/CVE-2024-325xx/CVE-2024-32598.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-32598",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T09:15:14.593",
"lastModified": "2024-04-18T09:15:14.593",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Booking Algorithms BA Book Everything allows Stored XSS.This issue affects BA Book Everything: from n/a through 1.6.8.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en Booking Algorithms BA Book Everything permite almacenar XSS. Este problema afecta a BA Book Everything: desde n/a hasta 1.6.8."
}
],
"metrics": {

8
CVE-2024/CVE-2024-325xx/CVE-2024-32599.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-32599",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T09:15:14.823",
"lastModified": "2024-04-18T09:15:14.823",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper Control of Generation of Code ('Code Injection') vulnerability in Deepak anand WP Dummy Content Generator.This issue affects WP Dummy Content Generator: from n/a through 3.2.1.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de control inadecuado de la generaci\u00f3n de c\u00f3digo (\"inyecci\u00f3n de c\u00f3digo\") en Deepak anand WP Dummy Content Generator. Este problema afecta a WP Dummy Content Generator: desde n/a hasta 3.2.1."
}
],
"metrics": {

4
CVE-2024/CVE-2024-326xx/CVE-2024-32600.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32600",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T11:15:38.530",
"lastModified": "2024-04-18T11:15:38.530",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2024/CVE-2024-326xx/CVE-2024-32601.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-32601",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T09:15:15.053",
"lastModified": "2024-04-18T09:15:15.053",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Popup Anything.This issue affects Popup Anything: from n/a through 2.8.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de autorizaci\u00f3n faltante en WP OnlineSupport, Essential Plugin Popup Anything. Este problema afecta a Popup Anything: desde n/a hasta 2.8."
}
],
"metrics": {

4
CVE-2024/CVE-2024-326xx/CVE-2024-32602.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32602",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T11:15:38.753",
"lastModified": "2024-04-18T11:15:38.753",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2024/CVE-2024-326xx/CVE-2024-32603.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-32603",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T09:15:15.330",
"lastModified": "2024-04-18T09:15:15.330",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Deserialization of Untrusted Data vulnerability in ThemeKraft WooBuddy.This issue affects WooBuddy: from n/a through 3.4.20.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de deserializaci\u00f3n de datos no confiables en ThemeKraft WooBuddy. Este problema afecta a WooBuddy: desde n/a hasta 3.4.20."
}
],
"metrics": {

4
CVE-2024/CVE-2024-326xx/CVE-2024-32604.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32604",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T09:15:15.550",
"lastModified": "2024-04-18T09:15:15.550",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-326xx/CVE-2024-32686.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32686",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T11:15:38.930",
"lastModified": "2024-04-18T11:15:38.930",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-326xx/CVE-2024-32689.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32689",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-18T11:15:39.117",
"lastModified": "2024-04-18T11:15:39.117",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2024/CVE-2024-327xx/CVE-2024-32743.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-32743",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-17T21:15:09.783",
"lastModified": "2024-04-17T21:15:09.783",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the SITE LANGUAGE CONFIG parameter under the Security module."
},
{
"lang": "es",
"value": "Una vulnerabilidad de cross site scripting (XSS) en la secci\u00f3n Configuraci\u00f3n de WonderCMS v3.4.3 permite a los atacantes ejecutar scripts web o HTML arbitrarios a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro SITE LANGUAGE CONFIG en el m\u00f3dulo Seguridad."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-327xx/CVE-2024-32744.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-32744",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-17T21:15:09.843",
"lastModified": "2024-04-17T21:15:09.843",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the PAGE KEYWORDS parameter under the CURRENT PAGE module."
},
{
"lang": "es",
"value": "Una vulnerabilidad de cross site scripting (XSS) en la secci\u00f3n Configuraci\u00f3n de WonderCMS v3.4.3 permite a los atacantes ejecutar scripts web o HTML arbitrarios a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro PAGE KEYWORDS bajo el m\u00f3dulo CURRENT PAGE."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-327xx/CVE-2024-32745.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-32745",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-17T21:15:09.897",
"lastModified": "2024-04-17T21:15:09.897",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the PAGE DESCRIPTION parameter under the CURRENT PAGE module."
},
{
"lang": "es",
"value": "Una vulnerabilidad de cross site scripting (XSS) en la secci\u00f3n Configuraci\u00f3n de WonderCMS v3.4.3 permite a los atacantes ejecutar scripts web o HTML arbitrarios a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro PAGE DESCRIPTION bajo el m\u00f3dulo CURRENT PAGE."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-327xx/CVE-2024-32746.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-32746",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-17T21:15:09.943",
"lastModified": "2024-04-17T21:15:09.943",
"vulnStatus": "Received",
"lastModified": "2024-04-18T13:04:28.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the MENU parameter under the Menu module."
},
{
"lang": "es",
"value": "Una vulnerabilidad de cross site scripting (XSS) en la secci\u00f3n Configuraci\u00f3n de WonderCMS v3.4.3 permite a los atacantes ejecutar scripts web o HTML arbitrarios a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro MEN\u00da bajo el m\u00f3dulo Men\u00fa."
}
],
"metrics": {},

Some files were not shown because too many files have changed in this diff Show More