diff --git a/CVE-2022/CVE-2022-225xx/CVE-2022-22506.json b/CVE-2022/CVE-2022-225xx/CVE-2022-22506.json index 60c4bd8fd7d..54c86ce5d66 100644 --- a/CVE-2022/CVE-2022-225xx/CVE-2022-22506.json +++ b/CVE-2022/CVE-2022-225xx/CVE-2022-22506.json @@ -2,16 +2,40 @@ "id": "CVE-2022-22506", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-02-12T20:15:08.320", - "lastModified": "2024-02-12T20:39:09.773", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-03-12T14:52:57.217", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "IBM Robotic Process Automation 21.0.2 contains a vulnerability that could allow user ids may be exposed across tenants. IBM X-Force ID: 227293." + }, + { + "lang": "es", + "value": "IBM Robotic Process Automation 21.0.2 contiene una vulnerabilidad que podr\u00eda permitir que los ID de usuario queden expuestos entre inquilinos. ID de IBM X-Force: 227293." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "PHYSICAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.6, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.9, + "impactScore": 3.6 + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -36,8 +60,18 @@ }, "weaknesses": [ { - "source": "psirt@us.ibm.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, + { + "source": "psirt@us.ibm.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,14 +80,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:robotic_process_automation:21.0.2:*:*:*:*:*:*:*", + "matchCriteriaId": "91E94D18-3EB1-46C0-8088-6D7ED5081902" + } + ] + } + ] + } + ], "references": [ { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/227293", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry", + "Vendor Advisory" + ] }, { "url": "https://www.ibm.com/support/pages/node/6591237", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-322xx/CVE-2022-32257.json b/CVE-2022/CVE-2022-322xx/CVE-2022-32257.json new file mode 100644 index 00000000000..2b1c43682a6 --- /dev/null +++ b/CVE-2022/CVE-2022-322xx/CVE-2022-32257.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2022-32257", + "sourceIdentifier": "productcert@siemens.com", + "published": "2024-03-12T11:15:45.210", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2). The affected application consists of a web service that lacks proper access control for some of the endpoints. This could lead to unauthorized access to resources and potentially lead to code execution." + }, + { + "lang": "es", + "value": "Se ha identificado una vulnerabilidad en SINEMA Remote Connect Server (todas las versiones < V3.2). La aplicaci\u00f3n afectada consiste en un servicio web que carece de un control de acceso adecuado para algunos de los endpoints. Esto podr\u00eda provocar un acceso no autorizado a los recursos y potencialmente provocar la ejecuci\u00f3n de c\u00f3digo." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "productcert@siemens.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "productcert@siemens.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://cert-portal.siemens.com/productcert/html/ssa-576771.html", + "source": "productcert@siemens.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-450xx/CVE-2022-45044.json b/CVE-2022/CVE-2022-450xx/CVE-2022-45044.json index e25fa73d64d..ed6885d2d36 100644 --- a/CVE-2022/CVE-2022-450xx/CVE-2022-45044.json +++ b/CVE-2022/CVE-2022-450xx/CVE-2022-45044.json @@ -2,12 +2,16 @@ "id": "CVE-2022-45044", "sourceIdentifier": "productcert@siemens.com", "published": "2022-12-13T16:15:24.617", - "lastModified": "2023-09-12T10:15:21.413", + "lastModified": "2024-03-12T11:15:45.510", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.50), SIPROTEC 5 6MD85 (CP200) (All versions), SIPROTEC 5 6MD85 (CP300) (All versions < V9.50), SIPROTEC 5 6MD86 (CP200) (All versions), SIPROTEC 5 6MD86 (CP300) (All versions < V9.50), SIPROTEC 5 6MD89 (CP300) (All versions < V9.60), SIPROTEC 5 6MU85 (CP300) (All versions < V9.50), SIPROTEC 5 7KE85 (CP200) (All versions), SIPROTEC 5 7KE85 (CP300) (All versions < V9.60), SIPROTEC 5 7SA82 (CP100) (All versions), SIPROTEC 5 7SA82 (CP150) (All versions < V9.50), SIPROTEC 5 7SA84 (CP200) (All versions), SIPROTEC 5 7SA86 (CP200) (All versions), SIPROTEC 5 7SA86 (CP300) (All versions < V9.50), SIPROTEC 5 7SA87 (CP200) (All versions), SIPROTEC 5 7SA87 (CP300) (All versions < V9.50), SIPROTEC 5 7SD82 (CP100) (All versions), SIPROTEC 5 7SD82 (CP150) (All versions < V9.50), SIPROTEC 5 7SD84 (CP200) (All versions), SIPROTEC 5 7SD86 (CP200) (All versions), SIPROTEC 5 7SD86 (CP300) (All versions < V9.50), SIPROTEC 5 7SD87 (CP200) (All versions), SIPROTEC 5 7SD87 (CP300) (All versions < V9.50), SIPROTEC 5 7SJ81 (CP100) (All versions), SIPROTEC 5 7SJ81 (CP150) (All versions < V9.50), SIPROTEC 5 7SJ82 (CP100) (All versions), SIPROTEC 5 7SJ82 (CP150) (All versions < V9.50), SIPROTEC 5 7SJ85 (CP200) (All versions), SIPROTEC 5 7SJ85 (CP300) (All versions < V9.50), SIPROTEC 5 7SJ86 (CP200) (All versions), SIPROTEC 5 7SJ86 (CP300) (All versions < V9.50), SIPROTEC 5 7SK82 (CP100) (All versions), SIPROTEC 5 7SK82 (CP150) (All versions < V9.50), SIPROTEC 5 7SK85 (CP200) (All versions), SIPROTEC 5 7SK85 (CP300) (All versions < V9.50), SIPROTEC 5 7SL82 (CP100) (All versions), SIPROTEC 5 7SL82 (CP150) (All versions < V9.50), SIPROTEC 5 7SL86 (CP200) (All versions), SIPROTEC 5 7SL86 (CP300) (All versions < V9.50), SIPROTEC 5 7SL87 (CP200) (All versions), SIPROTEC 5 7SL87 (CP300) (All versions < V9.50), SIPROTEC 5 7SS85 (CP200) (All versions), SIPROTEC 5 7SS85 (CP300) (All versions < V9.50), SIPROTEC 5 7ST85 (CP200) (All versions), SIPROTEC 5 7ST85 (CP300) (All versions < V9.60), SIPROTEC 5 7ST86 (CP300) (All versions < V9.60), SIPROTEC 5 7SX82 (CP150) (All versions < V9.50), SIPROTEC 5 7SX85 (CP300) (All versions < V9.50), SIPROTEC 5 7UM85 (CP300) (All versions < V9.50), SIPROTEC 5 7UT82 (CP100) (All versions), SIPROTEC 5 7UT82 (CP150) (All versions < V9.50), SIPROTEC 5 7UT85 (CP200) (All versions), SIPROTEC 5 7UT85 (CP300) (All versions < V9.50), SIPROTEC 5 7UT86 (CP200) (All versions), SIPROTEC 5 7UT86 (CP300) (All versions < V9.50), SIPROTEC 5 7UT87 (CP200) (All versions), SIPROTEC 5 7UT87 (CP300) (All versions < V9.50), SIPROTEC 5 7VE85 (CP300) (All versions < V9.50), SIPROTEC 5 7VK87 (CP200) (All versions), SIPROTEC 5 7VK87 (CP300) (All versions < V9.50), SIPROTEC 5 7VU85 (CP300) (All versions < V9.50), SIPROTEC 5 Communication Module ETH-BA-2EL (All versions < V9.50 installed on CP150 and CP300 devices), SIPROTEC 5 Communication Module ETH-BA-2EL (All versions installed on CP100 and CP200 devices), SIPROTEC 5 Communication Module ETH-BB-2FO (All versions < V9.50 installed on CP150 and CP300 devices), SIPROTEC 5 Communication Module ETH-BB-2FO (All versions installed on CP100 and CP200 devices), SIPROTEC 5 Communication Module ETH-BD-2FO (All versions < V9.50), SIPROTEC 5 Compact 7SX800 (CP050) (All versions < V9.50). Affected devices do not properly restrict secure client-initiated renegotiations within the SSL and TLS protocols. This could allow an attacker to create a denial of service condition on the ports 443/tcp and 4443/tcp for the duration of the attack." + "value": "A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.50), SIPROTEC 5 6MD85 (CP200) (All versions), SIPROTEC 5 6MD85 (CP300) (All versions < V9.50), SIPROTEC 5 6MD86 (CP200) (All versions), SIPROTEC 5 6MD86 (CP300) (All versions < V9.50), SIPROTEC 5 6MD89 (CP300) (All versions < V9.64), SIPROTEC 5 6MU85 (CP300) (All versions < V9.50), SIPROTEC 5 7KE85 (CP200) (All versions), SIPROTEC 5 7KE85 (CP300) (All versions < V9.64), SIPROTEC 5 7SA82 (CP100) (All versions), SIPROTEC 5 7SA82 (CP150) (All versions < V9.50), SIPROTEC 5 7SA84 (CP200) (All versions), SIPROTEC 5 7SA86 (CP200) (All versions), SIPROTEC 5 7SA86 (CP300) (All versions < V9.50), SIPROTEC 5 7SA87 (CP200) (All versions), SIPROTEC 5 7SA87 (CP300) (All versions < V9.50), SIPROTEC 5 7SD82 (CP100) (All versions), SIPROTEC 5 7SD82 (CP150) (All versions < V9.50), SIPROTEC 5 7SD84 (CP200) (All versions), SIPROTEC 5 7SD86 (CP200) (All versions), SIPROTEC 5 7SD86 (CP300) (All versions < V9.50), SIPROTEC 5 7SD87 (CP200) (All versions), SIPROTEC 5 7SD87 (CP300) (All versions < V9.50), SIPROTEC 5 7SJ81 (CP100) (All versions), SIPROTEC 5 7SJ81 (CP150) (All versions < V9.50), SIPROTEC 5 7SJ82 (CP100) (All versions), SIPROTEC 5 7SJ82 (CP150) (All versions < V9.50), SIPROTEC 5 7SJ85 (CP200) (All versions), SIPROTEC 5 7SJ85 (CP300) (All versions < V9.50), SIPROTEC 5 7SJ86 (CP200) (All versions), SIPROTEC 5 7SJ86 (CP300) (All versions < V9.50), SIPROTEC 5 7SK82 (CP100) (All versions), SIPROTEC 5 7SK82 (CP150) (All versions < V9.50), SIPROTEC 5 7SK85 (CP200) (All versions), SIPROTEC 5 7SK85 (CP300) (All versions < V9.50), SIPROTEC 5 7SL82 (CP100) (All versions), SIPROTEC 5 7SL82 (CP150) (All versions < V9.50), SIPROTEC 5 7SL86 (CP200) (All versions), SIPROTEC 5 7SL86 (CP300) (All versions < V9.50), SIPROTEC 5 7SL87 (CP200) (All versions), SIPROTEC 5 7SL87 (CP300) (All versions < V9.50), SIPROTEC 5 7SS85 (CP200) (All versions), SIPROTEC 5 7SS85 (CP300) (All versions < V9.50), SIPROTEC 5 7ST85 (CP200) (All versions), SIPROTEC 5 7ST85 (CP300) (All versions < V9.64), SIPROTEC 5 7ST86 (CP300) (All versions < V9.64), SIPROTEC 5 7SX82 (CP150) (All versions < V9.50), SIPROTEC 5 7SX85 (CP300) (All versions < V9.50), SIPROTEC 5 7UM85 (CP300) (All versions < V9.50), SIPROTEC 5 7UT82 (CP100) (All versions), SIPROTEC 5 7UT82 (CP150) (All versions < V9.50), SIPROTEC 5 7UT85 (CP200) (All versions), SIPROTEC 5 7UT85 (CP300) (All versions < V9.50), SIPROTEC 5 7UT86 (CP200) (All versions), SIPROTEC 5 7UT86 (CP300) (All versions < V9.50), SIPROTEC 5 7UT87 (CP200) (All versions), SIPROTEC 5 7UT87 (CP300) (All versions < V9.50), SIPROTEC 5 7VE85 (CP300) (All versions < V9.50), SIPROTEC 5 7VK87 (CP200) (All versions), SIPROTEC 5 7VK87 (CP300) (All versions < V9.50), SIPROTEC 5 7VU85 (CP300) (All versions < V9.50), SIPROTEC 5 Communication Module ETH-BA-2EL (All versions < V9.50 installed on CP150 and CP300 devices), SIPROTEC 5 Communication Module ETH-BA-2EL (All versions installed on CP100 and CP200 devices), SIPROTEC 5 Communication Module ETH-BB-2FO (All versions < V9.50 installed on CP150 and CP300 devices), SIPROTEC 5 Communication Module ETH-BB-2FO (All versions installed on CP100 and CP200 devices), SIPROTEC 5 Communication Module ETH-BD-2FO (All versions < V9.50), SIPROTEC 5 Compact 7SX800 (CP050) (All versions < V9.50). Affected devices do not properly restrict secure client-initiated renegotiations within the SSL and TLS protocols. This could allow an attacker to create a denial of service condition on the ports 443/tcp and 4443/tcp for the duration of the attack." + }, + { + "lang": "es", + "value": "Se ha identificado una vulnerabilidad en \nSIPROTEC 5 6MD84 (CP300) (versiones < V9.50), SIPROTEC 5 6MD85 (CP200) (Todas las versiones), \nSIPROTEC 5 6MD85 (CP300) (versiones < V9.50), SIPROTEC 5 6MD86 (CP200) (Todas las versiones), \nSIPROTEC 5 6MD86 (CP300) (versiones < V9.50), SIPROTEC 5 6MD89 (CP300) (versiones < V9.60), \nSIPROTEC 5 6MU85 (CP300) (versiones < V9. 50), SIPROTEC 5 7KE85 (CP200) (Todas las versiones), \nSIPROTEC 5 7KE85 (CP300) (versiones < V9.60), SIPROTEC 5 7SA82 (CP100) (Todas las versiones), \nSIPROTEC 5 7SA82 (CP150) (versiones < V9.50), SIPROTEC 5 7SA84 (CP200) (Todas las versiones), \nSIPROTEC 5 7SA86 (CP200) (Todas las versiones), SIPROTEC 5 7SA86 (CP300) (versiones < V9.50), \nSIPROTEC 5 7SA87 (CP200) (Todas las versiones), SIPROTEC 5 7SA87 (CP300) (versiones < V9.50), \nSIPROTEC 5 7SD82 (CP100) (Todas las versiones), SIPROTEC 5 7SD82 (CP150) (versiones < V9.50), \nSIPROTEC 5 7SD84 (CP200) (Todas las versiones), SIPROTEC 5 7SD86 (CP200) (Todas las versiones), \nSIPROTEC 5 7SD86 (CP300) (versiones < V9.50), SIPROTEC 5 7SD87 (CP200) (Todas las versiones), \nSIPROTEC 5 7SD87 (CP300) (versiones < V9.50), SIPROTEC 5 7SJ81 (CP100) (Todas las versiones), \nSIPROTEC 5 7SJ81 (CP150) (versiones < V9.50), SIPROTEC 5 7SJ82 (CP100) (Todas las versiones), \nSIPROTEC 5 7SJ82 (CP150) (versiones < V9.50), SIPROTEC 5 7SJ85 (CP200) (Todas las versiones), \nSIPROTEC 5 7SJ85 (CP300) (versiones < V9.50), SIPROTEC 5 7SJ86 (CP200) (Todas las versiones), \nSIPROTEC 5 7SJ86 ( CP300) (versiones < V9.50), SIPROTEC 5 7SK82 (CP100) (Todas las versiones), \nSIPROTEC 5 7SK82 (CP150) (versiones < V9.50), SIPROTEC 5 7SK85 (CP200) (Todas las versiones),\nSIPROTEC 5 7SK85 (CP300) (versiones < V9.50), SIPROTEC 5 7SL82 (CP100) (Todas las versiones), \nSIPROTEC 5 7SL82 (CP150) (versiones < V9.50), SIPROTEC 5 7SL86 (CP200) (Todas las versiones),\nSIPROTEC 5 7SL86 (CP300) (versiones < V9.50), SIPROTEC 5 7SL87 (CP200) (Todas las versiones), \nSIPROTEC 5 7SL87 (CP300) (versiones < V9.50), SIPROTEC 5 7SS85 (CP200) (Todas las versiones), \nSIPROTEC 5 7SS85 (CP300) (versiones < V9.50), SIPROTEC 5 7ST85 (CP200) (Todas las versiones), \nSIPROTEC 5 7ST85 (CP300) (versiones < V9.60), SIPROTEC 5 7ST86 (CP300) (versiones < V9.60), \nSIPROTEC 5 7SX82 (CP150) (versiones < V9.50), SIPROTEC 5 7SX85 (CP300) (versiones < V9.50), \nSIPROTEC 5 7UM85 (CP300) (versiones < V9. 50), SIPROTEC 5 7UT82 (CP100) (Todas las versiones), \nSIPROTEC 5 7UT82 (CP150) (versiones < V9.50), SIPROTEC 5 7UT85 (CP200) (Todas las versiones), \nSIPROTEC 5 7UT85 (CP300) (versiones < V9.50), SIPROTEC 5 7UT86 (CP200) (Todas las versiones), \nSIPROTEC 5 7UT86 (CP300) (versiones < V9.50), SIPROTEC 5 7UT87 (CP200) (Todas las versiones), \nSIPROTEC 5 7UT87 (CP300) (versiones < V9.50), SIPROTEC 5 7VE85 (CP300) (versiones < V9.50), \nSIPROTEC 5 7VK87 (CP200) (Todas las versiones), SIPROTEC 5 7VK87 (CP300) (versiones < V9.50), \nSIPROTEC 5 7VU85 (CP300) (versiones < V9.50), SIPROTEC 5 Communication Module ETH-BA-2EL (versiones < V9.50 instaladas en dispositivos CP150 y CP300), \nSIPROTEC 5 Communication Module ETH-BA-2EL (Todas las versiones instaladas en dispositivos CP100 y CP200), \nSIPROTEC 5 Communication Module ETH-BB-2FO (versiones < V9.50 instaladas en dispositivos CP150 y CP300), SIPROTEC 5 Communication Module ETH-BB-2FO (Todas las versiones instaladas en dispositivos CP100 y CP200) , \nSIPROTEC 5 Communication Module ETH-BD-2FO (versiones < V9.50), SIPROTEC 5 Compact 7SX800 (CP050) (versiones < V9.50). \n\nLos dispositivos afectados no restringen adecuadamente las renegociaciones seguras iniciadas por el cliente dentro de los protocolos SSL y TLS. Esto podr\u00eda permitir a un atacante crear una condici\u00f3n de denegaci\u00f3n de servicio en los puertos 443/tcp y 4443/tcp mientras dure el ataque." } ], "metrics": { @@ -733,9 +737,9 @@ "negate": false, "cpeMatch": [ { - "vulnerable": true, - "criteria": "cpe:2.3:o:siemens:siprotec_5_7sj82_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B4498D5D-84B9-4EF1-ADFA-8EE89A8248EA" + "vulnerable": false, + "criteria": "cpe:2.3:h:siemens:siprotec_5_7sj82:cp150:*:*:*:*:*:*:*", + "matchCriteriaId": "DC03BAAF-4507-483F-BF1A-67D8944638A9" } ] }, @@ -744,9 +748,9 @@ "negate": false, "cpeMatch": [ { - "vulnerable": false, - "criteria": "cpe:2.3:h:siemens:siprotec_5_7sj82:cp150:*:*:*:*:*:*:*", - "matchCriteriaId": "DC03BAAF-4507-483F-BF1A-67D8944638A9" + "vulnerable": true, + "criteria": "cpe:2.3:o:siemens:siprotec_5_7sj82_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B4498D5D-84B9-4EF1-ADFA-8EE89A8248EA" } ] } @@ -755,17 +759,6 @@ { "operator": "AND", "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:siemens:siprotec_5_7sj85_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A0690077-33B2-4356-9ACB-889F0D1C0A1D" - } - ] - }, { "operator": "OR", "negate": false, @@ -776,12 +769,7 @@ "matchCriteriaId": "0AFB2251-7B60-49B6-A9C6-98F47FADE02D" } ] - } - ] - }, - { - "operator": "AND", - "nodes": [ + }, { "operator": "OR", "negate": false, @@ -792,7 +780,12 @@ "matchCriteriaId": "A0690077-33B2-4356-9ACB-889F0D1C0A1D" } ] - }, + } + ] + }, + { + "operator": "AND", + "nodes": [ { "operator": "OR", "negate": false, @@ -803,23 +796,23 @@ "matchCriteriaId": "466A7D08-762C-4F17-BC44-A81876D24074" } ] - } - ] - }, - { - "operator": "AND", - "nodes": [ + }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:siemens:siprotec_5_7sj86_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3E36DA40-23A6-4202-A1DC-3F0DD896EC66" + "criteria": "cpe:2.3:o:siemens:siprotec_5_7sj85_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A0690077-33B2-4356-9ACB-889F0D1C0A1D" } ] - }, + } + ] + }, + { + "operator": "AND", + "nodes": [ { "operator": "OR", "negate": false, @@ -830,12 +823,7 @@ "matchCriteriaId": "9D2D8944-6F54-4528-A2EE-56F54454F941" } ] - } - ] - }, - { - "operator": "AND", - "nodes": [ + }, { "operator": "OR", "negate": false, @@ -846,7 +834,12 @@ "matchCriteriaId": "3E36DA40-23A6-4202-A1DC-3F0DD896EC66" } ] - }, + } + ] + }, + { + "operator": "AND", + "nodes": [ { "operator": "OR", "negate": false, @@ -857,23 +850,23 @@ "matchCriteriaId": "B5E80208-787F-49BD-88C9-A5F51D7FA367" } ] - } - ] - }, - { - "operator": "AND", - "nodes": [ + }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:siemens:siprotec_5_7sk82_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "455CAAA3-E0DF-4CD1-972D-D3A2545797D1" + "criteria": "cpe:2.3:o:siemens:siprotec_5_7sj86_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3E36DA40-23A6-4202-A1DC-3F0DD896EC66" } ] - }, + } + ] + }, + { + "operator": "AND", + "nodes": [ { "operator": "OR", "negate": false, @@ -884,12 +877,7 @@ "matchCriteriaId": "08ABC5D4-F8CF-47D7-B482-8E6771DD3213" } ] - } - ] - }, - { - "operator": "AND", - "nodes": [ + }, { "operator": "OR", "negate": false, @@ -900,7 +888,12 @@ "matchCriteriaId": "455CAAA3-E0DF-4CD1-972D-D3A2545797D1" } ] - }, + } + ] + }, + { + "operator": "AND", + "nodes": [ { "operator": "OR", "negate": false, @@ -911,6 +904,17 @@ "matchCriteriaId": "E0A9451D-AC58-4CC5-BE77-18DF5C7A4A47" } ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:siemens:siprotec_5_7sk82_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "455CAAA3-E0DF-4CD1-972D-D3A2545797D1" + } + ] } ] }, @@ -922,9 +926,9 @@ "negate": false, "cpeMatch": [ { - "vulnerable": true, - "criteria": "cpe:2.3:o:siemens:siprotec_5_7sk85_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A627EAD7-470D-485B-B5C4-07617B074F22" + "vulnerable": false, + "criteria": "cpe:2.3:h:siemens:siprotec_5_7sk85:cp200:*:*:*:*:*:*:*", + "matchCriteriaId": "CF56A2EE-6D67-4C60-88A1-7ADB77B89088" } ] }, @@ -933,9 +937,9 @@ "negate": false, "cpeMatch": [ { - "vulnerable": false, - "criteria": "cpe:2.3:h:siemens:siprotec_5_7sk85:cp200:*:*:*:*:*:*:*", - "matchCriteriaId": "CF56A2EE-6D67-4C60-88A1-7ADB77B89088" + "vulnerable": true, + "criteria": "cpe:2.3:o:siemens:siprotec_5_7sk85_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A627EAD7-470D-485B-B5C4-07617B074F22" } ] } @@ -1699,6 +1703,10 @@ } ], "references": [ + { + "url": "https://cert-portal.siemens.com/productcert/html/ssa-552874.html", + "source": "productcert@siemens.com" + }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-552874.pdf", "source": "productcert@siemens.com", diff --git a/CVE-2022/CVE-2022-460xx/CVE-2022-46070.json b/CVE-2022/CVE-2022-460xx/CVE-2022-46070.json index 0e340c10f96..1d63136b294 100644 --- a/CVE-2022/CVE-2022-460xx/CVE-2022-46070.json +++ b/CVE-2022/CVE-2022-460xx/CVE-2022-46070.json @@ -2,12 +2,16 @@ "id": "CVE-2022-46070", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-11T22:15:54.230", - "lastModified": "2024-03-11T22:15:54.230", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "GV-ASManager V6.0.1.0 contains a Local File Inclusion vulnerability in GeoWebServer via Path." + }, + { + "lang": "es", + "value": "GV-ASManager V6.0.1.0 contiene una vulnerabilidad de inclusi\u00f3n de archivos locales en GeoWebServer a trav\u00e9s de Path." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-259xx/CVE-2023-25910.json b/CVE-2023/CVE-2023-259xx/CVE-2023-25910.json index bd94a08e799..37298b1a91b 100644 --- a/CVE-2023/CVE-2023-259xx/CVE-2023-25910.json +++ b/CVE-2023/CVE-2023-259xx/CVE-2023-25910.json @@ -2,12 +2,12 @@ "id": "CVE-2023-25910", "sourceIdentifier": "productcert@siemens.com", "published": "2023-06-13T09:15:16.280", - "lastModified": "2023-07-11T10:15:10.303", + "lastModified": "2024-03-12T11:15:45.877", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A vulnerability has been identified in SIMATIC PCS 7 (All versions), SIMATIC S7-PM (All versions), SIMATIC STEP 7 V5 (All versions < V5.7). The affected product contains a database management system that could allow remote users with low privileges to use embedded functions of the database (local or in a network share) that have impact on the server.\r\n\r\nAn attacker with network access to the server network could leverage these embedded functions to run code with elevated privileges in the database management system's server." + "value": "A vulnerability has been identified in SIMATIC PCS 7 (All versions < V9.1 SP2 UC04), SIMATIC S7-PM (All versions), SIMATIC STEP 7 V5 (All versions < V5.7). The affected product contains a database management system that could allow remote users with low privileges to use embedded functions of the database (local or in a network share) that have impact on the server.\r\n\r\nAn attacker with network access to the server network could leverage these embedded functions to run code with elevated privileges in the database management system's server." } ], "metrics": { @@ -105,6 +105,10 @@ } ], "references": [ + { + "url": "https://cert-portal.siemens.com/productcert/html/ssa-968170.html", + "source": "productcert@siemens.com" + }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-968170.pdf", "source": "productcert@siemens.com", diff --git a/CVE-2023/CVE-2023-287xx/CVE-2023-28766.json b/CVE-2023/CVE-2023-287xx/CVE-2023-28766.json index 45505b523cb..f1901e02bbf 100644 --- a/CVE-2023/CVE-2023-287xx/CVE-2023-28766.json +++ b/CVE-2023/CVE-2023-287xx/CVE-2023-28766.json @@ -2,12 +2,16 @@ "id": "CVE-2023-28766", "sourceIdentifier": "productcert@siemens.com", "published": "2023-04-11T10:15:18.337", - "lastModified": "2023-09-12T10:15:23.957", + "lastModified": "2024-03-12T11:15:46.050", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A vulnerability has been identified in SIPROTEC 5 6MD85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 6MD86 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 6MD89 (CP300) (All versions >= V7.80 < V9.60), SIPROTEC 5 6MU85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7KE85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SA82 (CP100) (All versions), SIPROTEC 5 7SA82 (CP150) (All versions < V9.40), SIPROTEC 5 7SA86 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SA87 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SD82 (CP100) (All versions), SIPROTEC 5 7SD82 (CP150) (All versions < V9.40), SIPROTEC 5 7SD86 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SD87 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SJ81 (CP100) (All versions), SIPROTEC 5 7SJ81 (CP150) (All versions < V9.40), SIPROTEC 5 7SJ82 (CP100) (All versions), SIPROTEC 5 7SJ82 (CP150) (All versions < V9.40), SIPROTEC 5 7SJ85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SJ86 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SK82 (CP100) (All versions), SIPROTEC 5 7SK82 (CP150) (All versions < V9.40), SIPROTEC 5 7SK85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SL82 (CP100) (All versions), SIPROTEC 5 7SL82 (CP150) (All versions < V9.40), SIPROTEC 5 7SL86 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SL87 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SS85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7ST85 (CP300) (All versions >= V7.80 < V9.60), SIPROTEC 5 7ST86 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SX82 (CP150) (All versions < V9.40), SIPROTEC 5 7SX85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7UM85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7UT82 (CP100) (All versions), SIPROTEC 5 7UT82 (CP150) (All versions < V9.40), SIPROTEC 5 7UT85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7UT86 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7UT87 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7VE85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7VK87 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7VU85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 Communication Module ETH-BA-2EL (All versions < V9.40), SIPROTEC 5 Communication Module ETH-BB-2FO (All versions < V9.40), SIPROTEC 5 Communication Module ETH-BD-2FO (All versions < V9.40), SIPROTEC 5 Compact 7SX800 (CP050) (All versions < V9.40). Affected devices lack proper validation of http request parameters of the hosted web service.\r\nAn unauthenticated remote attacker could send specially crafted packets that could cause denial of service condition of the target device." + "value": "A vulnerability has been identified in SIPROTEC 5 6MD85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 6MD86 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 6MD89 (CP300) (All versions >= V7.80 < V9.64), SIPROTEC 5 6MU85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7KE85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SA82 (CP100) (All versions), SIPROTEC 5 7SA82 (CP150) (All versions < V9.40), SIPROTEC 5 7SA86 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SA87 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SD82 (CP100) (All versions), SIPROTEC 5 7SD82 (CP150) (All versions < V9.40), SIPROTEC 5 7SD86 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SD87 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SJ81 (CP100) (All versions), SIPROTEC 5 7SJ81 (CP150) (All versions < V9.40), SIPROTEC 5 7SJ82 (CP100) (All versions), SIPROTEC 5 7SJ82 (CP150) (All versions < V9.40), SIPROTEC 5 7SJ85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SJ86 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SK82 (CP100) (All versions), SIPROTEC 5 7SK82 (CP150) (All versions < V9.40), SIPROTEC 5 7SK85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SL82 (CP100) (All versions), SIPROTEC 5 7SL82 (CP150) (All versions < V9.40), SIPROTEC 5 7SL86 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SL87 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SS85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7ST85 (CP300) (All versions >= V7.80 < V9.64), SIPROTEC 5 7ST86 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SX82 (CP150) (All versions < V9.40), SIPROTEC 5 7SX85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7UM85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7UT82 (CP100) (All versions), SIPROTEC 5 7UT82 (CP150) (All versions < V9.40), SIPROTEC 5 7UT85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7UT86 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7UT87 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7VE85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7VK87 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7VU85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 Communication Module ETH-BA-2EL (All versions < V9.40), SIPROTEC 5 Communication Module ETH-BB-2FO (All versions < V9.40), SIPROTEC 5 Communication Module ETH-BD-2FO (All versions < V9.40), SIPROTEC 5 Compact 7SX800 (CP050) (All versions < V9.40). Affected devices lack proper validation of http request parameters of the hosted web service.\r\nAn unauthenticated remote attacker could send specially crafted packets that could cause denial of service condition of the target device." + }, + { + "lang": "es", + "value": "Se ha identificado una vulnerabilidad en \nSIPROTEC 5 6MD85 (CP300) (Todas las versiones >= V7.80 < V9.40), \nSIPROTEC 5 6MD86 (CP300) (Todas las versiones >= V7.80 < V9.40), \nSIPROTEC 5 6MD89 ( CP300) (Todas las versiones >= V7.80 < V9.60), \nSIPROTEC 5 6MU85 (CP300) (Todas las versiones >= V7.80 < V9.40), \nSIPROTEC 5 7KE85 (CP300) (Todas las versiones >= V7.80 < V9.40), \nSIPROTEC 5 7SA82 (CP100) (Todas las versiones), \nSIPROTEC 5 7SA82 (CP150) (Todas las versiones < V9.40), \nSIPROTEC 5 7SA86 (CP300) (Todas las versiones >= V7.80 < V9.40 ), \nSIPROTEC 5 7SA87 (CP300) (Todas las versiones >= V7.80 < V9.40), \nSIPROTEC 5 7SD82 (CP100) (Todas las versiones), \nSIPROTEC 5 7SD82 (CP150) (Todas las versiones < V9.40), \nSIPROTEC 5 7SD86 (CP300) (Todas las versiones >= V7.80 < V9.40), \nSIPROTEC 5 7SD87 (CP300) (Todas las versiones >= V7.80 < V9.40), \nSIPROTEC 5 7SJ81 (CP100) (Todas las versiones), \nSIPROTEC 5 7SJ81 (CP150) (Todas las versiones < V9.40), \nSIPROTEC 5 7SJ82 (CP100) (Todas las versiones), \nSIPROTEC 5 7SJ82 (CP150) (Todas las versiones < V9.40), \nSIPROTEC 5 7SJ85 (CP300) (Todas las versiones > = V7.80 < V9.40), \nSIPROTEC 5 7SJ86 (CP300) (Todas las versiones >= V7.80 < V9.40), \nSIPROTEC 5 7SK82 (CP100) (Todas las versiones), \nSIPROTEC 5 7SK82 (CP150) (Todas las versiones < V9.40), \nSIPROTEC 5 7SK85 (CP300) (Todas las versiones >= V7.80 < V9.40), \nSIPROTEC 5 7SL82 (CP100) (Todas las versiones), \nSIPROTEC 5 7SL82 (CP150) (Todas las versiones < V9.40 ), \nSIPROTEC 5 7SL86 (CP300) (Todas las versiones >= V7.80 < V9.40), \nSIPROTEC 5 7SL87 (CP300) (Todas las versiones >= V7.80 < V9.40), \nSIPROTEC 5 7SS85 (CP300) (Todas versiones >= V7.80 < V9.40), \nSIPROTEC 5 7ST85 (CP300) (Todas las versiones >= V7.80 < V9.60), \nSIPROTEC 5 7ST86 (CP300) (Todas las versiones >= V7.80 < V9.40 ), \nSIPROTEC 5 7SX82 (CP150) (Todas las versiones < V9.40), \nSIPROTEC 5 7SX85 (CP300) (Todas las versiones >= V7.80 < V9.40), \nSIPROTEC 5 7UM85 (CP300) (Todas las versiones >= V7. 80 < V9.40), \nSIPROTEC 5 7UT82 (CP100) (Todas las versiones), \nSIPROTEC 5 7UT82 (CP150) (Todas las versiones < V9.40), \nSIPROTEC 5 7UT85 (CP300) (Todas las versiones >= V7.80 < V9. 40), \nSIPROTEC 5 7UT86 (CP300) (Todas las versiones >= V7.80 < V9.40), \nSIPROTEC 5 7UT87 (CP300) (Todas las versiones >= V7.80 < V9.40), \nSIPROTEC 5 7VE85 (CP300) ( Todas las versiones >= V7.80 < V9.40), \nSIPROTEC 5 7VK87 (CP300) (Todas las versiones >= V7.80 < V9.40), \nSIPROTEC 5 7VU85 (CP300) (Todas las versiones >= V7.80 < V9. 40), \nSIPROTEC 5 Communication Module ETH-BA-2EL (todas las versiones < V9.40), \nSIPROTEC 5 Communication Module ETH-BB-2FO (todas las versiones < V9.40), \nSIPROTEC 5 Communication Module ETH-BD-2FO (todas versiones < V9.40), \nSIPROTEC 5 Compact 7SX800 (CP050) (Todas las versiones < V9.40). \n\nLos dispositivos afectados carecen de una validaci\u00f3n adecuada de los par\u00e1metros de solicitud http del servicio web alojado. Un atacante remoto no autenticado podr\u00eda enviar paquetes especialmente manipulados que podr\u00edan provocar una condici\u00f3n de denegaci\u00f3n de servicio del dispositivo objetivo." } ], "metrics": { @@ -1811,6 +1815,10 @@ } ], "references": [ + { + "url": "https://cert-portal.siemens.com/productcert/html/ssa-322980.html", + "source": "productcert@siemens.com" + }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-322980.pdf", "source": "productcert@siemens.com", diff --git a/CVE-2023/CVE-2023-383xx/CVE-2023-38380.json b/CVE-2023/CVE-2023-383xx/CVE-2023-38380.json index 3bbc7225e48..a58d43e7bf5 100644 --- a/CVE-2023/CVE-2023-383xx/CVE-2023-38380.json +++ b/CVE-2023/CVE-2023-383xx/CVE-2023-38380.json @@ -2,12 +2,12 @@ "id": "CVE-2023-38380", "sourceIdentifier": "productcert@siemens.com", "published": "2023-12-12T12:15:11.477", - "lastModified": "2023-12-18T15:08:30.293", - "vulnStatus": "Analyzed", + "lastModified": "2024-03-12T11:15:46.323", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-7 LTE (All versions), SIMATIC CP 1243-8 IRC (All versions), SIMATIC CP 1543-1 (All versions), SINAMICS S210 (6SL5...) (All versions >= V6.1 < V6.1 HF2), SIPLUS NET CP 1543-1 (All versions). The webserver implementation of the affected products does not correctly release allocated memory after it has been used.\r\n\r\nAn attacker with network access could use this vulnerability to cause a denial-of-service condition in the webserver of the affected product." + "value": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0) (All versions < V3.0.37), SINAMICS S210 (6SL5...) (All versions >= V6.1 < V6.1 HF2), SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0) (All versions < V3.0.37). The webserver implementation of the affected products does not correctly release allocated memory after it has been used.\r\n\r\nAn attacker with network access could use this vulnerability to cause a denial-of-service condition in the webserver of the affected product." }, { "lang": "es", @@ -376,6 +376,10 @@ } ], "references": [ + { + "url": "https://cert-portal.siemens.com/productcert/html/ssa-693975.html", + "source": "productcert@siemens.com" + }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-693975.pdf", "source": "productcert@siemens.com", diff --git a/CVE-2023/CVE-2023-413xx/CVE-2023-41313.json b/CVE-2023/CVE-2023-413xx/CVE-2023-41313.json new file mode 100644 index 00000000000..a9163c5ec3f --- /dev/null +++ b/CVE-2023/CVE-2023-413xx/CVE-2023-41313.json @@ -0,0 +1,36 @@ +{ + "id": "CVE-2023-41313", + "sourceIdentifier": "security@apache.org", + "published": "2024-03-12T11:15:46.470", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The authentication method in Apache Doris versions before 2.0.0 was vulnerable to timing attacks.\nUsers are recommended to upgrade to version 2.0.0 + or 1.2.8, which fixes this issue.\n\n" + }, + { + "lang": "es", + "value": "El m\u00e9todo de autenticaci\u00f3n en las versiones de Apache Doris anteriores a la 2.0.0 era vulnerable a ataques de sincronizaci\u00f3n. Se recomienda a los usuarios actualizar a la versi\u00f3n 2.0.0 + o 1.2.8, que soluciona este problema." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@apache.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-208" + } + ] + } + ], + "references": [ + { + "url": "https://lists.apache.org/thread/jqczy3vxzs6q6rz9o0626j5nks9fnv95", + "source": "security@apache.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-443xx/CVE-2023-44318.json b/CVE-2023/CVE-2023-443xx/CVE-2023-44318.json index fbf9eb740ea..02afc6485f3 100644 --- a/CVE-2023/CVE-2023-443xx/CVE-2023-44318.json +++ b/CVE-2023/CVE-2023-443xx/CVE-2023-44318.json @@ -2,12 +2,12 @@ "id": "CVE-2023-44318", "sourceIdentifier": "productcert@siemens.com", "published": "2023-11-14T11:15:12.287", - "lastModified": "2023-12-12T12:15:11.890", + "lastModified": "2024-03-12T11:15:46.620", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU, RUGGEDCOM RM1224 LTE(4G) NAM, SCALANCE M804PB, SCALANCE M812-1 ADSL-Router (Annex A), SCALANCE M812-1 ADSL-Router (Annex B), SCALANCE M816-1 ADSL-Router (Annex A), SCALANCE M816-1 ADSL-Router (Annex B), SCALANCE M826-2 SHDSL-Router, SCALANCE M874-2, SCALANCE M874-3, SCALANCE M876-3 (EVDO), SCALANCE M876-3 (ROK), SCALANCE M876-4, SCALANCE M876-4 (EU), SCALANCE M876-4 (NAM), SCALANCE MUM853-1 (EU), SCALANCE MUM856-1 (EU), SCALANCE MUM856-1 (RoW), SCALANCE S615, SCALANCE S615 EEC, SCALANCE XB205-3 (SC, PN), SCALANCE XB205-3 (ST, E/IP), SCALANCE XB205-3 (ST, E/IP), SCALANCE XB205-3 (ST, PN), SCALANCE XB205-3LD (SC, E/IP), SCALANCE XB205-3LD (SC, PN), SCALANCE XB208 (E/IP), SCALANCE XB208 (PN), SCALANCE XB213-3 (SC, E/IP), SCALANCE XB213-3 (SC, PN), SCALANCE XB213-3 (ST, E/IP), SCALANCE XB213-3 (ST, PN), SCALANCE XB213-3LD (SC, E/IP), SCALANCE XB213-3LD (SC, PN), SCALANCE XB216 (E/IP), SCALANCE XB216 (PN), SCALANCE XC206-2 (SC), SCALANCE XC206-2 (ST/BFOC), SCALANCE XC206-2G PoE, SCALANCE XC206-2G PoE (54 V DC), SCALANCE XC206-2G PoE EEC (54 V DC), SCALANCE XC206-2SFP, SCALANCE XC206-2SFP EEC, SCALANCE XC206-2SFP G, SCALANCE XC206-2SFP G (EIP DEF.), SCALANCE XC206-2SFP G EEC, SCALANCE XC208, SCALANCE XC208EEC, SCALANCE XC208G, SCALANCE XC208G (EIP def.), SCALANCE XC208G EEC, SCALANCE XC208G PoE, SCALANCE XC208G PoE (54 V DC), SCALANCE XC216, SCALANCE XC216-3G PoE, SCALANCE XC216-3G PoE (54 V DC), SCALANCE XC216-4C, SCALANCE XC216-4C G, SCALANCE XC216-4C G (EIP Def.), SCALANCE XC216-4C G EEC, SCALANCE XC216EEC, SCALANCE XC224, SCALANCE XC224-4C G, SCALANCE XC224-4C G (EIP Def.), SCALANCE XC224-4C G EEC, SCALANCE XF204, SCALANCE XF204 DNA, SCALANCE XF204-2BA, SCALANCE XF204-2BA DNA, SCALANCE XP208, SCALANCE XP208 (Ethernet/IP), SCALANCE XP208EEC, SCALANCE XP208PoE EEC, SCALANCE XP216, SCALANCE XP216 (Ethernet/IP), SCALANCE XP216EEC, SCALANCE XP216POE EEC, SCALANCE XR324WG (24 x FE, AC 230V), SCALANCE XR324WG (24 X FE, DC 24V), SCALANCE XR326-2C PoE WG, SCALANCE XR326-2C PoE WG (without UL), SCALANCE XR328-4C WG (24XFE, 4XGE, 24V), SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V), SCALANCE XR328-4C WG (28xGE, AC 230V), SCALANCE XR328-4C WG (28xGE, DC 24V), SIPLUS NET SCALANCE XC206-2, SIPLUS NET SCALANCE XC206-2SFP, SIPLUS NET SCALANCE XC208, SIPLUS NET SCALANCE XC216-4C. Affected devices use a hardcoded key to obfuscate the configuration backup that an administrator can export from the device. This could allow an authenticated attacker with administrative privileges or an attacker that obtains a configuration backup to extract configuration information from the exported file." + "value": "Affected devices use a hardcoded key to obfuscate the configuration backup that an administrator can export from the device. This could allow an authenticated attacker with administrative privileges or an attacker that obtains a configuration backup to extract configuration information from the exported file." }, { "lang": "es", @@ -2061,6 +2061,14 @@ } ], "references": [ + { + "url": "https://cert-portal.siemens.com/productcert/html/ssa-180704.html", + "source": "productcert@siemens.com" + }, + { + "url": "https://cert-portal.siemens.com/productcert/html/ssa-353002.html", + "source": "productcert@siemens.com" + }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180704.pdf", "source": "productcert@siemens.com" diff --git a/CVE-2023/CVE-2023-443xx/CVE-2023-44321.json b/CVE-2023/CVE-2023-443xx/CVE-2023-44321.json index 54426ac6ec8..006be4339bb 100644 --- a/CVE-2023/CVE-2023-443xx/CVE-2023-44321.json +++ b/CVE-2023/CVE-2023-443xx/CVE-2023-44321.json @@ -2,7 +2,7 @@ "id": "CVE-2023-44321", "sourceIdentifier": "productcert@siemens.com", "published": "2023-11-14T11:15:12.973", - "lastModified": "2024-02-13T09:15:44.537", + "lastModified": "2024-03-12T11:15:46.980", "vulnStatus": "Modified", "descriptions": [ { @@ -2065,6 +2065,10 @@ "url": "https://cert-portal.siemens.com/productcert/html/ssa-180704.html", "source": "productcert@siemens.com" }, + { + "url": "https://cert-portal.siemens.com/productcert/html/ssa-353002.html", + "source": "productcert@siemens.com" + }, { "url": "https://cert-portal.siemens.com/productcert/html/ssa-602936.html", "source": "productcert@siemens.com" diff --git a/CVE-2023/CVE-2023-443xx/CVE-2023-44374.json b/CVE-2023/CVE-2023-443xx/CVE-2023-44374.json index c42b247895e..4d9bf281685 100644 --- a/CVE-2023/CVE-2023-443xx/CVE-2023-44374.json +++ b/CVE-2023/CVE-2023-443xx/CVE-2023-44374.json @@ -2,12 +2,12 @@ "id": "CVE-2023-44374", "sourceIdentifier": "productcert@siemens.com", "published": "2023-11-14T11:15:13.753", - "lastModified": "2023-12-12T12:15:13.223", + "lastModified": "2024-03-12T11:15:47.267", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU, RUGGEDCOM RM1224 LTE(4G) NAM, SCALANCE M804PB, SCALANCE M812-1 ADSL-Router (Annex A), SCALANCE M812-1 ADSL-Router (Annex B), SCALANCE M816-1 ADSL-Router (Annex A), SCALANCE M816-1 ADSL-Router (Annex B), SCALANCE M826-2 SHDSL-Router, SCALANCE M874-2, SCALANCE M874-3, SCALANCE M876-3 (EVDO), SCALANCE M876-3 (ROK), SCALANCE M876-4, SCALANCE M876-4 (EU), SCALANCE M876-4 (NAM), SCALANCE MUM853-1 (EU), SCALANCE MUM856-1 (EU), SCALANCE MUM856-1 (RoW), SCALANCE S615, SCALANCE S615 EEC, SCALANCE XB205-3 (SC, PN), SCALANCE XB205-3 (ST, E/IP), SCALANCE XB205-3 (ST, E/IP), SCALANCE XB205-3 (ST, PN), SCALANCE XB205-3LD (SC, E/IP), SCALANCE XB205-3LD (SC, PN), SCALANCE XB208 (E/IP), SCALANCE XB208 (PN), SCALANCE XB213-3 (SC, E/IP), SCALANCE XB213-3 (SC, PN), SCALANCE XB213-3 (ST, E/IP), SCALANCE XB213-3 (ST, PN), SCALANCE XB213-3LD (SC, E/IP), SCALANCE XB213-3LD (SC, PN), SCALANCE XB216 (E/IP), SCALANCE XB216 (PN), SCALANCE XC206-2 (SC), SCALANCE XC206-2 (ST/BFOC), SCALANCE XC206-2G PoE, SCALANCE XC206-2G PoE (54 V DC), SCALANCE XC206-2G PoE EEC (54 V DC), SCALANCE XC206-2SFP, SCALANCE XC206-2SFP EEC, SCALANCE XC206-2SFP G, SCALANCE XC206-2SFP G (EIP DEF.), SCALANCE XC206-2SFP G EEC, SCALANCE XC208, SCALANCE XC208EEC, SCALANCE XC208G, SCALANCE XC208G (EIP def.), SCALANCE XC208G EEC, SCALANCE XC208G PoE, SCALANCE XC208G PoE (54 V DC), SCALANCE XC216, SCALANCE XC216-3G PoE, SCALANCE XC216-3G PoE (54 V DC), SCALANCE XC216-4C, SCALANCE XC216-4C G, SCALANCE XC216-4C G (EIP Def.), SCALANCE XC216-4C G EEC, SCALANCE XC216EEC, SCALANCE XC224, SCALANCE XC224-4C G, SCALANCE XC224-4C G (EIP Def.), SCALANCE XC224-4C G EEC, SCALANCE XF204, SCALANCE XF204 DNA, SCALANCE XF204-2BA, SCALANCE XF204-2BA DNA, SCALANCE XP208, SCALANCE XP208 (Ethernet/IP), SCALANCE XP208EEC, SCALANCE XP208PoE EEC, SCALANCE XP216, SCALANCE XP216 (Ethernet/IP), SCALANCE XP216EEC, SCALANCE XP216POE EEC, SCALANCE XR324WG (24 x FE, AC 230V), SCALANCE XR324WG (24 X FE, DC 24V), SCALANCE XR326-2C PoE WG, SCALANCE XR326-2C PoE WG (without UL), SCALANCE XR328-4C WG (24XFE, 4XGE, 24V), SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V), SCALANCE XR328-4C WG (28xGE, AC 230V), SCALANCE XR328-4C WG (28xGE, DC 24V), SIPLUS NET SCALANCE XC206-2, SIPLUS NET SCALANCE XC206-2SFP, SIPLUS NET SCALANCE XC208, SIPLUS NET SCALANCE XC216-4C. Affected devices allow to change the password, but insufficiently check which password is to be changed. With this an authenticated attacker could, under certain conditions, be able to change the password of another, potential admin user allowing her to escalate her privileges." + "value": "Affected devices allow to change the password, but insufficiently check which password is to be changed. With this an authenticated attacker could, under certain conditions, be able to change the password of another, potential admin user allowing her to escalate her privileges." }, { "lang": "es", @@ -947,10 +947,9 @@ "negate": false, "cpeMatch": [ { - "vulnerable": true, - "criteria": "cpe:2.3:o:siemens:6gk5208-0ra00-2ac2_firmware:*:*:*:*:*:*:*:*", - "versionEndExcluding": "4.5", - "matchCriteriaId": "06C17564-8DB0-41DA-AAD7-D1BE5C662054" + "vulnerable": false, + "criteria": "cpe:2.3:h:siemens:6gk5208-0ra00-2ac2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D3EA732B-3BDA-41AE-A791-700A28FD632B" } ] }, @@ -959,9 +958,10 @@ "negate": false, "cpeMatch": [ { - "vulnerable": false, - "criteria": "cpe:2.3:h:siemens:6gk5208-0ra00-2ac2:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D3EA732B-3BDA-41AE-A791-700A28FD632B" + "vulnerable": true, + "criteria": "cpe:2.3:o:siemens:6gk5208-0ra00-2ac2_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.5", + "matchCriteriaId": "06C17564-8DB0-41DA-AAD7-D1BE5C662054" } ] } @@ -970,6 +970,17 @@ { "operator": "AND", "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:siemens:6gk5208-0ra00-5ac2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A44C230B-2682-4DCF-808A-3D1EB647BA13" + } + ] + }, { "operator": "OR", "negate": false, @@ -981,23 +992,23 @@ "matchCriteriaId": "F58C2715-BB90-4799-B0EF-F5E356BB211B" } ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:siemens:6gk5208-0ra00-5ac2:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A44C230B-2682-4DCF-808A-3D1EB647BA13" - } - ] } ] }, { "operator": "AND", "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:siemens:6gk5216-0ba00-2ac2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "943E741B-800D-4919-8865-D07B14DC1DA8" + } + ] + }, { "operator": "OR", "negate": false, @@ -1009,23 +1020,23 @@ "matchCriteriaId": "957E4577-E797-4446-9D81-88A218D365CE" } ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:siemens:6gk5216-0ba00-2ac2:-:*:*:*:*:*:*:*", - "matchCriteriaId": "943E741B-800D-4919-8865-D07B14DC1DA8" - } - ] } ] }, { "operator": "AND", "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:siemens:6gk5216-3rs00-2ac2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "279C651A-F2BE-4B5B-898D-5BAD8D16C040" + } + ] + }, { "operator": "OR", "negate": false, @@ -1037,23 +1048,23 @@ "matchCriteriaId": "18CC07AB-DD20-4FB7-A6F4-2354677EF2FA" } ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:siemens:6gk5216-3rs00-2ac2:-:*:*:*:*:*:*:*", - "matchCriteriaId": "279C651A-F2BE-4B5B-898D-5BAD8D16C040" - } - ] } ] }, { "operator": "AND", "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:siemens:6gk5216-3rs00-5ac2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "573F9273-D8DE-40CD-9EAF-F7F118E57CF9" + } + ] + }, { "operator": "OR", "negate": false, @@ -1065,23 +1076,23 @@ "matchCriteriaId": "AC43E324-F0FF-43E6-B8C9-6670C021C92B" } ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:siemens:6gk5216-3rs00-5ac2:-:*:*:*:*:*:*:*", - "matchCriteriaId": "573F9273-D8DE-40CD-9EAF-F7F118E57CF9" - } - ] } ] }, { "operator": "AND", "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:siemens:6gk5216-4bs00-2ac2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C004D760-9DE2-44EA-9B55-935A8A9BEF2E" + } + ] + }, { "operator": "OR", "negate": false, @@ -1093,23 +1104,23 @@ "matchCriteriaId": "8F21408C-9324-493F-869A-ED136E332A86" } ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:siemens:6gk5216-4bs00-2ac2:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C004D760-9DE2-44EA-9B55-935A8A9BEF2E" - } - ] } ] }, { "operator": "AND", "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:siemens:6gk5216-4gs00-2ac2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B36634FC-391C-4E54-8C21-B2A839D3590A" + } + ] + }, { "operator": "OR", "negate": false, @@ -1121,23 +1132,23 @@ "matchCriteriaId": "DF4530AD-BAC9-4EBC-A560-1284E3E1A591" } ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:siemens:6gk5216-4gs00-2ac2:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B36634FC-391C-4E54-8C21-B2A839D3590A" - } - ] } ] }, { "operator": "AND", "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:siemens:6gk5216-4gs00-2tc2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "50EFE6F9-9DFC-4107-BFB6-2B4887D2F872" + } + ] + }, { "operator": "OR", "negate": false, @@ -1149,23 +1160,23 @@ "matchCriteriaId": "911A3392-6764-442C-8679-4D6F7BC0ADC3" } ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:siemens:6gk5216-4gs00-2tc2:-:*:*:*:*:*:*:*", - "matchCriteriaId": "50EFE6F9-9DFC-4107-BFB6-2B4887D2F872" - } - ] } ] }, { "operator": "AND", "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:siemens:6gk5216-4gs00-2fc2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C403B02F-D93F-4CB1-A076-093BD62F95D9" + } + ] + }, { "operator": "OR", "negate": false, @@ -1177,23 +1188,23 @@ "matchCriteriaId": "3EF24AEF-AA51-4EC9-ADE3-F2A7DFCAFADC" } ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:siemens:6gk5216-4gs00-2fc2:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C403B02F-D93F-4CB1-A076-093BD62F95D9" - } - ] } ] }, { "operator": "AND", "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:siemens:6gk5216-0ba00-2fc2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "789F2F49-28A6-45E3-9CC1-9C5BF5522BE7" + } + ] + }, { "operator": "OR", "negate": false, @@ -1205,17 +1216,6 @@ "matchCriteriaId": "4052187F-BD55-46FE-BF0E-33090B17C1FF" } ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:siemens:6gk5216-0ba00-2fc2:-:*:*:*:*:*:*:*", - "matchCriteriaId": "789F2F49-28A6-45E3-9CC1-9C5BF5522BE7" - } - ] } ] }, @@ -1227,10 +1227,9 @@ "negate": false, "cpeMatch": [ { - "vulnerable": true, - "criteria": "cpe:2.3:o:siemens:6gk5224-0ba00-2ac2_firmware:*:*:*:*:*:*:*:*", - "versionEndExcluding": "4.5", - "matchCriteriaId": "D433F6C6-9891-4BD7-87CA-BE64DA32BE86" + "vulnerable": false, + "criteria": "cpe:2.3:h:siemens:6gk5224-0ba00-2ac2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "17EFD31B-A636-4592-99AD-6FD99A3E8985" } ] }, @@ -1239,9 +1238,10 @@ "negate": false, "cpeMatch": [ { - "vulnerable": false, - "criteria": "cpe:2.3:h:siemens:6gk5224-0ba00-2ac2:-:*:*:*:*:*:*:*", - "matchCriteriaId": "17EFD31B-A636-4592-99AD-6FD99A3E8985" + "vulnerable": true, + "criteria": "cpe:2.3:o:siemens:6gk5224-0ba00-2ac2_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.5", + "matchCriteriaId": "D433F6C6-9891-4BD7-87CA-BE64DA32BE86" } ] } @@ -2061,6 +2061,14 @@ } ], "references": [ + { + "url": "https://cert-portal.siemens.com/productcert/html/ssa-180704.html", + "source": "productcert@siemens.com" + }, + { + "url": "https://cert-portal.siemens.com/productcert/html/ssa-699386.html", + "source": "productcert@siemens.com" + }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180704.pdf", "source": "productcert@siemens.com" diff --git a/CVE-2023/CVE-2023-457xx/CVE-2023-45793.json b/CVE-2023/CVE-2023-457xx/CVE-2023-45793.json new file mode 100644 index 00000000000..cb4ad398227 --- /dev/null +++ b/CVE-2023/CVE-2023-457xx/CVE-2023-45793.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-45793", + "sourceIdentifier": "productcert@siemens.com", + "published": "2024-03-12T11:15:47.503", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been identified in Siveillance Control (All versions >= V2.8 < V3.1.1). The affected product does not properly check the list of access groups that are assigned to an individual user. This could enable a locally logged on user to gain write privileges for objects where they only have read privileges." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "productcert@siemens.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "productcert@siemens.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] + } + ], + "references": [ + { + "url": "https://cert-portal.siemens.com/productcert/html/ssa-145196.html", + "source": "productcert@siemens.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-461xx/CVE-2023-46156.json b/CVE-2023/CVE-2023-461xx/CVE-2023-46156.json index 83f684723b4..5e7f7cab9df 100644 --- a/CVE-2023/CVE-2023-461xx/CVE-2023-46156.json +++ b/CVE-2023/CVE-2023-461xx/CVE-2023-46156.json @@ -2,8 +2,8 @@ "id": "CVE-2023-46156", "sourceIdentifier": "productcert@siemens.com", "published": "2023-12-12T12:15:13.417", - "lastModified": "2023-12-18T15:24:08.413", - "vulnStatus": "Analyzed", + "lastModified": "2024-03-12T11:15:47.740", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -450,10 +450,9 @@ "negate": false, "cpeMatch": [ { - "vulnerable": true, - "criteria": "cpe:2.3:o:siemens:simatic_s7-1500_cpu_1513f-1_pn_firmware:*:*:*:*:*:*:*:*", - "versionEndExcluding": "3.1.0", - "matchCriteriaId": "80B907A6-501C-45C2-80D0-69A63182675E" + "vulnerable": false, + "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1513f-1_pn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "69DE61DE-5B71-4F35-AC4F-C6EC24A7DDAA" } ] }, @@ -462,9 +461,10 @@ "negate": false, "cpeMatch": [ { - "vulnerable": false, - "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1513f-1_pn:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69DE61DE-5B71-4F35-AC4F-C6EC24A7DDAA" + "vulnerable": true, + "criteria": "cpe:2.3:o:siemens:simatic_s7-1500_cpu_1513f-1_pn_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.1.0", + "matchCriteriaId": "80B907A6-501C-45C2-80D0-69A63182675E" } ] } @@ -473,6 +473,17 @@ { "operator": "AND", "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1513r-1_pn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8E5DB6CE-9DFF-4B58-8693-0D9BC80F8686" + } + ] + }, { "operator": "OR", "negate": false, @@ -484,23 +495,23 @@ "matchCriteriaId": "5534F0CA-DB9E-4677-A1F6-041B48170345" } ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1513r-1_pn:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8E5DB6CE-9DFF-4B58-8693-0D9BC80F8686" - } - ] } ] }, { "operator": "AND", "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1514sp_f-2_pn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "40D98AB8-FD0C-4B31-A732-F10FDEA37E14" + } + ] + }, { "operator": "OR", "negate": false, @@ -512,23 +523,23 @@ "matchCriteriaId": "DE2BF5FC-3434-4CA5-9777-012B64F98D7B" } ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1514sp_f-2_pn:-:*:*:*:*:*:*:*", - "matchCriteriaId": "40D98AB8-FD0C-4B31-A732-F10FDEA37E14" - } - ] } ] }, { "operator": "AND", "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1514sp-2_pn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3735705B-C196-45C1-B972-5B03D6EBDC87" + } + ] + }, { "operator": "OR", "negate": false, @@ -540,23 +551,23 @@ "matchCriteriaId": "934EC4CE-27F4-41B5-A124-E278ACF8D2E3" } ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1514sp-2_pn:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3735705B-C196-45C1-B972-5B03D6EBDC87" - } - ] } ] }, { "operator": "AND", "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1514spt_f-2_pn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F12835A8-D10C-4598-9308-7C053F146DDA" + } + ] + }, { "operator": "OR", "negate": false, @@ -568,23 +579,23 @@ "matchCriteriaId": "CB81D981-9D07-4B14-A580-4C0E0952A627" } ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1514spt_f-2_pn:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F12835A8-D10C-4598-9308-7C053F146DDA" - } - ] } ] }, { "operator": "AND", "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1514spt-2_pn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9705BD48-7CA7-45FF-94CB-E21ABF2DADBB" + } + ] + }, { "operator": "OR", "negate": false, @@ -596,23 +607,23 @@ "matchCriteriaId": "D8AFFE04-9963-4DFC-8636-C41D1BBB35EA" } ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1514spt-2_pn:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9705BD48-7CA7-45FF-94CB-E21ABF2DADBB" - } - ] } ] }, { "operator": "AND", "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515-2_pn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "ABE9C79B-52A3-45F4-9DA5-6D61A6BF7753" + } + ] + }, { "operator": "OR", "negate": false, @@ -624,23 +635,23 @@ "matchCriteriaId": "792D9B4C-9592-4285-98DF-7824D363322A" } ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515-2_pn:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ABE9C79B-52A3-45F4-9DA5-6D61A6BF7753" - } - ] } ] }, { "operator": "AND", "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515f-2_pn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EDE82551-008D-4B75-BDB5-3DD30ADD1863" + } + ] + }, { "operator": "OR", "negate": false, @@ -652,23 +663,23 @@ "matchCriteriaId": "7D817E0E-C921-4200-8E4D-DE7D1209A1F2" } ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515f-2_pn:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EDE82551-008D-4B75-BDB5-3DD30ADD1863" - } - ] } ] }, { "operator": "AND", "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515r-2_pn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "42957AE0-38CC-47F0-867C-EB161C3AD03B" + } + ] + }, { "operator": "OR", "negate": false, @@ -680,23 +691,23 @@ "matchCriteriaId": "4CA6B04A-5671-42C6-B71F-D11BA3918A62" } ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515r-2_pn:-:*:*:*:*:*:*:*", - "matchCriteriaId": "42957AE0-38CC-47F0-867C-EB161C3AD03B" - } - ] } ] }, { "operator": "AND", "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515t-2_pn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AF28F388-619A-4B10-AD3D-EA06C56EF22E" + } + ] + }, { "operator": "OR", "negate": false, @@ -708,23 +719,23 @@ "matchCriteriaId": "96090D48-7EEB-4ACC-B37F-7BB6C1ACA3E8" } ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515t-2_pn:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AF28F388-619A-4B10-AD3D-EA06C56EF22E" - } - ] } ] }, { "operator": "AND", "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515tf-2_pn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FD64AE8B-79DD-4248-BD98-8AEC260CE87A" + } + ] + }, { "operator": "OR", "negate": false, @@ -736,17 +747,6 @@ "matchCriteriaId": "7CF5A172-9D05-4954-AF68-E50ECC406036" } ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515tf-2_pn:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FD64AE8B-79DD-4248-BD98-8AEC260CE87A" - } - ] } ] }, @@ -758,10 +758,9 @@ "negate": false, "cpeMatch": [ { - "vulnerable": true, - "criteria": "cpe:2.3:o:siemens:simatic_s7-1500_cpu_1516-3_pn\\/dp_firmware:*:*:*:*:*:*:*:*", - "versionEndExcluding": "3.1.0", - "matchCriteriaId": "4E4BFFAE-B211-4EAC-B2F7-29A33DE148E0" + "vulnerable": false, + "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516-3_pn\\/dp:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A5C12961-CCF4-4248-9E43-8866671A257A" } ] }, @@ -770,9 +769,10 @@ "negate": false, "cpeMatch": [ { - "vulnerable": false, - "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516-3_pn\\/dp:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A5C12961-CCF4-4248-9E43-8866671A257A" + "vulnerable": true, + "criteria": "cpe:2.3:o:siemens:simatic_s7-1500_cpu_1516-3_pn\\/dp_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.1.0", + "matchCriteriaId": "4E4BFFAE-B211-4EAC-B2F7-29A33DE148E0" } ] } @@ -2148,6 +2148,14 @@ } ], "references": [ + { + "url": "https://cert-portal.siemens.com/productcert/html/ssa-280603.html", + "source": "productcert@siemens.com" + }, + { + "url": "https://cert-portal.siemens.com/productcert/html/ssa-592380.html", + "source": "productcert@siemens.com" + }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-280603.pdf", "source": "productcert@siemens.com", diff --git a/CVE-2023/CVE-2023-46xx/CVE-2023-4626.json b/CVE-2023/CVE-2023-46xx/CVE-2023-4626.json index 04fb807b4a4..1b226a96106 100644 --- a/CVE-2023/CVE-2023-46xx/CVE-2023-4626.json +++ b/CVE-2023/CVE-2023-46xx/CVE-2023-4626.json @@ -2,12 +2,16 @@ "id": "CVE-2023-4626", "sourceIdentifier": "security@wordfence.com", "published": "2024-03-12T10:15:06.903", - "lastModified": "2024-03-12T10:15:06.903", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "The LadiApp plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ladiflow_save_hook() function in versions up to, and including, 4.3. This makes it possible for authenticated attackers with subscriber-level access and above to update the 'ladiflow_hook_configs' option." + }, + { + "lang": "es", + "value": "El complemento LadiApp para WordPress es vulnerable a modificaciones no autorizadas de datos debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n ladiflow_save_hook() en versiones hasta la 4.3 incluida. Esto hace posible que los atacantes autenticados con acceso a nivel de suscriptor y superior actualicen la opci\u00f3n 'ladiflow_hook_configs'." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-46xx/CVE-2023-4627.json b/CVE-2023/CVE-2023-46xx/CVE-2023-4627.json index 9ff3b3e5c44..c072bf494e4 100644 --- a/CVE-2023/CVE-2023-46xx/CVE-2023-4627.json +++ b/CVE-2023/CVE-2023-46xx/CVE-2023-4627.json @@ -2,12 +2,16 @@ "id": "CVE-2023-4627", "sourceIdentifier": "security@wordfence.com", "published": "2024-03-12T10:15:07.480", - "lastModified": "2024-03-12T10:15:07.480", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "The LadiApp plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_config() function in versions up to, and including, 4.4. This makes it possible for authenticated attackers with subscriber-level access and above to update the 'ladipage_config' option." + }, + { + "lang": "es", + "value": "El complemento LadiApp para WordPress es vulnerable a modificaciones no autorizadas de datos debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n save_config() en versiones hasta la 4.4 incluida. Esto hace posible que atacantes autenticados con acceso de nivel de suscriptor y superior actualicen la opci\u00f3n 'ladipage_config'." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-46xx/CVE-2023-4628.json b/CVE-2023/CVE-2023-46xx/CVE-2023-4628.json index 9a06d2addc2..a63048879ae 100644 --- a/CVE-2023/CVE-2023-46xx/CVE-2023-4628.json +++ b/CVE-2023/CVE-2023-46xx/CVE-2023-4628.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4628", "sourceIdentifier": "security@wordfence.com", "published": "2024-03-12T10:15:07.657", - "lastModified": "2024-03-12T10:15:07.657", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-46xx/CVE-2023-4629.json b/CVE-2023/CVE-2023-46xx/CVE-2023-4629.json index 987b8dec498..bf833200c72 100644 --- a/CVE-2023/CVE-2023-46xx/CVE-2023-4629.json +++ b/CVE-2023/CVE-2023-46xx/CVE-2023-4629.json @@ -2,12 +2,16 @@ "id": "CVE-2023-4629", "sourceIdentifier": "security@wordfence.com", "published": "2024-03-12T10:15:07.833", - "lastModified": "2024-03-12T10:15:07.833", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "The LadiApp plugin for WordPress is vulnerable to Cross-Site Request Forgery due to a missing nonce check on the save_config() function in versions up to, and including, 4.3. This makes it possible for unauthenticated attackers to update the 'ladipage_config' option via a forged request granted they can trick a site administrator into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento LadiApp para WordPress es vulnerable a Cross-Site Request Forgery debido a que falta una verificaci\u00f3n nonce en la funci\u00f3n save_config() en versiones hasta la 4.3 incluida. Esto hace posible que atacantes no autenticados actualicen la opci\u00f3n 'ladipage_config' a trav\u00e9s de una solicitud falsificada, siempre que puedan enga\u00f1ar al administrador del sitio para que realice una acci\u00f3n como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-47xx/CVE-2023-4728.json b/CVE-2023/CVE-2023-47xx/CVE-2023-4728.json index d91c3e12aa7..0c185c83dc7 100644 --- a/CVE-2023/CVE-2023-47xx/CVE-2023-4728.json +++ b/CVE-2023/CVE-2023-47xx/CVE-2023-4728.json @@ -2,12 +2,16 @@ "id": "CVE-2023-4728", "sourceIdentifier": "security@wordfence.com", "published": "2024-03-12T10:15:08.017", - "lastModified": "2024-03-12T10:15:08.017", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "The LadiApp plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the publish_lp() function hooked via an AJAX action in versions up to, and including, 4.4. This makes it possible for authenticated attackers with subscriber-level access and above to change the LadiPage key (a key fully controlled by the attacker), enabling them to freely create new pages, including web pages that trigger stored XSS" + }, + { + "lang": "es", + "value": "El complemento LadiApp para WordPress es vulnerable a modificaciones no autorizadas de datos debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n Publish_lp() enlazada mediante una acci\u00f3n AJAX en versiones hasta la 4.4 incluida. Esto hace posible que los atacantes autenticados con acceso de nivel de suscriptor y superior cambien la clave LadiPage (una clave totalmente controlada por el atacante), lo que les permite crear libremente nuevas p\u00e1ginas, incluidas p\u00e1ginas web que activan XSS almacenado." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-47xx/CVE-2023-4729.json b/CVE-2023/CVE-2023-47xx/CVE-2023-4729.json index a92886e3696..fd96d42d861 100644 --- a/CVE-2023/CVE-2023-47xx/CVE-2023-4729.json +++ b/CVE-2023/CVE-2023-47xx/CVE-2023-4729.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4729", "sourceIdentifier": "security@wordfence.com", "published": "2024-03-12T10:15:08.197", - "lastModified": "2024-03-12T10:15:08.197", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-47xx/CVE-2023-4731.json b/CVE-2023/CVE-2023-47xx/CVE-2023-4731.json index 2785a037729..5043ce1ee88 100644 --- a/CVE-2023/CVE-2023-47xx/CVE-2023-4731.json +++ b/CVE-2023/CVE-2023-47xx/CVE-2023-4731.json @@ -2,12 +2,16 @@ "id": "CVE-2023-4731", "sourceIdentifier": "security@wordfence.com", "published": "2024-03-12T10:15:08.363", - "lastModified": "2024-03-12T10:15:08.363", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "The LadiApp plugn for WordPress is vulnerable to Cross-Site Request Forgery due to a missing nonce check on the init_endpoint() function hooked via 'init' in versions up to, and including, 4.4. This makes it possible for unauthenticated attackers to modify a variety of settings, via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. An attacker can directly modify the 'ladipage_key' which enables them to create new posts on the website and inject malicious web scripts," + }, + { + "lang": "es", + "value": "El complemento LadiApp para WordPress es vulnerable a Cross-Site Request Forgery debido a que falta una verificaci\u00f3n nonce en la funci\u00f3n init_endpoint() enlazada a trav\u00e9s de 'init' en versiones hasta la 4.4 incluida. Esto hace posible que atacantes no autenticados modifiquen una variedad de configuraciones, a trav\u00e9s de una solicitud falsificada, pueden enga\u00f1ar a un administrador del sitio para que realice una acci\u00f3n como hacer clic en un enlace. Un atacante puede modificar directamente 'ladipage_key', lo que le permite crear nuevas publicaciones en el sitio web e inyectar scripts web maliciosos." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-491xx/CVE-2023-49125.json b/CVE-2023/CVE-2023-491xx/CVE-2023-49125.json index c2c346eaaa0..eeb8f4af50d 100644 --- a/CVE-2023/CVE-2023-491xx/CVE-2023-49125.json +++ b/CVE-2023/CVE-2023-491xx/CVE-2023-49125.json @@ -2,12 +2,12 @@ "id": "CVE-2023-49125", "sourceIdentifier": "productcert@siemens.com", "published": "2024-02-13T09:15:46.173", - "lastModified": "2024-02-13T14:01:07.747", + "lastModified": "2024-03-12T11:15:48.063", "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", - "value": "A vulnerability has been identified in Parasolid V35.0 (All versions < V35.0.263), Parasolid V35.1 (All versions < V35.1.252), Parasolid V36.0 (All versions < V36.0.198). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted files containing XT format. This could allow an attacker to execute code in the context of the current process." + "value": "A vulnerability has been identified in Parasolid V35.0 (All versions < V35.0.263), Parasolid V35.1 (All versions < V35.1.252), Parasolid V36.0 (All versions < V36.0.198), Solid Edge (All versions < V223.0.11). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted files containing XT format. This could allow an attacker to execute code in the context of the current process." }, { "lang": "es", @@ -51,6 +51,10 @@ } ], "references": [ + { + "url": "https://cert-portal.siemens.com/productcert/html/ssa-382651.html", + "source": "productcert@siemens.com" + }, { "url": "https://cert-portal.siemens.com/productcert/html/ssa-797296.html", "source": "productcert@siemens.com" diff --git a/CVE-2023/CVE-2023-494xx/CVE-2023-49453.json b/CVE-2023/CVE-2023-494xx/CVE-2023-49453.json index f8799fd2f04..2edd7850136 100644 --- a/CVE-2023/CVE-2023-494xx/CVE-2023-49453.json +++ b/CVE-2023/CVE-2023-494xx/CVE-2023-49453.json @@ -2,12 +2,16 @@ "id": "CVE-2023-49453", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-12T08:15:45.127", - "lastModified": "2024-03-12T08:15:45.127", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Reflected cross-site scripting (XSS) vulnerability in Racktables v0.22.0 and before, allows local attackers to execute arbitrary code and obtain sensitive information via the search component in index.php." + }, + { + "lang": "es", + "value": "Vulnerabilidad de cross-site scripting (XSS) reflejado en Racktables v0.22.0 y anteriores permite a atacantes locales ejecutar c\u00f3digo arbitrario y obtener informaci\u00f3n confidencial a trav\u00e9s del componente de b\u00fasqueda en index.php." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-497xx/CVE-2023-49785.json b/CVE-2023/CVE-2023-497xx/CVE-2023-49785.json index 77e795b63af..e8952672e7e 100644 --- a/CVE-2023/CVE-2023-497xx/CVE-2023-49785.json +++ b/CVE-2023/CVE-2023-497xx/CVE-2023-49785.json @@ -2,8 +2,8 @@ "id": "CVE-2023-49785", "sourceIdentifier": "security-advisories@github.com", "published": "2024-03-12T00:15:26.383", - "lastModified": "2024-03-12T00:15:26.383", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-524xx/CVE-2023-52486.json b/CVE-2023/CVE-2023-524xx/CVE-2023-52486.json index 7a79076eb66..626192f976d 100644 --- a/CVE-2023/CVE-2023-524xx/CVE-2023-52486.json +++ b/CVE-2023/CVE-2023-524xx/CVE-2023-52486.json @@ -2,12 +2,16 @@ "id": "CVE-2023-52486", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-03-11T18:15:16.427", - "lastModified": "2024-03-11T18:15:16.427", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: Don't unref the same fb many times by mistake due to deadlock handling\n\nIf we get a deadlock after the fb lookup in drm_mode_page_flip_ioctl()\nwe proceed to unref the fb and then retry the whole thing from the top.\nBut we forget to reset the fb pointer back to NULL, and so if we then\nget another error during the retry, before the fb lookup, we proceed\nthe unref the same fb again without having gotten another reference.\nThe end result is that the fb will (eventually) end up being freed\nwhile it's still in use.\n\nReset fb to NULL once we've unreffed it to avoid doing it again\nuntil we've done another fb lookup.\n\nThis turned out to be pretty easy to hit on a DG2 when doing async\nflips (and CONFIG_DEBUG_WW_MUTEX_SLOWPATH=y). The first symptom I\nsaw that drm_closefb() simply got stuck in a busy loop while walking\nthe framebuffer list. Fortunately I was able to convince it to oops\ninstead, and from there it was easier to track down the culprit." + }, + { + "lang": "es", + "value": "En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: drm: No desreferenciar el mismo fb muchas veces por error debido al manejo de interbloqueos Si obtenemos un punto muerto despu\u00e9s de la b\u00fasqueda de fb en drm_mode_page_flip_ioctl() procedemos a desreferenciar el fb y luego Vuelva a intentarlo todo desde arriba. Pero nos olvidamos de restablecer el puntero fb a NULL, por lo que si obtenemos otro error durante el reintento, antes de la b\u00fasqueda de fb, procedemos a desref el mismo fb nuevamente sin haber obtenido otra referencia. El resultado final es que el Facebook (eventualmente) terminar\u00e1 siendo liberado mientras todav\u00eda est\u00e1 en uso. Restablezca fb a NULL una vez que lo hayamos eliminado para evitar hacerlo nuevamente hasta que hayamos realizado otra b\u00fasqueda de fb. Esto result\u00f3 ser bastante f\u00e1cil de lograr en un DG2 cuando se realizan volteos as\u00edncronos (y CONFIG_DEBUG_WW_MUTEX_SLOWPATH=y). El primer s\u00edntoma que vi fue que drm_closefb() simplemente se qued\u00f3 atascado en un bucle ocupado mientras recorr\u00eda la lista de framebuffer. Afortunadamente, pude convencerlo de que lo hiciera, y a partir de ah\u00ed fue m\u00e1s f\u00e1cil localizar al culpable." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-524xx/CVE-2023-52487.json b/CVE-2023/CVE-2023-524xx/CVE-2023-52487.json index 5c47899c2d9..26b3dba8abf 100644 --- a/CVE-2023/CVE-2023-524xx/CVE-2023-52487.json +++ b/CVE-2023/CVE-2023-524xx/CVE-2023-52487.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52487", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-03-11T18:15:16.520", - "lastModified": "2024-03-11T18:15:16.520", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-524xx/CVE-2023-52488.json b/CVE-2023/CVE-2023-524xx/CVE-2023-52488.json index fd92134a0fa..c8094ad8fe3 100644 --- a/CVE-2023/CVE-2023-524xx/CVE-2023-52488.json +++ b/CVE-2023/CVE-2023-524xx/CVE-2023-52488.json @@ -2,12 +2,16 @@ "id": "CVE-2023-52488", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-03-11T18:15:16.603", - "lastModified": "2024-03-11T18:15:16.603", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO\n\nThe SC16IS7XX IC supports a burst mode to access the FIFOs where the\ninitial register address is sent ($00), followed by all the FIFO data\nwithout having to resend the register address each time. In this mode, the\nIC doesn't increment the register address for each R/W byte.\n\nThe regmap_raw_read() and regmap_raw_write() are functions which can\nperform IO over multiple registers. They are currently used to read/write\nfrom/to the FIFO, and although they operate correctly in this burst mode on\nthe SPI bus, they would corrupt the regmap cache if it was not disabled\nmanually. The reason is that when the R/W size is more than 1 byte, these\nfunctions assume that the register address is incremented and handle the\ncache accordingly.\n\nConvert FIFO R/W functions to use the regmap _noinc_ versions in order to\nremove the manual cache control which was a workaround when using the\n_raw_ versions. FIFO registers are properly declared as volatile so\ncache will not be used/updated for FIFO accesses." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: serial: sc16is7xx: convierte de _raw_ a _noinc_ funciones regmap para FIFO El IC SC16IS7XX admite un modo de r\u00e1faga para acceder a los FIFO donde se env\u00eda la direcci\u00f3n de registro inicial ($00), seguida de todas los datos FIFO sin tener que reenviar la direcci\u00f3n de registro cada vez. En este modo, el IC no incrementa la direcci\u00f3n de registro para cada byte de lectura/escritura. regmap_raw_read() y regmap_raw_write() son funciones que pueden realizar IO en m\u00faltiples registros. Actualmente se utilizan para leer/escribir desde/hacia FIFO y, aunque funcionan correctamente en este modo de r\u00e1faga en el bus SPI, da\u00f1ar\u00edan el cach\u00e9 de regmap si no se desactivara manualmente. La raz\u00f3n es que cuando el tama\u00f1o de lectura y escritura es superior a 1 byte, estas funciones asumen que la direcci\u00f3n del registro se incrementa y manejan la cach\u00e9 en consecuencia. Convierta las funciones FIFO R/W para usar las versiones regmap _noinc_ para eliminar el control de cach\u00e9 manual, que era una soluci\u00f3n alternativa al usar las versiones _raw_. Los registros FIFO se declaran correctamente como vol\u00e1tiles, por lo que la cach\u00e9 no se utilizar\u00e1 ni se actualizar\u00e1 para los accesos FIFO." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-524xx/CVE-2023-52489.json b/CVE-2023/CVE-2023-524xx/CVE-2023-52489.json index 6cb3156f058..9eaa8167be5 100644 --- a/CVE-2023/CVE-2023-524xx/CVE-2023-52489.json +++ b/CVE-2023/CVE-2023-524xx/CVE-2023-52489.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52489", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-03-11T18:15:16.673", - "lastModified": "2024-03-11T18:15:16.673", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-524xx/CVE-2023-52490.json b/CVE-2023/CVE-2023-524xx/CVE-2023-52490.json index 95b20fc21e5..45a1c8073c9 100644 --- a/CVE-2023/CVE-2023-524xx/CVE-2023-52490.json +++ b/CVE-2023/CVE-2023-524xx/CVE-2023-52490.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52490", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-03-11T18:15:16.750", - "lastModified": "2024-03-11T18:15:16.750", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-524xx/CVE-2023-52491.json b/CVE-2023/CVE-2023-524xx/CVE-2023-52491.json index 569cea158df..96b445cca01 100644 --- a/CVE-2023/CVE-2023-524xx/CVE-2023-52491.json +++ b/CVE-2023/CVE-2023-524xx/CVE-2023-52491.json @@ -2,12 +2,16 @@ "id": "CVE-2023-52491", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-03-11T18:15:16.807", - "lastModified": "2024-03-11T18:15:16.807", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mtk-jpeg: Fix use after free bug due to error path handling in mtk_jpeg_dec_device_run\n\nIn mtk_jpeg_probe, &jpeg->job_timeout_work is bound with\nmtk_jpeg_job_timeout_work.\n\nIn mtk_jpeg_dec_device_run, if error happens in\nmtk_jpeg_set_dec_dst, it will finally start the worker while\nmark the job as finished by invoking v4l2_m2m_job_finish.\n\nThere are two methods to trigger the bug. If we remove the\nmodule, it which will call mtk_jpeg_remove to make cleanup.\nThe possible sequence is as follows, which will cause a\nuse-after-free bug.\n\nCPU0 CPU1\nmtk_jpeg_dec_... |\n start worker\t |\n |mtk_jpeg_job_timeout_work\nmtk_jpeg_remove |\n v4l2_m2m_release |\n kfree(m2m_dev); |\n |\n | v4l2_m2m_get_curr_priv\n | m2m_dev->curr_ctx //use\n\nIf we close the file descriptor, which will call mtk_jpeg_release,\nit will have a similar sequence.\n\nFix this bug by starting timeout worker only if started jpegdec worker\nsuccessfully. Then v4l2_m2m_job_finish will only be called in\neither mtk_jpeg_job_timeout_work or mtk_jpeg_dec_device_run." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: medio: mtk-jpeg: Se corrigi\u00f3 el error de use-after-free debido al manejo de la ruta de error en mtk_jpeg_dec_device_run En mtk_jpeg_probe, &jpeg->job_timeout_work est\u00e1 vinculado con mtk_jpeg_job_timeout_work. En mtk_jpeg_dec_device_run, si ocurre un error en mtk_jpeg_set_dec_dst, finalmente iniciar\u00e1 el trabajador mientras marca el trabajo como finalizado invocando v4l2_m2m_job_finish. Hay dos m\u00e9todos para activar el error. Si eliminamos el m\u00f3dulo, llamar\u00e1 a mtk_jpeg_remove para realizar la limpieza. La secuencia posible es la siguiente, lo que provocar\u00e1 un error de use-after-free. CPU0 CPU1 mtk_jpeg_dec_... | empezar trabajador | |mtk_jpeg_job_timeout_work mtk_jpeg_remove | v4l2_m2m_release | kfree(m2m_dev); | | | v4l2_m2m_get_curr_priv | m2m_dev->curr_ctx //use Si cerramos el descriptor de archivo, que llamar\u00e1 a mtk_jpeg_release, tendr\u00e1 una secuencia similar. Corrija este error iniciando el trabajador de tiempo de espera solo si inici\u00f3 el trabajador jpegdec exitosamente. Entonces v4l2_m2m_job_finish solo se llamar\u00e1 en mtk_jpeg_job_timeout_work o mtk_jpeg_dec_device_run." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-524xx/CVE-2023-52492.json b/CVE-2023/CVE-2023-524xx/CVE-2023-52492.json index 4ea68fbfbd3..9ad942268ae 100644 --- a/CVE-2023/CVE-2023-524xx/CVE-2023-52492.json +++ b/CVE-2023/CVE-2023-524xx/CVE-2023-52492.json @@ -2,12 +2,16 @@ "id": "CVE-2023-52492", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-03-11T18:15:16.877", - "lastModified": "2024-03-11T18:15:16.877", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: fix NULL pointer in channel unregistration function\n\n__dma_async_device_channel_register() can fail. In case of failure,\nchan->local is freed (with free_percpu()), and chan->local is nullified.\nWhen dma_async_device_unregister() is called (because of managed API or\nintentionally by DMA controller driver), channels are unconditionally\nunregistered, leading to this NULL pointer:\n[ 1.318693] Unable to handle kernel NULL pointer dereference at virtual address 00000000000000d0\n[...]\n[ 1.484499] Call trace:\n[ 1.486930] device_del+0x40/0x394\n[ 1.490314] device_unregister+0x20/0x7c\n[ 1.494220] __dma_async_device_channel_unregister+0x68/0xc0\n\nLook at dma_async_device_register() function error path, channel device\nunregistration is done only if chan->local is not NULL.\n\nThen add the same condition at the beginning of\n__dma_async_device_channel_unregister() function, to avoid NULL pointer\nissue whatever the API used to reach this function." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: dmaengine: corrige el puntero NULL en la funci\u00f3n de cancelaci\u00f3n del registro del canal __dma_async_device_channel_register() puede fallar. En caso de falla, chan->local se libera (con free_percpu()) y chan->local se anula. Cuando se llama a dma_async_device_unregister() (debido a una API administrada o intencionalmente por el controlador del controlador DMA), los canales se anulan incondicionalmente, lo que lleva a este puntero NULL: [1.318693] No se puede manejar la desreferencia del puntero NULL del kernel en la direcci\u00f3n virtual 00000000000000d0 [...] [ 1.484499] Seguimiento de llamadas: [ 1.486930] device_del+0x40/0x394 [ 1.490314] device_unregister+0x20/0x7c [ 1.494220] __dma_async_device_channel_unregister+0x68/0xc0 Mire la ruta de error de la funci\u00f3n dma_async_device_register(), cancelaci\u00f3n del registro del dispositivo La raci\u00f3n se realiza s\u00f3lo si chan->local es no nulo. Luego agregue la misma condici\u00f3n al comienzo de la funci\u00f3n __dma_async_device_channel_unregister(), para evitar problemas de puntero NULL cualquiera que sea la API utilizada para alcanzar esta funci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-524xx/CVE-2023-52493.json b/CVE-2023/CVE-2023-524xx/CVE-2023-52493.json index 853b1a43cb8..498053f2b83 100644 --- a/CVE-2023/CVE-2023-524xx/CVE-2023-52493.json +++ b/CVE-2023/CVE-2023-524xx/CVE-2023-52493.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52493", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-03-11T18:15:16.940", - "lastModified": "2024-03-11T18:15:16.940", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-524xx/CVE-2023-52494.json b/CVE-2023/CVE-2023-524xx/CVE-2023-52494.json index 0ece15174e7..fae99e9597d 100644 --- a/CVE-2023/CVE-2023-524xx/CVE-2023-52494.json +++ b/CVE-2023/CVE-2023-524xx/CVE-2023-52494.json @@ -2,12 +2,16 @@ "id": "CVE-2023-52494", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-03-11T18:15:17.000", - "lastModified": "2024-03-11T18:15:17.000", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbus: mhi: host: Add alignment check for event ring read pointer\n\nThough we do check the event ring read pointer by \"is_valid_ring_ptr\"\nto make sure it is in the buffer range, but there is another risk the\npointer may be not aligned. Since we are expecting event ring elements\nare 128 bits(struct mhi_ring_element) aligned, an unaligned read pointer\ncould lead to multiple issues like DoS or ring buffer memory corruption.\n\nSo add a alignment check for event ring read pointer." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bus: mhi: host: agregar verificaci\u00f3n de alineaci\u00f3n para el puntero de lectura del anillo de eventos. Aunque verificamos el puntero de lectura del anillo de eventos mediante \"is_valid_ring_ptr\" para asegurarnos de que est\u00e9 en el rango del b\u00fafer, pero existe otro riesgo de que el puntero no est\u00e9 alineado. Dado que esperamos que los elementos del anillo de eventos est\u00e9n alineados con 128 bits (struct mhi_ring_element), un puntero de lectura no alineado podr\u00eda provocar m\u00faltiples problemas como DoS o corrupci\u00f3n de la memoria del b\u00fafer del anillo. Por lo tanto, agregue una verificaci\u00f3n de alineaci\u00f3n para el puntero de lectura del anillo de eventos." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-524xx/CVE-2023-52495.json b/CVE-2023/CVE-2023-524xx/CVE-2023-52495.json index c61730466a3..d8cb52115b9 100644 --- a/CVE-2023/CVE-2023-524xx/CVE-2023-52495.json +++ b/CVE-2023/CVE-2023-524xx/CVE-2023-52495.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52495", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-03-11T18:15:17.060", - "lastModified": "2024-03-11T18:15:17.060", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-524xx/CVE-2023-52498.json b/CVE-2023/CVE-2023-524xx/CVE-2023-52498.json index 4c8a518a493..1ebf09208c5 100644 --- a/CVE-2023/CVE-2023-524xx/CVE-2023-52498.json +++ b/CVE-2023/CVE-2023-524xx/CVE-2023-52498.json @@ -2,12 +2,16 @@ "id": "CVE-2023-52498", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-03-11T18:15:17.130", - "lastModified": "2024-03-11T18:15:17.130", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM: sleep: Fix possible deadlocks in core system-wide PM code\n\nIt is reported that in low-memory situations the system-wide resume core\ncode deadlocks, because async_schedule_dev() executes its argument\nfunction synchronously if it cannot allocate memory (and not only in\nthat case) and that function attempts to acquire a mutex that is already\nheld. Executing the argument function synchronously from within\ndpm_async_fn() may also be problematic for ordering reasons (it may\ncause a consumer device's resume callback to be invoked before a\nrequisite supplier device's one, for example).\n\nAddress this by changing the code in question to use\nasync_schedule_dev_nocall() for scheduling the asynchronous\nexecution of device suspend and resume functions and to directly\nrun them synchronously if async_schedule_dev_nocall() returns false." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: PM: suspensi\u00f3n: soluciona posibles bloqueos en el c\u00f3digo PM de todo el sistema central. Se informa que en situaciones de poca memoria, el c\u00f3digo central de reanudaci\u00f3n de todo el sistema se bloquea porque async_schedule_dev() ejecuta su el argumento funciona sincr\u00f3nicamente si no puede asignar memoria (y no solo en ese caso) y esa funci\u00f3n intenta adquirir un mutex que ya est\u00e1 retenido. La ejecuci\u00f3n de la funci\u00f3n de argumento sincr\u00f3nicamente desde dpm_async_fn() tambi\u00e9n puede ser problem\u00e1tica por razones de pedido (puede causar que la devoluci\u00f3n de llamada de curr\u00edculum de un dispositivo consumidor se invoque antes que la de un dispositivo proveedor requerido, por ejemplo). Solucione este problema cambiando el c\u00f3digo en cuesti\u00f3n para usar async_schedule_dev_nocall() para programar la ejecuci\u00f3n asincr\u00f3nica de las funciones de suspensi\u00f3n y reanudaci\u00f3n del dispositivo y para ejecutarlas directamente de forma sincr\u00f3nica si async_schedule_dev_nocall() devuelve falso." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-64xx/CVE-2023-6444.json b/CVE-2023/CVE-2023-64xx/CVE-2023-6444.json index 22afe6167f8..02c9d8079d8 100644 --- a/CVE-2023/CVE-2023-64xx/CVE-2023-6444.json +++ b/CVE-2023/CVE-2023-64xx/CVE-2023-6444.json @@ -2,12 +2,16 @@ "id": "CVE-2023-6444", "sourceIdentifier": "contact@wpscan.com", "published": "2024-03-11T18:15:17.597", - "lastModified": "2024-03-11T18:15:17.597", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "The Seriously Simple Podcasting WordPress plugin before 3.0.0 discloses the Podcast owner's email address (which by default is the admin email address) via an unauthenticated crafted request." + }, + { + "lang": "es", + "value": "El complemento Seriously Simple Podcasting de WordPress anterior a 3.0.0 revela la direcci\u00f3n de correo electr\u00f3nico del propietario del podcast (que de forma predeterminada es la direcci\u00f3n de correo electr\u00f3nico del administrador) a trav\u00e9s de una solicitud manipulada no autenticada." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-68xx/CVE-2023-6814.json b/CVE-2023/CVE-2023-68xx/CVE-2023-6814.json index 08203832ec1..6af6e955fcd 100644 --- a/CVE-2023/CVE-2023-68xx/CVE-2023-6814.json +++ b/CVE-2023/CVE-2023-68xx/CVE-2023-6814.json @@ -2,8 +2,8 @@ "id": "CVE-2023-6814", "sourceIdentifier": "hirt@hitachi.co.jp", "published": "2024-03-12T04:15:08.257", - "lastModified": "2024-03-12T04:15:08.257", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-72xx/CVE-2023-7247.json b/CVE-2023/CVE-2023-72xx/CVE-2023-7247.json index e4107b37570..c365b51e4ab 100644 --- a/CVE-2023/CVE-2023-72xx/CVE-2023-7247.json +++ b/CVE-2023/CVE-2023-72xx/CVE-2023-7247.json @@ -2,8 +2,8 @@ "id": "CVE-2023-7247", "sourceIdentifier": "contact@wpscan.com", "published": "2024-03-11T18:15:17.683", - "lastModified": "2024-03-11T18:15:17.683", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-00xx/CVE-2024-0039.json b/CVE-2024/CVE-2024-00xx/CVE-2024-0039.json index 1af3cd5c4f1..79c724664b8 100644 --- a/CVE-2024/CVE-2024-00xx/CVE-2024-0039.json +++ b/CVE-2024/CVE-2024-00xx/CVE-2024-0039.json @@ -2,12 +2,16 @@ "id": "CVE-2024-0039", "sourceIdentifier": "security@android.com", "published": "2024-03-11T17:15:45.350", - "lastModified": "2024-03-11T17:15:45.350", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In attp_build_value_cmd of att_protocol.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En attp_build_value_cmd de att_protocol.cc, hay una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda conducir a la ejecuci\u00f3n remota de c\u00f3digo sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-00xx/CVE-2024-0044.json b/CVE-2024/CVE-2024-00xx/CVE-2024-0044.json index 0dc3d6740e6..21b0013cccf 100644 --- a/CVE-2024/CVE-2024-00xx/CVE-2024-0044.json +++ b/CVE-2024/CVE-2024-00xx/CVE-2024-0044.json @@ -2,12 +2,16 @@ "id": "CVE-2024-0044", "sourceIdentifier": "security@android.com", "published": "2024-03-11T17:15:45.450", - "lastModified": "2024-03-11T17:15:45.450", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In createSessionInternal of PackageInstallerService.java, there is a possible run-as any app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En createSessionInternal de PackageInstallerService.java, existe una posible ejecuci\u00f3n como cualquier aplicaci\u00f3n debido a una validaci\u00f3n de entrada incorrecta. Esto podr\u00eda conducir a una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-00xx/CVE-2024-0045.json b/CVE-2024/CVE-2024-00xx/CVE-2024-0045.json index 5529e7bb8be..49c1f093a2c 100644 --- a/CVE-2024/CVE-2024-00xx/CVE-2024-0045.json +++ b/CVE-2024/CVE-2024-00xx/CVE-2024-0045.json @@ -2,12 +2,16 @@ "id": "CVE-2024-0045", "sourceIdentifier": "security@android.com", "published": "2024-03-11T17:15:45.507", - "lastModified": "2024-03-11T17:15:45.507", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In smp_proc_sec_req of smp_act.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En smp_proc_sec_req de smp_act.cc, existe una posible lectura fuera de los l\u00edmites debido a una validaci\u00f3n de entrada incorrecta. Esto podr\u00eda conducir a la divulgaci\u00f3n de informaci\u00f3n remota (pr\u00f3xima/adyacente) sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-00xx/CVE-2024-0046.json b/CVE-2024/CVE-2024-00xx/CVE-2024-0046.json index 22495fa9df5..e387c53607a 100644 --- a/CVE-2024/CVE-2024-00xx/CVE-2024-0046.json +++ b/CVE-2024/CVE-2024-00xx/CVE-2024-0046.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0046", "sourceIdentifier": "security@android.com", "published": "2024-03-11T17:15:45.563", - "lastModified": "2024-03-11T17:15:45.563", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-00xx/CVE-2024-0047.json b/CVE-2024/CVE-2024-00xx/CVE-2024-0047.json index a1d55c6f1c0..2fc8f378e96 100644 --- a/CVE-2024/CVE-2024-00xx/CVE-2024-0047.json +++ b/CVE-2024/CVE-2024-00xx/CVE-2024-0047.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0047", "sourceIdentifier": "security@android.com", "published": "2024-03-11T17:15:45.620", - "lastModified": "2024-03-11T17:15:45.620", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-00xx/CVE-2024-0048.json b/CVE-2024/CVE-2024-00xx/CVE-2024-0048.json index 97806bbda0f..ca8f64083f9 100644 --- a/CVE-2024/CVE-2024-00xx/CVE-2024-0048.json +++ b/CVE-2024/CVE-2024-00xx/CVE-2024-0048.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0048", "sourceIdentifier": "security@android.com", "published": "2024-03-11T17:15:45.673", - "lastModified": "2024-03-11T17:15:45.673", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-00xx/CVE-2024-0049.json b/CVE-2024/CVE-2024-00xx/CVE-2024-0049.json index b1f1f72fbb4..7cf06e1d373 100644 --- a/CVE-2024/CVE-2024-00xx/CVE-2024-0049.json +++ b/CVE-2024/CVE-2024-00xx/CVE-2024-0049.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0049", "sourceIdentifier": "security@android.com", "published": "2024-03-11T17:15:45.727", - "lastModified": "2024-03-11T17:15:45.727", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-00xx/CVE-2024-0050.json b/CVE-2024/CVE-2024-00xx/CVE-2024-0050.json index 829a56b11bf..9501f8f10f6 100644 --- a/CVE-2024/CVE-2024-00xx/CVE-2024-0050.json +++ b/CVE-2024/CVE-2024-00xx/CVE-2024-0050.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0050", "sourceIdentifier": "security@android.com", "published": "2024-03-11T17:15:45.783", - "lastModified": "2024-03-11T17:15:45.783", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-00xx/CVE-2024-0051.json b/CVE-2024/CVE-2024-00xx/CVE-2024-0051.json index c26ef6081ea..b1fda40f311 100644 --- a/CVE-2024/CVE-2024-00xx/CVE-2024-0051.json +++ b/CVE-2024/CVE-2024-00xx/CVE-2024-0051.json @@ -2,12 +2,16 @@ "id": "CVE-2024-0051", "sourceIdentifier": "security@android.com", "published": "2024-03-11T17:15:45.840", - "lastModified": "2024-03-11T17:15:45.840", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In onQueueFilled of SoftMPEG4.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En onQueueFilled de SoftMPEG4.cpp, hay una posible escritura fuera de los l\u00edmites debido a un desbordamiento de b\u00fafer de almacenamiento din\u00e1mico. Esto podr\u00eda conducir a una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-00xx/CVE-2024-0052.json b/CVE-2024/CVE-2024-00xx/CVE-2024-0052.json index 50cbd4d079b..3236e74561f 100644 --- a/CVE-2024/CVE-2024-00xx/CVE-2024-0052.json +++ b/CVE-2024/CVE-2024-00xx/CVE-2024-0052.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0052", "sourceIdentifier": "security@android.com", "published": "2024-03-11T17:15:45.897", - "lastModified": "2024-03-11T17:15:45.897", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-00xx/CVE-2024-0053.json b/CVE-2024/CVE-2024-00xx/CVE-2024-0053.json index 6bf467a911e..643c6811e65 100644 --- a/CVE-2024/CVE-2024-00xx/CVE-2024-0053.json +++ b/CVE-2024/CVE-2024-00xx/CVE-2024-0053.json @@ -2,12 +2,16 @@ "id": "CVE-2024-0053", "sourceIdentifier": "security@android.com", "published": "2024-03-11T17:15:45.950", - "lastModified": "2024-03-11T17:15:45.950", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In getCustomPrinterIcon of PrintManagerService.java, there is a possible way to view other user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En getCustomPrinterIcon de PrintManagerService.java, existe una forma posible de ver las im\u00e1genes de otros usuarios debido a un asistente confundido. Esto podr\u00eda dar lugar a la divulgaci\u00f3n de informaci\u00f3n local sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-05xx/CVE-2024-0559.json b/CVE-2024/CVE-2024-05xx/CVE-2024-0559.json index 348242e2ecf..d26bb9d70a8 100644 --- a/CVE-2024/CVE-2024-05xx/CVE-2024-0559.json +++ b/CVE-2024/CVE-2024-05xx/CVE-2024-0559.json @@ -2,12 +2,16 @@ "id": "CVE-2024-0559", "sourceIdentifier": "contact@wpscan.com", "published": "2024-03-11T18:15:17.743", - "lastModified": "2024-03-11T18:15:17.743", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "The Enhanced Text Widget WordPress plugin before 1.6.6 does not validate and escape some of its Widget options before outputting them back in attributes, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" + }, + { + "lang": "es", + "value": "El complemento Enhanced Text Widget de WordPress anterior a 1.6.6 no valida ni escapa algunas de sus opciones de widget antes de devolverlas en atributos, lo que podr\u00eda permitir a usuarios con privilegios elevados, como el administrador, realizar ataques de Cross-Site Scripting Almacenado incluso cuando la capacidad unfiltered_html no est\u00e1 permitida (por ejemplo, en una configuraci\u00f3n multisitio)" } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-05xx/CVE-2024-0561.json b/CVE-2024/CVE-2024-05xx/CVE-2024-0561.json index cd3a1c5338f..a7044682203 100644 --- a/CVE-2024/CVE-2024-05xx/CVE-2024-0561.json +++ b/CVE-2024/CVE-2024-05xx/CVE-2024-0561.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0561", "sourceIdentifier": "contact@wpscan.com", "published": "2024-03-11T18:15:17.797", - "lastModified": "2024-03-11T18:15:17.797", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-06xx/CVE-2024-0670.json b/CVE-2024/CVE-2024-06xx/CVE-2024-0670.json index 9dfa2acc033..b233d2e1559 100644 --- a/CVE-2024/CVE-2024-06xx/CVE-2024-0670.json +++ b/CVE-2024/CVE-2024-06xx/CVE-2024-0670.json @@ -2,12 +2,16 @@ "id": "CVE-2024-0670", "sourceIdentifier": "security@checkmk.com", "published": "2024-03-11T15:15:47.267", - "lastModified": "2024-03-11T15:15:47.267", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Privilege escalation in windows agent plugin in Checkmk before 2.2.0p23, 2.1.0p40 and 2.0.0 (EOL) allows local user to escalate privileges" + }, + { + "lang": "es", + "value": "La escalada de privilegios en el complemento del agente de Windows en Checkmk anterior a 2.2.0p23, 2.1.0p40 y 2.0.0 (EOL) permite al usuario local escalar privilegios" } ], "metrics": { diff --git a/CVE-2024/CVE-2024-09xx/CVE-2024-0906.json b/CVE-2024/CVE-2024-09xx/CVE-2024-0906.json index 4bcc69979d4..d257845333e 100644 --- a/CVE-2024/CVE-2024-09xx/CVE-2024-0906.json +++ b/CVE-2024/CVE-2024-09xx/CVE-2024-0906.json @@ -2,12 +2,16 @@ "id": "CVE-2024-0906", "sourceIdentifier": "security@wordfence.com", "published": "2024-03-12T09:15:06.670", - "lastModified": "2024-03-12T09:15:06.670", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "The f(x) Private Site plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.1 via the API. This makes it possible for unauthenticated attackers to obtain page and post contents of a site protected with this plugin." + }, + { + "lang": "es", + "value": "El complemento The f(x) Private Site para WordPress es vulnerable a la exposici\u00f3n de informaci\u00f3n confidencial en todas las versiones hasta la 1.2.1 incluida a trav\u00e9s de la API. Esto hace posible que atacantes no autenticados obtengan p\u00e1ginas y publiquen contenidos de un sitio protegido con este complemento." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-10xx/CVE-2024-1068.json b/CVE-2024/CVE-2024-10xx/CVE-2024-1068.json index 1fab52cda92..de665314ae3 100644 --- a/CVE-2024/CVE-2024-10xx/CVE-2024-1068.json +++ b/CVE-2024/CVE-2024-10xx/CVE-2024-1068.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1068", "sourceIdentifier": "contact@wpscan.com", "published": "2024-03-11T18:15:17.847", - "lastModified": "2024-03-11T18:15:17.847", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-12xx/CVE-2024-1273.json b/CVE-2024/CVE-2024-12xx/CVE-2024-1273.json index b6c1eef8959..9e3ecb88a1e 100644 --- a/CVE-2024/CVE-2024-12xx/CVE-2024-1273.json +++ b/CVE-2024/CVE-2024-12xx/CVE-2024-1273.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1273", "sourceIdentifier": "contact@wpscan.com", "published": "2024-03-11T18:15:17.900", - "lastModified": "2024-03-11T18:15:17.900", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-12xx/CVE-2024-1279.json b/CVE-2024/CVE-2024-12xx/CVE-2024-1279.json index 3b97eb05daf..00cc14be7bd 100644 --- a/CVE-2024/CVE-2024-12xx/CVE-2024-1279.json +++ b/CVE-2024/CVE-2024-12xx/CVE-2024-1279.json @@ -2,12 +2,16 @@ "id": "CVE-2024-1279", "sourceIdentifier": "contact@wpscan.com", "published": "2024-03-11T18:15:17.950", - "lastModified": "2024-03-11T18:15:17.950", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "The Paid Memberships Pro WordPress plugin before 2.12.9 does not prevent user with at least the contributor role from leaking other users' sensitive metadata." + }, + { + "lang": "es", + "value": "El complemento Paid Memberships Pro de WordPress anterior a 2.12.9 no impide que el usuario con al menos el rol de colaborador filtre metadatos confidenciales de otros usuarios." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-12xx/CVE-2024-1290.json b/CVE-2024/CVE-2024-12xx/CVE-2024-1290.json index 5dbb14e55fd..446042b9317 100644 --- a/CVE-2024/CVE-2024-12xx/CVE-2024-1290.json +++ b/CVE-2024/CVE-2024-12xx/CVE-2024-1290.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1290", "sourceIdentifier": "contact@wpscan.com", "published": "2024-03-11T18:15:18.003", - "lastModified": "2024-03-11T18:15:18.003", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-13xx/CVE-2024-1328.json b/CVE-2024/CVE-2024-13xx/CVE-2024-1328.json index 013460c0933..a5165d15e55 100644 --- a/CVE-2024/CVE-2024-13xx/CVE-2024-1328.json +++ b/CVE-2024/CVE-2024-13xx/CVE-2024-1328.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1328", "sourceIdentifier": "security@wordfence.com", "published": "2024-03-12T09:15:06.897", - "lastModified": "2024-03-12T09:15:06.897", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-14xx/CVE-2024-1400.json b/CVE-2024/CVE-2024-14xx/CVE-2024-1400.json index 61f44b6597d..087b402d7cc 100644 --- a/CVE-2024/CVE-2024-14xx/CVE-2024-1400.json +++ b/CVE-2024/CVE-2024-14xx/CVE-2024-1400.json @@ -2,12 +2,16 @@ "id": "CVE-2024-1400", "sourceIdentifier": "security@wordfence.com", "published": "2024-03-11T22:15:54.490", - "lastModified": "2024-03-11T22:15:54.490", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "The Mollie Forms plugin for WordPress is vulnerable to unauthorized post or page duplication due to a missing capability check on the duplicateForm function in all versions up to, and including, 2.6.3. This makes it possible for authenticated attackers, with subscriber access or higher, to duplicate arbitrary posts and pages." + }, + { + "lang": "es", + "value": "El complemento Mollie Forms para WordPress es vulnerable a publicaciones no autorizadas o duplicaci\u00f3n de p\u00e1ginas debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n duplicadoForm en todas las versiones hasta la 2.6.3 incluida. Esto hace posible que atacantes autenticados, con acceso de suscriptor o superior, dupliquen publicaciones y p\u00e1ginas arbitrarias." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-14xx/CVE-2024-1441.json b/CVE-2024/CVE-2024-14xx/CVE-2024-1441.json index 86efdba5572..db476c5ea4a 100644 --- a/CVE-2024/CVE-2024-14xx/CVE-2024-1441.json +++ b/CVE-2024/CVE-2024-14xx/CVE-2024-1441.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1441", "sourceIdentifier": "secalert@redhat.com", "published": "2024-03-11T14:15:06.917", - "lastModified": "2024-03-11T14:15:06.917", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-14xx/CVE-2024-1487.json b/CVE-2024/CVE-2024-14xx/CVE-2024-1487.json index f057e897ddb..88adc68aa1c 100644 --- a/CVE-2024/CVE-2024-14xx/CVE-2024-1487.json +++ b/CVE-2024/CVE-2024-14xx/CVE-2024-1487.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1487", "sourceIdentifier": "contact@wpscan.com", "published": "2024-03-11T18:15:18.057", - "lastModified": "2024-03-11T18:15:18.057", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-15xx/CVE-2024-1530.json b/CVE-2024/CVE-2024-15xx/CVE-2024-1530.json index 5677519bba7..40ba559c0a5 100644 --- a/CVE-2024/CVE-2024-15xx/CVE-2024-1530.json +++ b/CVE-2024/CVE-2024-15xx/CVE-2024-1530.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1530", "sourceIdentifier": "cna@vuldb.com", "published": "2024-02-15T13:15:46.210", - "lastModified": "2024-02-29T01:43:52.463", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-03-12T14:54:16.667", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -75,18 +95,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:shopex:ecshop:4.1.8:*:*:*:*:*:*:*", + "matchCriteriaId": "7635E5DC-5F62-40F8-8B7A-23A20E285172" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/curlyyyyyyyy/ecshop/blob/main/README.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.250562", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.250562", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-16xx/CVE-2024-1645.json b/CVE-2024/CVE-2024-16xx/CVE-2024-1645.json index cd0085e097a..c2a348fc381 100644 --- a/CVE-2024/CVE-2024-16xx/CVE-2024-1645.json +++ b/CVE-2024/CVE-2024-16xx/CVE-2024-1645.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1645", "sourceIdentifier": "security@wordfence.com", "published": "2024-03-11T22:15:54.690", - "lastModified": "2024-03-11T22:15:54.690", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-16xx/CVE-2024-1696.json b/CVE-2024/CVE-2024-16xx/CVE-2024-1696.json index c8cea9d8819..25e97dcdfb1 100644 --- a/CVE-2024/CVE-2024-16xx/CVE-2024-1696.json +++ b/CVE-2024/CVE-2024-16xx/CVE-2024-1696.json @@ -2,12 +2,16 @@ "id": "CVE-2024-1696", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2024-03-11T17:15:46.007", - "lastModified": "2024-03-11T17:15:46.007", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In Santesoft Sante FFT Imaging versions 1.4.1 and prior once a user opens a malicious DCM file on affected FFT Imaging installations, a local attacker could perform an out-of-bounds write, which could allow for arbitrary code execution.\n\n" + }, + { + "lang": "es", + "value": "En Santesoft Sante FFT Imaging versiones 1.4.1 y anteriores, una vez que un usuario abre un archivo DCM malicioso en las instalaciones de FFT Imaging afectadas, un atacante local podr\u00eda realizar una escritura fuera de los l\u00edmites, lo que podr\u00eda permitir la ejecuci\u00f3n de c\u00f3digo arbitrario." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-207xx/CVE-2024-20735.json b/CVE-2024/CVE-2024-207xx/CVE-2024-20735.json index c26d985f840..4985476d7ad 100644 --- a/CVE-2024/CVE-2024-207xx/CVE-2024-20735.json +++ b/CVE-2024/CVE-2024-207xx/CVE-2024-20735.json @@ -2,12 +2,16 @@ "id": "CVE-2024-20735", "sourceIdentifier": "psirt@adobe.com", "published": "2024-02-15T13:15:48.100", - "lastModified": "2024-02-15T17:15:08.900", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-03-12T14:54:29.657", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + }, + { + "lang": "es", + "value": "Las versiones 20.005.30539, 23.008.20470 y anteriores de Acrobat Reader se ven afectadas por una vulnerabilidad de lectura fuera de los l\u00edmites que podr\u00eda provocar la divulgaci\u00f3n de memoria confidencial. Un atacante podr\u00eda aprovechar esta vulnerabilidad para evitar mitigaciones como ASLR. La explotaci\u00f3n de este problema requiere la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso." } ], "metrics": { @@ -46,14 +50,105 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*", + "versionStartIncluding": "15.008.20082", + "versionEndExcluding": "23.008.20533", + "matchCriteriaId": "003DFCB5-0AB3-4758-AB2C-C94EABA7CCF7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*", + "versionStartIncluding": "15.008.20082", + "versionEndExcluding": "23.008.20533", + "matchCriteriaId": "E194EB06-36A7-486A-A556-A4A51256C8F7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*", + "versionStartIncluding": "20.001.30005", + "versionEndExcluding": "20.005.30574", + "matchCriteriaId": "D4DBB9C3-11E4-4F50-B7B8-B75DD384F8A5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:classic:*:*:*", + "versionStartIncluding": "20.001.30005", + "versionEndExcluding": "20.005.30574", + "matchCriteriaId": "F2BDF07B-649F-4C09-B8DD-458FF75ADB35" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] }, { "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1905", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-207xx/CVE-2024-20736.json b/CVE-2024/CVE-2024-207xx/CVE-2024-20736.json index 7a931b0d4f6..69b051159ed 100644 --- a/CVE-2024/CVE-2024-207xx/CVE-2024-20736.json +++ b/CVE-2024/CVE-2024-207xx/CVE-2024-20736.json @@ -2,12 +2,16 @@ "id": "CVE-2024-20736", "sourceIdentifier": "psirt@adobe.com", "published": "2024-02-15T13:15:48.280", - "lastModified": "2024-02-15T14:28:20.067", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-03-12T14:54:37.200", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + }, + { + "lang": "es", + "value": "Las versiones 20.005.30539, 23.008.20470 y anteriores de Acrobat Reader se ven afectadas por una vulnerabilidad de lectura fuera de los l\u00edmites que podr\u00eda provocar la divulgaci\u00f3n de memoria confidencial. Un atacante podr\u00eda aprovechar esta vulnerabilidad para evitar mitigaciones como ASLR. La explotaci\u00f3n de este problema requiere la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso." } ], "metrics": { @@ -46,10 +50,98 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*", + "versionStartIncluding": "15.008.20082", + "versionEndExcluding": "23.008.20533", + "matchCriteriaId": "003DFCB5-0AB3-4758-AB2C-C94EABA7CCF7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*", + "versionStartIncluding": "15.008.20082", + "versionEndExcluding": "23.008.20533", + "matchCriteriaId": "E194EB06-36A7-486A-A556-A4A51256C8F7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*", + "versionStartIncluding": "20.001.30005", + "versionEndExcluding": "20.005.30574", + "matchCriteriaId": "D4DBB9C3-11E4-4F50-B7B8-B75DD384F8A5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:classic:*:*:*", + "versionStartIncluding": "20.001.30005", + "versionEndExcluding": "20.005.30574", + "matchCriteriaId": "F2BDF07B-649F-4C09-B8DD-458FF75ADB35" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-207xx/CVE-2024-20738.json b/CVE-2024/CVE-2024-207xx/CVE-2024-20738.json index 9e4db2d4a9d..26bf8c61d7b 100644 --- a/CVE-2024/CVE-2024-207xx/CVE-2024-20738.json +++ b/CVE-2024/CVE-2024-207xx/CVE-2024-20738.json @@ -2,12 +2,16 @@ "id": "CVE-2024-20738", "sourceIdentifier": "psirt@adobe.com", "published": "2024-02-15T13:15:48.473", - "lastModified": "2024-02-15T14:28:20.067", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-03-12T14:54:57.657", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Adobe Framemaker versions 2022.1 and earlier are affected by an Improper Authentication vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass authentication mechanisms and gain unauthorized access. Exploitation of this issue does not require user interaction." + }, + { + "lang": "es", + "value": "Las versiones 2022.1 y anteriores de Adobe Framemaker se ven afectadas por una vulnerabilidad de autenticaci\u00f3n incorrecta que podr\u00eda provocar la omisi\u00f3n de una funci\u00f3n de seguridad. Un atacante podr\u00eda aprovechar esta vulnerabilidad para eludir los mecanismos de autenticaci\u00f3n y obtener acceso no autorizado. La explotaci\u00f3n de este problema no requiere la interacci\u00f3n del usuario." } ], "metrics": { @@ -46,10 +50,54 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:framemaker_publishing_server:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2022", + "matchCriteriaId": "8EDB2561-4477-4C25-9807-4CC9B1A6E406" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:framemaker_publishing_server:2022:-:*:*:*:*:*:*", + "matchCriteriaId": "0F6C1F2F-5C06-4DF9-8DED-3EBE8816FD44" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:framemaker_publishing_server:2022:update1:*:*:*:*:*:*", + "matchCriteriaId": "3C6393D1-C934-4FBC-89B1-A84F175FB091" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/framemaker-publishing-server/apsb24-10.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-208xx/CVE-2024-20817.json b/CVE-2024/CVE-2024-208xx/CVE-2024-20817.json index cab6952039a..47b18980240 100644 --- a/CVE-2024/CVE-2024-208xx/CVE-2024-20817.json +++ b/CVE-2024/CVE-2024-208xx/CVE-2024-20817.json @@ -2,12 +2,12 @@ "id": "CVE-2024-20817", "sourceIdentifier": "mobile.security@samsung.com", "published": "2024-02-06T03:15:09.097", - "lastModified": "2024-02-14T14:42:20.530", - "vulnStatus": "Analyzed", + "lastModified": "2024-03-12T13:15:49.313", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Out out bounds Write vulnerabilities in svc1td_vld_slh of libsthmbc.so prior to SMR Feb-2024 Release 1 allows local attackers to trigger buffer overflow." + "value": "Out-of-bounds Write vulnerabilities in svc1td_vld_slh of libsthmbc.so prior to SMR Feb-2024 Release 1 allows local attackers to trigger buffer overflow." }, { "lang": "es", diff --git a/CVE-2024/CVE-2024-208xx/CVE-2024-20818.json b/CVE-2024/CVE-2024-208xx/CVE-2024-20818.json index ea935af9929..2016376a8ba 100644 --- a/CVE-2024/CVE-2024-208xx/CVE-2024-20818.json +++ b/CVE-2024/CVE-2024-208xx/CVE-2024-20818.json @@ -2,12 +2,12 @@ "id": "CVE-2024-20818", "sourceIdentifier": "mobile.security@samsung.com", "published": "2024-02-06T03:15:09.287", - "lastModified": "2024-02-14T16:13:49.400", - "vulnStatus": "Analyzed", + "lastModified": "2024-03-12T13:15:49.510", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Out out bounds Write vulnerabilities in svc1td_vld_elh of libsthmbc.so prior to SMR Feb-2024 Release 1 allows local attackers to trigger buffer overflow." + "value": "Out-of-bounds Write vulnerabilities in svc1td_vld_elh of libsthmbc.so prior to SMR Feb-2024 Release 1 allows local attackers to trigger buffer overflow." }, { "lang": "es", diff --git a/CVE-2024/CVE-2024-208xx/CVE-2024-20819.json b/CVE-2024/CVE-2024-208xx/CVE-2024-20819.json index 6a3cca5f7e4..375346f0f47 100644 --- a/CVE-2024/CVE-2024-208xx/CVE-2024-20819.json +++ b/CVE-2024/CVE-2024-208xx/CVE-2024-20819.json @@ -2,12 +2,12 @@ "id": "CVE-2024-20819", "sourceIdentifier": "mobile.security@samsung.com", "published": "2024-02-06T03:15:09.480", - "lastModified": "2024-02-14T16:20:42.337", - "vulnStatus": "Analyzed", + "lastModified": "2024-03-12T13:15:49.597", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Out out bounds Write vulnerabilities in svc1td_vld_plh_ap of libsthmbc.so prior to SMR Feb-2024 Release 1 allows local attackers to trigger buffer overflow." + "value": "Out-of-bounds Write vulnerabilities in svc1td_vld_plh_ap of libsthmbc.so prior to SMR Feb-2024 Release 1 allows local attackers to trigger buffer overflow." }, { "lang": "es", diff --git a/CVE-2024/CVE-2024-209xx/CVE-2024-20941.json b/CVE-2024/CVE-2024-209xx/CVE-2024-20941.json index 83c1446a4e5..26f5c860fa3 100644 --- a/CVE-2024/CVE-2024-209xx/CVE-2024-20941.json +++ b/CVE-2024/CVE-2024-209xx/CVE-2024-20941.json @@ -2,8 +2,8 @@ "id": "CVE-2024-20941", "sourceIdentifier": "secalert_us@oracle.com", "published": "2024-02-17T02:15:48.560", - "lastModified": "2024-02-20T19:51:05.510", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-03-12T14:56:25.870", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -38,10 +38,45 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:installed_base:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.2.3", + "versionEndIncluding": "12.2.13", + "matchCriteriaId": "9C162720-0198-47BF-ABD5-D5C76418A066" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.oracle.com/security-alerts/cpujan2024.html", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-209xx/CVE-2024-20943.json b/CVE-2024/CVE-2024-209xx/CVE-2024-20943.json index fa1f8581908..cb9d277609b 100644 --- a/CVE-2024/CVE-2024-209xx/CVE-2024-20943.json +++ b/CVE-2024/CVE-2024-209xx/CVE-2024-20943.json @@ -2,8 +2,8 @@ "id": "CVE-2024-20943", "sourceIdentifier": "secalert_us@oracle.com", "published": "2024-02-17T02:15:48.720", - "lastModified": "2024-02-20T19:51:05.510", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-03-12T14:56:31.537", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -38,10 +38,45 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:knowledge_management:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.2.3", + "versionEndIncluding": "12.2.13", + "matchCriteriaId": "CF3B0F50-E10E-4694-B6D2-5D2C625CCA6C" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.oracle.com/security-alerts/cpujan2024.html", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-20xx/CVE-2024-2049.json b/CVE-2024/CVE-2024-20xx/CVE-2024-2049.json new file mode 100644 index 00000000000..cdb7a8de790 --- /dev/null +++ b/CVE-2024/CVE-2024-20xx/CVE-2024-2049.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-2049", + "sourceIdentifier": "secure@citrix.com", + "published": "2024-03-12T13:15:49.807", + "lastModified": "2024-03-12T13:15:49.807", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Server-Side Request Forgery (SSRF) in Citrix SD-WAN Standard/Premium Editions on or after 11.4.0 and before 11.4.4.46 allows an attacker to disclose limited information from the appliance via Access to management IP." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secure@citrix.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "secure@citrix.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + } + ], + "references": [ + { + "url": "https://support.citrix.com/article/CTX617071/citrix-sdwan-security-bulletin-for-cve20242049", + "source": "secure@citrix.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-213xx/CVE-2024-21339.json b/CVE-2024/CVE-2024-213xx/CVE-2024-21339.json index fe9aeb7e3b5..bfdd616bae3 100644 --- a/CVE-2024/CVE-2024-213xx/CVE-2024-21339.json +++ b/CVE-2024/CVE-2024-213xx/CVE-2024-21339.json @@ -2,12 +2,16 @@ "id": "CVE-2024-21339", "sourceIdentifier": "secure@microsoft.com", "published": "2024-02-13T18:15:49.267", - "lastModified": "2024-02-13T18:23:02.393", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-03-12T14:53:10.630", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Windows USB Generic Parent Driver Remote Code Execution Vulnerability" + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo del controlador principal gen\u00e9rico USB de Windows" } ], "metrics": { @@ -34,10 +38,104 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.17763.5458", + "matchCriteriaId": "97FA2666-D83E-4645-AB34-B17DD82A705B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.17763.5458", + "matchCriteriaId": "9EF5A993-EF3B-4BE1-8325-62354DD7A7E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.17763.5458", + "matchCriteriaId": "1957C71A-2CE0-4173-8BB6-0BE0E93E9BCC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19044.4046", + "matchCriteriaId": "C78776CC-3A9C-41A3-8BEB-D71D92F6579D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.4046", + "matchCriteriaId": "806CA6D2-42B2-4244-A5ED-D23E6DD56772" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2777", + "matchCriteriaId": "3F7F8173-9E59-48E4-98C9-4BEB6AE79451" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.3155", + "matchCriteriaId": "84EDBE52-EFE0-4D6D-AA76-698B6F9687D1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22631.3155", + "matchCriteriaId": "900D1DA2-6DA7-4681-966A-B9973B1329EA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.5458", + "matchCriteriaId": "A9098F92-79E7-4762-A37C-99B4CFA8CDD1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.20348.2322", + "matchCriteriaId": "5C8F0436-3AFE-48BD-AE92-8F8392DD0A1D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.25398.709", + "matchCriteriaId": "B6FCF1A0-6B8E-457A-AB6A-2DE939B9D18B" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21339", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-213xx/CVE-2024-21349.json b/CVE-2024/CVE-2024-213xx/CVE-2024-21349.json index f5a089bd070..57da8108e16 100644 --- a/CVE-2024/CVE-2024-213xx/CVE-2024-21349.json +++ b/CVE-2024/CVE-2024-213xx/CVE-2024-21349.json @@ -2,12 +2,16 @@ "id": "CVE-2024-21349", "sourceIdentifier": "secure@microsoft.com", "published": "2024-02-13T18:15:50.983", - "lastModified": "2024-02-13T18:22:58.333", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-03-12T14:53:22.373", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Microsoft ActiveX Data Objects Remote Code Execution Vulnerability" + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo de objetos de datos ActiveX de Microsoft" } ], "metrics": { @@ -34,10 +38,159 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.10240.20469", + "matchCriteriaId": "11175D86-F0D1-434C-811A-750CB5C17148" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.10240.20469", + "matchCriteriaId": "C62CCD10-636D-4979-A90F-CDBDE048518B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.14393.6709", + "matchCriteriaId": "57927CA7-FE09-43AA-9F66-6E68EE3125D7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.14393.6709", + "matchCriteriaId": "6D84C15B-58BF-4124-A1AF-BE62B4259D2D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.17763.5458", + "matchCriteriaId": "97FA2666-D83E-4645-AB34-B17DD82A705B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.17763.5458", + "matchCriteriaId": "9EF5A993-EF3B-4BE1-8325-62354DD7A7E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.17763.5458", + "matchCriteriaId": "1957C71A-2CE0-4173-8BB6-0BE0E93E9BCC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19044.4046", + "matchCriteriaId": "C78776CC-3A9C-41A3-8BEB-D71D92F6579D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.4046", + "matchCriteriaId": "806CA6D2-42B2-4244-A5ED-D23E6DD56772" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2777", + "matchCriteriaId": "3F7F8173-9E59-48E4-98C9-4BEB6AE79451" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.3155", + "matchCriteriaId": "84EDBE52-EFE0-4D6D-AA76-698B6F9687D1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22631.3155", + "matchCriteriaId": "900D1DA2-6DA7-4681-966A-B9973B1329EA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", + "matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*", + "matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6709", + "matchCriteriaId": "14F86494-7001-40DB-A99E-34A9490F5B58" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.5458", + "matchCriteriaId": "A9098F92-79E7-4762-A37C-99B4CFA8CDD1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.20348.2322", + "matchCriteriaId": "5C8F0436-3AFE-48BD-AE92-8F8392DD0A1D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.25398.709", + "matchCriteriaId": "B6FCF1A0-6B8E-457A-AB6A-2DE939B9D18B" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21349", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-213xx/CVE-2024-21356.json b/CVE-2024/CVE-2024-213xx/CVE-2024-21356.json index ebb319abd53..67d28c4d727 100644 --- a/CVE-2024/CVE-2024-213xx/CVE-2024-21356.json +++ b/CVE-2024/CVE-2024-213xx/CVE-2024-21356.json @@ -2,12 +2,16 @@ "id": "CVE-2024-21356", "sourceIdentifier": "secure@microsoft.com", "published": "2024-02-13T18:15:52.183", - "lastModified": "2024-02-13T18:22:58.333", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-03-12T14:53:57.250", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability" + }, + { + "lang": "es", + "value": "Vulnerabilidad de denegaci\u00f3n de servicio del Protocolo ligero de acceso a directorios (LDAP) de Windows" } ], "metrics": { @@ -34,10 +38,159 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.10240.20469", + "matchCriteriaId": "11175D86-F0D1-434C-811A-750CB5C17148" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.10240.20469", + "matchCriteriaId": "C62CCD10-636D-4979-A90F-CDBDE048518B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.14393.6709", + "matchCriteriaId": "57927CA7-FE09-43AA-9F66-6E68EE3125D7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.14393.6709", + "matchCriteriaId": "6D84C15B-58BF-4124-A1AF-BE62B4259D2D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.17763.5458", + "matchCriteriaId": "97FA2666-D83E-4645-AB34-B17DD82A705B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.17763.5458", + "matchCriteriaId": "9EF5A993-EF3B-4BE1-8325-62354DD7A7E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.17763.5458", + "matchCriteriaId": "1957C71A-2CE0-4173-8BB6-0BE0E93E9BCC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19044.4046", + "matchCriteriaId": "C78776CC-3A9C-41A3-8BEB-D71D92F6579D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.4046", + "matchCriteriaId": "806CA6D2-42B2-4244-A5ED-D23E6DD56772" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2777", + "matchCriteriaId": "3F7F8173-9E59-48E4-98C9-4BEB6AE79451" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.3155", + "matchCriteriaId": "84EDBE52-EFE0-4D6D-AA76-698B6F9687D1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22631.3155", + "matchCriteriaId": "900D1DA2-6DA7-4681-966A-B9973B1329EA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", + "matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*", + "matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6709", + "matchCriteriaId": "14F86494-7001-40DB-A99E-34A9490F5B58" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.5458", + "matchCriteriaId": "A9098F92-79E7-4762-A37C-99B4CFA8CDD1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.20348.2322", + "matchCriteriaId": "5C8F0436-3AFE-48BD-AE92-8F8392DD0A1D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.25398.709", + "matchCriteriaId": "B6FCF1A0-6B8E-457A-AB6A-2DE939B9D18B" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21356", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-214xx/CVE-2024-21483.json b/CVE-2024/CVE-2024-214xx/CVE-2024-21483.json new file mode 100644 index 00000000000..3e6114448d4 --- /dev/null +++ b/CVE-2024/CVE-2024-214xx/CVE-2024-21483.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-21483", + "sourceIdentifier": "productcert@siemens.com", + "published": "2024-03-12T11:15:48.217", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been identified in SENTRON 7KM PAC3120 AC/DC (7KM3120-0BA01-1DA0) (All versions >= V3.2.3 < V3.3.0 only when manufactured between LQN231003... and LQN231215... ( with LQNYYMMDD...)), SENTRON 7KM PAC3120 DC (7KM3120-1BA01-1EA0) (All versions >= V3.2.3 < V3.3.0 only when manufactured between LQN231003... and LQN231215... ( with LQNYYMMDD...)), SENTRON 7KM PAC3220 AC/DC (7KM3220-0BA01-1DA0) (All versions >= V3.2.3 < V3.3.0 only when manufactured between LQN231003... and LQN231215... ( with LQNYYMMDD...)), SENTRON 7KM PAC3220 DC (7KM3220-1BA01-1EA0) (All versions >= V3.2.3 < V3.3.0 only when manufactured between LQN231003... and LQN231215... ( with LQNYYMMDD...)). The read out protection of the internal flash of affected devices was not properly set at the end of the manufacturing process.\r\n\r\nAn attacker with physical access to the device could read out the data." + }, + { + "lang": "es", + "value": "Se ha identificado una vulnerabilidad en SENTRON 7KM PAC3120 AC/DC (7KM3120-0BA01-1DA0) (Todas las versiones >= V3.2.3 < V3.3.0 s\u00f3lo cuando se fabrican entre LQN231003... y LQN231215... ( con LQNYYMMDD... )), SENTRON 7KM PAC3120 DC (7KM3120-1BA01-1EA0) (Todas las versiones >= V3.2.3 < V3.3.0 solo cuando se fabrican entre LQN231003... y LQN231215... (con LQNYYMMDD...)), SENTRON 7KM PAC3220 AC/DC (7KM3220-0BA01-1DA0) (Todas las versiones >= V3.2.3 < V3.3.0 solo cuando se fabrican entre LQN231003... y LQN231215... (con LQNYYMMDD...)), SENTRON 7KM PAC3220 DC ( 7KM3220-1BA01-1EA0) (Todas las versiones >= V3.2.3 < V3.3.0 solo cuando se fabrican entre LQN231003... y LQN231215... (con LQNYYMMDD...)). La protecci\u00f3n de lectura del flash interno de los dispositivos afectados no se configur\u00f3 correctamente al final del proceso de fabricaci\u00f3n. Un atacante con acceso f\u00edsico al dispositivo podr\u00eda leer los datos." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "productcert@siemens.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "PHYSICAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.6, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "productcert@siemens.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://cert-portal.siemens.com/productcert/html/ssa-792319.html", + "source": "productcert@siemens.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-215xx/CVE-2024-21584.json b/CVE-2024/CVE-2024-215xx/CVE-2024-21584.json index b7ceed12c1f..52cb1ea095e 100644 --- a/CVE-2024/CVE-2024-215xx/CVE-2024-21584.json +++ b/CVE-2024/CVE-2024-215xx/CVE-2024-21584.json @@ -2,12 +2,16 @@ "id": "CVE-2024-21584", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-03-12T08:15:45.217", - "lastModified": "2024-03-12T08:15:45.217", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Pleasanter 1.3.49.0 and earlier contains a cross-site scripting vulnerability. If an attacker tricks the user to access the product with a specially crafted URL and perform a specific operation, an arbitrary script may be executed on the web browser of the user.\r\n" + }, + { + "lang": "es", + "value": "Pleasanter 1.3.49.0 y anteriores contienen una vulnerabilidad de cross-site scripting. Si un atacante enga\u00f1a al usuario para que acceda al producto con una URL especialmente manipulada y realice una operaci\u00f3n espec\u00edfica, se puede ejecutar un script arbitrario en el navegador web del usuario." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-218xx/CVE-2024-21805.json b/CVE-2024/CVE-2024-218xx/CVE-2024-21805.json index fdcf21a7956..aa986495668 100644 --- a/CVE-2024/CVE-2024-218xx/CVE-2024-21805.json +++ b/CVE-2024/CVE-2024-218xx/CVE-2024-21805.json @@ -2,8 +2,8 @@ "id": "CVE-2024-21805", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-03-12T08:15:45.277", - "lastModified": "2024-03-12T08:15:45.277", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-220xx/CVE-2024-22005.json b/CVE-2024/CVE-2024-220xx/CVE-2024-22005.json index 4c77f52fc5b..5c97cf5c977 100644 --- a/CVE-2024/CVE-2024-220xx/CVE-2024-22005.json +++ b/CVE-2024/CVE-2024-220xx/CVE-2024-22005.json @@ -2,12 +2,16 @@ "id": "CVE-2024-22005", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:47.120", - "lastModified": "2024-03-11T19:15:47.120", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In TBD of TBD, there is a possible Authentication Bypass due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En TBD de TBD, existe una posible omisi\u00f3n de autenticaci\u00f3n debido a un uso incorrecto de las criptomonedas. Esto podr\u00eda conducir a una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-220xx/CVE-2024-22006.json b/CVE-2024/CVE-2024-220xx/CVE-2024-22006.json index 42312d16235..8ff4507b795 100644 --- a/CVE-2024/CVE-2024-220xx/CVE-2024-22006.json +++ b/CVE-2024/CVE-2024-220xx/CVE-2024-22006.json @@ -2,12 +2,16 @@ "id": "CVE-2024-22006", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:47.187", - "lastModified": "2024-03-11T20:15:07.030", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Android kernel allows Information disclosure." + }, + { + "lang": "es", + "value": "El kernel de Android permite la divulgaci\u00f3n de informaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-220xx/CVE-2024-22007.json b/CVE-2024/CVE-2024-220xx/CVE-2024-22007.json index 9105ceee0e1..cffddc95e12 100644 --- a/CVE-2024/CVE-2024-220xx/CVE-2024-22007.json +++ b/CVE-2024/CVE-2024-220xx/CVE-2024-22007.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22007", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:47.233", - "lastModified": "2024-03-11T19:15:47.233", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-220xx/CVE-2024-22008.json b/CVE-2024/CVE-2024-220xx/CVE-2024-22008.json index fcaaa52902c..919971da162 100644 --- a/CVE-2024/CVE-2024-220xx/CVE-2024-22008.json +++ b/CVE-2024/CVE-2024-220xx/CVE-2024-22008.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22008", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:47.280", - "lastModified": "2024-03-11T19:15:47.280", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-220xx/CVE-2024-22009.json b/CVE-2024/CVE-2024-220xx/CVE-2024-22009.json index 5a5d828d05c..a51d90c855a 100644 --- a/CVE-2024/CVE-2024-220xx/CVE-2024-22009.json +++ b/CVE-2024/CVE-2024-220xx/CVE-2024-22009.json @@ -2,12 +2,16 @@ "id": "CVE-2024-22009", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:47.320", - "lastModified": "2024-03-11T19:15:47.320", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In init_data of TBD, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En init_data de TBD, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda conducir a una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-220xx/CVE-2024-22010.json b/CVE-2024/CVE-2024-220xx/CVE-2024-22010.json index d33522525ad..797deaa7c50 100644 --- a/CVE-2024/CVE-2024-220xx/CVE-2024-22010.json +++ b/CVE-2024/CVE-2024-220xx/CVE-2024-22010.json @@ -2,12 +2,16 @@ "id": "CVE-2024-22010", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:47.367", - "lastModified": "2024-03-11T19:15:47.367", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In dvfs_plugin_caller of fvp.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En dvfs_plugin_caller de fvp.c, hay una posible lectura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda dar lugar a la divulgaci\u00f3n de informaci\u00f3n local sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-220xx/CVE-2024-22011.json b/CVE-2024/CVE-2024-220xx/CVE-2024-22011.json index a8b7e5c452b..91e23c15556 100644 --- a/CVE-2024/CVE-2024-220xx/CVE-2024-22011.json +++ b/CVE-2024/CVE-2024-220xx/CVE-2024-22011.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22011", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:47.413", - "lastModified": "2024-03-11T19:15:47.413", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-220xx/CVE-2024-22039.json b/CVE-2024/CVE-2024-220xx/CVE-2024-22039.json new file mode 100644 index 00000000000..6ba387f0efa --- /dev/null +++ b/CVE-2024/CVE-2024-220xx/CVE-2024-22039.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-22039", + "sourceIdentifier": "productcert@siemens.com", + "published": "2024-03-12T11:15:48.420", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions < IP8), Cerberus PRO EN Fire Panel FC72x (All versions < IP8), Cerberus PRO EN X200 Cloud Distribution (All versions < V4.0.5016), Cerberus PRO EN X300 Cloud Distribution (All versions < V4.2.5015), Sinteso FS20 EN Engineering Tool (All versions < MP8), Sinteso FS20 EN Fire Panel FC20 (All versions < MP8), Sinteso FS20 EN X200 Cloud Distribution (All versions < V4.0.5016), Sinteso FS20 EN X300 Cloud Distribution (All versions < V4.2.5015), Sinteso Mobile (All versions < V3.0.0). The network communication library in affected systems does not validate the length of certain X.509 certificate attributes which might result in a stack-based buffer overflow.\r\nThis could allow an unauthenticated remote attacker to execute code on the underlying operating system with root privileges." + }, + { + "lang": "es", + "value": "Se ha identificado una vulnerabilidad en Cerberus PRO EN Engineering Tool (todas las versiones < IP8), Cerberus PRO EN Fire Panel FC72x (todas las versiones < IP8), Cerberus PRO EN X200 Cloud Distribution (todas las versiones < V4.0.5016), Cerberus PRO EN X300 Distribuci\u00f3n en la nube (todas las versiones < V4.2.5015), herramienta de ingenier\u00eda Sinteso FS20 EN (todas las versiones < MP8), central de incendios Sinteso FS20 EN FC20 (todas las versiones < MP8), distribuci\u00f3n en la nube Sinteso FS20 EN X200 (todas las versiones < V4.0.5016) , Sinteso FS20 EN X300 Cloud Distribution (todas las versiones " + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "productcert@siemens.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 10.0, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "productcert@siemens.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "references": [ + { + "url": "https://cert-portal.siemens.com/productcert/html/ssa-225840.html", + "source": "productcert@siemens.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-220xx/CVE-2024-22040.json b/CVE-2024/CVE-2024-220xx/CVE-2024-22040.json new file mode 100644 index 00000000000..5f538a09a8d --- /dev/null +++ b/CVE-2024/CVE-2024-220xx/CVE-2024-22040.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-22040", + "sourceIdentifier": "productcert@siemens.com", + "published": "2024-03-12T11:15:48.637", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions), Cerberus PRO EN Fire Panel FC72x (All versions < IP8 SR4), Cerberus PRO EN X200 Cloud Distribution (All versions < V4.3.5618), Cerberus PRO EN X300 Cloud Distribution (All versions < V4.3.5617), Sinteso FS20 EN Engineering Tool (All versions), Sinteso FS20 EN Fire Panel FC20 (All versions < MP8 SR4), Sinteso FS20 EN X200 Cloud Distribution (All versions < V4.3.5618), Sinteso FS20 EN X300 Cloud Distribution (All versions < V4.3.5617), Sinteso Mobile (All versions). The network communication library in affected systems insufficiently validates HMAC values which might result in a buffer overread.\r\nThis could allow an unauthenticated remote attacker to crash the network service." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "productcert@siemens.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "productcert@siemens.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "references": [ + { + "url": "https://cert-portal.siemens.com/productcert/html/ssa-225840.html", + "source": "productcert@siemens.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-220xx/CVE-2024-22041.json b/CVE-2024/CVE-2024-220xx/CVE-2024-22041.json new file mode 100644 index 00000000000..f26ce33cfd4 --- /dev/null +++ b/CVE-2024/CVE-2024-220xx/CVE-2024-22041.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-22041", + "sourceIdentifier": "productcert@siemens.com", + "published": "2024-03-12T11:15:48.940", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions), Cerberus PRO EN Fire Panel FC72x (All versions < IP8 SR4), Cerberus PRO EN X200 Cloud Distribution (All versions < V4.3.5618), Cerberus PRO EN X300 Cloud Distribution (All versions < V4.3.5617), Sinteso FS20 EN Engineering Tool (All versions), Sinteso FS20 EN Fire Panel FC20 (All versions < MP8 SR4), Sinteso FS20 EN X200 Cloud Distribution (All versions < V4.3.5618), Sinteso FS20 EN X300 Cloud Distribution (All versions < V4.3.5617), Sinteso Mobile (All versions). The network communication library in affected systems improperly handles memory buffers when parsing X.509 certificates.\r\nThis could allow an unauthenticated remote attacker to crash the network service." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "productcert@siemens.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "productcert@siemens.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + } + ] + } + ], + "references": [ + { + "url": "https://cert-portal.siemens.com/productcert/html/ssa-225840.html", + "source": "productcert@siemens.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-220xx/CVE-2024-22044.json b/CVE-2024/CVE-2024-220xx/CVE-2024-22044.json new file mode 100644 index 00000000000..3f1975084d7 --- /dev/null +++ b/CVE-2024/CVE-2024-220xx/CVE-2024-22044.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-22044", + "sourceIdentifier": "productcert@siemens.com", + "published": "2024-03-12T11:15:49.153", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been identified in SENTRON 3KC ATC6 Expansion Module Ethernet (3KC9000-8TL75) (All versions). Affected devices expose an unused, unstable http service at port 80/tcp on the Modbus-TCP Ethernet. This could allow an attacker on the same Modbus network to create a denial of service condition that forces the device to reboot." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "productcert@siemens.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "productcert@siemens.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-912" + } + ] + } + ], + "references": [ + { + "url": "https://cert-portal.siemens.com/productcert/html/ssa-918992.html", + "source": "productcert@siemens.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-220xx/CVE-2024-22045.json b/CVE-2024/CVE-2024-220xx/CVE-2024-22045.json new file mode 100644 index 00000000000..056354604de --- /dev/null +++ b/CVE-2024/CVE-2024-220xx/CVE-2024-22045.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-22045", + "sourceIdentifier": "productcert@siemens.com", + "published": "2024-03-12T11:15:49.390", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.1 SP1). The product places sensitive information into files or directories that are accessible to actors who are allowed to have access to the files, but not to the sensitive information. This information is also available via the web interface of the product." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "productcert@siemens.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 7.6, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.3, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "productcert@siemens.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-538" + } + ] + } + ], + "references": [ + { + "url": "https://cert-portal.siemens.com/productcert/html/ssa-653855.html", + "source": "productcert@siemens.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-221xx/CVE-2024-22127.json b/CVE-2024/CVE-2024-221xx/CVE-2024-22127.json index 329373a69b3..b3af508e568 100644 --- a/CVE-2024/CVE-2024-221xx/CVE-2024-22127.json +++ b/CVE-2024/CVE-2024-221xx/CVE-2024-22127.json @@ -2,12 +2,16 @@ "id": "CVE-2024-22127", "sourceIdentifier": "cna@sap.com", "published": "2024-03-12T01:15:49.060", - "lastModified": "2024-03-12T01:15:49.060", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "SAP NetWeaver Administrator AS Java (Administrator Log Viewer plug-in) - version 7.50, allows an attacker with high privileges to upload potentially dangerous files\u00a0which leads to command injection vulnerability. This would enable the attacker to run commands which can cause high impact on confidentiality, integrity and availability of the application.\n\n" + }, + { + "lang": "es", + "value": "SAP NetWeaver Administrator AS Java (complemento Administrator Log Viewer): versi\u00f3n 7.50, permite a un atacante con altos privilegios cargar archivos potencialmente peligrosos, lo que conduce a una vulnerabilidad de inyecci\u00f3n de comandos. Esto permitir\u00eda al atacante ejecutar comandos que pueden causar un gran impacto en la confidencialidad, integridad y disponibilidad de la aplicaci\u00f3n." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-221xx/CVE-2024-22133.json b/CVE-2024/CVE-2024-221xx/CVE-2024-22133.json index 7af9a618934..4358cea6fde 100644 --- a/CVE-2024/CVE-2024-221xx/CVE-2024-22133.json +++ b/CVE-2024/CVE-2024-221xx/CVE-2024-22133.json @@ -2,12 +2,16 @@ "id": "CVE-2024-22133", "sourceIdentifier": "cna@sap.com", "published": "2024-03-12T01:15:49.293", - "lastModified": "2024-03-12T01:15:49.293", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "SAP Fiori Front End Server - version 605, allows altering of approver details on the read-only field when sending leave request information. This could lead to creation of request with incorrect approver causing low impact on Confidentiality and Integrity with no impact on\u00a0Availability of the application.\n\n" + }, + { + "lang": "es", + "value": "SAP Fiori Front End Server: versi\u00f3n 605, permite modificar los detalles del aprobador en el campo de solo lectura al enviar informaci\u00f3n de solicitud de licencia. Esto podr\u00eda dar lugar a la creaci\u00f3n de una solicitud con un aprobador incorrecto, lo que provocar\u00eda un bajo impacto en la confidencialidad y la integridad, sin ning\u00fan impacto en la disponibilidad de la aplicaci\u00f3n." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-236xx/CVE-2024-23608.json b/CVE-2024/CVE-2024-236xx/CVE-2024-23608.json index 9e16056c004..7c518155db2 100644 --- a/CVE-2024/CVE-2024-236xx/CVE-2024-23608.json +++ b/CVE-2024/CVE-2024-236xx/CVE-2024-23608.json @@ -2,8 +2,8 @@ "id": "CVE-2024-23608", "sourceIdentifier": "security@ni.com", "published": "2024-03-11T16:15:07.897", - "lastModified": "2024-03-11T16:15:07.897", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-236xx/CVE-2024-23609.json b/CVE-2024/CVE-2024-236xx/CVE-2024-23609.json index 0f4a6cedd0e..1c2a380cf02 100644 --- a/CVE-2024/CVE-2024-236xx/CVE-2024-23609.json +++ b/CVE-2024/CVE-2024-236xx/CVE-2024-23609.json @@ -2,12 +2,16 @@ "id": "CVE-2024-23609", "sourceIdentifier": "security@ni.com", "published": "2024-03-11T16:15:08.157", - "lastModified": "2024-03-11T16:15:08.157", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "An improper error handling vulnerability in LabVIEW may result in remote code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q1 and prior versions.\n\n" + }, + { + "lang": "es", + "value": "Una vulnerabilidad de manejo incorrecto de errores en LabVIEW puede resultar en la ejecuci\u00f3n remota de c\u00f3digo. La explotaci\u00f3n exitosa requiere que un atacante proporcione al usuario un VI especialmente manipulado. Esta vulnerabilidad afecta a LabVIEW 2024 Q1 y versiones anteriores." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-236xx/CVE-2024-23610.json b/CVE-2024/CVE-2024-236xx/CVE-2024-23610.json index d66dfc1b44b..0e6628723e2 100644 --- a/CVE-2024/CVE-2024-236xx/CVE-2024-23610.json +++ b/CVE-2024/CVE-2024-236xx/CVE-2024-23610.json @@ -2,8 +2,8 @@ "id": "CVE-2024-23610", "sourceIdentifier": "security@ni.com", "published": "2024-03-11T16:15:08.370", - "lastModified": "2024-03-11T16:15:08.370", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-236xx/CVE-2024-23611.json b/CVE-2024/CVE-2024-236xx/CVE-2024-23611.json index 2d9156870c9..23d9f9d23dd 100644 --- a/CVE-2024/CVE-2024-236xx/CVE-2024-23611.json +++ b/CVE-2024/CVE-2024-236xx/CVE-2024-23611.json @@ -2,8 +2,8 @@ "id": "CVE-2024-23611", "sourceIdentifier": "security@ni.com", "published": "2024-03-11T16:15:08.557", - "lastModified": "2024-03-11T16:15:08.557", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-236xx/CVE-2024-23612.json b/CVE-2024/CVE-2024-236xx/CVE-2024-23612.json index 6b6bfccd138..38884773af0 100644 --- a/CVE-2024/CVE-2024-236xx/CVE-2024-23612.json +++ b/CVE-2024/CVE-2024-236xx/CVE-2024-23612.json @@ -2,12 +2,16 @@ "id": "CVE-2024-23612", "sourceIdentifier": "security@ni.com", "published": "2024-03-11T16:15:08.743", - "lastModified": "2024-03-11T16:15:08.743", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "An improper error handling vulnerability in LabVIEW may result in remote code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q1 and prior versions.\n\n" + }, + { + "lang": "es", + "value": "Una vulnerabilidad de manejo incorrecto de errores en LabVIEW puede resultar en la ejecuci\u00f3n remota de c\u00f3digo. La explotaci\u00f3n exitosa requiere que un atacante proporcione al usuario un VI especialmente manipulado. Esta vulnerabilidad afecta a LabVIEW 2024 Q1 y versiones anteriores." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-237xx/CVE-2024-23717.json b/CVE-2024/CVE-2024-237xx/CVE-2024-23717.json index 727a7ad6bf0..48def7db51c 100644 --- a/CVE-2024/CVE-2024-237xx/CVE-2024-23717.json +++ b/CVE-2024/CVE-2024-237xx/CVE-2024-23717.json @@ -2,12 +2,16 @@ "id": "CVE-2024-23717", "sourceIdentifier": "security@android.com", "published": "2024-03-11T17:15:46.253", - "lastModified": "2024-03-11T17:15:46.253", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In access_secure_service_from_temp_bond of btm_sec.cc, there is a possible way to achieve keystroke injection due to improper input validation. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En access_secure_service_from_temp_bond de btm_sec.cc, existe una forma posible de lograr la inyecci\u00f3n de pulsaciones de teclas debido a una validaci\u00f3n de entrada incorrecta. Esto podr\u00eda conducir a una escalada de privilegios remota (proximal/adyacente) sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-23xx/CVE-2024-2357.json b/CVE-2024/CVE-2024-23xx/CVE-2024-2357.json index c3495a41b43..93072e1337a 100644 --- a/CVE-2024/CVE-2024-23xx/CVE-2024-2357.json +++ b/CVE-2024/CVE-2024-23xx/CVE-2024-2357.json @@ -2,8 +2,8 @@ "id": "CVE-2024-2357", "sourceIdentifier": "d42dc95b-23f1-4e06-9076-20753a0fb0df", "published": "2024-03-11T20:15:07.867", - "lastModified": "2024-03-11T20:15:07.867", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-23xx/CVE-2024-2370.json b/CVE-2024/CVE-2024-23xx/CVE-2024-2370.json index 02215a8dc71..5b17f8ab513 100644 --- a/CVE-2024/CVE-2024-23xx/CVE-2024-2370.json +++ b/CVE-2024/CVE-2024-23xx/CVE-2024-2370.json @@ -2,8 +2,8 @@ "id": "CVE-2024-2370", "sourceIdentifier": "cve-coordination@incibe.es", "published": "2024-03-11T13:15:52.920", - "lastModified": "2024-03-11T13:15:52.920", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-23xx/CVE-2024-2371.json b/CVE-2024/CVE-2024-23xx/CVE-2024-2371.json index bad40cac469..92cb1e0ac46 100644 --- a/CVE-2024/CVE-2024-23xx/CVE-2024-2371.json +++ b/CVE-2024/CVE-2024-23xx/CVE-2024-2371.json @@ -2,8 +2,8 @@ "id": "CVE-2024-2371", "sourceIdentifier": "cve-coordination@incibe.es", "published": "2024-03-12T09:15:10.133", - "lastModified": "2024-03-12T09:15:10.133", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-23xx/CVE-2024-2391.json b/CVE-2024/CVE-2024-23xx/CVE-2024-2391.json new file mode 100644 index 00000000000..b9dc7de4535 --- /dev/null +++ b/CVE-2024/CVE-2024-23xx/CVE-2024-2391.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2024-2391", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-03-12T11:15:49.923", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in EVE-NG 5.0.1-13 and classified as problematic. Affected by this issue is some unknown functionality of the component Lab Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-256442 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 2.4, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 0.9, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "MULTIPLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE", + "baseScore": 3.3 + }, + "baseSeverity": "LOW", + "exploitabilityScore": 6.4, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://vuldb.com/?ctiid.256442", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.256442", + "source": "cna@vuldb.com" + }, + { + "url": "https://www.exploit-db.com/exploits/51153", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-23xx/CVE-2024-2393.json b/CVE-2024/CVE-2024-23xx/CVE-2024-2393.json new file mode 100644 index 00000000000..f8d028e3934 --- /dev/null +++ b/CVE-2024/CVE-2024-23xx/CVE-2024-2393.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2024-2393", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-03-12T13:15:50.023", + "lastModified": "2024-03-12T13:15:50.023", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in SourceCodester CRUD without Page Reload 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file add_user.php. The manipulation of the argument city leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-256453 was assigned to this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/CveSecLook/cve/blob/main/CRUD%20(Create%2C%20Read%2C%20Update%2C%20Delete)%20Without%20Page%20Reload%3ARefresh%20Using%20PHP%20and%20MySQL%20with%20Source%20Code%202/sql-1.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.256453", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.256453", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-241xx/CVE-2024-24146.json b/CVE-2024/CVE-2024-241xx/CVE-2024-24146.json index 39ebc2d7bf3..f5645e6f8ec 100644 --- a/CVE-2024/CVE-2024-241xx/CVE-2024-24146.json +++ b/CVE-2024/CVE-2024-241xx/CVE-2024-24146.json @@ -2,19 +2,79 @@ "id": "CVE-2024-24146", "sourceIdentifier": "cve@mitre.org", "published": "2024-02-29T01:44:11.657", - "lastModified": "2024-02-29T13:49:29.390", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-03-12T14:56:47.377", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A memory leak issue discovered in parseSWF_DEFINEBUTTON in libming v0.4.8 allows attackers to cause s denial of service via a crafted SWF file." + }, + { + "lang": "es", + "value": "Un problema de p\u00e9rdida de memoria descubierto en parseSWF_DEFINEBUTTON en libming v0.4.8 permite a los atacantes provocar una denegaci\u00f3n de servicio a trav\u00e9s de un archivo SWF manipulado." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-401" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:libming:libming:0.4.8:*:*:*:*:*:*:*", + "matchCriteriaId": "DD92BC79-2548-4C6F-9BDD-26C12BDF68AC" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/libming/libming/issues/307", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-241xx/CVE-2024-24147.json b/CVE-2024/CVE-2024-241xx/CVE-2024-24147.json index bd45d277b1a..4c6e5ece0d2 100644 --- a/CVE-2024/CVE-2024-241xx/CVE-2024-24147.json +++ b/CVE-2024/CVE-2024-241xx/CVE-2024-24147.json @@ -2,19 +2,79 @@ "id": "CVE-2024-24147", "sourceIdentifier": "cve@mitre.org", "published": "2024-02-29T01:44:11.693", - "lastModified": "2024-02-29T13:49:29.390", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-03-12T14:57:28.893", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A memory leak issue discovered in parseSWF_FILLSTYLEARRAY in libming v0.4.8 allows attackers to cause s denial of service via a crafted SWF file." + }, + { + "lang": "es", + "value": "Un problema de p\u00e9rdida de memoria descubierto en parseSWF_FILLSTYLEARRAY en libming v0.4.8 permite a los atacantes provocar una denegaci\u00f3n de servicio a trav\u00e9s de un archivo SWF manipulado." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-401" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:libming:libming:0.4.8:*:*:*:*:*:*:*", + "matchCriteriaId": "DD92BC79-2548-4C6F-9BDD-26C12BDF68AC" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/libming/libming/issues/311", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-241xx/CVE-2024-24149.json b/CVE-2024/CVE-2024-241xx/CVE-2024-24149.json index 08d2deb2fce..9bf0d0bac44 100644 --- a/CVE-2024/CVE-2024-241xx/CVE-2024-24149.json +++ b/CVE-2024/CVE-2024-241xx/CVE-2024-24149.json @@ -2,19 +2,79 @@ "id": "CVE-2024-24149", "sourceIdentifier": "cve@mitre.org", "published": "2024-02-29T01:44:11.737", - "lastModified": "2024-02-29T13:49:29.390", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-03-12T14:57:32.097", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A memory leak issue discovered in parseSWF_GLYPHENTRY in libming v0.4.8 allows attackers to cause a denial of service via a crafted SWF file." + }, + { + "lang": "es", + "value": "Un problema de p\u00e9rdida de memoria descubierto en parseSWF_GLYPHENTRY en libming v0.4.8 permite a los atacantes provocar una denegaci\u00f3n de servicio a trav\u00e9s de un archivo SWF manipulado." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-401" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:libming:libming:0.4.8:*:*:*:*:*:*:*", + "matchCriteriaId": "DD92BC79-2548-4C6F-9BDD-26C12BDF68AC" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/libming/libming/issues/310", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-241xx/CVE-2024-24150.json b/CVE-2024/CVE-2024-241xx/CVE-2024-24150.json index ca9be143eaa..8ee707750ec 100644 --- a/CVE-2024/CVE-2024-241xx/CVE-2024-24150.json +++ b/CVE-2024/CVE-2024-241xx/CVE-2024-24150.json @@ -2,19 +2,79 @@ "id": "CVE-2024-24150", "sourceIdentifier": "cve@mitre.org", "published": "2024-02-29T01:44:11.777", - "lastModified": "2024-02-29T13:49:29.390", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-03-12T14:59:55.920", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A memory leak issue discovered in parseSWF_TEXTRECORD in libming v0.4.8 allows attackers to cause a denial of service via a crafted SWF file." + }, + { + "lang": "es", + "value": "Un problema de p\u00e9rdida de memoria descubierto en parseSWF_TEXTRECORD en libming v0.4.8 permite a los atacantes provocar una denegaci\u00f3n de servicio a trav\u00e9s de un archivo SWF manipulado." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-401" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:libming:libming:0.4.8:*:*:*:*:*:*:*", + "matchCriteriaId": "DD92BC79-2548-4C6F-9BDD-26C12BDF68AC" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/libming/libming/issues/309", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-249xx/CVE-2024-24964.json b/CVE-2024/CVE-2024-249xx/CVE-2024-24964.json index 79d5ad4c3e9..e42ba49700d 100644 --- a/CVE-2024/CVE-2024-249xx/CVE-2024-24964.json +++ b/CVE-2024/CVE-2024-249xx/CVE-2024-24964.json @@ -2,8 +2,8 @@ "id": "CVE-2024-24964", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-03-12T08:15:45.327", - "lastModified": "2024-03-12T08:15:45.327", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-251xx/CVE-2024-25114.json b/CVE-2024/CVE-2024-251xx/CVE-2024-25114.json index 91f877b16f1..d6307bd4cae 100644 --- a/CVE-2024/CVE-2024-251xx/CVE-2024-25114.json +++ b/CVE-2024/CVE-2024-251xx/CVE-2024-25114.json @@ -2,12 +2,16 @@ "id": "CVE-2024-25114", "sourceIdentifier": "security-advisories@github.com", "published": "2024-03-11T22:15:54.870", - "lastModified": "2024-03-11T22:15:54.870", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Collabora Online is a collaborative online office suite based on LibreOffice technology. Each document in Collabora Online is opened by a separate \"Kit\" instance in a different \"jail\" with a unique directory \"jailID\" name. For security reasons, this directory name is randomly generated and should not be given out to the client. In affected versions of Collabora Online it is possible to use the CELL() function, with the \"filename\" argument, in the spreadsheet component to get a path which includes this JailID. The impact of this vulnerability in its own is low because it requires to be chained with another vulnerability. Users should upgrade to Collabora Online 23.05.9; Collabora Online 22.05.22; Collabora Online 21.11.10 or higher. There are no known workarounds for this vulnerability." + }, + { + "lang": "es", + "value": "Collabora Online es una suite ofim\u00e1tica colaborativa en l\u00ednea basada en la tecnolog\u00eda LibreOffice. Cada documento en Collabora Online se abre mediante una instancia de \"Kit\" separada en una \"c\u00e1rcel\" diferente con un nombre de directorio \u00fanico \"jailID\". Por razones de seguridad, este nombre de directorio se genera aleatoriamente y no debe entregarse al cliente. En las versiones afectadas de Collabora Online es posible utilizar la funci\u00f3n CELL(), con el argumento \"nombre de archivo\", en el componente de hoja de c\u00e1lculo para obtener una ruta que incluya este JailID. El impacto de esta vulnerabilidad por s\u00ed sola es bajo porque requiere ser encadenada con otra vulnerabilidad. Los usuarios deben actualizar a Collabora Online 23.05.9; Colabora en l\u00ednea 22.05.22; Collabora Online 21.11.10 o superior. No se conocen workarounds para esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-253xx/CVE-2024-25325.json b/CVE-2024/CVE-2024-253xx/CVE-2024-25325.json index 98fda42961f..03a6450e57b 100644 --- a/CVE-2024/CVE-2024-253xx/CVE-2024-25325.json +++ b/CVE-2024/CVE-2024-253xx/CVE-2024-25325.json @@ -2,8 +2,8 @@ "id": "CVE-2024-25325", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-12T08:15:45.370", - "lastModified": "2024-03-12T08:15:45.370", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-253xx/CVE-2024-25331.json b/CVE-2024/CVE-2024-253xx/CVE-2024-25331.json index d76cc07ef2a..c25bbde585b 100644 --- a/CVE-2024/CVE-2024-253xx/CVE-2024-25331.json +++ b/CVE-2024/CVE-2024-253xx/CVE-2024-25331.json @@ -2,12 +2,16 @@ "id": "CVE-2024-25331", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-12T06:15:07.970", - "lastModified": "2024-03-12T06:15:07.970", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "DIR-822 Rev. B Firmware v2.02KRB09 and DIR-822-CA Rev. B Firmware v2.03WWb01 suffer from a LAN-Side Unauthenticated Remote Code Execution (RCE) vulnerability elevated from HNAP Stack-Based Buffer Overflow." + }, + { + "lang": "es", + "value": "El firmware DIR-822 Rev. B v2.02KRB09 y el firmware DIR-822-CA Rev. B v2.03WWb01 sufren una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo (RCE) no autenticado en el lado LAN elevada por desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria HNAP." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-256xx/CVE-2024-25644.json b/CVE-2024/CVE-2024-256xx/CVE-2024-25644.json index 7ff593e3449..2fcdab23099 100644 --- a/CVE-2024/CVE-2024-256xx/CVE-2024-25644.json +++ b/CVE-2024/CVE-2024-256xx/CVE-2024-25644.json @@ -2,12 +2,16 @@ "id": "CVE-2024-25644", "sourceIdentifier": "cna@sap.com", "published": "2024-03-12T01:15:49.567", - "lastModified": "2024-03-12T01:15:49.567", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Under certain conditions SAP NetWeaver\u00a0WSRM\u00a0- version 7.50, allows an attacker to access information which would otherwise be restricted, causing low impact on Confidentiality with no impact on Integrity and Availability of the application.\n\n" + }, + { + "lang": "es", + "value": "Bajo ciertas condiciones, SAP NetWeaver WSRM - versi\u00f3n 7.50, permite que un atacante acceda a informaci\u00f3n que de otro modo estar\u00eda restringida, lo que causa un bajo impacto en la confidencialidad sin ning\u00fan impacto en la integridad y disponibilidad de la aplicaci\u00f3n." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-256xx/CVE-2024-25645.json b/CVE-2024/CVE-2024-256xx/CVE-2024-25645.json index e18dd60cebc..06bbd752451 100644 --- a/CVE-2024/CVE-2024-256xx/CVE-2024-25645.json +++ b/CVE-2024/CVE-2024-256xx/CVE-2024-25645.json @@ -2,12 +2,16 @@ "id": "CVE-2024-25645", "sourceIdentifier": "cna@sap.com", "published": "2024-03-12T01:15:49.780", - "lastModified": "2024-03-12T01:15:49.780", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Under certain condition\u00a0SAP\u00a0NetWeaver (Enterprise Portal) - version 7.50\u00a0allows an attacker to access information which would otherwise be restricted causing low impact on confidentiality of the application and with no impact on Integrity and Availability of the application.\n\n" + }, + { + "lang": "es", + "value": "Bajo ciertas condiciones, SAP NetWeaver (Enterprise Portal): la versi\u00f3n 7.50 permite a un atacante acceder a informaci\u00f3n que de otro modo estar\u00eda restringida, lo que causa un impacto bajo en la confidencialidad de la aplicaci\u00f3n y sin impacto en la integridad y disponibilidad de la aplicaci\u00f3n." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-258xx/CVE-2024-25854.json b/CVE-2024/CVE-2024-258xx/CVE-2024-25854.json index 8e346e0ae58..afbe8b0c6b8 100644 --- a/CVE-2024/CVE-2024-258xx/CVE-2024-25854.json +++ b/CVE-2024/CVE-2024-258xx/CVE-2024-25854.json @@ -2,8 +2,8 @@ "id": "CVE-2024-25854", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-11T22:15:55.210", - "lastModified": "2024-03-11T22:15:55.210", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-259xx/CVE-2024-25984.json b/CVE-2024/CVE-2024-259xx/CVE-2024-25984.json index e2f0bafa0ac..731e59e65c9 100644 --- a/CVE-2024/CVE-2024-259xx/CVE-2024-25984.json +++ b/CVE-2024/CVE-2024-259xx/CVE-2024-25984.json @@ -2,8 +2,8 @@ "id": "CVE-2024-25984", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:47.460", - "lastModified": "2024-03-11T19:15:47.460", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-259xx/CVE-2024-25985.json b/CVE-2024/CVE-2024-259xx/CVE-2024-25985.json index 4f2e0de7042..e6905ece066 100644 --- a/CVE-2024/CVE-2024-259xx/CVE-2024-25985.json +++ b/CVE-2024/CVE-2024-259xx/CVE-2024-25985.json @@ -2,12 +2,16 @@ "id": "CVE-2024-25985", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:47.513", - "lastModified": "2024-03-11T19:15:47.513", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In bigo_unlocked_ioctl of bigo.c, there is a possible UAF due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En bigo_unlocked_ioctl de bigo.c, existe un posible UAF debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda conducir a una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-259xx/CVE-2024-25986.json b/CVE-2024/CVE-2024-259xx/CVE-2024-25986.json index 02487e3a634..c584afe098c 100644 --- a/CVE-2024/CVE-2024-259xx/CVE-2024-25986.json +++ b/CVE-2024/CVE-2024-259xx/CVE-2024-25986.json @@ -2,12 +2,16 @@ "id": "CVE-2024-25986", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:47.560", - "lastModified": "2024-03-11T19:15:47.560", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In ppmp_unprotect_buf of drm_fw.c, there is a possible compromise of protected memory due to a logic error in the code. This could lead to local escalation of privilege to TEE with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En ppmp_unprotect_buf de drm_fw.c, existe un posible compromiso de la memoria protegida debido a un error l\u00f3gico en el c\u00f3digo. Esto podr\u00eda llevar a una escalada local de privilegios a TEE sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-259xx/CVE-2024-25987.json b/CVE-2024/CVE-2024-259xx/CVE-2024-25987.json index 8a421fbf598..6969e8074a0 100644 --- a/CVE-2024/CVE-2024-259xx/CVE-2024-25987.json +++ b/CVE-2024/CVE-2024-259xx/CVE-2024-25987.json @@ -2,12 +2,16 @@ "id": "CVE-2024-25987", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:47.603", - "lastModified": "2024-03-11T19:15:47.603", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In pt_sysctl_command of pt.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En pt_sysctl_command de pt.c, hay una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites incorrecta. Esto podr\u00eda llevar a una escalada local de privilegios con permisos de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-259xx/CVE-2024-25988.json b/CVE-2024/CVE-2024-259xx/CVE-2024-25988.json index 04a8c21d27f..9f4d74cc925 100644 --- a/CVE-2024/CVE-2024-259xx/CVE-2024-25988.json +++ b/CVE-2024/CVE-2024-259xx/CVE-2024-25988.json @@ -2,12 +2,16 @@ "id": "CVE-2024-25988", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:47.650", - "lastModified": "2024-03-11T19:15:47.650", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In SAEMM_DiscloseGuti of SAEMM_RadioMessageCodec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En SAEMM_DiscloseGuti de SAEMM_RadioMessageCodec.c, existe una posible lectura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda conducir a la divulgaci\u00f3n remota de informaci\u00f3n sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-259xx/CVE-2024-25989.json b/CVE-2024/CVE-2024-259xx/CVE-2024-25989.json index f0a8fd16f7e..0c6aa007b7a 100644 --- a/CVE-2024/CVE-2024-259xx/CVE-2024-25989.json +++ b/CVE-2024/CVE-2024-259xx/CVE-2024-25989.json @@ -2,12 +2,16 @@ "id": "CVE-2024-25989", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:47.697", - "lastModified": "2024-03-11T19:15:47.697", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In gpu_slc_liveness_update of pixel_gpu_slc.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En gpu_slc_liveness_update de pixel_gpu_slc.c, hay una posible lectura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda dar lugar a la divulgaci\u00f3n de informaci\u00f3n local sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-259xx/CVE-2024-25990.json b/CVE-2024/CVE-2024-259xx/CVE-2024-25990.json index 7b9d90cb015..826c53e96ab 100644 --- a/CVE-2024/CVE-2024-259xx/CVE-2024-25990.json +++ b/CVE-2024/CVE-2024-259xx/CVE-2024-25990.json @@ -2,12 +2,16 @@ "id": "CVE-2024-25990", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:47.743", - "lastModified": "2024-03-11T19:15:47.743", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In pktproc_perftest_gen_rx_packet_sktbuf_mode of link_rx_pktproc.c, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En pktproc_perftest_gen_rx_packet_sktbuf_mode de link_rx_pktproc.c, existe una posible escritura fuera de los l\u00edmites debido a una condici\u00f3n de ejecuci\u00f3n. Esto podr\u00eda llevar a una escalada local de privilegios con permisos de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-259xx/CVE-2024-25991.json b/CVE-2024/CVE-2024-259xx/CVE-2024-25991.json index 9ba59cf3ec1..a8965c841f4 100644 --- a/CVE-2024/CVE-2024-259xx/CVE-2024-25991.json +++ b/CVE-2024/CVE-2024-259xx/CVE-2024-25991.json @@ -2,8 +2,8 @@ "id": "CVE-2024-25991", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:47.793", - "lastModified": "2024-03-11T19:15:47.793", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-259xx/CVE-2024-25992.json b/CVE-2024/CVE-2024-259xx/CVE-2024-25992.json index b6551007f76..a20e8893a4d 100644 --- a/CVE-2024/CVE-2024-259xx/CVE-2024-25992.json +++ b/CVE-2024/CVE-2024-259xx/CVE-2024-25992.json @@ -2,12 +2,16 @@ "id": "CVE-2024-25992", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:47.840", - "lastModified": "2024-03-11T19:15:47.840", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In tmu_tz_control of tmu.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En tmu_tz_control de tmu.c, existe una posible lectura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda conducir a una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-259xx/CVE-2024-25993.json b/CVE-2024/CVE-2024-259xx/CVE-2024-25993.json index f26ae99b668..50a0331e93a 100644 --- a/CVE-2024/CVE-2024-259xx/CVE-2024-25993.json +++ b/CVE-2024/CVE-2024-259xx/CVE-2024-25993.json @@ -2,12 +2,16 @@ "id": "CVE-2024-25993", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:47.883", - "lastModified": "2024-03-11T19:15:47.883", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In tmu_reset_tmu_trip_counter of TBD, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En tmu_reset_tmu_trip_counter de TBD, hay una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltante. Esto podr\u00eda conducir a una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-259xx/CVE-2024-25994.json b/CVE-2024/CVE-2024-259xx/CVE-2024-25994.json index 0e901e8cc2e..c0b65fa9aac 100644 --- a/CVE-2024/CVE-2024-259xx/CVE-2024-25994.json +++ b/CVE-2024/CVE-2024-259xx/CVE-2024-25994.json @@ -2,12 +2,16 @@ "id": "CVE-2024-25994", "sourceIdentifier": "info@cert.vde.com", "published": "2024-03-12T09:15:07.080", - "lastModified": "2024-03-12T09:15:07.080", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "An unauthenticated remote attacker can upload a arbitrary script file due to improper input validation.\u00a0The upload destination is fixed and is write only." + }, + { + "lang": "es", + "value": "Un atacante remoto no autenticado puede cargar un archivo de script arbitrario debido a una validaci\u00f3n de entrada incorrecta. El destino de carga es fijo y es de solo escritura." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-259xx/CVE-2024-25995.json b/CVE-2024/CVE-2024-259xx/CVE-2024-25995.json index 11af1ca4924..be416db146d 100644 --- a/CVE-2024/CVE-2024-259xx/CVE-2024-25995.json +++ b/CVE-2024/CVE-2024-259xx/CVE-2024-25995.json @@ -2,12 +2,16 @@ "id": "CVE-2024-25995", "sourceIdentifier": "info@cert.vde.com", "published": "2024-03-12T09:15:07.343", - "lastModified": "2024-03-12T09:15:07.343", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "An unauthenticated remote attacker can modify configurations to perform a remote code execution due to a missing authentication for a critical function." + }, + { + "lang": "es", + "value": "Un atacante remoto no autenticado puede modificar las configuraciones para realizar una ejecuci\u00f3n remota de c\u00f3digo debido a una falta de autenticaci\u00f3n para una funci\u00f3n cr\u00edtica." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-259xx/CVE-2024-25996.json b/CVE-2024/CVE-2024-259xx/CVE-2024-25996.json index e0b4471d914..20e6007ee4f 100644 --- a/CVE-2024/CVE-2024-259xx/CVE-2024-25996.json +++ b/CVE-2024/CVE-2024-259xx/CVE-2024-25996.json @@ -2,8 +2,8 @@ "id": "CVE-2024-25996", "sourceIdentifier": "info@cert.vde.com", "published": "2024-03-12T09:15:07.573", - "lastModified": "2024-03-12T09:15:07.573", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-259xx/CVE-2024-25997.json b/CVE-2024/CVE-2024-259xx/CVE-2024-25997.json index 49ca1321c10..a70fb222075 100644 --- a/CVE-2024/CVE-2024-259xx/CVE-2024-25997.json +++ b/CVE-2024/CVE-2024-259xx/CVE-2024-25997.json @@ -2,12 +2,16 @@ "id": "CVE-2024-25997", "sourceIdentifier": "info@cert.vde.com", "published": "2024-03-12T09:15:07.810", - "lastModified": "2024-03-12T09:15:07.810", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "An unauthenticated remote attacker can perform a log injection due to improper input validation. Only a certain log file is affected.\n\n" + }, + { + "lang": "es", + "value": "Un atacante remoto no autenticado puede realizar una inyecci\u00f3n de registro debido a una validaci\u00f3n de entrada incorrecta. S\u00f3lo un determinado archivo de registro se ve afectado." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-259xx/CVE-2024-25998.json b/CVE-2024/CVE-2024-259xx/CVE-2024-25998.json index 715bd542d18..ba51a465b91 100644 --- a/CVE-2024/CVE-2024-259xx/CVE-2024-25998.json +++ b/CVE-2024/CVE-2024-259xx/CVE-2024-25998.json @@ -2,12 +2,16 @@ "id": "CVE-2024-25998", "sourceIdentifier": "info@cert.vde.com", "published": "2024-03-12T09:15:08.020", - "lastModified": "2024-03-12T09:15:08.020", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "An unauthenticated remote attacker can perform a command injection\u00a0in the OCPP\u00a0Service with limited privileges due to improper input validation.\n\n" + }, + { + "lang": "es", + "value": "Un atacante remoto no autenticado puede realizar una inyecci\u00f3n de comando en el servicio OCPP con privilegios limitados debido a una validaci\u00f3n de entrada incorrecta." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-259xx/CVE-2024-25999.json b/CVE-2024/CVE-2024-259xx/CVE-2024-25999.json index 6786ca6c8b9..195491f208f 100644 --- a/CVE-2024/CVE-2024-259xx/CVE-2024-25999.json +++ b/CVE-2024/CVE-2024-259xx/CVE-2024-25999.json @@ -2,8 +2,8 @@ "id": "CVE-2024-25999", "sourceIdentifier": "info@cert.vde.com", "published": "2024-03-12T09:15:08.233", - "lastModified": "2024-03-12T09:15:08.233", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-260xx/CVE-2024-26000.json b/CVE-2024/CVE-2024-260xx/CVE-2024-26000.json index 1f00d600e9b..2a1924bbbc5 100644 --- a/CVE-2024/CVE-2024-260xx/CVE-2024-26000.json +++ b/CVE-2024/CVE-2024-260xx/CVE-2024-26000.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26000", "sourceIdentifier": "info@cert.vde.com", "published": "2024-03-12T09:15:08.493", - "lastModified": "2024-03-12T09:15:08.493", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-260xx/CVE-2024-26001.json b/CVE-2024/CVE-2024-260xx/CVE-2024-26001.json index b3fd09a5cf2..ca086cdb18f 100644 --- a/CVE-2024/CVE-2024-260xx/CVE-2024-26001.json +++ b/CVE-2024/CVE-2024-260xx/CVE-2024-26001.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26001", "sourceIdentifier": "info@cert.vde.com", "published": "2024-03-12T09:15:08.730", - "lastModified": "2024-03-12T09:15:08.730", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-260xx/CVE-2024-26002.json b/CVE-2024/CVE-2024-260xx/CVE-2024-26002.json index 2b05a9a4f71..8e162c6ceb6 100644 --- a/CVE-2024/CVE-2024-260xx/CVE-2024-26002.json +++ b/CVE-2024/CVE-2024-260xx/CVE-2024-26002.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26002", "sourceIdentifier": "info@cert.vde.com", "published": "2024-03-12T09:15:08.940", - "lastModified": "2024-03-12T09:15:08.940", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-260xx/CVE-2024-26003.json b/CVE-2024/CVE-2024-260xx/CVE-2024-26003.json index f540686ce8b..b6d05972c60 100644 --- a/CVE-2024/CVE-2024-260xx/CVE-2024-26003.json +++ b/CVE-2024/CVE-2024-260xx/CVE-2024-26003.json @@ -2,12 +2,16 @@ "id": "CVE-2024-26003", "sourceIdentifier": "info@cert.vde.com", "published": "2024-03-12T09:15:09.140", - "lastModified": "2024-03-12T09:15:09.140", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "An unauthenticated remote attacker can DoS the control agent due to a out-of-bounds read which may prevent or disrupt the charging functionality.\u00a0" + }, + { + "lang": "es", + "value": "Un atacante remoto no autenticado puede hacer DoS al agente de control debido a una lectura fuera de los l\u00edmites que puede impedir o interrumpir la funcionalidad de carga." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-260xx/CVE-2024-26004.json b/CVE-2024/CVE-2024-260xx/CVE-2024-26004.json index ec7a4fb7c05..728af139aab 100644 --- a/CVE-2024/CVE-2024-260xx/CVE-2024-26004.json +++ b/CVE-2024/CVE-2024-260xx/CVE-2024-26004.json @@ -2,12 +2,16 @@ "id": "CVE-2024-26004", "sourceIdentifier": "info@cert.vde.com", "published": "2024-03-12T09:15:09.357", - "lastModified": "2024-03-12T09:15:09.357", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "An unauthenticated remote attacker can DoS a control agent due to access of a uninitialized pointer\u00a0which may prevent or disrupt the charging functionality. " + }, + { + "lang": "es", + "value": "Un atacante remoto no autenticado puede hacer DoS a un agente de control debido al acceso de un puntero no inicializado que puede impedir o interrumpir la funcionalidad de carga." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-260xx/CVE-2024-26005.json b/CVE-2024/CVE-2024-260xx/CVE-2024-26005.json index ff84222d315..2a5db6c2860 100644 --- a/CVE-2024/CVE-2024-260xx/CVE-2024-26005.json +++ b/CVE-2024/CVE-2024-260xx/CVE-2024-26005.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26005", "sourceIdentifier": "info@cert.vde.com", "published": "2024-03-12T09:15:09.577", - "lastModified": "2024-03-12T09:15:09.577", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-262xx/CVE-2024-26288.json b/CVE-2024/CVE-2024-262xx/CVE-2024-26288.json index ff95b1a8509..27f1ca5b833 100644 --- a/CVE-2024/CVE-2024-262xx/CVE-2024-26288.json +++ b/CVE-2024/CVE-2024-262xx/CVE-2024-26288.json @@ -2,12 +2,16 @@ "id": "CVE-2024-26288", "sourceIdentifier": "info@cert.vde.com", "published": "2024-03-12T09:15:09.823", - "lastModified": "2024-03-12T09:15:09.823", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "An unauthenticated remote attacker can influence the communication due to the lack of encryption of sensitive data via a MITM. Charging is not affected." + }, + { + "lang": "es", + "value": "Un atacante remoto no autenticado puede influir en la comunicaci\u00f3n debido a la falta de cifrado de datos confidenciales a trav\u00e9s de un MITM. La carga no se ve afectada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-265xx/CVE-2024-26521.json b/CVE-2024/CVE-2024-265xx/CVE-2024-26521.json index d7c32ef26f3..fcf29fe7b83 100644 --- a/CVE-2024/CVE-2024-265xx/CVE-2024-26521.json +++ b/CVE-2024/CVE-2024-265xx/CVE-2024-26521.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26521", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-12T05:15:47.653", - "lastModified": "2024-03-12T05:15:47.653", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26608.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26608.json index 4d6a468bf2c..52fa851eb1b 100644 --- a/CVE-2024/CVE-2024-266xx/CVE-2024-26608.json +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26608.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26608", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-03-11T18:15:18.953", - "lastModified": "2024-03-11T18:15:18.953", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26609.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26609.json index 608c01e8c3b..ac576cdc155 100644 --- a/CVE-2024/CVE-2024-266xx/CVE-2024-26609.json +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26609.json @@ -2,47 +2,14 @@ "id": "CVE-2024-26609", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-03-11T18:15:19.010", - "lastModified": "2024-03-11T18:15:19.010", - "vulnStatus": "Received", + "lastModified": "2024-03-12T14:15:07.133", + "vulnStatus": "Rejected", "descriptions": [ { "lang": "en", - "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: reject QUEUE/DROP verdict parameters\n\nThis reverts commit e0abdadcc6e1.\n\ncore.c:nf_hook_slow assumes that the upper 16 bits of NF_DROP\nverdicts contain a valid errno, i.e. -EPERM, -EHOSTUNREACH or similar,\nor 0.\n\nDue to the reverted commit, its possible to provide a positive\nvalue, e.g. NF_ACCEPT (1), which results in use-after-free.\n\nIts not clear to me why this commit was made.\n\nNF_QUEUE is not used by nftables; \"queue\" rules in nftables\nwill result in use of \"nft_queue\" expression.\n\nIf we later need to allow specifiying errno values from userspace\n(do not know why), this has to call NF_DROP_GETERR and check that\n\"err <= 0\" holds true." + "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ], "metrics": {}, - "references": [ - { - "url": "https://git.kernel.org/stable/c/4e66422f1b56149761dc76030e6345d1cca6f869", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/55a60251fa50d4e68175e36666b536a602ce4f6c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/6653118b176a00915125521c6572ae8e507621db", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/8365e9d92b85fda975a5ece7a3a139cb964018c8", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/8e34430e33b8a80bc014f3efe29cac76bc30a4b4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/960cf4f812530f01f6acc6878ceaa5404c06af7b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/f05a497e7bc8851eeeb3a58da180ba469efebb05", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/f342de4e2f33e0e39165d8639387aa6c19dff660", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - } - ] + "references": [] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26610.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26610.json index fa760f9cabe..d59ae7a1a71 100644 --- a/CVE-2024/CVE-2024-266xx/CVE-2024-26610.json +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26610.json @@ -2,12 +2,16 @@ "id": "CVE-2024-26610", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-03-11T18:15:19.067", - "lastModified": "2024-03-11T18:15:19.067", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: fix a memory corruption\n\niwl_fw_ini_trigger_tlv::data is a pointer to a __le32, which means that\nif we copy to iwl_fw_ini_trigger_tlv::data + offset while offset is in\nbytes, we'll write past the buffer." + }, + { + "lang": "es", + "value": "En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: wifi: iwlwifi: corrige una corrupci\u00f3n de memoria iwl_fw_ini_trigger_tlv::data es un puntero a un __le32, lo que significa que si copiamos a iwl_fw_ini_trigger_tlv::data + offset mientras el offset est\u00e1 en bytes, escribiremos m\u00e1s all\u00e1 del b\u00fafer." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26611.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26611.json index 8f52b39264c..67c24e6c7e8 100644 --- a/CVE-2024/CVE-2024-266xx/CVE-2024-26611.json +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26611.json @@ -2,12 +2,16 @@ "id": "CVE-2024-26611", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-03-11T18:15:19.123", - "lastModified": "2024-03-11T18:15:19.123", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nxsk: fix usage of multi-buffer BPF helpers for ZC XDP\n\nCurrently when packet is shrunk via bpf_xdp_adjust_tail() and memory\ntype is set to MEM_TYPE_XSK_BUFF_POOL, null ptr dereference happens:\n\n[1136314.192256] BUG: kernel NULL pointer dereference, address:\n0000000000000034\n[1136314.203943] #PF: supervisor read access in kernel mode\n[1136314.213768] #PF: error_code(0x0000) - not-present page\n[1136314.223550] PGD 0 P4D 0\n[1136314.230684] Oops: 0000 [#1] PREEMPT SMP NOPTI\n[1136314.239621] CPU: 8 PID: 54203 Comm: xdpsock Not tainted 6.6.0+ #257\n[1136314.250469] Hardware name: Intel Corporation S2600WFT/S2600WFT,\nBIOS SE5C620.86B.02.01.0008.031920191559 03/19/2019\n[1136314.265615] RIP: 0010:__xdp_return+0x6c/0x210\n[1136314.274653] Code: ad 00 48 8b 47 08 49 89 f8 a8 01 0f 85 9b 01 00 00 0f 1f 44 00 00 f0 41 ff 48 34 75 32 4c 89 c7 e9 79 cd 80 ff 83 fe 03 75 17 41 34 01 0f 85 02 01 00 00 48 89 cf e9 22 cc 1e 00 e9 3d d2 86\n[1136314.302907] RSP: 0018:ffffc900089f8db0 EFLAGS: 00010246\n[1136314.312967] RAX: ffffc9003168aed0 RBX: ffff8881c3300000 RCX:\n0000000000000000\n[1136314.324953] RDX: 0000000000000000 RSI: 0000000000000003 RDI:\nffffc9003168c000\n[1136314.336929] RBP: 0000000000000ae0 R08: 0000000000000002 R09:\n0000000000010000\n[1136314.348844] R10: ffffc9000e495000 R11: 0000000000000040 R12:\n0000000000000001\n[1136314.360706] R13: 0000000000000524 R14: ffffc9003168aec0 R15:\n0000000000000001\n[1136314.373298] FS: 00007f8df8bbcb80(0000) GS:ffff8897e0e00000(0000)\nknlGS:0000000000000000\n[1136314.386105] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[1136314.396532] CR2: 0000000000000034 CR3: 00000001aa912002 CR4:\n00000000007706f0\n[1136314.408377] DR0: 0000000000000000 DR1: 0000000000000000 DR2:\n0000000000000000\n[1136314.420173] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:\n0000000000000400\n[1136314.431890] PKRU: 55555554\n[1136314.439143] Call Trace:\n[1136314.446058] \n[1136314.452465] ? __die+0x20/0x70\n[1136314.459881] ? page_fault_oops+0x15b/0x440\n[1136314.468305] ? exc_page_fault+0x6a/0x150\n[1136314.476491] ? asm_exc_page_fault+0x22/0x30\n[1136314.484927] ? __xdp_return+0x6c/0x210\n[1136314.492863] bpf_xdp_adjust_tail+0x155/0x1d0\n[1136314.501269] bpf_prog_ccc47ae29d3b6570_xdp_sock_prog+0x15/0x60\n[1136314.511263] ice_clean_rx_irq_zc+0x206/0xc60 [ice]\n[1136314.520222] ? ice_xmit_zc+0x6e/0x150 [ice]\n[1136314.528506] ice_napi_poll+0x467/0x670 [ice]\n[1136314.536858] ? ttwu_do_activate.constprop.0+0x8f/0x1a0\n[1136314.546010] __napi_poll+0x29/0x1b0\n[1136314.553462] net_rx_action+0x133/0x270\n[1136314.561619] __do_softirq+0xbe/0x28e\n[1136314.569303] do_softirq+0x3f/0x60\n\nThis comes from __xdp_return() call with xdp_buff argument passed as\nNULL which is supposed to be consumed by xsk_buff_free() call.\n\nTo address this properly, in ZC case, a node that represents the frag\nbeing removed has to be pulled out of xskb_list. Introduce\nappropriate xsk helpers to do such node operation and use them\naccordingly within bpf_xdp_adjust_tail()." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: xsk: corrige el uso de asistentes BPF de m\u00faltiples b\u00fafer para ZC XDP Actualmente, cuando el paquete se reduce a trav\u00e9s de bpf_xdp_adjust_tail() y el tipo de memoria est\u00e1 configurado en MEM_TYPE_XSK_BUFF_POOL, se produce una desreferencia de ptr nula: [1136314.192256] ERROR: desreferencia del puntero NULL del kernel, direcci\u00f3n: 0000000000000034 [1136314.203943] #PF: acceso de lectura del supervisor en modo kernel [1136314.213768] #PF: error_code(0x0000) - p\u00e1gina no presente [1136314.223550] PGD 0 P4D 0 [113631 4.230684] Ups: 0000 [#1] PREEMPT SMP NOPTI [1136314.239621] CPU: 8 PID: 54203 Comm: xdpsock Not tainted 6.6.0+ #257 [1136314.250469] Nombre de hardware: Intel Corporation S2600WFT/S2600WFT, BIOS SE5C620.86B.02.01.0008.0 31920191559 03/19 /2019 [1136314.265615] RIP: 0010:__xdp_return+0x6c/0x210 [1136314.274653] C\u00f3digo: ad 00 48 8b 47 08 49 89 f8 a8 01 0f 85 9b 01 00 00 0f 1f 44 0 0 00 f0 41 y siguientes 48 34 75 32 4c 89 c7 e9 79 cd 80 ff 83 fe 03 75 17 41 34 01 0f 85 02 01 00 00 48 89 cf e9 22 cc 1e 00 e9 3d d2 86 [1136314.302907] RSP: 0018:ffffc900089f 8db0 EFLAGS: 00010246 [1136314.312967] RAX : ffffc9003168aed0 RBX: ffff8881c3300000 RCX: 0000000000000000 [1136314.324953] RDX: 00000000000000000 RSI: 0000000000000003 RDI: ffffc900316 8c000 [1136314.336929] RBP: 0000000000000ae0 R08: 0000000000000002 R09: 0000000000010000 [1136314.348844] R10: ffffc9000e495000 R11: 000 0000000000040 R12: 00000000000000001 [1136314.360706] R13: 00000000000000524 R14: ffffc9003168aec0 R15: 0000000000000001 [1136314.373298] FS: 00007f8df8bbcb80(0000) GS:ffff8897e0e00000(0000) knlGS:0000000000000000 [1 136314.386105] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [1136314.396532] CR2: 00000000000000034 CR3: 00000001aa912002 CR4: 00000000007706f0 [1136314.408377] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 00000000000000000 [1136314.420173] DR3: 00000000000 00000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [1136314.431890] PKRU: 55555554 [1136314.439143] Seguimiento de llamadas: [1136314.446058] [1136314.452465 ] ? __morir+0x20/0x70 [1136314.459881] ? page_fault_oops+0x15b/0x440 [1136314.468305] ? exc_page_fault+0x6a/0x150 [1136314.476491] ? asm_exc_page_fault+0x22/0x30 [1136314.484927] ? __xdp_return+0x6c/0x210 [1136314.492863] bpf_xdp_adjust_tail+0x155/0x1d0 [1136314.501269] bpf_prog_ccc47ae29d3b6570_xdp_sock_prog+0x15/0x60 [1136314 .511263] ice_clean_rx_irq_zc+0x206/0xc60 [hielo] [1136314.520222] ? ice_xmit_zc+0x6e/0x150 [hielo] [1136314.528506] ice_napi_poll+0x467/0x670 [hielo] [1136314.536858] ? ttwu_do_activate.constprop.0+0x8f/0x1a0 [1136314.546010] __napi_poll+0x29/0x1b0 [1136314.553462] net_rx_action+0x133/0x270 [1136314.561619] __do_softirq+0xbe/0x2 8e [1136314.569303] do_softirq+0x3f/0x60 Esto proviene de la llamada __xdp_return() con xdp_buff argumento pasado como NULL que se supone que debe ser consumido por la llamada xsk_buff_free(). Para solucionar esto correctamente, en el caso de ZC, se debe extraer de xskb_list un nodo que represente el fragmento que se est\u00e1 eliminando. Introduzca ayudantes xsk apropiados para realizar dicha operaci\u00f3n de nodo y util\u00edcelos en consecuencia dentro de bpf_xdp_adjust_tail()." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26612.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26612.json index 209cc62b1ec..b658fbbd82e 100644 --- a/CVE-2024/CVE-2024-266xx/CVE-2024-26612.json +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26612.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26612", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-03-11T18:15:19.170", - "lastModified": "2024-03-11T18:15:19.170", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26613.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26613.json index 4bc95172864..7439cac3fea 100644 --- a/CVE-2024/CVE-2024-266xx/CVE-2024-26613.json +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26613.json @@ -2,47 +2,14 @@ "id": "CVE-2024-26613", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-03-11T18:15:19.223", - "lastModified": "2024-03-11T18:15:19.223", - "vulnStatus": "Received", + "lastModified": "2024-03-12T14:15:07.310", + "vulnStatus": "Rejected", "descriptions": [ { "lang": "en", - "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv\n\nSyzcaller UBSAN crash occurs in rds_cmsg_recv(),\nwhich reads inc->i_rx_lat_trace[j + 1] with index 4 (3 + 1),\nbut with array size of 4 (RDS_RX_MAX_TRACES).\nHere 'j' is assigned from rs->rs_rx_trace[i] and in-turn from\ntrace.rx_trace_pos[i] in rds_recv_track_latency(),\nwith both arrays sized 3 (RDS_MSG_RX_DGRAM_TRACE_MAX). So fix the\noff-by-one bounds check in rds_recv_track_latency() to prevent\na potential crash in rds_cmsg_recv().\n\nFound by syzcaller:\n=================================================================\nUBSAN: array-index-out-of-bounds in net/rds/recv.c:585:39\nindex 4 is out of range for type 'u64 [4]'\nCPU: 1 PID: 8058 Comm: syz-executor228 Not tainted 6.6.0-gd2f51b3516da #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996),\nBIOS 1.15.0-1 04/01/2014\nCall Trace:\n \n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x136/0x150 lib/dump_stack.c:106\n ubsan_epilogue lib/ubsan.c:217 [inline]\n __ubsan_handle_out_of_bounds+0xd5/0x130 lib/ubsan.c:348\n rds_cmsg_recv+0x60d/0x700 net/rds/recv.c:585\n rds_recvmsg+0x3fb/0x1610 net/rds/recv.c:716\n sock_recvmsg_nosec net/socket.c:1044 [inline]\n sock_recvmsg+0xe2/0x160 net/socket.c:1066\n __sys_recvfrom+0x1b6/0x2f0 net/socket.c:2246\n __do_sys_recvfrom net/socket.c:2264 [inline]\n __se_sys_recvfrom net/socket.c:2260 [inline]\n __x64_sys_recvfrom+0xe0/0x1b0 net/socket.c:2260\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x40/0x110 arch/x86/entry/common.c:82\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n==================================================================" + "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ], "metrics": {}, - "references": [ - { - "url": "https://git.kernel.org/stable/c/00d1ee8e1d02194f7b7b433e904e04bbcd2cc0dc", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/0b787c2dea15e7a2828fa3a74a5447df4ed57711", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/13e788deb7348cc88df34bed736c3b3b9927ea52", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/344350bfa3b4b37d7c3d5a00536e6fbf0e953fbf", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/5ae8d50044633306ff160fcf7faa24994175efe1", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/71024928b3f71ce4529426f8692943205c58d30b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/7a73190ea557e7f26914b0fe04c1f57a96cb771f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/a37ae111db5e0f7e3d6b692056c30e3e0f6f79cd", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - } - ] + "references": [] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26614.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26614.json index 4da0f4528fa..9dc74bca035 100644 --- a/CVE-2024/CVE-2024-266xx/CVE-2024-26614.json +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26614.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26614", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-03-11T18:15:19.280", - "lastModified": "2024-03-11T18:15:19.280", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26615.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26615.json index 5d6370f58cb..3ed6e9dda35 100644 --- a/CVE-2024/CVE-2024-266xx/CVE-2024-26615.json +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26615.json @@ -2,12 +2,16 @@ "id": "CVE-2024-26615", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-03-11T18:15:19.337", - "lastModified": "2024-03-11T18:15:19.337", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: fix illegal rmb_desc access in SMC-D connection dump\n\nA crash was found when dumping SMC-D connections. It can be reproduced\nby following steps:\n\n- run nginx/wrk test:\n smc_run nginx\n smc_run wrk -t 16 -c 1000 -d -H 'Connection: Close' \n\n- continuously dump SMC-D connections in parallel:\n watch -n 1 'smcss -D'\n\n BUG: kernel NULL pointer dereference, address: 0000000000000030\n CPU: 2 PID: 7204 Comm: smcss Kdump: loaded Tainted: G\tE 6.7.0+ #55\n RIP: 0010:__smc_diag_dump.constprop.0+0x5e5/0x620 [smc_diag]\n Call Trace:\n \n ? __die+0x24/0x70\n ? page_fault_oops+0x66/0x150\n ? exc_page_fault+0x69/0x140\n ? asm_exc_page_fault+0x26/0x30\n ? __smc_diag_dump.constprop.0+0x5e5/0x620 [smc_diag]\n ? __kmalloc_node_track_caller+0x35d/0x430\n ? __alloc_skb+0x77/0x170\n smc_diag_dump_proto+0xd0/0xf0 [smc_diag]\n smc_diag_dump+0x26/0x60 [smc_diag]\n netlink_dump+0x19f/0x320\n __netlink_dump_start+0x1dc/0x300\n smc_diag_handler_dump+0x6a/0x80 [smc_diag]\n ? __pfx_smc_diag_dump+0x10/0x10 [smc_diag]\n sock_diag_rcv_msg+0x121/0x140\n ? __pfx_sock_diag_rcv_msg+0x10/0x10\n netlink_rcv_skb+0x5a/0x110\n sock_diag_rcv+0x28/0x40\n netlink_unicast+0x22a/0x330\n netlink_sendmsg+0x1f8/0x420\n __sock_sendmsg+0xb0/0xc0\n ____sys_sendmsg+0x24e/0x300\n ? copy_msghdr_from_user+0x62/0x80\n ___sys_sendmsg+0x7c/0xd0\n ? __do_fault+0x34/0x160\n ? do_read_fault+0x5f/0x100\n ? do_fault+0xb0/0x110\n ? __handle_mm_fault+0x2b0/0x6c0\n __sys_sendmsg+0x4d/0x80\n do_syscall_64+0x69/0x180\n entry_SYSCALL_64_after_hwframe+0x6e/0x76\n\nIt is possible that the connection is in process of being established\nwhen we dump it. Assumed that the connection has been registered in a\nlink group by smc_conn_create() but the rmb_desc has not yet been\ninitialized by smc_buf_create(), thus causing the illegal access to\nconn->rmb_desc. So fix it by checking before dump." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net/smc: corrige el acceso ilegal a rmb_desc en el volcado de conexiones SMC-D Se encontr\u00f3 un bloqueo al volcar conexiones SMC-D. Se puede reproducir mediante los siguientes pasos: - ejecute la prueba nginx/wrk: smc_run nginx smc_run wrk -t 16 -c 1000 -d -H 'Conexi\u00f3n: Cerrar' - volcar continuamente las conexiones SMC-D en paralelo: watch -n 1 'smcss -D' ERROR: desreferencia del puntero NULL del kernel, direcci\u00f3n: 00000000000000030 CPU: 2 PID: 7204 Comm: smcss Kdump: cargado Contaminado: GE 6.7.0+ #55 RIP: 0010:__smc_diag_dump.constprop.0+ 0x5e5/0x620 [smc_diag] Seguimiento de llamadas: ? __morir+0x24/0x70 ? page_fault_oops+0x66/0x150? exc_page_fault+0x69/0x140? asm_exc_page_fault+0x26/0x30? __smc_diag_dump.constprop.0+0x5e5/0x620 [smc_diag] ? __kmalloc_node_track_caller+0x35d/0x430 ? __alloc_skb+0x77/0x170 smc_diag_dump_proto+0xd0/0xf0 [smc_diag] smc_diag_dump+0x26/0x60 [smc_diag] netlink_dump+0x19f/0x320 __netlink_dump_start+0x1dc/0x300 smc_diag_handler_dump+ 0x6a/0x80 [smc_diag] ? __pfx_smc_diag_dump+0x10/0x10 [smc_diag] sock_diag_rcv_msg+0x121/0x140 ? __pfx_sock_diag_rcv_msg+0x10/0x10 netlink_rcv_skb+0x5a/0x110 sock_diag_rcv+0x28/0x40 netlink_unicast+0x22a/0x330 netlink_sendmsg+0x1f8/0x420 __sock_sendmsg+0xb0/0xc0 ____s ys_sendmsg+0x24e/0x300? copy_msghdr_from_user+0x62/0x80 ___sys_sendmsg+0x7c/0xd0 ? __do_fault+0x34/0x160? do_read_fault+0x5f/0x100? do_fault+0xb0/0x110? __handle_mm_fault+0x2b0/0x6c0 __sys_sendmsg+0x4d/0x80 do_syscall_64+0x69/0x180 Entry_SYSCALL_64_after_hwframe+0x6e/0x76 Es posible que la conexi\u00f3n est\u00e9 en proceso de establecerse cuando la volcamos. Se supone que la conexi\u00f3n ha sido registrada en un grupo de enlaces por smc_conn_create() pero rmb_desc a\u00fan no ha sido inicializado por smc_buf_create(), lo que provoca el acceso ilegal a conn->rmb_desc. As\u00ed que solucionelo comprobando antes del volcado." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26616.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26616.json index 2ff83419509..47263cdc49c 100644 --- a/CVE-2024/CVE-2024-266xx/CVE-2024-26616.json +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26616.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26616", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-03-11T18:15:19.400", - "lastModified": "2024-03-11T18:15:19.400", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26617.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26617.json index aa0c1f7af16..523f3af97a9 100644 --- a/CVE-2024/CVE-2024-266xx/CVE-2024-26617.json +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26617.json @@ -2,12 +2,16 @@ "id": "CVE-2024-26617", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-03-11T18:15:19.457", - "lastModified": "2024-03-11T18:15:19.457", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/proc/task_mmu: move mmu notification mechanism inside mm lock\n\nMove mmu notification mechanism inside mm lock to prevent race condition\nin other components which depend on it. The notifier will invalidate\nmemory range. Depending upon the number of iterations, different memory\nranges would be invalidated.\n\nThe following warning would be removed by this patch:\nWARNING: CPU: 0 PID: 5067 at arch/x86/kvm/../../../virt/kvm/kvm_main.c:734 kvm_mmu_notifier_change_pte+0x860/0x960 arch/x86/kvm/../../../virt/kvm/kvm_main.c:734\n\nThere is no behavioural and performance change with this patch when\nthere is no component registered with the mmu notifier.\n\n[akpm@linux-foundation.org: narrow the scope of `range', per Sean]" + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: fs/proc/task_mmu: mover el mecanismo de notificaci\u00f3n mmu dentro del bloqueo mm Mueva el mecanismo de notificaci\u00f3n mmu dentro del bloqueo mm para evitar condiciones de ejecuci\u00f3n en otros componentes que dependen de \u00e9l. El notificador invalidar\u00e1 el rango de memoria. Dependiendo del n\u00famero de iteraciones, se invalidar\u00edan diferentes rangos de memoria. Este parche eliminar\u00eda la siguiente advertencia: ADVERTENCIA: CPU: 0 PID: 5067 en arch/x86/kvm/../../../virt/kvm/kvm_main.c:734 kvm_mmu_notifier_change_pte+0x860/0x960 arch/ x86/kvm/../../../virt/kvm/kvm_main.c:734 No hay cambios de comportamiento ni de rendimiento con este parche cuando no hay ning\u00fan componente registrado con el notificador mmu. [akpm@linux-foundation.org: reduzca el alcance del `rango', seg\u00fan Sean]" } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26618.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26618.json index 7871596a2df..4e3c1710c17 100644 --- a/CVE-2024/CVE-2024-266xx/CVE-2024-26618.json +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26618.json @@ -2,12 +2,16 @@ "id": "CVE-2024-26618", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-03-11T18:15:19.510", - "lastModified": "2024-03-11T18:15:19.510", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64/sme: Always exit sme_alloc() early with existing storage\n\nWhen sme_alloc() is called with existing storage and we are not flushing we\nwill always allocate new storage, both leaking the existing storage and\ncorrupting the state. Fix this by separating the checks for flushing and\nfor existing storage as we do for SVE.\n\nCallers that reallocate (eg, due to changing the vector length) should\ncall sme_free() themselves." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: arm64/sme: salir siempre de sme_alloc() antes de tiempo con el almacenamiento existente. Cuando se llama a sme_alloc() con el almacenamiento existente y no estamos vaciando, siempre asignaremos nuevo almacenamiento, y ambos filtrar\u00e1n el almacenamiento existente, almacenamiento y corrupci\u00f3n del estado. Solucione este problema separando los controles de descarga y de almacenamiento existente como lo hacemos con SVE. Las personas que llaman que se reasignan (por ejemplo, debido al cambio de la longitud del vector) deben llamar ellos mismos a sme_free()." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26619.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26619.json index 41cba41d2c1..12eec7b6320 100644 --- a/CVE-2024/CVE-2024-266xx/CVE-2024-26619.json +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26619.json @@ -2,12 +2,16 @@ "id": "CVE-2024-26619", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-03-11T18:15:19.563", - "lastModified": "2024-03-11T18:15:19.563", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nriscv: Fix module loading free order\n\nReverse order of kfree calls to resolve use-after-free error." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: riscv: corrige el orden libre de carga del m\u00f3dulo. Orden inverso de las llamadas kfree para resolver el error de use-after-free." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26620.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26620.json index c0d72235149..adc3083c875 100644 --- a/CVE-2024/CVE-2024-266xx/CVE-2024-26620.json +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26620.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26620", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-03-11T18:15:19.613", - "lastModified": "2024-03-11T18:15:19.613", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-271xx/CVE-2024-27121.json b/CVE-2024/CVE-2024-271xx/CVE-2024-27121.json index 406a1c0b559..a0747b88c81 100644 --- a/CVE-2024/CVE-2024-271xx/CVE-2024-27121.json +++ b/CVE-2024/CVE-2024-271xx/CVE-2024-27121.json @@ -2,12 +2,16 @@ "id": "CVE-2024-27121", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-03-12T08:15:45.413", - "lastModified": "2024-03-12T08:15:45.413", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Path traversal vulnerability exists in Machine Automation Controller NJ Series and Machine Automation Controller NX Series. An arbitrary file in the affected product may be accessed or arbitrary code may be executed by processing a specially crafted request sent from a remote attacker with an administrative privilege. As for the details of the affected product names/versions, see the information provided by the vendor under [References] section." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de path traversal en Machine Automation Controller NJ Series and Machine Automation Controller NX Series. Se puede acceder a un archivo arbitrario en el producto afectado o se puede ejecutar c\u00f3digo arbitrario procesando una solicitud especialmente manipulada enviada por un atacante remoto con privilegios administrativos. En cuanto a los detalles de los nombres/versiones de los productos afectados, consulte la informaci\u00f3n proporcionada por el proveedor en la secci\u00f3n [Referencias]." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27204.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27204.json index e852e2ee504..fee1a989d6b 100644 --- a/CVE-2024/CVE-2024-272xx/CVE-2024-27204.json +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27204.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27204", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:47.930", - "lastModified": "2024-03-11T19:15:47.930", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27205.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27205.json index 11ed02d2309..8b41605bfaf 100644 --- a/CVE-2024/CVE-2024-272xx/CVE-2024-27205.json +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27205.json @@ -2,12 +2,16 @@ "id": "CVE-2024-27205", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:47.977", - "lastModified": "2024-03-11T19:15:47.977", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In tbd of tbd, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En tbd de tbd, existe una posible corrupci\u00f3n de memoria debido a un use after free. Esto podr\u00eda conducir a una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27206.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27206.json index a97b070998e..710f3e24c03 100644 --- a/CVE-2024/CVE-2024-272xx/CVE-2024-27206.json +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27206.json @@ -2,12 +2,16 @@ "id": "CVE-2024-27206", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:48.020", - "lastModified": "2024-03-11T19:15:48.020", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In tbd of tbd, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En tbd de tbd, existe una posible lectura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda conducir a la divulgaci\u00f3n remota de informaci\u00f3n sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27207.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27207.json index 1fda813a44a..3ae9a067f7f 100644 --- a/CVE-2024/CVE-2024-272xx/CVE-2024-27207.json +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27207.json @@ -2,12 +2,16 @@ "id": "CVE-2024-27207", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:48.063", - "lastModified": "2024-03-11T20:15:07.090", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Android kernel allows Elevation of privilege." + }, + { + "lang": "es", + "value": "El kernel de Android permite la elevaci\u00f3n de privilegios." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27208.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27208.json index 49665210d3d..a6c28bc5488 100644 --- a/CVE-2024/CVE-2024-272xx/CVE-2024-27208.json +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27208.json @@ -2,12 +2,16 @@ "id": "CVE-2024-27208", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:48.107", - "lastModified": "2024-03-11T19:15:48.107", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In TBD of TBD, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En TBD de TBD, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda conducir a una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27209.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27209.json index 846592799be..8fcb1637d55 100644 --- a/CVE-2024/CVE-2024-272xx/CVE-2024-27209.json +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27209.json @@ -2,12 +2,16 @@ "id": "CVE-2024-27209", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:48.160", - "lastModified": "2024-03-11T19:15:48.160", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In TBD of TBD, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En TBD de TBD, existe una posible escritura fuera de los l\u00edmites debido a un desbordamiento de b\u00fafer de almacenamiento din\u00e1mico. Esto podr\u00eda conducir a una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27210.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27210.json index 770c42a84a3..ef4606cbae0 100644 --- a/CVE-2024/CVE-2024-272xx/CVE-2024-27210.json +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27210.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27210", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:48.200", - "lastModified": "2024-03-11T19:15:48.200", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27211.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27211.json index 54083e02b8b..943b83c64c4 100644 --- a/CVE-2024/CVE-2024-272xx/CVE-2024-27211.json +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27211.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27211", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:48.247", - "lastModified": "2024-03-11T19:15:48.247", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27212.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27212.json index 9800126973b..b5f9049f219 100644 --- a/CVE-2024/CVE-2024-272xx/CVE-2024-27212.json +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27212.json @@ -2,12 +2,16 @@ "id": "CVE-2024-27212", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:48.290", - "lastModified": "2024-03-11T19:15:48.290", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In init_data of TBD, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En init_data de TBD, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda conducir a una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27213.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27213.json index 9fc6ff16de2..96dfb342607 100644 --- a/CVE-2024/CVE-2024-272xx/CVE-2024-27213.json +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27213.json @@ -2,12 +2,16 @@ "id": "CVE-2024-27213", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:48.333", - "lastModified": "2024-03-11T19:15:48.333", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In BroadcastSystemMessage of servicemgr.cpp, there is a possible Remote Code Execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En BroadcastSystemMessage de servicemgr.cpp, existe una posible ejecuci\u00f3n remota de c\u00f3digo debido a un use after free. Esto podr\u00eda conducir a una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27218.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27218.json index 27cc9950381..e4dbb39dce5 100644 --- a/CVE-2024/CVE-2024-272xx/CVE-2024-27218.json +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27218.json @@ -2,12 +2,16 @@ "id": "CVE-2024-27218", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:48.380", - "lastModified": "2024-03-11T19:15:48.380", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In update_freq_data of TBD, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En update_freq_data de TBD, existe una posible lectura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda dar lugar a la divulgaci\u00f3n de informaci\u00f3n local sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27219.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27219.json index 67141ea5472..6e21d6d62ce 100644 --- a/CVE-2024/CVE-2024-272xx/CVE-2024-27219.json +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27219.json @@ -2,12 +2,16 @@ "id": "CVE-2024-27219", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:48.423", - "lastModified": "2024-03-11T19:15:48.423", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In tmu_set_pi of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En tmu_set_pi de tmu.c, hay una posible escritura fuera de los l\u00edmites debido a una comprobaci\u00f3n de los l\u00edmites faltante. Esto podr\u00eda conducir a una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27220.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27220.json index 0bc1f8fda9d..b234c1650a0 100644 --- a/CVE-2024/CVE-2024-272xx/CVE-2024-27220.json +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27220.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27220", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:48.470", - "lastModified": "2024-03-11T19:15:48.470", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27221.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27221.json index 7cae927c0cd..16ded9c5f1d 100644 --- a/CVE-2024/CVE-2024-272xx/CVE-2024-27221.json +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27221.json @@ -2,12 +2,16 @@ "id": "CVE-2024-27221", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:48.513", - "lastModified": "2024-03-11T19:15:48.513", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In update_policy_data of TBD, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En update_policy_data de TBD, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltante. Esto podr\u00eda conducir a una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27222.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27222.json index 1ba32a8fa7e..40916b27990 100644 --- a/CVE-2024/CVE-2024-272xx/CVE-2024-27222.json +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27222.json @@ -2,12 +2,16 @@ "id": "CVE-2024-27222", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:48.560", - "lastModified": "2024-03-11T19:15:48.560", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In onSkipButtonClick of FaceEnrollFoldPage.java, there is a possible way to access the file the app cannot access due to Intent Redirect GRANT_URI_PERMISSIONS Attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En onSkipButtonClick de FaceEnrollFoldPage.java, existe una forma posible de acceder al archivo al que la aplicaci\u00f3n no puede acceder debido al ataque Intent Redirect GRANT_URI_PERMISSIONS. Esto podr\u00eda conducir a una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27223.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27223.json index 8c4e9c5b2b2..24b812f7e53 100644 --- a/CVE-2024/CVE-2024-272xx/CVE-2024-27223.json +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27223.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27223", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:48.603", - "lastModified": "2024-03-11T19:15:48.603", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27224.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27224.json index 47833bf9780..6d813f7f296 100644 --- a/CVE-2024/CVE-2024-272xx/CVE-2024-27224.json +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27224.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27224", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:48.647", - "lastModified": "2024-03-11T19:15:48.647", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27225.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27225.json index 57596584936..a1d083664e2 100644 --- a/CVE-2024/CVE-2024-272xx/CVE-2024-27225.json +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27225.json @@ -2,12 +2,16 @@ "id": "CVE-2024-27225", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:48.693", - "lastModified": "2024-03-11T19:15:48.693", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In sendHciCommand of bluetooth_hci.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En sendHciCommand de bluetooth_hci.cc, existe una posible lectura fuera de los l\u00edmites debido a un desbordamiento de b\u00fafer de almacenamiento din\u00e1mico. Esto podr\u00eda conducir a la divulgaci\u00f3n de informaci\u00f3n local con privilegios de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27226.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27226.json index d36ced16fbc..a0f25183e22 100644 --- a/CVE-2024/CVE-2024-272xx/CVE-2024-27226.json +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27226.json @@ -2,12 +2,16 @@ "id": "CVE-2024-27226", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:48.737", - "lastModified": "2024-03-11T19:15:48.737", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In tmu_config_gov_params of TBD, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En tmu_config_gov_params de TBD, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda conducir a una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27227.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27227.json index b07a7de7dd2..0ccc604ecef 100644 --- a/CVE-2024/CVE-2024-272xx/CVE-2024-27227.json +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27227.json @@ -2,12 +2,16 @@ "id": "CVE-2024-27227", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:48.783", - "lastModified": "2024-03-11T20:15:07.137", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Android kernel allows Remote code execution." + }, + { + "lang": "es", + "value": "El kernel de Android permite la ejecuci\u00f3n remota de c\u00f3digo." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27228.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27228.json index 95e0bb0d1a4..d6505c0113c 100644 --- a/CVE-2024/CVE-2024-272xx/CVE-2024-27228.json +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27228.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27228", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:48.827", - "lastModified": "2024-03-11T19:15:48.827", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27229.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27229.json index ed0f9fc7a2a..5aa0feb9a7a 100644 --- a/CVE-2024/CVE-2024-272xx/CVE-2024-27229.json +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27229.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27229", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:48.873", - "lastModified": "2024-03-11T19:15:48.873", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27230.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27230.json index 804772db1cb..0a3ad776711 100644 --- a/CVE-2024/CVE-2024-272xx/CVE-2024-27230.json +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27230.json @@ -2,12 +2,16 @@ "id": "CVE-2024-27230", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:48.920", - "lastModified": "2024-03-11T19:15:48.920", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In ProtocolPsKeepAliveStatusAdapter::getCode() of protocolpsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En ProtocolPsKeepAliveStatusAdapter::getCode() de protocolpsadapter.cpp, existe una posible lectura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda dar lugar a la divulgaci\u00f3n de informaci\u00f3n local y comprometer el firmware de banda base. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27233.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27233.json index 7e21a732a2b..e0807acd45b 100644 --- a/CVE-2024/CVE-2024-272xx/CVE-2024-27233.json +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27233.json @@ -2,12 +2,16 @@ "id": "CVE-2024-27233", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:48.963", - "lastModified": "2024-03-11T19:15:48.963", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In ppcfw_init_secpolicy of ppcfw.c, there is a possible permission bypass due to uninitialized data. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En ppcfw_init_secpolicy de ppcfw.c, existe una posible omisi\u00f3n de permiso debido a datos no inicializados. Esto podr\u00eda conducir a una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27234.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27234.json index 31f077ba1a1..3898cfd5280 100644 --- a/CVE-2024/CVE-2024-272xx/CVE-2024-27234.json +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27234.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27234", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:49.010", - "lastModified": "2024-03-11T19:15:49.010", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27235.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27235.json index f70d17a2b49..0357bd26c50 100644 --- a/CVE-2024/CVE-2024-272xx/CVE-2024-27235.json +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27235.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27235", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:49.057", - "lastModified": "2024-03-11T19:15:49.057", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27236.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27236.json index 68394dcb246..6ddc2b176da 100644 --- a/CVE-2024/CVE-2024-272xx/CVE-2024-27236.json +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27236.json @@ -2,12 +2,16 @@ "id": "CVE-2024-27236", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:49.100", - "lastModified": "2024-03-11T19:15:49.100", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In aoc_unlocked_ioctl of aoc.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En aoc_unlocked_ioctl de aoc.c, existe una posible corrupci\u00f3n de memoria debido a confusi\u00f3n de tipos. Esto podr\u00eda conducir a una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27237.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27237.json index fe53a791cdb..e5ace7b901b 100644 --- a/CVE-2024/CVE-2024-272xx/CVE-2024-27237.json +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27237.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27237", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:49.143", - "lastModified": "2024-03-11T19:15:49.143", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27279.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27279.json index d5c48701bc5..c382375ddac 100644 --- a/CVE-2024/CVE-2024-272xx/CVE-2024-27279.json +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27279.json @@ -2,12 +2,16 @@ "id": "CVE-2024-27279", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-03-12T09:15:10.070", - "lastModified": "2024-03-12T09:15:10.070", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Directory traversal vulnerability exists in a-blog cms Ver.3.1.x series Ver.3.1.9 and earlier, Ver.3.0.x series Ver.3.0.30 and earlier, Ver.2.11.x series Ver.2.11.59 and earlier, Ver.2.10.x series Ver.2.10.51 and earlier, and Ver.2.9 and earlier versions. If this vulnerability is exploited, a user with editor or higher privilege who can login to the product may obtain arbitrary files on the server including password files." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de Directory traversal en a-blog cms Serie Ver.3.1.x Ver.3.1.9 y anteriores, Serie Ver.3.0.x Ver.3.0.30 y anteriores, Serie Ver.2.11.x Ver.2.11.59 y anteriores, Serie Ver.2.10.x Ver.2.10.51 y anteriores, y Ver.2.9 y versiones anteriores. Si se explota esta vulnerabilidad, un usuario con privilegios de editor o superiores que pueda iniciar sesi\u00f3n en el producto puede obtener archivos arbitrarios en el servidor, incluidos archivos de contrase\u00f1as." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27297.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27297.json index 56d272661a5..561b2052112 100644 --- a/CVE-2024/CVE-2024-272xx/CVE-2024-27297.json +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27297.json @@ -2,12 +2,16 @@ "id": "CVE-2024-27297", "sourceIdentifier": "security-advisories@github.com", "published": "2024-03-11T22:15:55.277", - "lastModified": "2024-03-11T22:15:55.277", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Nix is a package manager for Linux and other Unix systems. A fixed-output derivations on Linux can send file descriptors to files in the Nix store to another program running on the host (or another fixed-output derivation) via Unix domain sockets in the abstract namespace. This allows to modify the output of the derivation, after Nix has registered the path as \"valid\" and immutable in the Nix database. In particular, this allows the output of fixed-output derivations to be modified from their expected content. This issue has been addressed in versions 2.3.18 2.18.2 2.19.4 and 2.20.5. Users are advised to upgrade. There are no known workarounds for this vulnerability." + }, + { + "lang": "es", + "value": "Nix es un administrador de paquetes para Linux y otros sistemas Unix. Una derivaci\u00f3n de salida fija en Linux puede enviar descriptores de archivos en el almac\u00e9n Nix a otro programa que se ejecuta en el host (u otra derivaci\u00f3n de salida fija) a trav\u00e9s de sockets de dominio Unix en el espacio de nombres abstracto. Esto permite modificar la salida de la derivaci\u00f3n, despu\u00e9s de que Nix haya registrado la ruta como \"v\u00e1lida\" e inmutable en la base de datos de Nix. En particular, esto permite modificar la salida de derivaciones de salida fija respecto de su contenido esperado. Este problema se solucion\u00f3 en las versiones 2.3.18 2.18.2 2.19.4 y 2.20.5. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-279xx/CVE-2024-27900.json b/CVE-2024/CVE-2024-279xx/CVE-2024-27900.json index 7f0e78effae..1642a8256c8 100644 --- a/CVE-2024/CVE-2024-279xx/CVE-2024-27900.json +++ b/CVE-2024/CVE-2024-279xx/CVE-2024-27900.json @@ -2,12 +2,16 @@ "id": "CVE-2024-27900", "sourceIdentifier": "cna@sap.com", "published": "2024-03-12T01:15:49.980", - "lastModified": "2024-03-12T01:15:49.980", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Due to missing authorization check, attacker with business user account in SAP ABAP Platform - version 758, 795, can change the privacy setting of job templates from shared to private. As a result, the selected template would only be accessible to the owner.\n\n" + }, + { + "lang": "es", + "value": "Debido a la falta de verificaci\u00f3n de autorizaci\u00f3n, un atacante con cuenta de usuario empresarial en SAP ABAP Platform (versi\u00f3n 758, 795) puede cambiar la configuraci\u00f3n de privacidad de las plantillas de trabajo de compartida a privada. Como resultado, solo el propietario podr\u00e1 acceder a la plantilla seleccionada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-279xx/CVE-2024-27902.json b/CVE-2024/CVE-2024-279xx/CVE-2024-27902.json index 77975ef7b26..97a4673b684 100644 --- a/CVE-2024/CVE-2024-279xx/CVE-2024-27902.json +++ b/CVE-2024/CVE-2024-279xx/CVE-2024-27902.json @@ -2,12 +2,16 @@ "id": "CVE-2024-27902", "sourceIdentifier": "cna@sap.com", "published": "2024-03-12T01:15:50.193", - "lastModified": "2024-03-12T01:15:50.193", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Applications based on SAP GUI for HTML in SAP NetWeaver AS ABAP - versions 7.89, 7.93, do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.\u00a0A successful attack can allow a malicious attacker to access and modify data through their ability to execute code in a user\u2019s browser. There is no impact on the availability of the system\n\n" + }, + { + "lang": "es", + "value": "Las aplicaciones basadas en SAP GUI para HTML en SAP NetWeaver AS ABAP (versiones 7.89, 7.93) no codifican suficientemente las entradas controladas por el usuario, lo que genera una vulnerabilidad de cross-site scripting (XSS). Un ataque exitoso puede permitir que un atacante malintencionado acceda y modifique datos a trav\u00e9s de su capacidad para ejecutar c\u00f3digo en el navegador de un usuario. No hay impacto en la disponibilidad del sistema." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-279xx/CVE-2024-27907.json b/CVE-2024/CVE-2024-279xx/CVE-2024-27907.json new file mode 100644 index 00000000000..ef81edbdd7a --- /dev/null +++ b/CVE-2024/CVE-2024-279xx/CVE-2024-27907.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-27907", + "sourceIdentifier": "productcert@siemens.com", + "published": "2024-03-12T11:15:49.720", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been identified in Simcenter Femap (All versions < V2306.0000). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted Catia MODEL file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-22051)" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "productcert@siemens.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "productcert@siemens.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "references": [ + { + "url": "https://cert-portal.siemens.com/productcert/html/ssa-000072.html", + "source": "productcert@siemens.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-279xx/CVE-2024-27938.json b/CVE-2024/CVE-2024-279xx/CVE-2024-27938.json index 6a75b48cb17..352ff07fd9a 100644 --- a/CVE-2024/CVE-2024-279xx/CVE-2024-27938.json +++ b/CVE-2024/CVE-2024-279xx/CVE-2024-27938.json @@ -2,12 +2,16 @@ "id": "CVE-2024-27938", "sourceIdentifier": "security-advisories@github.com", "published": "2024-03-11T22:15:55.490", - "lastModified": "2024-03-11T22:15:55.490", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Postal is an open source SMTP server. Postal versions less than 3.0.0 are vulnerable to SMTP Smuggling attacks which may allow incoming e-mails to be spoofed. This, in conjunction with a cooperative outgoing SMTP service, would allow for an incoming e-mail to be received by Postal addressed from a server that a user has 'authorised' to send mail on their behalf but were not the genuine author of the e-mail. Postal is not affected for sending outgoing e-mails as email is re-encoded with `` line endings when transmitted over SMTP. This issue has been addressed and users should upgrade to Postal v3.0.0 or higher. Once upgraded, Postal will only accept End of DATA sequences which are explicitly `.`. If a non-compliant sequence is detected it will be logged to the SMTP server log. There are no workarounds for this issue." + }, + { + "lang": "es", + "value": "Postal es un servidor SMTP de c\u00f3digo abierto. Las versiones postales inferiores a 3.0.0 son vulnerables a ataques de contrabando SMTP que pueden permitir que los correos electr\u00f3nicos entrantes sean falsificados. Esto, junto con un servicio SMTP saliente cooperativo, permitir\u00eda recibir un correo electr\u00f3nico entrante por correo postal con direcci\u00f3n desde un servidor que un usuario ha \"autorizado\" a enviar correo en su nombre pero que no es el verdadero autor del correo electr\u00f3nico. -correo. Postal no se ve afectado para el env\u00edo de correos electr\u00f3nicos salientes, ya que el correo electr\u00f3nico se vuelve a codificar con finales de l\u00ednea `` cuando se transmite a trav\u00e9s de SMTP. Este problema se solucion\u00f3 y los usuarios deben actualizar a Postal v3.0.0 o superior. Una vez actualizado, Postal solo aceptar\u00e1 secuencias de fin de DATOS que sean expl\u00edcitamente `.`. Si se detecta una secuencia no compatible, se registrar\u00e1 en el registro del servidor SMTP. No existen soluciones alternativas para este problema." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-281xx/CVE-2024-28120.json b/CVE-2024/CVE-2024-281xx/CVE-2024-28120.json index 30ed30ac4f6..f1f797649e9 100644 --- a/CVE-2024/CVE-2024-281xx/CVE-2024-28120.json +++ b/CVE-2024/CVE-2024-281xx/CVE-2024-28120.json @@ -2,8 +2,8 @@ "id": "CVE-2024-28120", "sourceIdentifier": "security-advisories@github.com", "published": "2024-03-11T22:15:55.707", - "lastModified": "2024-03-11T22:15:55.707", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-281xx/CVE-2024-28163.json b/CVE-2024/CVE-2024-281xx/CVE-2024-28163.json index 44dec4ed5f1..ac31790ebbb 100644 --- a/CVE-2024/CVE-2024-281xx/CVE-2024-28163.json +++ b/CVE-2024/CVE-2024-281xx/CVE-2024-28163.json @@ -2,8 +2,8 @@ "id": "CVE-2024-28163", "sourceIdentifier": "cna@sap.com", "published": "2024-03-12T01:15:50.390", - "lastModified": "2024-03-12T01:15:50.390", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-281xx/CVE-2024-28187.json b/CVE-2024/CVE-2024-281xx/CVE-2024-28187.json index d281376f646..1b3f121acb7 100644 --- a/CVE-2024/CVE-2024-281xx/CVE-2024-28187.json +++ b/CVE-2024/CVE-2024-281xx/CVE-2024-28187.json @@ -2,8 +2,8 @@ "id": "CVE-2024-28187", "sourceIdentifier": "security-advisories@github.com", "published": "2024-03-11T20:15:07.180", - "lastModified": "2024-03-11T20:15:07.180", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-281xx/CVE-2024-28197.json b/CVE-2024/CVE-2024-281xx/CVE-2024-28197.json index c012c8bcd23..3828a02414e 100644 --- a/CVE-2024/CVE-2024-281xx/CVE-2024-28197.json +++ b/CVE-2024/CVE-2024-281xx/CVE-2024-28197.json @@ -2,12 +2,16 @@ "id": "CVE-2024-28197", "sourceIdentifier": "security-advisories@github.com", "published": "2024-03-11T20:15:07.420", - "lastModified": "2024-03-11T20:15:07.420", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Zitadel is an open source identity management system. Zitadel uses a cookie to identify the user agent (browser) and its user sessions. Although the cookie was handled according to best practices, it was accessible on subdomains of the ZITADEL instance. An attacker could take advantage of this and provide a malicious link hosted on the subdomain to the user to gain access to the victim\u2019s account in certain scenarios. A possible victim would need to login through the malicious link for this exploit to work. If the possible victim already had the cookie present, the attack would not succeed. The attack would further only be possible if there was an initial vulnerability on the subdomain. This could either be the attacker being able to control DNS or a XSS vulnerability in an application hosted on a subdomain. Versions 2.46.0, 2.45.1, and 2.44.3 have been patched. Zitadel recommends upgrading to the latest versions available in due course. Note that applying the patch will invalidate the current cookie and thus users will need to start a new session and existing sessions (user selection) will be empty. For self-hosted environments unable to upgrade to a patched version, prevent setting the following cookie name on subdomains of your Zitadel instance (e.g. within your WAF): `__Secure-zitadel-useragent`." + }, + { + "lang": "es", + "value": "Zitadel es un sistema de gesti\u00f3n de identidades de c\u00f3digo abierto. Zitadel utiliza una cookie para identificar el agente de usuario (navegador) y sus sesiones de usuario. Aunque la cookie se manej\u00f3 de acuerdo con las mejores pr\u00e1cticas, era accesible en los subdominios de la instancia ZITADEL. Un atacante podr\u00eda aprovechar esto y proporcionar un enlace malicioso alojado en el subdominio al usuario para obtener acceso a la cuenta de la v\u00edctima en ciertos escenarios. Una posible v\u00edctima tendr\u00eda que iniciar sesi\u00f3n a trav\u00e9s del enlace malicioso para que este exploit funcione. Si la posible v\u00edctima ya tuviera presente la cookie, el ataque no tendr\u00eda \u00e9xito. Adem\u00e1s, el ataque solo ser\u00eda posible si hubiera una vulnerabilidad inicial en el subdominio. Esto podr\u00eda ser que el atacante pueda controlar DNS o una vulnerabilidad XSS en una aplicaci\u00f3n alojada en un subdominio. Se han parcheado las versiones 2.46.0, 2.45.1 y 2.44.3. Zitadel recomienda actualizar a las \u00faltimas versiones disponibles oportunamente. Tenga en cuenta que la aplicaci\u00f3n del parche invalidar\u00e1 la cookie actual y, por lo tanto, los usuarios deber\u00e1n iniciar una nueva sesi\u00f3n y las sesiones existentes (selecci\u00f3n de usuario) estar\u00e1n vac\u00edas. Para entornos autohospedados que no pueden actualizar a una versi\u00f3n parcheada, evite configurar el siguiente nombre de cookie en los subdominios de su instancia de Zitadel (por ejemplo, dentro de su WAF): `__Secure-zitadel-useragent`." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-281xx/CVE-2024-28198.json b/CVE-2024/CVE-2024-281xx/CVE-2024-28198.json index c3d8380a9c4..9b18235cd91 100644 --- a/CVE-2024/CVE-2024-281xx/CVE-2024-28198.json +++ b/CVE-2024/CVE-2024-281xx/CVE-2024-28198.json @@ -2,8 +2,8 @@ "id": "CVE-2024-28198", "sourceIdentifier": "security-advisories@github.com", "published": "2024-03-11T20:15:07.643", - "lastModified": "2024-03-11T20:15:07.643", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-281xx/CVE-2024-28199.json b/CVE-2024/CVE-2024-281xx/CVE-2024-28199.json index dfd658801e0..3e4ea4d1a07 100644 --- a/CVE-2024/CVE-2024-281xx/CVE-2024-28199.json +++ b/CVE-2024/CVE-2024-281xx/CVE-2024-28199.json @@ -2,12 +2,16 @@ "id": "CVE-2024-28199", "sourceIdentifier": "security-advisories@github.com", "published": "2024-03-11T23:15:47.333", - "lastModified": "2024-03-11T23:15:47.333", - "vulnStatus": "Received", + "lastModified": "2024-03-12T12:40:13.500", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "phlex is an open source framework for building object-oriented views in Ruby. There is a potential cross-site scripting (XSS) vulnerability that can be exploited via maliciously crafted user data. This was due to improper case-sensitivity in the code that was meant to prevent these attacks. If you render an `` tag with an `href` attribute set to a user-provided link, that link could potentially execute JavaScript when clicked by another user. If you splat user-provided attributes when rendering any HTML tag, malicious event attributes could be included in the output, executing JavaScript when the events are triggered by another user. Patches are available on RubyGems for all 1.x minor versions. Users are advised to upgrade. Users unable to upgrade should consider configuring a content security policy that does not allow `unsafe-inline`." + }, + { + "lang": "es", + "value": "Phlex es un framework de c\u00f3digo abierto para crear vistas orientadas a objetos en Ruby. Existe una posible vulnerabilidad de secuencias de comandos entre sitios (XSS) que puede explotarse mediante datos de usuario creados con fines malintencionados. Esto se debi\u00f3 a una distinci\u00f3n inadecuada entre may\u00fasculas y min\u00fasculas en el c\u00f3digo destinado a prevenir estos ataques. Si representa una etiqueta `` con un atributo `href` establecido en un enlace proporcionado por el usuario, ese enlace podr\u00eda potencialmente ejecutar JavaScript cuando otro usuario haga clic en \u00e9l. Si agrega atributos proporcionados por el usuario al representar cualquier etiqueta HTML, se podr\u00edan incluir atributos de eventos maliciosos en la salida, ejecutando JavaScript cuando los eventos sean activados por otro usuario. Los parches est\u00e1n disponibles en RubyGems para todas las versiones menores 1.x. Se recomienda a los usuarios que actualicen. Los usuarios que no puedan actualizar deben considerar configurar una pol\u00edtica de seguridad de contenido que no permita \"inseguro en l\u00ednea\"." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-285xx/CVE-2024-28535.json b/CVE-2024/CVE-2024-285xx/CVE-2024-28535.json new file mode 100644 index 00000000000..5bc14f458c5 --- /dev/null +++ b/CVE-2024/CVE-2024-285xx/CVE-2024-28535.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-28535", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-03-12T13:15:49.690", + "lastModified": "2024-03-12T13:15:49.690", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the mitInterface parameter of fromAddressNat function." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/fromAddressNat_mitInterface.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-285xx/CVE-2024-28553.json b/CVE-2024/CVE-2024-285xx/CVE-2024-28553.json new file mode 100644 index 00000000000..96688811e3e --- /dev/null +++ b/CVE-2024/CVE-2024-285xx/CVE-2024-28553.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-28553", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-03-12T13:15:49.763", + "lastModified": "2024-03-12T13:15:49.763", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the entrys parameter fromAddressNat function." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/fromAddressNat_entrys.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 613ba849ed7..f4715ae042f 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-03-12T11:00:34.631900+00:00 +2024-03-12T15:01:20.770216+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-03-12T10:15:08.363000+00:00 +2024-03-12T14:59:55.920000+00:00 ``` ### Last Data Feed Release @@ -29,43 +29,59 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -241107 +241122 ``` ### CVEs added in the last Commit -Recently added CVEs: `24` +Recently added CVEs: `15` -* [CVE-2023-4626](CVE-2023/CVE-2023-46xx/CVE-2023-4626.json) (`2024-03-12T10:15:06.903`) -* [CVE-2023-4627](CVE-2023/CVE-2023-46xx/CVE-2023-4627.json) (`2024-03-12T10:15:07.480`) -* [CVE-2023-4628](CVE-2023/CVE-2023-46xx/CVE-2023-4628.json) (`2024-03-12T10:15:07.657`) -* [CVE-2023-4629](CVE-2023/CVE-2023-46xx/CVE-2023-4629.json) (`2024-03-12T10:15:07.833`) -* [CVE-2023-4728](CVE-2023/CVE-2023-47xx/CVE-2023-4728.json) (`2024-03-12T10:15:08.017`) -* [CVE-2023-4729](CVE-2023/CVE-2023-47xx/CVE-2023-4729.json) (`2024-03-12T10:15:08.197`) -* [CVE-2023-4731](CVE-2023/CVE-2023-47xx/CVE-2023-4731.json) (`2024-03-12T10:15:08.363`) -* [CVE-2024-0906](CVE-2024/CVE-2024-09xx/CVE-2024-0906.json) (`2024-03-12T09:15:06.670`) -* [CVE-2024-1328](CVE-2024/CVE-2024-13xx/CVE-2024-1328.json) (`2024-03-12T09:15:06.897`) -* [CVE-2024-2371](CVE-2024/CVE-2024-23xx/CVE-2024-2371.json) (`2024-03-12T09:15:10.133`) -* [CVE-2024-25994](CVE-2024/CVE-2024-259xx/CVE-2024-25994.json) (`2024-03-12T09:15:07.080`) -* [CVE-2024-25995](CVE-2024/CVE-2024-259xx/CVE-2024-25995.json) (`2024-03-12T09:15:07.343`) -* [CVE-2024-25996](CVE-2024/CVE-2024-259xx/CVE-2024-25996.json) (`2024-03-12T09:15:07.573`) -* [CVE-2024-25997](CVE-2024/CVE-2024-259xx/CVE-2024-25997.json) (`2024-03-12T09:15:07.810`) -* [CVE-2024-25998](CVE-2024/CVE-2024-259xx/CVE-2024-25998.json) (`2024-03-12T09:15:08.020`) -* [CVE-2024-25999](CVE-2024/CVE-2024-259xx/CVE-2024-25999.json) (`2024-03-12T09:15:08.233`) -* [CVE-2024-26000](CVE-2024/CVE-2024-260xx/CVE-2024-26000.json) (`2024-03-12T09:15:08.493`) -* [CVE-2024-26001](CVE-2024/CVE-2024-260xx/CVE-2024-26001.json) (`2024-03-12T09:15:08.730`) -* [CVE-2024-26002](CVE-2024/CVE-2024-260xx/CVE-2024-26002.json) (`2024-03-12T09:15:08.940`) -* [CVE-2024-26003](CVE-2024/CVE-2024-260xx/CVE-2024-26003.json) (`2024-03-12T09:15:09.140`) -* [CVE-2024-26004](CVE-2024/CVE-2024-260xx/CVE-2024-26004.json) (`2024-03-12T09:15:09.357`) -* [CVE-2024-26005](CVE-2024/CVE-2024-260xx/CVE-2024-26005.json) (`2024-03-12T09:15:09.577`) -* [CVE-2024-26288](CVE-2024/CVE-2024-262xx/CVE-2024-26288.json) (`2024-03-12T09:15:09.823`) -* [CVE-2024-27279](CVE-2024/CVE-2024-272xx/CVE-2024-27279.json) (`2024-03-12T09:15:10.070`) +* [CVE-2022-32257](CVE-2022/CVE-2022-322xx/CVE-2022-32257.json) (`2024-03-12T11:15:45.210`) +* [CVE-2023-41313](CVE-2023/CVE-2023-413xx/CVE-2023-41313.json) (`2024-03-12T11:15:46.470`) +* [CVE-2023-45793](CVE-2023/CVE-2023-457xx/CVE-2023-45793.json) (`2024-03-12T11:15:47.503`) +* [CVE-2024-2049](CVE-2024/CVE-2024-20xx/CVE-2024-2049.json) (`2024-03-12T13:15:49.807`) +* [CVE-2024-21483](CVE-2024/CVE-2024-214xx/CVE-2024-21483.json) (`2024-03-12T11:15:48.217`) +* [CVE-2024-22039](CVE-2024/CVE-2024-220xx/CVE-2024-22039.json) (`2024-03-12T11:15:48.420`) +* [CVE-2024-22040](CVE-2024/CVE-2024-220xx/CVE-2024-22040.json) (`2024-03-12T11:15:48.637`) +* [CVE-2024-22041](CVE-2024/CVE-2024-220xx/CVE-2024-22041.json) (`2024-03-12T11:15:48.940`) +* [CVE-2024-22044](CVE-2024/CVE-2024-220xx/CVE-2024-22044.json) (`2024-03-12T11:15:49.153`) +* [CVE-2024-22045](CVE-2024/CVE-2024-220xx/CVE-2024-22045.json) (`2024-03-12T11:15:49.390`) +* [CVE-2024-2391](CVE-2024/CVE-2024-23xx/CVE-2024-2391.json) (`2024-03-12T11:15:49.923`) +* [CVE-2024-2393](CVE-2024/CVE-2024-23xx/CVE-2024-2393.json) (`2024-03-12T13:15:50.023`) +* [CVE-2024-27907](CVE-2024/CVE-2024-279xx/CVE-2024-27907.json) (`2024-03-12T11:15:49.720`) +* [CVE-2024-28535](CVE-2024/CVE-2024-285xx/CVE-2024-28535.json) (`2024-03-12T13:15:49.690`) +* [CVE-2024-28553](CVE-2024/CVE-2024-285xx/CVE-2024-28553.json) (`2024-03-12T13:15:49.763`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `179` +* [CVE-2024-27222](CVE-2024/CVE-2024-272xx/CVE-2024-27222.json) (`2024-03-12T12:40:13.500`) +* [CVE-2024-27223](CVE-2024/CVE-2024-272xx/CVE-2024-27223.json) (`2024-03-12T12:40:13.500`) +* [CVE-2024-27224](CVE-2024/CVE-2024-272xx/CVE-2024-27224.json) (`2024-03-12T12:40:13.500`) +* [CVE-2024-27225](CVE-2024/CVE-2024-272xx/CVE-2024-27225.json) (`2024-03-12T12:40:13.500`) +* [CVE-2024-27226](CVE-2024/CVE-2024-272xx/CVE-2024-27226.json) (`2024-03-12T12:40:13.500`) +* [CVE-2024-27227](CVE-2024/CVE-2024-272xx/CVE-2024-27227.json) (`2024-03-12T12:40:13.500`) +* [CVE-2024-27228](CVE-2024/CVE-2024-272xx/CVE-2024-27228.json) (`2024-03-12T12:40:13.500`) +* [CVE-2024-27229](CVE-2024/CVE-2024-272xx/CVE-2024-27229.json) (`2024-03-12T12:40:13.500`) +* [CVE-2024-27230](CVE-2024/CVE-2024-272xx/CVE-2024-27230.json) (`2024-03-12T12:40:13.500`) +* [CVE-2024-27233](CVE-2024/CVE-2024-272xx/CVE-2024-27233.json) (`2024-03-12T12:40:13.500`) +* [CVE-2024-27234](CVE-2024/CVE-2024-272xx/CVE-2024-27234.json) (`2024-03-12T12:40:13.500`) +* [CVE-2024-27235](CVE-2024/CVE-2024-272xx/CVE-2024-27235.json) (`2024-03-12T12:40:13.500`) +* [CVE-2024-27236](CVE-2024/CVE-2024-272xx/CVE-2024-27236.json) (`2024-03-12T12:40:13.500`) +* [CVE-2024-27237](CVE-2024/CVE-2024-272xx/CVE-2024-27237.json) (`2024-03-12T12:40:13.500`) +* [CVE-2024-27279](CVE-2024/CVE-2024-272xx/CVE-2024-27279.json) (`2024-03-12T12:40:13.500`) +* [CVE-2024-27297](CVE-2024/CVE-2024-272xx/CVE-2024-27297.json) (`2024-03-12T12:40:13.500`) +* [CVE-2024-27900](CVE-2024/CVE-2024-279xx/CVE-2024-27900.json) (`2024-03-12T12:40:13.500`) +* [CVE-2024-27902](CVE-2024/CVE-2024-279xx/CVE-2024-27902.json) (`2024-03-12T12:40:13.500`) +* [CVE-2024-27938](CVE-2024/CVE-2024-279xx/CVE-2024-27938.json) (`2024-03-12T12:40:13.500`) +* [CVE-2024-28120](CVE-2024/CVE-2024-281xx/CVE-2024-28120.json) (`2024-03-12T12:40:13.500`) +* [CVE-2024-28163](CVE-2024/CVE-2024-281xx/CVE-2024-28163.json) (`2024-03-12T12:40:13.500`) +* [CVE-2024-28187](CVE-2024/CVE-2024-281xx/CVE-2024-28187.json) (`2024-03-12T12:40:13.500`) +* [CVE-2024-28197](CVE-2024/CVE-2024-281xx/CVE-2024-28197.json) (`2024-03-12T12:40:13.500`) +* [CVE-2024-28198](CVE-2024/CVE-2024-281xx/CVE-2024-28198.json) (`2024-03-12T12:40:13.500`) +* [CVE-2024-28199](CVE-2024/CVE-2024-281xx/CVE-2024-28199.json) (`2024-03-12T12:40:13.500`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 7bedbd3baf8..20457116160 100644 --- a/_state.csv +++ b/_state.csv @@ -191085,7 +191085,7 @@ CVE-2022-2250,0,0,e38c940bcd94a238241e0db1a118fbec7b666c3ec0f6e7a881df406fb8518e CVE-2022-22502,0,0,6cf049a969df1bd89c9e331621c549f4199687f9b0c2904af47fa2fac52dde8b,2022-07-06T18:37:08.130000 CVE-2022-22503,0,0,bb5355ccb505896588bf8f82a0da282c65ebc048ea143f2d6ed3b23f18bc1adc,2022-11-08T19:44:05.377000 CVE-2022-22505,0,0,121381f40d06e3266c5f3a76b0dd63531cd3c737fa261537e7ebeb6e8f45c46c,2022-08-04T17:38:11.343000 -CVE-2022-22506,0,0,e0c61d8dbb8a8be2e6962b330fca4f6adc8446daec9b9c25ec5259bd0a1c1bf8,2024-02-12T20:39:09.773000 +CVE-2022-22506,0,1,97b4df91bde7a1bd4640fddf1366fa5b5e01ebe36e02b6b7269ef3281415ef03,2024-03-12T14:52:57.217000 CVE-2022-22507,0,0,2244a5b0d40f7b4d74adaffe5bcfc41e1b0854bcd11345c1770b706da3d52afa,2023-11-07T03:43:55.640000 CVE-2022-22508,0,0,8f0eee51fababcb0e72405a55682eebd6bc7d119f6b5b5bf484aec9de718197c,2023-05-26T17:09:14.720000 CVE-2022-22509,0,0,095c81bfe71f975bbfb372b7c7e7ec9990aa50fda09c353e4021534874b0e6a5,2022-02-05T04:49:08.907000 @@ -199190,6 +199190,7 @@ CVE-2022-32253,0,0,42df07404c19b0261d7b05f215be14e11b89f810420284a7f90d92d956e3a CVE-2022-32254,0,0,f276994ea246322423f4287b9c52682aa2bf10fbf02fa07e9ef93b623e0e90ad,2022-06-23T14:11:17.130000 CVE-2022-32255,0,0,eb45d22bb37f4b94d6264a4c88f0fc139b5b3836e489cf93ba944e79970708a9,2023-07-24T13:30:49.807000 CVE-2022-32256,0,0,072dc87b7d02d242b47274d9a41691d82e1301a1cb0f6e6143b6e3c319da4ddc,2022-06-23T13:51:56.123000 +CVE-2022-32257,1,1,2ea5a6081e004009d9dfe78fbefa353cfdc0308d57d826db18214a4687f32d6d,2024-03-12T12:40:13.500000 CVE-2022-32258,0,0,87ae25fd211602affaa6cb0af6d0bc43224b562116a61d55acf879da10aa4b07,2022-06-22T19:13:57.677000 CVE-2022-32259,0,0,2251fd7756ac08255d9ced15c644bb0c99a442955280b7d62839999b77fbae60,2023-07-24T13:30:45.863000 CVE-2022-3226,0,0,cbb97821b0a8f6b9501c8c6d95c92c034dc6edc528a080e54fc362ddca2e11b3,2022-12-05T18:55:58.393000 @@ -208901,7 +208902,7 @@ CVE-2022-4504,0,0,12ec3d1d8870782da1f150e70cc74adcffc488a882559be636223775dfb6af CVE-2022-45040,0,0,caadaa22e7b9ba02f696ddccd1ca72e43dae81b74f9a8df90d1613302c3f9957,2022-11-28T21:05:02.173000 CVE-2022-45041,0,0,1faf162e72c65c4fe66b77be683ab78ceb7610675cc40a1bea1cf616847f356d,2022-12-23T19:43:23.650000 CVE-2022-45043,0,0,0396333ac9ee9c825ce43c3f6ce60320b4ca0ec2e3bf54bffec484ab45959be9,2022-12-14T21:04:24.407000 -CVE-2022-45044,0,0,e0a8fcd428107d741060d845a19a890dc35e99af99754b95cdf484a95a3c4893,2023-09-12T10:15:21.413000 +CVE-2022-45044,0,1,8364405a68fdadb45b615b80e6e2c1aaec77a97520fddeb3f79626f71ea99ebf,2024-03-12T11:15:45.510000 CVE-2022-45045,0,0,864d029850f0e98a680b5ed9c52d6edcfeb8d79a5c9298deefda4402459c91b9,2022-12-06T15:50:37.127000 CVE-2022-45046,0,0,9dc5ee3f7777ac3fc0efd21dfa6f73f3519a8d381c823e3f1af793f9f7b2bc2c,2023-11-07T03:54:29.393000 CVE-2022-45047,0,0,7cba0ce379e2624e34b7984da2f33e7c2edba9bc636ac55edd0b8016ee08c316,2024-02-16T13:15:09.513000 @@ -209571,7 +209572,7 @@ CVE-2022-4606,0,0,54f44bf17b152db6412582e0620f0d0d766b73e0cf752246d1889e46dfdb41 CVE-2022-46061,0,0,e12f29d073851846befcb6ddc0a8aeebc5b88c385ffa9ef2e9900f7efee0a2dd,2022-12-16T04:58:35.193000 CVE-2022-46062,0,0,9bef03e602aa56bdf2fbb6faa98b430909cedb29eb84d9140d248601473817cf,2022-12-15T20:45:59.180000 CVE-2022-4607,0,0,ecc800de303bf082ccb38774687d9ca7ef840a9b0ddfb82701e237dea167c365,2024-02-29T01:36:43.570000 -CVE-2022-46070,0,0,fe4956b2d976f0935f803d875d7d796d906356c46a75b0ef2668f3ad7f823e8f,2024-03-11T22:15:54.230000 +CVE-2022-46070,0,1,7b53be57210b6f26ef445c48d2f7df696d41990a6f0461f2520cbeb23f8a1145,2024-03-12T12:40:13.500000 CVE-2022-46071,0,0,7a67726ab997ec52a4e7bd2708959721f39adf6b34d769652d474b136f6d9adc,2023-01-30T17:55:05.703000 CVE-2022-46072,0,0,621b370c453c641a16374181b8390cdb58c53a4903182ee4e591d98ef5ab393f,2023-01-30T17:51:29.990000 CVE-2022-46073,0,0,227f1aeb0c53e4a98bac446a5a583c714a8f98436871914d7cd1143885446706,2023-01-30T17:53:04.420000 @@ -218149,7 +218150,7 @@ CVE-2023-25907,0,0,ac79dc6f2aa2dab19e6a597e276217a004432ae6c4e9348bad25e4be54ea3 CVE-2023-25908,0,0,a1297bd98f03636c0f5b3f15e03da2fba397737ef686101b77bf1b6da66df5d1,2023-04-03T13:17:56.660000 CVE-2023-25909,0,0,9008daa50e2fc1e0ea38cc009831a0dbdc22b98dd7fc8c38b7adf7023ff3c3f0,2023-03-31T14:22:26.143000 CVE-2023-2591,0,0,aa938e6a3c9e69b40289d317f374ef69b9f0a981500fcd3d7fb7e738329bd023,2023-05-15T06:15:09.727000 -CVE-2023-25910,0,0,48929ac7b3005d6b2abddb832d230920e9fbd76f2fc39ccd1e6fbfb94b7a7012,2023-07-11T10:15:10.303000 +CVE-2023-25910,0,1,07b87a676cfe304f1ff435a1178f4301520e1cd2b62d92c3808870452fe4ffe3,2024-03-12T11:15:45.877000 CVE-2023-25911,0,0,b2937a81d3edbd18e16fd691c3e940478a98ab50d926ff616f13c302843391f8,2023-06-16T03:50:50.247000 CVE-2023-25912,0,0,5dce08614637fdde5aa957a5e1eed7ddf468ae3f349151b496d12cafb13f1e5f,2023-06-16T03:50:57.457000 CVE-2023-25913,0,0,d3f64ad4cbdac739c63552749f18f83eff8dddfade2e7f98a30f3e0561e32c1c,2023-08-24T21:39:11.560000 @@ -220396,7 +220397,7 @@ CVE-2023-28762,0,0,555780d5614d17fc5fed9bac06feed8554cdbbd75dc65fa7dc5b23df71c4b CVE-2023-28763,0,0,a1fea1d40f0b3feeee08551521b83c97bf9029c679f3f7e7608752005dbb03db,2023-04-14T19:49:15.630000 CVE-2023-28764,0,0,5961c81f57184925bc30638c647eda7033eb0795946b46a398d2ee4ea6ffb535,2023-05-12T20:44:32.040000 CVE-2023-28765,0,0,5b9962e5952676e94dbbca010b1fc952a10ebe651e1219bb395cafc8b376407b,2023-04-14T19:49:59.430000 -CVE-2023-28766,0,0,b6258ccad283404eb23b69965bbbdea80997cce882f053cda72bd4b97f73fe54,2023-09-12T10:15:23.957000 +CVE-2023-28766,0,1,5861541b19d17dede4dcd23f31be7dbd0f68ef73ed960d3d8bfb9d7314922773,2024-03-12T11:15:46.050000 CVE-2023-28767,0,0,68c72158de0c0b3ce5b58e227e60dea4e7e4dc559a38b5f00a82edba61773de4,2023-07-26T21:36:06.313000 CVE-2023-28768,0,0,732e43c941d15f8ab55592c8a051df6755a17b8074a5dd954ae9ea3df05a8457,2023-08-21T16:07:05.947000 CVE-2023-28769,0,0,373bceca3e25b36e84b144a270ff1a112c3c61f9b84d9cbb58cbd16b73d9fc3c,2023-05-08T18:15:09.893000 @@ -227093,7 +227094,7 @@ CVE-2023-38372,0,0,be176a46aea50108fad1bca53acf5973e4b6706440f6e3fe3e7b6c5fe28e0 CVE-2023-38378,0,0,2464e65c3f16825f290e34ed701fdf895b6a252f30c1c30b6206367098026f02,2023-07-26T01:11:51.500000 CVE-2023-38379,0,0,a59b384011c880df4389d0f6782f39151bc1e30b85b6c250e33607804b8fb54a,2023-07-26T03:28:37.867000 CVE-2023-3838,0,0,85bf9b5efd079a705937a71a164f6684e970cd5d544fb05f390c7bbf4a31c21c,2024-02-29T01:40:46.230000 -CVE-2023-38380,0,0,df52310aeca17824fb8856715759fbc1e63157ceef0734c36a68dc303067122f,2023-12-18T15:08:30.293000 +CVE-2023-38380,0,1,d7333574e8f9be716f707f1ad5054a118a39efd846bf6fcaae1de35dcdd02984,2024-03-12T11:15:46.323000 CVE-2023-38381,0,0,580e87b333e058d175503c85ff5b2c721d6b8ea39eca9d994a48ef8de7325d1d,2023-10-04T19:53:28.377000 CVE-2023-38382,0,0,95233def5985e85c0df5206014d24c06949c4b4bc39503e9f9d91f0c02293126,2023-11-10T04:19:37.937000 CVE-2023-38384,0,0,a2ec4d64fe4cdf3d4501234addd0ab1c03265aad8ceda5fd8d3665c9c7fc3ef9,2023-08-10T03:49:13.217000 @@ -229187,6 +229188,7 @@ CVE-2023-41309,0,0,1fe0b6b299465b1ba9d586e0f68c400c5e9e622bd7671ab62ce695139df3d CVE-2023-41310,0,0,e0f8274f30e117cd43f4e4e37fb6f699bcd6e65e71d8972596e551d4d14a688d,2023-09-28T16:03:40.263000 CVE-2023-41311,0,0,a487413ed75753ba1e84a95f70a06612b9f7ca9844768044bbc2e8f916d425b4,2023-09-28T15:56:31.800000 CVE-2023-41312,0,0,5f664f1a72728f9b955b0748b12f17005e61b0df2a041be8f204a01264a7e32d,2023-09-28T15:55:47.057000 +CVE-2023-41313,1,1,da3f1991b00efeb557e940b3c6e424e9b01a39d2a410fe23d3cbb873a56084e1,2024-03-12T12:40:13.500000 CVE-2023-41314,0,0,fdd05310297055f89134ebc1f14cec5feffdeeb93eab53c1c0db8126a9610341,2023-12-22T17:19:15.287000 CVE-2023-41316,0,0,1ce044fa603f2cf410cbc2e76b325f12b35df81ad6bf2754c41153ddbf8bbc99,2023-09-13T14:36:54.837000 CVE-2023-41317,0,0,2922e22d64e4766e16ac7d05660fa75b2a54aee4705e69e23750d24eb650c464,2023-09-08T16:49:51.803000 @@ -231029,11 +231031,11 @@ CVE-2023-44312,0,0,ee8d773f5efbceb6f850ded169c146beea3bd8b91bc9e3c303a02273c4771 CVE-2023-44313,0,0,2ccff3d184596dd97720cea6b7babed4736fcb869a5a89940fe69fc4c9b8c613,2024-02-08T17:13:28.083000 CVE-2023-44315,0,0,0474d89d9285949480273ea98d9b1bf4959fa5818eb5c7f76cff34da1fc2f13b,2023-10-12T00:43:38.827000 CVE-2023-44317,0,0,904a32d6b7f222bbab69f7d7953593d5ba5654565cfedc520050658965f6bf55,2024-02-13T09:15:43.880000 -CVE-2023-44318,0,0,7542b7531adb73bf593cb917bc2adb414ad505c69e8fe5084934e79902aaad15,2023-12-12T12:15:11.890000 +CVE-2023-44318,0,1,60258fcd102836f1080ed3dd4a44b33e8d5496e3aeba79510332b47d38892ff4,2024-03-12T11:15:46.620000 CVE-2023-44319,0,0,51440126ff56ca3386eb940895c110b44963bb48fcfc03cfed328f1eaa40b387,2024-02-13T09:15:44.103000 CVE-2023-4432,0,0,b9ec4788b1eaac5b06e4fb1a12ba0b1d8f6a455051f0212b0e664c8a8048570d,2023-08-23T16:58:29.763000 CVE-2023-44320,0,0,d119006e47cce113b105ee2db4f38227825e3615f67d0fbdef4c97002aa08e68,2024-02-13T09:15:44.340000 -CVE-2023-44321,0,0,fb9c7408dc0be241948d038de767debcfcc8f97dacbc94b0cbd561d7d0605ed9,2024-02-13T09:15:44.537000 +CVE-2023-44321,0,1,911037adf08df4ffa2ffbbc7aa8653046518fe8ac83fe6fade98cb8847d28d1d,2024-03-12T11:15:46.980000 CVE-2023-44322,0,0,944c4a51d76649fa422a79c2c47409081554eb18d0254edd266f2a75dda78a29,2024-02-13T09:15:44.733000 CVE-2023-44323,0,0,f61dfba916ce492dbdd28ba36e69b57866e51de097dba435783b28988393aee5,2023-11-08T00:23:53.110000 CVE-2023-44324,0,0,8260c46c9561b7d7c22639b8b62e79fd87410b5b860a7b3e6421d85d0b62165c,2024-03-05T19:56:42.527000 @@ -231084,7 +231086,7 @@ CVE-2023-4437,0,0,39d9f53a15f60a9bd8392b26e566a3167dbc4ba6b6e7c3ce57e05980f9455c CVE-2023-44371,0,0,1b80aae6949db4503097e35f5511744fdd2be8948bf4de84afdfc73193f06bad,2023-11-22T16:58:39.573000 CVE-2023-44372,0,0,68df11ca84c9819a9b59c411b11134d489b9ff8d9a6a42d1b77d0d6fdd1a590d,2024-02-23T19:15:08.467000 CVE-2023-44373,0,0,2ee3a3cb3c3c46f3be7e1d5d261d06428811e170d2550609665554090fadcf61,2024-02-13T09:15:44.957000 -CVE-2023-44374,0,0,812a7b5a472f17e4e01d5be56c2ec177c78f971abbc4a0a052e09b2788cb6699,2023-12-12T12:15:13.223000 +CVE-2023-44374,0,1,0f4a17ac0b331ec6c4dac3f8af3d86a6479fc8368144856a4ac5600f3c153549,2024-03-12T11:15:47.267000 CVE-2023-44375,0,0,593d447900de38b504b8288066dba2aca1c23ca9dc2b8ebba581f03f2af8dcd2,2024-01-02T19:15:10.480000 CVE-2023-44376,0,0,bd7edf8426f6b9b5132878b896bbd83a87eb49b2089f52d618dfc7a966a2253c,2024-01-02T19:15:10.550000 CVE-2023-44377,0,0,82bf954347778e7128ea732c92275efada968563ffe465bc093d8a5741bbae62,2024-01-02T19:15:10.630000 @@ -231788,6 +231790,7 @@ CVE-2023-4578,0,0,144296adc6deed2f3dea2b9843ad11ac11d772f6beb5e81ed644692616f462 CVE-2023-45780,0,0,6e9b338eb7ce40928c4c8b87e4779d071a564c97293040ade262b55caf669a19,2023-11-07T00:39:35.803000 CVE-2023-45781,0,0,c637ee87289bfcd822925edb08813663fddaaa5361347b651c6623a68c524c7d,2023-12-22T01:15:11.440000 CVE-2023-4579,0,0,c0faf01f047020e97e425b8842137bbcb5c4871ffefebd506e94e08d0713b192,2024-01-07T11:15:13.547000 +CVE-2023-45793,1,1,0217d099aaa974002d3a705f19d97dfa1a31ab895dc678006d011d5c2c950bbc,2024-03-12T12:40:13.500000 CVE-2023-45794,0,0,a34deafa5e13b8f37a8e8f010c4ee18ae38ba2b1f1fc6d8ad20d0f30df92b53c,2023-12-28T18:59:23.170000 CVE-2023-45797,0,0,4ecc85ce516f2ac06610df24d08d359db97d03be147f0f2946ab6038f62918d0,2023-11-04T03:23:18.037000 CVE-2023-45798,0,0,0a56aa46e720d77094bf57b051cfff9494007c0381d2cc674e590f46ae2b3d25,2023-11-08T02:44:41.433000 @@ -232034,7 +232037,7 @@ CVE-2023-46151,0,0,d36e1726a3c2511b6aa612c91e27422c537a7852e6c85e3e388dd1bc05f07 CVE-2023-46152,0,0,d458a34c5b4a030ed820857158cd0e6a3e55d93b11cf036e8189dcb03881af9e,2023-11-01T19:10:56.083000 CVE-2023-46153,0,0,63192cb00e25c727d91eede4425daffc35250f3be6494ae0fe5f7e62257499e6,2023-11-03T20:20:12.173000 CVE-2023-46154,0,0,8d688207e19439c036ba4cfc5d869ea80cc6da177b6eccf1af17e582a3bbba3d,2023-12-22T19:39:53.203000 -CVE-2023-46156,0,0,0cea03c5e2082ea41ed1c0a59dc4f01e69882c3f0f50a7347db847c4028e0d52,2023-12-18T15:24:08.413000 +CVE-2023-46156,0,1,97c2d9cf402b55d258796cb5f965e057967f88960b11d1c82a7957ad2bfb0974,2024-03-12T11:15:47.740000 CVE-2023-46157,0,0,4efddff3eff179c346babf55fe34afb947b1b6c92dec6d1b86886683101c4cf0,2023-12-12T17:13:08.513000 CVE-2023-46158,0,0,f4cb1b9b8b0df0324c7c798fb74dea9c51b91e93b91241ae4f40058d56a462a3,2023-11-01T16:58:15.143000 CVE-2023-46159,0,0,8cc8eb621eacc4504a24f92282bc2951358b04416b79fbec394ac1dd68b0e198,2024-02-10T01:01:31.177000 @@ -232120,7 +232123,7 @@ CVE-2023-46256,0,0,95d3869537f1e43527b1f82e38dcba2f83fcdf77bb77ced857a69d56d83ec CVE-2023-46257,0,0,a5bbfaa642b50328e9bd44400a8b03594b931a634ffbb6c82663fcdb3d0fed5a,2023-12-21T04:47:50.787000 CVE-2023-46258,0,0,eb6bf29075e753e1f678f82532b818ea0f95dc6b6376056893aa10db7e634355,2023-12-21T04:47:58.207000 CVE-2023-46259,0,0,7506c070a4ae3b72e59811fe7f4d31d277fce4f43e1dd12441face1897fc7693,2023-12-21T04:48:07.923000 -CVE-2023-4626,1,1,0982794a8f79e9a8ac106e576e779c123e30062c08f1a816d2404cbd85d5fb62,2024-03-12T10:15:06.903000 +CVE-2023-4626,0,1,b485653e9781c74a561b6adf910cbecedcd5592f45f4bc7c8fb1acc63d804c1f,2024-03-12T12:40:13.500000 CVE-2023-46260,0,0,84b9c25852790ab53d6b9b8412b4bd22f711c4e2df483668413cd43fdc0cc926,2023-12-21T04:48:14.087000 CVE-2023-46261,0,0,045f2905cd8c75258c2bce1fc7c0578fd75f0a6cef914b0efb1bcc4b75fa1c18,2023-12-21T04:48:18.447000 CVE-2023-46262,0,0,3a40ff1b8ee7d2a9380456af3274094dd6a7f45849855e0a7555252edba72af5,2023-12-28T19:58:38.303000 @@ -232129,11 +232132,11 @@ CVE-2023-46264,0,0,1107d1fe8649143dbb85f630e3ef3480e008fe71a968937860137baba10f1 CVE-2023-46265,0,0,faf523b1f1d0f0b64e6f9ab8e8a2832ca9a7d04bf9c1f990309bb2fe7d08d513,2023-12-22T20:52:36.757000 CVE-2023-46266,0,0,a4f4513e58b724eae636fafc894b6e8a50f10ad01eaf673113e5003824aa7430,2023-12-28T19:58:21.497000 CVE-2023-46267,0,0,2b45133556ae3ed9c00ad189d4ce5d3b4164596783eb51e3ddd752a7518bed60,2023-11-07T04:21:53.713000 -CVE-2023-4627,1,1,782ceed515e01e0fe2e3ab1b4f0169a62a13c50a6e3f64148dda8c4debe1a1f3,2024-03-12T10:15:07.480000 +CVE-2023-4627,0,1,8c0a96d77922562ec0b059b344d7ae9cb872d6b33e5aaa58d94257588ba62b9d,2024-03-12T12:40:13.500000 CVE-2023-46277,0,0,6346b0b2bb00d68871673d9961e625945aee8892c521790c0cdf6d29b95a3bbd,2023-10-26T17:45:23.253000 CVE-2023-46278,0,0,28b89b923e29170c00d156680e8a97ed4a093fd98ccdfca3056e88f9c5127503,2023-11-08T23:22:08.177000 CVE-2023-46279,0,0,54a6c5c82fc86a1a519a6f28d73c552f4a184828f561419a812832af4a2e8a29,2023-12-19T17:40:49.427000 -CVE-2023-4628,1,1,f1917dd5424ec207ec2a16065d7e39a1279b3190ae3eeba708ffa74d669a402c,2024-03-12T10:15:07.657000 +CVE-2023-4628,0,1,39e1211923b490475ab834f497febd61ca0ad106305c20c18666c43a53422b65,2024-03-12T12:40:13.500000 CVE-2023-46281,0,0,f81e6a2ab4f14a6cd29d5b34f658ad3f02f96b6a05533077a235497441242dfc,2024-02-13T09:15:45.187000 CVE-2023-46282,0,0,6b71b3ea7a04c50faee89d69d66ab27dfde50426229d515e93a4eca49489647e,2024-02-13T09:15:45.337000 CVE-2023-46283,0,0,dcdb825c53576e82baec9bdedc3ee6a87dc21be81eea65be153da9b7e173f2fc,2024-02-13T09:15:45.443000 @@ -232142,7 +232145,7 @@ CVE-2023-46285,0,0,dfef64278293ed53bb1e3adbc2f81d9bce71868aa932b13afd3d0e39a06e4 CVE-2023-46287,0,0,32f877d1d978730fc322a5832f37ed0caae3b5958d24fae94ac8bbbd68a3245e,2023-10-26T17:05:56.627000 CVE-2023-46288,0,0,4d266ed18b819f4c100868d1fd39d601af42377e8f38754982c02e5d94e40b6a,2023-10-28T03:24:55.857000 CVE-2023-46289,0,0,eeb8999c1027929e8e1432385e10738220f809cefa40c971cda5d3b70278abe2,2023-11-07T18:18:35.950000 -CVE-2023-4629,1,1,27ebb371176412765fe03eecef07d1ced1afa5aec7738c04e153d7ea8ac867d3,2024-03-12T10:15:07.833000 +CVE-2023-4629,0,1,46099667ebb1d5620c651151fc81b80f7b26e3b0acd8b7bf49782cc690ba95f3,2024-03-12T12:40:13.500000 CVE-2023-46290,0,0,60b800c48e60334c2e69f95b8f0bf14e1eb82a55ac0513b709fcee11b9dfacac,2023-11-07T19:09:56.033000 CVE-2023-46298,0,0,b077731bbae2546ee5da04f8027611b1fe7cb45539952cb1927c0319e4c642b7,2023-10-28T03:30:11.740000 CVE-2023-4630,0,0,3dba6f575056abaaa0746ab4587c198ecc1c0f4fdcdfed9d0b97d9633019724f,2023-09-13T16:50:23.250000 @@ -232841,14 +232844,14 @@ CVE-2023-47267,0,0,7af787055fd484ddb13b770f63a574a7140e8e765ce3a9c07340594a128f8 CVE-2023-47271,0,0,9cc05b4e0b65c52657ed8cdc25e16f6a7fc3036ff1196f68571bcac4e63323c6,2023-12-20T01:15:07.297000 CVE-2023-47272,0,0,6e28ab19abbf3b1b70b10399ba447a3637cdf3f4443fc6db792243e0885fe9db,2023-12-28T17:24:36.373000 CVE-2023-47279,0,0,77443ef453c9d718722250faa2452d8d4368ad781c70a56bce601eb3ebab7163,2023-12-06T18:38:55.820000 -CVE-2023-4728,1,1,4d63fe7ada6963bb770d98c57df085694d9c4fe5db30459ec9b7c3b545b7996f,2024-03-12T10:15:08.017000 +CVE-2023-4728,0,1,3739059a9e889248ad0d9a8fd436f1cc6c46a0e5ea28e1d984a31031df86b6c0,2024-03-12T12:40:13.500000 CVE-2023-47283,0,0,60e1454176bd7ed0a3132a6d52101088fa7d827e2deaf9e097ee2a811ea4a3bb,2023-11-22T00:05:40.857000 -CVE-2023-4729,1,1,810d1da7e83740f5a9eb53d44a678b8a2d6f8f32177c38a3c1701d2f91c6e1f0,2024-03-12T10:15:08.197000 +CVE-2023-4729,0,1,70d3fce87ffb244160c4c5e5e9f076082cf64366b3f18ea71a20dddd7af4442c,2024-03-12T12:40:13.500000 CVE-2023-47304,0,0,479b5f8959b04d3e08ea0e2ce92de50218c370ec8b84765c36c3ad8d181305aa,2023-12-11T15:37:02.707000 CVE-2023-47307,0,0,a2ae821f36469a552a2a4d6a4a9530961c41c530b679d0b00768321caca831ac,2023-12-06T19:29:24.250000 CVE-2023-47308,0,0,1855f2894163b395fcb31605d72a87ee9a9d430cfd9c5d5b8a756abfa5635288,2023-11-21T20:14:36.287000 CVE-2023-47309,0,0,b4e1f1112a20c986d56540d3500ae44bb95a57c2e71f9a203aa4ecd2d001e642,2023-11-21T19:47:36.407000 -CVE-2023-4731,1,1,c01bdece4da2cfd6207aacbeb050bd6ea5d0cf8bcb694f339498f0559fcdd8a4,2024-03-12T10:15:08.363000 +CVE-2023-4731,0,1,41e568bc248180b1575000e490590a1975f086e2e955533b977964a378366fb2,2024-03-12T12:40:13.500000 CVE-2023-47311,0,0,044afca9557f930fe4ed0df309e9ce496dd6c235599889d80891d79cb8e1951e,2023-11-28T21:52:56.520000 CVE-2023-47312,0,0,edd7de1262541a40f285c52577b8531f1b8708060699a54e4ff826f0fa38dd74,2023-11-30T05:31:43.093000 CVE-2023-47313,0,0,20857e969ab4a50499fa3142f2c9af6b6fc442b532fee87afd58615f67a60960,2023-11-30T21:15:08.617000 @@ -234040,7 +234043,7 @@ CVE-2023-49121,0,0,9a9c53698a32836d52a756ae060b02d864330140e6f24a0633c1d57851439 CVE-2023-49122,0,0,0805fa9cc08859a233a9df0356c53f05cca93a289a0e7b46eda736e89909dc49,2024-01-10T20:31:25.807000 CVE-2023-49123,0,0,779b1b4a494847542304a4077f1f1b96e84d8e352d195e6a1725b02396387e1b,2024-01-10T20:31:36.863000 CVE-2023-49124,0,0,c14424675ba4d674608bf3e09607a3b2b86ecff68126ca913f9f0430498053a8,2024-01-10T20:29:11.320000 -CVE-2023-49125,0,0,5ff536873d9d1d08a5765b1ca312903d08025ba54b644c44e769e48bf4962126,2024-02-13T14:01:07.747000 +CVE-2023-49125,0,1,e37df2c86885d654c31a20a1efd93c991f7bee78956b7c800d267ac9518dd896,2024-03-12T11:15:48.063000 CVE-2023-49126,0,0,c9a2210a370226d0ffa44b0074f5ee29dd55c0ccbfd9d3db60452f92347f364f,2024-01-10T20:28:58.340000 CVE-2023-49127,0,0,8d796a6c6b432f69f1191f23ffc08a675098c307d46ee07db8c8f40e18131e94,2024-01-10T20:28:49.513000 CVE-2023-49128,0,0,5cb4af54b21d38c52153201435c6e6823ea55b5613ed9646ef7361bde5e0d35b,2024-01-10T20:28:33.693000 @@ -234270,7 +234273,7 @@ CVE-2023-49446,0,0,11843ebbc31e413a4ec3f5f94310ca176eaed7d3903c42780d35fa06bec4a CVE-2023-49447,0,0,5ea4d43de6e4701175280f6f21c9529954a9e2adb93596851a9ee1a0ebe8f98c,2023-12-09T04:50:34.917000 CVE-2023-49448,0,0,07f8497c6c2b008fc0b6d31e52d6d2016bd53c1ce95f72b7d58f675f93812537,2023-12-09T04:49:37.330000 CVE-2023-4945,0,0,b9429dba7eaa9601f91264961ee9b51f3d0c27ccb092b1aa220032b9c992e792,2023-11-07T04:23:12.540000 -CVE-2023-49453,0,0,287e5006bb05e06245ebdc978911bf5764481505bd48de58a5727c04396b682e,2024-03-12T08:15:45.127000 +CVE-2023-49453,0,1,9d9f4009f35df2c2ccb6c89c0afec5136bab1d6ef48c5c9e1e5c0a4c5cb65e5d,2024-03-12T12:40:13.500000 CVE-2023-49460,0,0,edbb479ef3c2815138b33e61c9a07a4c271e62f427909cc384eed0e5627d8c9e,2023-12-11T17:32:51.353000 CVE-2023-49462,0,0,83e586a92b00ca311bbc712a9a4cc0dc8c56554ced5f0c95acdc250d2b448bb7,2023-12-11T17:32:38.270000 CVE-2023-49463,0,0,a2250332b7852fac91f2dcff411af9bf57a339f150ce629175df44fb74fa8de2,2023-12-11T17:32:07.403000 @@ -234449,7 +234452,7 @@ CVE-2023-49779,0,0,d369cdfbc3bf56a03ea959dc573bcc4f04f2dcce947797eaedce433cb11d4 CVE-2023-4978,0,0,e1da00e8851a82cb3dddca5e097cec8ce26d83de005e828893848ec9fe1f9871,2023-09-20T13:12:24.480000 CVE-2023-49782,0,0,76dff6e72827ea16b18b4fccddb0eda93f2c18601fd06d9018796d708edd15fd,2023-12-13T18:05:03.240000 CVE-2023-49783,0,0,6f16d1d768feb18e360904dc76b5c2ab173cb90b14bc06f6becf8953a196f38a,2024-02-02T05:07:08.153000 -CVE-2023-49785,0,0,b36db5e367bea759355dbeb508b0fa069353157b92ef626a32bea1361582a4a3,2024-03-12T00:15:26.383000 +CVE-2023-49785,0,1,8b514abbeaa7f51292fcac782e24aa2feb95805a9262b9fff64b9189cdff4ae1,2024-03-12T12:40:13.500000 CVE-2023-49786,0,0,2d1b72213706d72224982a495bff5fdec7a8c59072d467de9fe743b7222280ff,2023-12-29T00:15:50.043000 CVE-2023-49787,0,0,685ad70bdefba8e6fd26a208af1cc6645856b2d35b81de7c098834b32522e28d,2023-12-07T18:15:08.447000 CVE-2023-49788,0,0,28bcb055e6aeb679bce67192439355faa6e9a57081d44ebf8f3390c9212896e4,2023-12-13T18:11:14.110000 @@ -235831,20 +235834,20 @@ CVE-2023-52482,0,0,d9db5f8b040cf022e5cde81df037e8b3728670f3ad42e773d11b877171a46 CVE-2023-52483,0,0,2a4ebb0c9b1f8206c0612e11bb23dd9226ede2d27e2d0d82dac525d0a27fbaad,2024-02-29T13:49:29.390000 CVE-2023-52484,0,0,d5ee2bf5164023741424c58784b9debb4274eef9f1dfe6d2acf7ec42fe245e94,2024-02-29T13:49:29.390000 CVE-2023-52485,0,0,ae3dd674dee8a38cfbc69456682c1f7bd46ba3e6d68ca90e6c460ee76310aa9e,2024-02-29T18:06:42.010000 -CVE-2023-52486,0,0,045ee6ef7e215e4a345e93b7237f0aebb5339aa3abadd35e5b36a3dd2b6c443e,2024-03-11T18:15:16.427000 -CVE-2023-52487,0,0,5a6325f86b19101d49b6f2d4f724773cbff8bbe64a9f67f4b103215b22fac680,2024-03-11T18:15:16.520000 -CVE-2023-52488,0,0,899cbffd20c67d4712c8a5f674b7f5efa0a423de9d8dbfd1578e873ed1475011,2024-03-11T18:15:16.603000 -CVE-2023-52489,0,0,5251267afac0a6a388007e244d7c2e6a9b0bdc518403e77d6f2356f642c918a7,2024-03-11T18:15:16.673000 +CVE-2023-52486,0,1,0d2686cf8d6517410fd567e4f0f862a863cfed944d136f8ff9cc52a527c2a7fb,2024-03-12T12:40:13.500000 +CVE-2023-52487,0,1,26b07e8c7b150ecc5788563df3787773a28b9b542b9ceca8b951dbd89f2d79ac,2024-03-12T12:40:13.500000 +CVE-2023-52488,0,1,cfb6cd4d2806f0b74bdd31196c98e2ead07ddd36f21afb5a46f72a04fc334f23,2024-03-12T12:40:13.500000 +CVE-2023-52489,0,1,f44f4d581da1fa15dcf51b830947df4ce8f9fe20635732a956b08bcdbdb1a0d4,2024-03-12T12:40:13.500000 CVE-2023-5249,0,0,c9a9a73292b795eaae901259118258ec7b799bf56b78d4d6d33ce623b44e08f3,2024-02-13T00:37:35.327000 -CVE-2023-52490,0,0,c57450011b01d5625d5a5b8f7eee5e539d2840fa4950699db5a4e71b8c9b6325,2024-03-11T18:15:16.750000 -CVE-2023-52491,0,0,0e97992a6d8c6300bf905f6c941d21e7bc0c5ef548488c6e54052904b79e3813,2024-03-11T18:15:16.807000 -CVE-2023-52492,0,0,152a2d50b491303beb1c1ceced8682b7b78fa9077bc0ab413a8d9791542fa13a,2024-03-11T18:15:16.877000 -CVE-2023-52493,0,0,d335b7d5f20146c75bdb78fb30d320eb9a4d9f057a7f2a7d72050bb839538081,2024-03-11T18:15:16.940000 -CVE-2023-52494,0,0,f630f580902d22d9b3f6e659d692a970db0b5520ff0744ddbd27210ea03ec124,2024-03-11T18:15:17 -CVE-2023-52495,0,0,f7c5898435ce0b2235df48d6df719a3ea79ffa0fc0b4f1fc2a4700e65e6253c1,2024-03-11T18:15:17.060000 +CVE-2023-52490,0,1,94ac1729ccd6d86cb35c15a169ae338ca0173bcd6670338c32851ea4806b77ee,2024-03-12T12:40:13.500000 +CVE-2023-52491,0,1,31608f46620c3e35e5d656209203f2c2113bca7dc09a3f5adcdf6b93691f8c8a,2024-03-12T12:40:13.500000 +CVE-2023-52492,0,1,e5a39663cbcd29b857888bd8317fe226f4a51dbdbf567464163b9d5ad4e5d99a,2024-03-12T12:40:13.500000 +CVE-2023-52493,0,1,3eac978a29523487ed714eec7224041680af7a860f2e34a7efa2bf608fa946a3,2024-03-12T12:40:13.500000 +CVE-2023-52494,0,1,d4c478a1599ee24a2d01f55bbaf0675beb86b47d427febe2007e4615943b1cc4,2024-03-12T12:40:13.500000 +CVE-2023-52495,0,1,a902908379a443289296c7593bc303ca92a965db01fd1dda88149b00070af9ba,2024-03-12T12:40:13.500000 CVE-2023-52496,0,0,6411677fed7ada25ff10068f244bd8aa86c2d95284a00baca2abac4b8980ac07,2024-03-08T11:15:06.913000 CVE-2023-52497,0,0,d28fd3926c478e680ff44081e6bd3760f5583d68da3e361284fa001d65ca8f2f,2024-03-01T15:23:36.177000 -CVE-2023-52498,0,0,975572cc0010b93628521808eb6d4a29cea04b7ba38b919056af49d8c0f081e7,2024-03-11T18:15:17.130000 +CVE-2023-52498,0,1,25149c7ed5318549364f72984a40c3d74e96dd8135368134f2d6c24ac23de6ae,2024-03-12T12:40:13.500000 CVE-2023-52499,0,0,07030abfd5b506eab489f023dd77f8aa7198bca2ea28ee40b86a1fca0cb00fb1,2024-03-04T13:58:23.447000 CVE-2023-5250,0,0,48043cf3cbd3fbd96b9a651598feb1069aa97381890f81165811ba98d5069b0c,2023-11-08T02:30:14.437000 CVE-2023-52500,0,0,c1d1ae19eb6a2caab665d0d3a91da971e3474d1439691687a1bf320b35fbcad4,2024-03-04T13:58:23.447000 @@ -236957,7 +236960,7 @@ CVE-2023-6439,0,0,65d4d1c2474ad19431eab167350b7faccee8537a0fb42fdd4ef1a447133b79 CVE-2023-6440,0,0,9305e200ceffef3af490c27133520d02952574fab8daa376a559ac8661ffdc4d,2024-02-29T01:42:37.890000 CVE-2023-6441,0,0,fe710f816513ef9673a873adeda26070cb375379bf40d3899b1aac24c15b7670,2024-02-14T15:01:46.050000 CVE-2023-6442,0,0,2e0840a6de8ca284b12ef15d0cb8c20957b6aace2cc5da0313d9b23496d44112,2024-02-29T01:42:37.993000 -CVE-2023-6444,0,0,5a01a5f8114067102abd768f57694bd722e31a0e8333f1f47e1dd72c5eae7896,2024-03-11T18:15:17.597000 +CVE-2023-6444,0,1,06b8f4c772036431ddf5f40a808f9959177739a7b3bbe977f55995809e6602f2,2024-03-12T12:40:13.500000 CVE-2023-6446,0,0,5229fa2f6d92dd63a023fa3def255ac613d4d8ffac05ce30bd931ed5ad8b45ab,2024-01-16T23:56:41.727000 CVE-2023-6447,0,0,8df239bf83c13b494930c95fc233360f5499e9cd2a9d09de8bc09add0f18bcf9,2024-01-26T19:43:45.243000 CVE-2023-6448,0,0,1380208b840aaf01150c7a611e98756b4f8e90080a51c1592db0923f6cb6d481,2023-12-19T14:15:07.183000 @@ -237222,7 +237225,7 @@ CVE-2023-6804,0,0,13181dda2bed07f7dad9eedba96ea43dcf935ca425f805f78f341a3addfecf CVE-2023-6806,0,0,68d5cc1d96ec25c7ab186323c9b5003516462d40f7f679e830f007d1bc0e4958,2024-02-29T13:49:47.277000 CVE-2023-6807,0,0,8211ca38107dc4f9b4127c6352451c7045672cf7336c16fcb14315bbd9ab0669,2024-02-27T14:21:27.377000 CVE-2023-6808,0,0,453d7720ba5e9cbfc061121430ec5679037ea2f22b990571ad72c0ac48f6ec8b,2024-02-09T16:49:29.023000 -CVE-2023-6814,0,0,a6556143d8ce69207a043e85a7b65fad47982c1f6725a32547fa5a1370bcb5dc,2024-03-12T04:15:08.257000 +CVE-2023-6814,0,1,92ddf9fba0f0cc4e5890f88faba8c1759e6a7f8de161ccd5e91df12b32e36fc8,2024-03-12T12:40:13.500000 CVE-2023-6815,0,0,d97387eb71cb43fe6e993223b0683dbb82353c2109d50f7b045bdf1d8b203f4e,2024-02-14T04:15:08.497000 CVE-2023-6816,0,0,e7839a0ba60fd8f45333ca3d0c1da185b693b7e81293656670d077cc9777a76a,2024-03-07T17:15:12.180000 CVE-2023-6817,0,0,15a873d76f1c7613f3959855e73f950459b6718d3731740781c6b052a6a56c9a,2024-02-08T16:15:47.270000 @@ -237550,7 +237553,7 @@ CVE-2023-7242,0,0,db2d6d5cc91868613ca46292b47ef3b5a3c4ae96f4def2aa8c9c1271db71c4 CVE-2023-7243,0,0,c43192a066d4b9535821b574845a0af87800cbe78fe61a46f4663ee5807e93c6,2024-03-07T17:51:08.413000 CVE-2023-7244,0,0,ba207e3262e0671e0b0b028bd6f1a9cad89868b7212853a50edc68e0c8b30845,2024-03-07T17:51:19 CVE-2023-7245,0,0,c2b129587df81b933ff7a681e47b41470d61b90df3071adf7be4cf4925974850,2024-02-20T19:50:53.960000 -CVE-2023-7247,0,0,dd33ecd8c1cdd828f209b069abb733c207b519e496da645cd25783954367d794,2024-03-11T18:15:17.683000 +CVE-2023-7247,0,1,8d068f02ebaf5bd72643a32a0d689f2cf868fd5ca5d3e65bc43aa7d79a215ea3,2024-03-12T12:40:13.500000 CVE-2024-0007,0,0,1173dcf63e36e77ef1ebddafdf32fafcec606695fbc0816f54b661f0aac88aac,2024-02-15T06:23:39.303000 CVE-2024-0008,0,0,9c41805289fe313f8323749103b11eb8b3211483db37513fd0baf5ed76da3178,2024-02-15T06:23:39.303000 CVE-2024-0009,0,0,23e936b7b54a2f1e04c46b6a36886ee0c71ffa20e63d224ee54049120613eeaa,2024-02-15T06:23:39.303000 @@ -237575,19 +237578,19 @@ CVE-2024-0035,0,0,0ce68de325f665dc3a7256a6d6e996a44f3867b847d236e5a22859f4ee4f57 CVE-2024-0036,0,0,7868a185fd5849c33467b89370b636910924de958410200fc0dfaff7e1e7d3fd,2024-02-16T13:37:51.433000 CVE-2024-0037,0,0,03fd1ee7c1131f52c59788582a866a4c9728695479267f3e85c151a2644ca135,2024-02-16T13:37:51.433000 CVE-2024-0038,0,0,8798af074e75acf30506472783c98fe3ca6f9989b456036fb13460ce3a0660ea,2024-02-16T13:37:51.433000 -CVE-2024-0039,0,0,9e84be39a63f0f91014710413bca763613558ae8c08fc1d6e3f4fd2369495ffb,2024-03-11T17:15:45.350000 +CVE-2024-0039,0,1,eef2053d277ee92cf2426457ee1c3166f51184d93b11850784119e4a32b8f532,2024-03-12T12:40:13.500000 CVE-2024-0040,0,0,4afedb45d19d9a2df9a3ecdcf577c422a3b0751bcf061eb077253f060c2e8e31,2024-02-16T13:37:51.433000 CVE-2024-0041,0,0,4dc5cf8202a81389ba1711e9ab4229bb6c315c100ad135fbbcb3e9e75477a4a9,2024-02-16T13:37:51.433000 -CVE-2024-0044,0,0,a3b4a1fd24c5000edbfd4e9441186433eec58b8833a8821111fdd7f83affa768,2024-03-11T17:15:45.450000 -CVE-2024-0045,0,0,b5427e1b1ecb43d830d7e5879c1f92d8e36900171c479d0f99373a9386bbbfd9,2024-03-11T17:15:45.507000 -CVE-2024-0046,0,0,6752863c545295b4052a1f7c46a91dbe89f7fc17b8d8a3b1879c46ffc814f051,2024-03-11T17:15:45.563000 -CVE-2024-0047,0,0,39a78aee213787bb91e2396e347bc624fe05c7e42cc60c8ab44af8e96371285b,2024-03-11T17:15:45.620000 -CVE-2024-0048,0,0,77b0c5aaee09f32e4a8554d129ba43e0cfff198a0b27d1b7c6c4f927fc171afb,2024-03-11T17:15:45.673000 -CVE-2024-0049,0,0,cbcd23da47c7af4bbee775eacef64924dfff44feba91affcd10604ca15179f47,2024-03-11T17:15:45.727000 -CVE-2024-0050,0,0,ee7360ac373d2d07758e05abb8ae63d9342f89f97096e96b8d0c40dab16f66d9,2024-03-11T17:15:45.783000 -CVE-2024-0051,0,0,b694ce79fabec03ca0da4a7ffc54a86cd5cadb0768d45f99de90513d073014e3,2024-03-11T17:15:45.840000 -CVE-2024-0052,0,0,ca6b219e98a35117b8672fccb2de31e9ded8558c54b65c2400492d72543032ae,2024-03-11T17:15:45.897000 -CVE-2024-0053,0,0,7eda16fa9d5d93a6d6450af76ecaf2880decd278a612d92fb28ae7acf15a389f,2024-03-11T17:15:45.950000 +CVE-2024-0044,0,1,ab44aa5e46ec52057492dc6548847c2750331a800b076c09a3dc363eaf71880a,2024-03-12T12:40:13.500000 +CVE-2024-0045,0,1,74be948ede2409dd1fced42dd7b971d5edcab5dd8de9a50e019ab3d0529aa80e,2024-03-12T12:40:13.500000 +CVE-2024-0046,0,1,559bea19cfab8f318d743976cea70838a7c0266c66f3f824e506f47669c918de,2024-03-12T12:40:13.500000 +CVE-2024-0047,0,1,04136819bdba13d79de536bc61d32ae3710c87bdb217042ab64bc2b648e573cf,2024-03-12T12:40:13.500000 +CVE-2024-0048,0,1,4a163da70fe592a83869f38f709b2c0802581e32f2f5a90fde281e11ecea5c6c,2024-03-12T12:40:13.500000 +CVE-2024-0049,0,1,2870145a4120269c4b774ad5a475bc86a32aaf80e68a468cf0241ea6c525fcb8,2024-03-12T12:40:13.500000 +CVE-2024-0050,0,1,ac4e7fe9d34761575417473ff0725a23428cba002d4bdba2ecc8c3f11dcdf601,2024-03-12T12:40:13.500000 +CVE-2024-0051,0,1,1e10d7ae88cadc9f5a72832435250d22c26ea58118b48436460d9ab0abdd889a,2024-03-12T12:40:13.500000 +CVE-2024-0052,0,1,982ec5f500f55c393e1ad95104d1acd01617089fcfa88bc636de292bcef45a51,2024-03-12T12:40:13.500000 +CVE-2024-0053,0,1,260483d756f420e8962c4a32143c98e01fe118d5502a6b9f7b4edbf25e96bf4f,2024-03-12T12:40:13.500000 CVE-2024-0056,0,0,8e4c5bb83a29ac8333eedaa800b8f7cbc24d65d51285a7605c7436e724c22f27,2024-02-27T20:42:01.233000 CVE-2024-0057,0,0,e4dc663a42ac696d9f4ea85b4eec7c26c470f055092858eb6ffdd99343f4d6bf,2024-02-27T20:41:51.863000 CVE-2024-0068,0,0,29054351872f671ffd0afada76da136d48518b88acaefb639ccc6c169ead07a3,2024-03-01T14:04:26.010000 @@ -237914,9 +237917,9 @@ CVE-2024-0555,0,0,e27068c658ab2fe0ade46b360f75382aad49de171a45cc11ac1210a0674260 CVE-2024-0556,0,0,58e51148ac56dc3dc5f63a5ecb0eb821e6a1130d50e3147308ecd24775c94ea7,2024-01-23T19:44:47.387000 CVE-2024-0557,0,0,dc1a9ec952bfd9769d13f6bf3eeac74887defab64a6380c2224947222dade884,2024-02-29T01:43:21.170000 CVE-2024-0558,0,0,682106b853839113151cc6960313522eeca5a08fb2d136881ee7bb3a9e6ecc04,2024-02-29T01:43:21.240000 -CVE-2024-0559,0,0,655a8f6cf9cadece8e0d8546b4909819418c42016f205db5aeaa25b2caf7f6d1,2024-03-11T18:15:17.743000 +CVE-2024-0559,0,1,9b675212b020c696a8f8afb8b66c0a2243e2a34e9449dd8334c1835c01b73b6d,2024-03-12T12:40:13.500000 CVE-2024-0560,0,0,14d68f71b9716e2e50b8e60cfacc63b081c0859f96401fdcd1a15fe7914d4b2f,2024-02-29T13:49:47.277000 -CVE-2024-0561,0,0,6739c9e72751a3020de0688072146097f3104b2a7c091fae2f45aa5d55682e12,2024-03-11T18:15:17.797000 +CVE-2024-0561,0,1,4fcd2b1a1686f5a7ccc1135479dcaeb89389297fceae9ac1b6010f58e6b61a44,2024-03-12T12:40:13.500000 CVE-2024-0562,0,0,ed47443cd929d7814f11d99ba9bb79fcc79e3e65687a5137f73cbe072b2edbfb,2024-01-25T20:15:40.210000 CVE-2024-0563,0,0,0bf4472860925ed3661b4122ec1942a93e652e3291878b51071ea3e4cbbc7ec9,2024-02-23T16:14:43.447000 CVE-2024-0564,0,0,2ea7d9789fe2bf2c5202f04a8796f5e81286b91703a6d170c1fa28f2224224c4,2024-02-08T16:36:48.837000 @@ -237996,7 +237999,7 @@ CVE-2024-0665,0,0,4f11c74d31ee400b4dead80ad52f0a187a0b330f44c457216c2744da6f3597 CVE-2024-0667,0,0,2681b7becac6d5374ec2219687491519adea78bdc5162cd2d7253f0786abc5ef,2024-02-01T04:15:17.817000 CVE-2024-0668,0,0,3db9a5de6e4dca9e79ecb9554115ef410935372b559bc145d7ca0c6d374ebafc,2024-02-13T16:24:26.927000 CVE-2024-0669,0,0,476d8f93fcd7134fc732a1bd0cd06cc03563cad47067b8fa5ebf76f58a942cc6,2024-01-26T18:52:05.550000 -CVE-2024-0670,0,0,96f0c0f86d7d60e941c6ad942ddc9516bfeba336a67759b22368dff441aebf7b,2024-03-11T15:15:47.267000 +CVE-2024-0670,0,1,33167f0359e3275db795416efbc8f947d163f19c26ca02afb6ceabdf8c567366,2024-03-12T12:40:13.500000 CVE-2024-0674,0,0,9139aa9ed68295af11e7b8aed5b715e6e747bd34139c805f237fd0a45d0b36ba,2024-02-08T16:39:59.450000 CVE-2024-0675,0,0,8bea4fa993c9477b8fb58d2ccef75bd1eb1d23abf07c79567a0ddce8b0191850,2024-02-08T16:39:42.950000 CVE-2024-0676,0,0,8035a70d9b2fb746a1bd04ffd363a65316fee85917c37a6970742638f1f2186e,2024-02-08T16:39:00.907000 @@ -238152,7 +238155,7 @@ CVE-2024-0890,0,0,3a3072b4d451948808953d391383a5041718bc72266918b3affecc497bdb9c CVE-2024-0891,0,0,d0c9b641288f0b6ee0bb29d4b0ac72ec2790b4534088061de25ec18ee5361a6c,2024-02-29T01:43:30.777000 CVE-2024-0895,0,0,6a76c7f2f120789a65253031d7521e1f62411bd227b5e6c7a4bb77914289251e,2024-02-12T17:03:38.533000 CVE-2024-0903,0,0,4e5a944405938a6def0adf008001af709d311e38e0572265081d65abf85ff9fb,2024-02-22T19:07:27.197000 -CVE-2024-0906,1,1,eb55d27166050df8ab363cc53680e6812a3c07ecfa048d06af6e56677043591c,2024-03-12T09:15:06.670000 +CVE-2024-0906,0,1,2cb73c39a2e6fe8ef5222442ed25db55924374576f26540dbc47cb2f830bdc5d,2024-03-12T12:40:13.500000 CVE-2024-0907,0,0,701cea52331df058a887458bc81b02e5da4430df695e176c30a1053289070946,2024-02-29T13:49:29.390000 CVE-2024-0909,0,0,7864e9d833556eb295eb67e87cebb39c8d9b11d41ed1f5327a80b30fe013438c,2024-02-08T20:07:51.410000 CVE-2024-0911,0,0,5f8186e1a077698fb2fa1e99d28cc6e32ac8b7b7afb205a3a02bc10c8ca698f0,2024-02-14T18:15:48.077000 @@ -238275,7 +238278,7 @@ CVE-2024-1062,0,0,e8ea8cd895eea05dff27bd99771338599b895b0c48f569d882a6d4cd9d894f CVE-2024-1063,0,0,9f783a34601f62d19b147f2fe9fbb48179f2e91e414b112cc308b0e641d38b87,2024-02-05T18:25:57.167000 CVE-2024-1064,0,0,54ebccd3b0484c776a35abc0a579ad4dfe5016d375ba9d7ccf7a7253f76d1013,2024-02-12T18:42:14.777000 CVE-2024-1066,0,0,dee5d81e7a0b9b9fb8a137a3449558003e1ae30b794977ba6cb78edfb4b822d2,2024-03-04T21:00:15.267000 -CVE-2024-1068,0,0,39bf902d592035d34d3bba6fbcf85d31e025efcb5626c106f67bda0f76bd62fc,2024-03-11T18:15:17.847000 +CVE-2024-1068,0,1,8c5c1a5e6b7a7fd62eb78fa52cdb81800fcee20641b14e12d58139523edf1aed,2024-03-12T12:40:13.500000 CVE-2024-1069,0,0,0ebc319d571e78332ab4eff9b8d2044317e8f13e0a6fe2abded578b1be7998e0,2024-02-06T20:11:52.587000 CVE-2024-1070,0,0,0fe9fc048ecfd5e5b18e56b806bd86c817a733e0960c330bc7eea079d9a31fba,2024-02-29T13:49:29.390000 CVE-2024-1072,0,0,32fe471ba00a9e765c56a143079ee3e98644ebc38ce83029c2cc4a8bc2496463,2024-02-13T19:44:28.620000 @@ -238404,16 +238407,16 @@ CVE-2024-1266,0,0,d8048f344ae1bca20edbbb90e0700136203c25ee816ee845880e494608b501 CVE-2024-1267,0,0,289a905845e3ba73685d4399f3f69b3f9fff29fc465eee2f683e030178461502,2024-02-29T01:43:46.250000 CVE-2024-1268,0,0,b624ee33fa2463d3d689c7b55a3ade25cccc1ca20e5b56fe6d99da5cadfd4ee3,2024-02-29T01:43:46.330000 CVE-2024-1269,0,0,7dab1bb6db27c0c655345b89727871ef96a6851a6eab8ad5166f167825dd5c99,2024-02-29T01:43:46.410000 -CVE-2024-1273,0,0,b6acf030a17ec2caa99da7a61fc799b5d72b30662d09e0440aaeeef758eb3242,2024-03-11T18:15:17.900000 +CVE-2024-1273,0,1,b30544c8d1481d8bbb9d1966b2dacca5d46cca0017accbc4ba293b3e0ebf17a2,2024-03-12T12:40:13.500000 CVE-2024-1276,0,0,9294f8a377c8e1f7ed8104516871f7782c82bb26b0241c65c90c5ba833233d8d,2024-02-29T13:49:29.390000 CVE-2024-1277,0,0,5b5a051d3575b993b787b1190a083d88018da5bc66d607156fcb40063c55cec4,2024-02-29T13:49:29.390000 -CVE-2024-1279,0,0,b8ebff7c26572a9909c3d6a417b5eeb4c7dbfa7306c914d7603550dfd97b60f1,2024-03-11T18:15:17.950000 +CVE-2024-1279,0,1,c1a813ee9c6ac1ae10da8cf9bad70b7c065a371b5f7620424ad3fcbaf038c20d,2024-03-12T12:40:13.500000 CVE-2024-1282,0,0,a371f7e20f84cb1dea4de324bfddc9eab836889de678add919c7c1e69ad7cb0e,2024-02-29T13:49:29.390000 CVE-2024-1283,0,0,95516cccfd3330b62eba366e128fd4e30c7541dad3dfc25f8801e64cf1671db9,2024-02-14T18:19:42.423000 CVE-2024-1284,0,0,a542ed7ad2fc69d5fc164ea1e42af4493449dbb177723d14d8b566e116471710,2024-02-14T18:19:17.177000 CVE-2024-1285,0,0,28973f93f478182e90f48ce4a0ab09f79299ff357ec1bba187e439c23a074432,2024-03-05T13:41:01.900000 CVE-2024-1288,0,0,e4429f5c87e8d5c2c8ae36fb4d938db187d89d635ebd489625ff72646c839fc3,2024-02-29T13:49:29.390000 -CVE-2024-1290,0,0,2f951497b05d5a78cbde42a8b1fb2bd38f28d69a82490eb06120f7aab461e4e1,2024-03-11T18:15:18.003000 +CVE-2024-1290,0,1,4f8878c45d861938550b0a7e302552a7984ffeb7dd902631117e51f430d22d39,2024-03-12T12:40:13.500000 CVE-2024-1294,0,0,9641429abe5a940a43824ce0a1ebfc70cc6e8bb9d03222022ce919558da2baa7,2024-02-29T13:49:29.390000 CVE-2024-1297,0,0,1fc219bb038ab422185a999365115aff94759fe3e5ff94e3dc4180f1d6bc82d0,2024-02-20T19:50:53.960000 CVE-2024-1299,0,0,952d3e1978bc9a123968ee45cc4c039cf2f6a96c36b8ac699d5424c827f802f2,2024-03-07T13:52:27.110000 @@ -238426,7 +238429,7 @@ CVE-2024-1319,0,0,4e669b4210ff650707325897da6b55c2caa5cb41a85cef69c41685513463c6 CVE-2024-1320,0,0,1287a1050641822197591216327ed52e90e5584b31c11cf080b7c8075dfd9ddc,2024-03-11T01:32:39.697000 CVE-2024-1322,0,0,55eb557d746bd5b316565e48cf52968ab1ba8b0aa245d5ad47a485b7878e6771,2024-02-29T13:49:29.390000 CVE-2024-1323,0,0,f857e29b0540aed96943a25b1179a5166e6aff501672f2c505f52ee84f4e77cb,2024-02-27T14:20:06.637000 -CVE-2024-1328,1,1,f47f62d604555736577e7d9842f65e0227787bfd00f483b1ad0a697bb2eb02d4,2024-03-12T09:15:06.897000 +CVE-2024-1328,0,1,170c1f134b7c1cc323cdf2a8e98021369f31203dcfb3a0aeb70d869d5dfa5df5,2024-03-12T12:40:13.500000 CVE-2024-1329,0,0,c251ab89131ed5db620ce7b9371daf5508a26377e3f0f0d0996003e3074e8cd1,2024-02-15T18:27:28.837000 CVE-2024-1334,0,0,516b6a37d8b8fb8f4b837a47c9cc08a680d9b92a54dc10e528435ed6da8b7e27,2024-02-29T13:49:29.390000 CVE-2024-1335,0,0,941b72cae9b146a09d00dcb213f784638d4976b781f5c45ac94e2dc5c09eaae4,2024-02-29T13:49:29.390000 @@ -238466,7 +238469,7 @@ CVE-2024-1388,0,0,9f4f35daf92433c068c4ad0e3cff9f0fc31d7e6b5e8f690807686322bd29d2 CVE-2024-1389,0,0,62d171117c191cb5fc110201c06be5328bba09160ed0dc883ad2c72ee32b12f1,2024-02-29T13:49:29.390000 CVE-2024-1390,0,0,760bcdaac2db269a3249aaa20e58e1659b2977bdb995748ef5e46a1ecb85447f,2024-02-29T13:49:29.390000 CVE-2024-1398,0,0,7a7783e481aa897afa83bd125da0d53c431d5a5a9d43f1ade8b1e715449f59a0,2024-03-04T13:58:23.447000 -CVE-2024-1400,0,0,f6299283a45b3cd05cee7296f8542b5ec537d16aa49e22e35d7c4cc0482a71b4,2024-03-11T22:15:54.490000 +CVE-2024-1400,0,1,295a10f36c3e13d694d09cafc6872c0c48f9e2b4c87da0889327ecdac7abe4ac,2024-03-12T12:40:13.500000 CVE-2024-1402,0,0,f5ee948d1697d1774361c2691c46c88d302c6ae408ab90a865a59173f66ccaae,2024-02-15T18:42:03.397000 CVE-2024-1403,0,0,52ae0be80e56bab12c9eb7614c5934d9c3f91ac3ecccfb883ba911d569f9ab9b,2024-02-28T14:07:00.563000 CVE-2024-1404,0,0,1b49ab95872e7aebf44ce53f8bd207dc74e587353a926692e694bcd6ae3118fd,2024-02-29T01:43:49.687000 @@ -238487,7 +238490,7 @@ CVE-2024-1435,0,0,3d9157bea425ae0ccbf8fb80f8804820a71722fe736e6d6583f664e8ae632d CVE-2024-1436,0,0,89cc5ea7a7e1178a29adf59c2f4cf429bb9957790ab8a0265c3119401c784ce0,2024-02-26T16:32:25.577000 CVE-2024-1437,0,0,95b845910a840a20b7fa4620989917eab09ec6f88cd90b7d076b0bb6f7afcc4a,2024-02-29T13:49:29.390000 CVE-2024-1439,0,0,0872453f826d79b5bb50df9535aa030a513837aff169f1535b08260848c8b609,2024-02-12T14:19:54.330000 -CVE-2024-1441,0,0,779b128d5e6dbaccc3e862d37e1f7b9cbeae4c7d0f84d699ae8ad4489da37214,2024-03-11T14:15:06.917000 +CVE-2024-1441,0,1,ec267d05935155310cdd73b9e71667095c956f997890f11650a4143f116d91fd,2024-03-12T12:40:13.500000 CVE-2024-1442,0,0,d5be8c6d2acf818787220c68cc096ecac92494a9aeb2f3b78b57d2953e31d3e2,2024-03-08T14:02:57.420000 CVE-2024-1443,0,0,715b4f1b1b036595e816d480c22f0394bab184a4b61631c3489044453d5f3bfb,2024-03-07T13:52:27.110000 CVE-2024-1444,0,0,56d4978632986301b509a1a8d65f888b9f13fd4ebe8f88db05c849bbae5ae999,2024-02-16T17:15:08.710000 @@ -238510,7 +238513,7 @@ CVE-2024-1476,0,0,d0730689614c6c4e0529f40c4f2bd5c19c1d139902825e56e4e732d35ae7af CVE-2024-1478,0,0,40cbce0cae33ffa26f31fcfbd9f18bad1281854428c8fee3920e07dab050464f,2024-03-05T13:41:01.900000 CVE-2024-1482,0,0,4004dc294092456d033ab8b20599d970ac1a724515bbd4c4f198331d64cbdb99,2024-02-15T06:23:39.303000 CVE-2024-1485,0,0,b9f4145834ee9d538c2d6e8caecb301f8f2dde5a282a13e80f59671c5263bb0b,2024-02-22T01:15:07.980000 -CVE-2024-1487,0,0,92f5ba3bf6384051ea73ccb336e83460221d0e9340e906c9e0266ccb8fa6d81f,2024-03-11T18:15:18.057000 +CVE-2024-1487,0,1,b2b2dfebf360671acfd4768e2cc139260a275378c54bcc3c51c880d20aa055c8,2024-03-12T12:40:13.500000 CVE-2024-1488,0,0,279192e2f81dcccd45cc434d6eccb30e7b02e02b175a7c5c859669b551700228,2024-02-15T06:23:39.303000 CVE-2024-1492,0,0,bd2975db15d23bf6ccb04f9bbcf2cde248dc3c55e86248e7f4d78edff1274431,2024-02-29T13:49:29.390000 CVE-2024-1496,0,0,6fa952c12eca34adb02683b8b330ee432853a078218cc9eaec1fae21364cc413,2024-02-29T13:49:29.390000 @@ -238525,7 +238528,7 @@ CVE-2024-1516,0,0,0682d9e420aa946a0984c09969b8a3678dc3bf8e7ee03099492a3120e2d66e CVE-2024-1519,0,0,c896f4900048f4c20516f0867e21ed67ad610a4383bb1c6f7418db09defb6991,2024-02-29T13:49:29.390000 CVE-2024-1523,0,0,721970163db9a6dae0df03cedd71fdd66f1e0962f7f754fea5cd28f457c2c9b4,2024-02-15T06:23:39.303000 CVE-2024-1525,0,0,fff84c6c726ad730b73a3bd54bd21496a1cae79f6fe36efed68cabad049a1519,2024-03-04T20:14:59.457000 -CVE-2024-1530,0,0,ddf78c1cbb3b6df6239bca4683e3d2705e1c3f95fca43e4b12581cddc435edb1,2024-02-29T01:43:52.463000 +CVE-2024-1530,0,1,6e63cc5bca164a3a0b598a3524ab12b73fe5b20673b51cfd75421e36747f8db9,2024-03-12T14:54:16.667000 CVE-2024-1534,0,0,b47b5b6f31ee51f53e35858c84b04962d1229f4f62333f470d913dd20b214dd3,2024-03-07T13:52:27.110000 CVE-2024-1546,0,0,d87548555f4c8992ddc193a435b01cbf450a34c4725a832074955ddd5326558a,2024-03-04T09:15:37.650000 CVE-2024-1547,0,0,fc3de1ace81ccfdd8fbde9e6a6951be522c10c940115407bd01fd7d037e7d770,2024-03-04T09:15:37.740000 @@ -238563,7 +238566,7 @@ CVE-2024-1635,0,0,afdfc88a91b3e19c23e9baf0c4ef009675cb15f38c497a875cb9cabeec1970 CVE-2024-1636,0,0,110561fc2d8220a09cd098605d5d9c82332c44e2266859d6f751e2ed66576fc3,2024-02-28T14:06:45.783000 CVE-2024-1638,0,0,3d25792f560ad8670a55d542406f093195536acafd656ae4b3cd5fcca03c7380,2024-02-20T19:50:53.960000 CVE-2024-1644,0,0,258e0c2c60e2ead118c6bf409e3c4e6182303d86b8fb67135f0b03753d76fde4,2024-02-20T19:50:53.960000 -CVE-2024-1645,0,0,cf378ce5b0cc895a170b1c209bc4990efed5c31916053fb34d2b368507468957,2024-03-11T22:15:54.690000 +CVE-2024-1645,0,1,1a8f3c6555dd4e7a23ffb772d88e0126b5a7926305ae8e7f9c3c65d0deac956f,2024-03-12T12:40:13.500000 CVE-2024-1647,0,0,54139a2a2a3a50db142faf8dcea4fe1dc96abdff85a01701062a380d090db1a3,2024-02-20T19:50:53.960000 CVE-2024-1648,0,0,df8581548207f098c521d901093d9d52c33a9f0520924af81b2273765446e0d5,2024-02-20T19:50:53.960000 CVE-2024-1649,0,0,cddd1d16a2fa649554e20977d58fb00396a226e17a846f01579d277dc429b938,2024-02-27T14:19:41.650000 @@ -238583,7 +238586,7 @@ CVE-2024-1676,0,0,75a25dbf1da186d6f531373499511171b06f00b3a04068d4f734276fb08847 CVE-2024-1683,0,0,f25ae2f9a9595608d9c0ca7fa909b61084cd30e6bc54195e29b2d6a4f1fe18f2,2024-02-23T02:42:54.547000 CVE-2024-1686,0,0,513b8933def64d694b65e22b1395645ba43c1774153040be97c24d03679a5263,2024-02-27T14:20:06.637000 CVE-2024-1687,0,0,2c139dd7a4cd5eb96b19cf20743fdcf2a4372838670ad53c30ef28a6668ce9e0,2024-02-27T14:20:06.637000 -CVE-2024-1696,0,0,d81f629816fab619a609d1b4319249a15062187c3a95365404d526ae2b992a12,2024-03-11T17:15:46.007000 +CVE-2024-1696,0,1,99a90d5f5f3ed72de58d46078f56367f3c20ea4ece7ee2f1509d303d1823a04c,2024-03-12T12:40:13.500000 CVE-2024-1698,0,0,75dca8418f9d56ec0cfe8b6a5fe8dbac72155e2590b7f1e80f716b71405b9b9b,2024-02-27T14:20:06.637000 CVE-2024-1700,0,0,c51c2bf467ed3c973111c6298956b10138cd5b50099766c5a1386818675492b6,2024-02-29T01:43:53.363000 CVE-2024-1701,0,0,b4ba5cedc2d7f0d7323b5eeb493b9b0acc03e1aac9dcfdeddf7c8742ba12eae6,2024-02-29T01:43:53.440000 @@ -238782,6 +238785,7 @@ CVE-2024-20346,0,0,f967daadb6c5a5a55ae179293422d73f8c43ceb443c382f34755b3930e28b CVE-2024-2044,0,0,3fd0b10fce125e32bd0e5d9dc50ee3a2a8b9230bf0485a9d580d2fc63aef2204,2024-03-08T14:02:57.420000 CVE-2024-2045,0,0,72838b74e2668b744754639ee1018477ba3696de5929605fbc709ccd12df2c15,2024-03-01T14:04:26.010000 CVE-2024-2048,0,0,b1d90a03303b3129ccd01b2fc2b67961e7b3ad9cf6b45fd30e9c61356487e3a3,2024-03-05T13:41:01.900000 +CVE-2024-2049,1,1,568edfc8c0c95cebba1886aa6f269902ca76b9f511c6a58c491c817513bd3ee2,2024-03-12T13:15:49.807000 CVE-2024-2055,0,0,5f882a5989f6397f7e904e96da4e1c976169f82ca0f1c27b5426821f0151d07f,2024-03-06T15:18:08.093000 CVE-2024-2056,0,0,c4f48e587d270913ffe9771a526c024cadd4512922dc15fd4c6520c0e60e3767,2024-03-06T15:18:08.093000 CVE-2024-2057,0,0,c41ddf6043bc4fe6dee89f426432e0e175bba0447efbea3517ac3b65349cf6cb,2024-03-10T02:16:08.657000 @@ -238864,9 +238868,9 @@ CVE-2024-20730,0,0,398a6be4a0a0d7ff83d691e82b7ed3fc5a7c9cc2b34b8f06fbf6cf4ce8b28 CVE-2024-20731,0,0,13848ff1d1dbcf11d5ebae1877fc8ee5216a2cb97d013b873c4f9de3350cb697,2024-03-01T23:06:42.083000 CVE-2024-20733,0,0,2eb52670906ff0cad8500be429d653a9513dd1b739d502e57210996c496792a1,2024-03-01T23:06:53.667000 CVE-2024-20734,0,0,7a9fcca3a02c0117ad25035158579ec7504cf021acc151bf0e320c53fde70a8a,2024-03-01T23:07:08.780000 -CVE-2024-20735,0,0,73f22cb77e5692163f14dc424f5fd3149f1ba8a638283332676b8ca1d4991b26,2024-02-15T17:15:08.900000 -CVE-2024-20736,0,0,791822127e23118ccd00b6c032d3efb7817a401f8db7607ca6b194adde894e00,2024-02-15T14:28:20.067000 -CVE-2024-20738,0,0,828ecb4a193693b0620e43f16355abcd76189a6ded52f0805beef6f8c0cce0cc,2024-02-15T14:28:20.067000 +CVE-2024-20735,0,1,e644adf80fbc7c9d3e807dcb4ce7aada7bbb5cea3cd721082c0e3b2e0ca6c2e1,2024-03-12T14:54:29.657000 +CVE-2024-20736,0,1,ae63b7adffa707edee65265eee19de1060dc8acc279f726884467fc381fb3187,2024-03-12T14:54:37.200000 +CVE-2024-20738,0,1,ecb3d3d077e82ff417fc524fce318243c7b29bea7c8efca7133d92651e03da62,2024-03-12T14:54:57.657000 CVE-2024-20739,0,0,c8c4d04137f44ee0f0edd4eda40fe959548823ee9c6d1974563b58a7a1389bc5,2024-02-15T14:28:20.067000 CVE-2024-2074,0,0,ace2bc1b3547b203a9a2f95b03e31396298a0907b3083c61388c29749c9f33b4,2024-03-01T22:22:25.913000 CVE-2024-20740,0,0,e9e2a869a76644712b8189a7392de28d8fa6690c466ea5e1dcfda76218cf5daf,2024-02-16T20:08:32.477000 @@ -238898,9 +238902,9 @@ CVE-2024-20813,0,0,b7c4b6d5d8eefd5df5660ac8b8ed6db5fa79c8de02320adbbfa98198ee004 CVE-2024-20814,0,0,bad0b10a202f97837e340c2f087d3782313c7a51b4135655566f7d993979f9ce,2024-02-14T14:17:09.033000 CVE-2024-20815,0,0,fa742efde06cc3dd7b23f2e7b276fd48c3ad3ef421a8f48672e8b37a59974bf0,2024-02-14T14:22:16.687000 CVE-2024-20816,0,0,736cbdbcfa188c9da82ab5b52a79a9bd830fbb0f6b7c583851f0f6770efa944a,2024-02-14T14:25:47.030000 -CVE-2024-20817,0,0,54f4b5d15c8128fd47a49fda24a9e02473560bdf18d34188e71fe91dabfc5058,2024-02-14T14:42:20.530000 -CVE-2024-20818,0,0,e2ee6e396eb1923ae21f9de960cc68a8caf225b8b9de74be63aef7bf9d07c573,2024-02-14T16:13:49.400000 -CVE-2024-20819,0,0,e6e86f189185cc8768f7cb9c8d9f2509b006f7912a31146a9aed8535bc766011,2024-02-14T16:20:42.337000 +CVE-2024-20817,0,1,e2bf294aa8f143320118ffa6542476cc036c6ec583c0181a6bb77ded5d11ecf3,2024-03-12T13:15:49.313000 +CVE-2024-20818,0,1,af19f7cf2bfe5c7b118ed1ba8cb5ab4e5101b649035ef6947f4838f591d6bd10,2024-03-12T13:15:49.510000 +CVE-2024-20819,0,1,e95f6d9489be9463c30426796663bf903448c130b6751dbc9c1955025823a39a,2024-03-12T13:15:49.597000 CVE-2024-20820,0,0,75517151832faa42d1cb4a22467fea9fbed6767cff3cbec27a7c84922f837142,2024-02-14T16:19:05.800000 CVE-2024-20822,0,0,98819c10bc4ccb26ad7071c41bcb0ec9515bc16477a819737e98a30f68f61abb,2024-02-09T17:30:17.653000 CVE-2024-20823,0,0,6f9e92713ae3566f4ff641bdca0209f8f9dd0eb39f9e9ca31277f9552beefba5,2024-02-09T17:30:06.773000 @@ -238960,9 +238964,9 @@ CVE-2024-20937,0,0,7287758e2231259c9c014f555798b3ad9c0afc6357df1bf350c3b71db439e CVE-2024-20938,0,0,ea972d05f0d1f5b51def7d5218b80054aec917696cf23e63727531a9a53169a6,2024-01-20T18:35:05.397000 CVE-2024-20939,0,0,aeafd4737788bbd86a8c1a77f670f6feef49be13630babdccd83f8c2f34a6fd9,2024-02-20T19:51:05.510000 CVE-2024-20940,0,0,affb6db56966fa93449594f6e709be96ef04a3a1153ac026ea45fd143ba3d9b7,2024-01-20T18:34:47.863000 -CVE-2024-20941,0,0,0ceb38be37efe4d2048966002ffc704004d2aafdefb5c6d20d0b61f95e7bf5b6,2024-02-20T19:51:05.510000 +CVE-2024-20941,0,1,d612e8fd50ee211ba585e9b351d82c09451c78a6c17cc6ea7566ce22028694a9,2024-03-12T14:56:25.870000 CVE-2024-20942,0,0,0a1ffde65edca781a2c43be2a4c7ba7db58d8fd02c78d32bf2c792004a442f50,2024-01-20T18:34:14.440000 -CVE-2024-20943,0,0,0fe69ed0879af1f37b128c275012a0644dd96868aa25f1109ba284c85154be0b,2024-02-20T19:51:05.510000 +CVE-2024-20943,0,1,9bb9af13f1150d956cf54760c3b2dd79604d027b07562a7803eaf9c9c4946e52,2024-03-12T14:56:31.537000 CVE-2024-20944,0,0,d9d0f1006606082900d60cc0e04b36758f4494605ab017b737aea5b18217c06e,2024-01-20T18:33:55 CVE-2024-20945,0,0,aadaa154745d44bd86a0ef1bd7d82ea30f3f20df2c042ec8824dec6663321e77,2024-02-20T19:51:05.510000 CVE-2024-20946,0,0,78f9761b07280ca1d61ca94ba2cb7888f7402460c2e7288324732d242d79e820,2024-01-20T18:33:39.923000 @@ -239032,7 +239036,7 @@ CVE-2024-2133,0,0,b4ffb37dc13a4725dccd4f0561c593a55475d5b90680cae1f022a340a6a9ea CVE-2024-21336,0,0,dbdd347c9be132e735365af150fcc3e29e71ab509afdbf782d6c0ab1312ca435,2024-01-31T21:08:30.463000 CVE-2024-21337,0,0,058c7c250ac96cb34eb1ecb9496e3370d6adaebdd2c5f9d4666a45659eba6666,2024-01-18T19:13:58.893000 CVE-2024-21338,0,0,9fc42a77b79a93c6a3892d54c0d494a507f88f83ad3aae57578c10f33cca7628,2024-03-05T02:00:01.990000 -CVE-2024-21339,0,0,8933ce3ac097681b804668e8ff4417a34b1809ac3034b13c1ea60d8cecd2057d,2024-02-13T18:23:02.393000 +CVE-2024-21339,0,1,a463d31b432f0913873c0b643076195b4e8ad227be1f1cfa019a47b9e87fd2d2,2024-03-12T14:53:10.630000 CVE-2024-2134,0,0,37f36d0282c2eaa9780dfab6e20d818a8848a5890401070d489da324fecc3634,2024-03-04T13:58:23.447000 CVE-2024-21340,0,0,5b18eb3b147c517f1d591bfbb12fe8a3a2f67c76f44c218fb53f7367f1e8dce2,2024-02-20T21:30:54.397000 CVE-2024-21341,0,0,f1ea44ad4e41cece56a850be33a175bad6798f7ce7f1ff62115133a45d41e661,2024-02-21T14:19:31.900000 @@ -239043,7 +239047,7 @@ CVE-2024-21345,0,0,9ce79227d202320599afc81a6aeda518e9886dda51f40f07aa7220f83fdc6 CVE-2024-21346,0,0,dbcda36e751a29a2ca8eff6038e34896a2ac9b70b073687bca8009c8a79709a0,2024-02-26T22:08:39.030000 CVE-2024-21347,0,0,832fa4b71125a64c3a6038be3323c7b1c1ba035607fcbebc13d0c9efee498723,2024-03-07T19:29:21.847000 CVE-2024-21348,0,0,3fb6248c012cd67667f328ac6b110a1f56ca3cb2763ad2355c4e1be1bc461a30,2024-03-07T19:28:49.470000 -CVE-2024-21349,0,0,0bde696fc002ef8b21621e2874d326995f846f9433de704241e439d13339e84c,2024-02-13T18:22:58.333000 +CVE-2024-21349,0,1,54be6a113b40c938ac971c3032df5d356fb91abc8a4270858edb03ebd1a43c13,2024-03-12T14:53:22.373000 CVE-2024-2135,0,0,0e7ec41b09287f9e5eebd186f40b1f916e022c2d2f615c89b8bace6b4283e741,2024-03-04T13:58:23.447000 CVE-2024-21350,0,0,479d68a29fcf25b6a253ca04d86cad3a1ebed8b4cb1311171f1451c12c1d525d,2024-03-05T20:02:13.803000 CVE-2024-21351,0,0,7a48bfbc6a48523321bf61d371facac94a044f299f4405c4a4f7eed1aeeb604e,2024-03-07T17:48:52.180000 @@ -239051,7 +239055,7 @@ CVE-2024-21352,0,0,10bcf10d69b8d5f4c7cbc76bccdf708b902db66e46e1a6537556096436a2f CVE-2024-21353,0,0,069ec1572ad8f80f7de702cc2ddaf6f315837c56bad7260abb2296947f3ace92,2024-02-27T19:45:28.470000 CVE-2024-21354,0,0,3ce7ebc69a0900308d52a9a270eed2e8c8a8e26da4d963c086b2a932d40d958e,2024-03-07T19:56:00.050000 CVE-2024-21355,0,0,33db52b928fe586679322dff0f95acf60a10004b76be3b8b084268613614f476,2024-03-07T19:55:54.570000 -CVE-2024-21356,0,0,451645ec37c6f68393c1bd6fd95f165330e32cefbb6c73c878d5c30056d160f7,2024-02-13T18:22:58.333000 +CVE-2024-21356,0,1,424903c04566a6efc2c8a570ba4f83c24f94aa04e994f264e481a9486f874602,2024-03-12T14:53:57.250000 CVE-2024-21357,0,0,2b2774a52c18865385a9c4fcfd1330bd14576eefee498127916aab83be044c88,2024-02-14T19:15:09.520000 CVE-2024-21358,0,0,e12d2a01bc34b98f84b3db6b2f1efb124f0c437076f840038311e35946c5a21a,2024-03-05T17:46:08.140000 CVE-2024-21359,0,0,0d515b649ee6abb31722404109f2da5d45fe6148885c5a0a541b199899c28adf,2024-03-05T20:03:56.137000 @@ -239107,6 +239111,7 @@ CVE-2024-2145,0,0,031bebfef4e2bed600442104d83f35f0dd85e15b091ac9be8c34c67c0a6b10 CVE-2024-2146,0,0,49b17994c16b95c54e5971317d5a230e0c627022f9bbe9b7b89f0372e5e81694,2024-03-04T13:58:23.447000 CVE-2024-2147,0,0,b471bea89008bfa1279d28ca4a74501d3e73ac7c368218cd723643c0378fb877,2024-03-04T13:58:23.447000 CVE-2024-2148,0,0,76ef6d6d81a91ea7f777ee15155747a749c4cbeaccf276b542f8862ebc078de1,2024-03-04T13:58:23.447000 +CVE-2024-21483,1,1,9151aea81f4a61f57a2b42ef8dafe022eeea7af379bf181ee6a30f8665567492,2024-03-12T12:40:13.500000 CVE-2024-21484,0,0,5f19ab0f68120a92041bdc33d9c29463ccd0d23c1b4da1c7441e6cd0612506af,2024-03-06T14:15:47.533000 CVE-2024-21485,0,0,0775bbbb470f3ac41cc07f785a9ceabee9d1e54c43c7bfd148d7325914f9c235,2024-03-06T14:15:47.760000 CVE-2024-21488,0,0,43b2437f720417d93a5df2f638573090cabb23bda138c64139ebf92844d843ae,2024-02-08T13:15:09.700000 @@ -239131,7 +239136,7 @@ CVE-2024-2153,0,0,fb8a655e3fba8ce0afef143bbe07f9318fe9ac9ad4a4312149ae082896b810 CVE-2024-2154,0,0,808acb175da714eb181f3edc983920034648532c4334633288ceede8140c354e,2024-03-04T13:58:23.447000 CVE-2024-2155,0,0,610f98195537c8aa683b353dce52c7f4e6a74c4aedf8c756421dcdcf7d245b1c,2024-03-04T13:58:23.447000 CVE-2024-2156,0,0,cfe49fe5536dd3661bd385af4a390b3b7f647d19369d0e3ef3bf726e49368ca7,2024-03-04T13:58:23.447000 -CVE-2024-21584,0,0,b481178af382a3868689177cff58de3b501a6e9a306647390054436f83bd5431,2024-03-12T08:15:45.217000 +CVE-2024-21584,0,1,d66fedfad76e69bf70f964d573fe608d89f94eedd1312d57b206120486115729,2024-03-12T12:40:13.500000 CVE-2024-21585,0,0,6e8206f1fdf94b37b9dcf7444e5790dcbe04c3a87e39f8bb6c4b0625dfa3058a,2024-01-31T00:15:45.920000 CVE-2024-21587,0,0,00caf8e0dd355879f913af1e174cfaccf48910da74261d4402cf2eff2334cffc,2024-01-19T17:44:35.830000 CVE-2024-21589,0,0,68b0ee433e5dc2a6e0c5986e659a2299beb8087cc670f80d46b90c5ac3b4a35f,2024-01-19T17:41:50.160000 @@ -239245,7 +239250,7 @@ CVE-2024-21796,0,0,ad6ea83e4ba68ed8909637d1ef7b65d12f04c56232c1b05d9173891b89591 CVE-2024-21798,0,0,f6b1c3b51bfe93bdfac8ebe499d7027ef38a497aacd0c971587b98e3900bec13,2024-02-29T13:49:47.277000 CVE-2024-21802,0,0,2a0324ca9760c4b3be107883f84a1ed806e6bad72b3badb393d00982ae57c159,2024-02-26T18:15:07.290000 CVE-2024-21803,0,0,412e1fe487e1aa8e1b208c7f0baf850a3bb5b2cd1ac7cabb6ce669e7a4281bbb,2024-02-08T01:57:53.770000 -CVE-2024-21805,0,0,290b5498ea2bfa7e444e4cdf281eac4be11c10302d87b154df5e5e67f2ecc160,2024-03-12T08:15:45.277000 +CVE-2024-21805,0,1,a52828f65b6509bde8b488130919a2fdb0ba808c102ed9f4fd4334d154ad08a0,2024-03-12T12:40:13.500000 CVE-2024-21812,0,0,e8811106b26eef69a6b44b9c940e0d21e06bed50f525e5b4df36936c24830bd9,2024-02-20T19:50:53.960000 CVE-2024-21815,0,0,77643bc01852fedba42660856307ea92e48bb3e3a61f220c84686194810010fe,2024-03-05T13:41:01.900000 CVE-2024-21816,0,0,1c59ad824873b45e692308f55039674fb26186a48eef31c5167e14b30ad2d48e,2024-03-04T13:58:23.447000 @@ -239292,13 +239297,13 @@ CVE-2024-21983,0,0,ded146d4808fc5f83424e373b65cdad37794b676d9611f5162836ce6d86d8 CVE-2024-21984,0,0,c4d05388605f2fb7e341aa0197be1de56d0ddb669904fcfa6f2ad451633ba0ba,2024-02-20T19:51:05.510000 CVE-2024-21985,0,0,853a82d200092c0582c4290723b53256d943e3aa0955024d181a6e0dc05dbcae,2024-02-05T18:32:52.040000 CVE-2024-21987,0,0,5cbacef8d973a258493b6f3339adef8cd944a54f5ab54894a910d3add02dbf7c,2024-02-16T21:39:50.223000 -CVE-2024-22005,0,0,95add7290cd294e301bc690167e22af844b132815193f8b19ec7df20a64ad2b4,2024-03-11T19:15:47.120000 -CVE-2024-22006,0,0,db8c52ddfa9cd6c36377e5746f14e75a549f66708318384ecb84175ad610c7f4,2024-03-11T20:15:07.030000 -CVE-2024-22007,0,0,7560e61eadbef70d8229c48edb96bf7aed5aa04526dfcfbe8b59f370e32932f9,2024-03-11T19:15:47.233000 -CVE-2024-22008,0,0,aba9989dae8d7582f3835bd6d5800be61625fd3f6ea4ac8e0b6c7af5a6a8b06e,2024-03-11T19:15:47.280000 -CVE-2024-22009,0,0,85dd34e55b7f63503c3b71919c0381d0afaaf40b4a7ab9bf72f431026dd5f718,2024-03-11T19:15:47.320000 -CVE-2024-22010,0,0,8f08ddd17f796bf3db7b24856f6667b3f30b19adf576177d23f5829c5e76b1fa,2024-03-11T19:15:47.367000 -CVE-2024-22011,0,0,c63ee0310c45308632bed00d4bd5ef5bebfb63f149c74e8509442e70486e4592,2024-03-11T19:15:47.413000 +CVE-2024-22005,0,1,88320eec2b02282e091998fceb2ecc3f3956b0e1aa6ecb0aa2ee085a07f9fdd1,2024-03-12T12:40:13.500000 +CVE-2024-22006,0,1,493ca500c3761c12e116081231840e5742ebd8480cf0c34ad59e527a14e88f19,2024-03-12T12:40:13.500000 +CVE-2024-22007,0,1,1a6e343b5e6ac8738a670b1f49991e39f01eef956ecee194d12257f48ac988e6,2024-03-12T12:40:13.500000 +CVE-2024-22008,0,1,3d18c0dc072786f75e976395b39281f106a7571da48f79c0967f5ea6fc70ff3c,2024-03-12T12:40:13.500000 +CVE-2024-22009,0,1,94a8a375b23d1ccd5295b6b266b887bb0fd4e6e4f398c4807361c57c45df8255,2024-03-12T12:40:13.500000 +CVE-2024-22010,0,1,c8be08522110436a9d4fa99d4021d5a2fb6c1481cb50733e6d40fe00f78adb8d,2024-03-12T12:40:13.500000 +CVE-2024-22011,0,1,0b600b1e31e74facb27c71d7c9b3f514c8b8b4c777fc0d39f1c7ce9fc8756817,2024-03-12T12:40:13.500000 CVE-2024-22012,0,0,3496e1376faff79bfb913c3511ac976ce741484efad2ac0961c5ff3c4bf8d282,2024-02-15T15:10:05.857000 CVE-2024-22016,0,0,72bb3341c866069974fe863b6c9e848e25809f5f0697d51cda8a3c348c9671f4,2024-02-07T17:33:12.727000 CVE-2024-22019,0,0,973223829547718a3f4f3bb4fa40a22f9bc1dc5683cd76da421f37d5d7095881,2024-02-20T19:50:53.960000 @@ -239307,8 +239312,13 @@ CVE-2024-22022,0,0,925c0d46bbd39b5d0f2644b5e26e0cd82488a20b7de7cccfa4639e9bb8f60 CVE-2024-22024,0,0,980d44adebdc63cfe4985efd7aa2ee2044d33423093fc7c9f165c43f20a43115,2024-02-13T15:15:32.193000 CVE-2024-22027,0,0,0822e6ca4a0197c830c667319442a46ae27f8152642de8d7f05f1858eada021b,2024-01-18T20:02:46.993000 CVE-2024-22028,0,0,8abd1038154eaf5ca23784f859ed6e719a17c93e427bf707fe61eab823cdcecc,2024-01-22T20:22:47.847000 +CVE-2024-22039,1,1,ef8c56b19d2a3b2c57a146991f2128767113626aa58dc9954ac8669d3630e403,2024-03-12T12:40:13.500000 +CVE-2024-22040,1,1,7d11f7fb5567534dcb6d5b3b79b8f0abaa376b6da679960f376543715fd2e79b,2024-03-12T12:40:13.500000 +CVE-2024-22041,1,1,3a754a682c04a281339ab26bd427f37b021c68ff67ed8d1ced26ab3b349cb150,2024-03-12T12:40:13.500000 CVE-2024-22042,0,0,c5aca849b5ae0d8d5a45ea8ff67dd52ef5ada43150173caa8f5617617296b9fd,2024-02-13T14:01:07.747000 CVE-2024-22043,0,0,a1c98686e1397582f9ce546502b1ed7ddf163834d1b560b7a856a79f0a3b8eea,2024-02-13T14:01:07.747000 +CVE-2024-22044,1,1,b99638e299a5ddc2172b4e4668c169f11257f639034f1a064d4a4044edc37991,2024-03-12T12:40:13.500000 +CVE-2024-22045,1,1,155f11c0bf9f756acf69228f46d84c0c5305457486f639dbf5d1cfc7e3b27400,2024-03-12T12:40:13.500000 CVE-2024-22047,0,0,53401a0ca15205d5f58e3177bd4108b78572d1dc1b0ae9ee4ce1da68c8a30362,2024-01-10T20:02:53.583000 CVE-2024-22048,0,0,ccec92a3265daf717c2bbbed7f0a34c57c44b3241b68cc37edd5bca0fad67548,2024-01-11T16:34:19.193000 CVE-2024-22049,0,0,9b7359ed630e382551d4570c9533818edaca377c6778b42eef7546c62195794e,2024-01-23T19:15:08.283000 @@ -239333,13 +239343,13 @@ CVE-2024-22119,0,0,d25acc4f5f2224943f2feaeb837e6d77f51fb63d8c6b5945b3415b9f2d10b CVE-2024-22124,0,0,35999c882bc6d44ddc45a9b1e3e882ba4227533058bc07c120048ab393e82eb5,2024-01-22T19:17:13.050000 CVE-2024-22125,0,0,09efd17c32a694e6a723ff7a2a9eaeeb4bc062e9a25db0f7cad8d3d4b4874464,2024-01-12T19:42:36.637000 CVE-2024-22126,0,0,21fbc349f898f1250de5f7f39ca68cc7afccec8ff42d81c72dbf786571fc9040,2024-02-13T14:01:40.577000 -CVE-2024-22127,0,0,b8a1cfad23a1fc2e1e2b86bb0c6c6808495e6a2c75605d3a3146b69acd166360,2024-03-12T01:15:49.060000 +CVE-2024-22127,0,1,2c9b376a3ef316ad07becbd257aadc53995111acac2684bbba2b6bb8f646c835,2024-03-12T12:40:13.500000 CVE-2024-22128,0,0,0c5c439d18342819d7315b4a32a2bc4f41f858a1b21ef0fe06f84b34bb1db3d7,2024-02-13T14:01:40.577000 CVE-2024-22129,0,0,1464fd5d3308b792309b3cf96e4bac49b075b6a9da557a03d691691205ee62e4,2024-02-13T14:01:40.577000 CVE-2024-22130,0,0,ffff0cd5d2c7e1f26e5d22605c42aef119a3c1241fbbfb15485c0a6afd37c199,2024-02-13T14:01:40.577000 CVE-2024-22131,0,0,9eecd7b9a60271346c23c546cd86562dda5496cea369ce333688ec53c9899639,2024-02-13T14:01:40.577000 CVE-2024-22132,0,0,189c6c67b188cde4f4668ee97447e9e45ee679904d7ce8e743444e6ffa1377ac,2024-02-13T14:01:40.577000 -CVE-2024-22133,0,0,d395c79d33c64622696800ab2c50648a85f5ada671e5aa003b0a4d9c6d286678,2024-03-12T01:15:49.293000 +CVE-2024-22133,0,1,3de4dc164b9cc3fbf1a29517c0c34e6a9e12c54e960fc933c920f105ba7f5490,2024-03-12T12:40:13.500000 CVE-2024-22134,0,0,3be6b7702224117203e25cf98307e352d45c22327a969b8a5d10317e76a95679,2024-01-30T17:07:24.310000 CVE-2024-22135,0,0,7025eeb4417e68d70b1ebd56dbf2904b38773b2370d9f15dd4e72daa19dcfb0c,2024-01-30T17:34:58.917000 CVE-2024-22136,0,0,ffae1822b85f323446ecd7154230713998c5b43341d8cf75c26e20b18cf0dd08,2024-02-05T22:08:24.077000 @@ -239877,17 +239887,17 @@ CVE-2024-2354,0,0,6474b9f1daec1a2dcc75cfc012fc15a1d60c7e19de88b7cedc44ae49b05d7a CVE-2024-2355,0,0,1ea896b23dde620508bb7022c8604ad2c803139cc978a2cbb0a4628b0582d758,2024-03-11T01:32:29.610000 CVE-2024-23550,0,0,233aa541fdda788f0e4e95c8a9a0a8f5d7fa7689dcd559af0cf5e5843a531076,2024-02-13T00:57:33.613000 CVE-2024-23553,0,0,51ea2d50cc1ff4dbab518de2a29e9ef6a91bd6b91073c23eb1a7f0cb7c8f1090,2024-02-10T00:59:00.423000 -CVE-2024-2357,0,0,f69d73d2e7168c49c56d452e4f16dd836760bc01104f34f037dddb40c85e8b5f,2024-03-11T20:15:07.867000 +CVE-2024-2357,0,1,313587ca8b6b7919815ba797bea441002843b5151b56a9603272699863c7c655,2024-03-12T12:40:13.500000 CVE-2024-23591,0,0,f4c08614f6a162f49ecc99f020c088036b0b565e06b57796e1304b45ae78e59d,2024-02-20T22:15:08.353000 CVE-2024-23603,0,0,fa877b171423c355baa3228ce2c605e41edbf822a3508567d7754cb447355052,2024-02-14T18:04:45.380000 CVE-2024-23605,0,0,6357ef47a85c4e22049db0926cbddeb8bbc82cdf2a1a81b5a28ca15d9cbb7aa0,2024-02-26T18:15:07.673000 CVE-2024-23606,0,0,598e3aff4ae1bfd2aada0c773944509bbb201f8071a41b1a5b9e3c7372eb5aae,2024-02-20T19:50:53.960000 CVE-2024-23607,0,0,8fbc2564c100ed17fa897212d565c049df0409466e1eb4358411ecb3ce547801,2024-02-14T18:04:45.380000 -CVE-2024-23608,0,0,c98de50f4e8b973dad8f1d54c5df75c409c8b04702a613e588947dbe5d7e1073,2024-03-11T16:15:07.897000 -CVE-2024-23609,0,0,19a21d0e98904f29c5d0adf7e8c9ed6e794486d28b167a48186898accac1dd49,2024-03-11T16:15:08.157000 -CVE-2024-23610,0,0,27c772e96c2f354c984e3aa4b85ca26a8e6005fd4d4dd2fc8250a636b5c8e2a7,2024-03-11T16:15:08.370000 -CVE-2024-23611,0,0,c03fa71964a3d81dc6f1eb12a354aa4c86e804a5415aadd4646c131e3c8dc6b0,2024-03-11T16:15:08.557000 -CVE-2024-23612,0,0,0875aa7379f496dc1516588cb14ef4d3721dd4c67c8e3b96216bd2de56c83a6b,2024-03-11T16:15:08.743000 +CVE-2024-23608,0,1,cfd418359168052f5744465ed0b4453e382f80ff35426850f586b9ca273f8178,2024-03-12T12:40:13.500000 +CVE-2024-23609,0,1,b3be023bb78290eb112f306f7c609bf3dbdddb2899da6c9044083739ccf10869,2024-03-12T12:40:13.500000 +CVE-2024-23610,0,1,fb0e02e44dff9d3a9ff7d1b1aae2c2f98445bf6d7547d0f0dc0e393df1533a1f,2024-03-12T12:40:13.500000 +CVE-2024-23611,0,1,b605005386d5d9e05f847b95b88ce708a5da359c4abe16314c28aa0893475db1,2024-03-12T12:40:13.500000 +CVE-2024-23612,0,1,905fa11223afb6b2fa02b73efda7bdd729dee0c227ce723282717a065d8df6b3,2024-03-12T12:40:13.500000 CVE-2024-23613,0,0,a6caa42c068605a90eb5a5d2a146a2e76fb38281e14d3e07f037d267becbaa2b,2024-01-31T19:22:48.627000 CVE-2024-23614,0,0,64dd22961f50564212ca1f64f5062c8108f1d059ef6d673b05a943850d4463e6,2024-01-31T19:54:08.847000 CVE-2024-23615,0,0,eafd7ffa6180e2fc03ed45df24f769fecb2bae7a56932300e20ffd987e061483,2024-01-31T23:46:44.913000 @@ -239947,9 +239957,9 @@ CVE-2024-23686,0,0,ed98c70a3681e7ffc9688a2b700aefef53fbafafcbc0cbfe3bff77d9af067 CVE-2024-23687,0,0,888c703c13765b4aadeca06043a7e3dd693e14ab5fbf0ceb683a371be24cfabd,2024-01-26T16:54:13.900000 CVE-2024-23688,0,0,07f47d429f26f5d25558115321368745a1af1492969a475a8855a8882844f455,2024-01-26T15:53:31.397000 CVE-2024-23689,0,0,d7d4e018343e45ab929852f091e2e71006911f05a5c0cdd59769a6f5a80fdcee,2024-01-26T14:50:45.023000 -CVE-2024-2370,0,0,16f988ff46fdfe91c440b55eb7c64364d5f6cdcb167f09fe7bf66f636001f14e,2024-03-11T13:15:52.920000 -CVE-2024-2371,1,1,b05b60eca35e3e7cc6aca15d5e1de0df2537287df16b3fee171c3a1c39daafe7,2024-03-12T09:15:10.133000 -CVE-2024-23717,0,0,e5762642d1295dc4bc5805e342a4ae5e79cf5013fab3e5f9aa1b5c04ba6cf901,2024-03-11T17:15:46.253000 +CVE-2024-2370,0,1,a1d1304d673fe827641e4c3a32cf522de4e652ea33541d8769b0878f1a670711,2024-03-12T12:40:13.500000 +CVE-2024-2371,0,1,3cb4c1ed0c9b08d07eacc5252cd2248e3436e0fe77ed1216887d9a3f973c7f13,2024-03-12T12:40:13.500000 +CVE-2024-23717,0,1,6124f28576b39881108c8f8a6a5c6f0e66ec8c6ba51a289d578374ba7fe9cba6,2024-03-12T12:40:13.500000 CVE-2024-23724,0,0,ce25237b1b8be392e772c83f957fdb1e42b10b520f1a3f65fb6dea0241ad88c3,2024-02-11T22:29:15.837000 CVE-2024-23725,0,0,e7109aa5ed154918326c3254d584acf7e8190c7c6acd985ea1145474ef362350,2024-01-29T15:25:48.110000 CVE-2024-23726,0,0,1e6b5838c3bbe1bdea4cff85e0dab09275e17fdbeddbc74981e476f308132713,2024-01-29T15:25:36.090000 @@ -240091,8 +240101,10 @@ CVE-2024-23902,0,0,80116c10b4dcb9deee098a8540c88900f817311ddbd1ee2f2ac63018b6f6f CVE-2024-23903,0,0,ecb97aacb6f19585aea8671a201e2d7c3813e0b8271429153f27911a6bbb07e0,2024-01-31T18:13:14.563000 CVE-2024-23904,0,0,678d9b9e94528dc2befb7afc9e4f3790d1499e848c388388aaa93c118b2a19d3,2024-01-29T19:26:29.770000 CVE-2024-23905,0,0,2d8ebad5c05b335845d8a0c6b27832798a9c27087f41f1dd4daf5a7e2afef75a,2024-01-29T19:26:11.517000 +CVE-2024-2391,1,1,300399db072a6540bbd0a06df777fa75a3d1e7a8697b07c65a179910c52a917c,2024-03-12T12:40:13.500000 CVE-2024-23910,0,0,ee793d9b54a2b016ed958b8f34e12c76d98107f9ab2799f3866e1d534fa290cd,2024-02-29T13:49:47.277000 CVE-2024-23917,0,0,43acd2786eef775b4e5af3da03e8f628e79a58b917087bea0e9c91638665592f,2024-02-09T01:05:22.180000 +CVE-2024-2393,1,1,392b490f217e0ca802c4e08a5ac9e0dedd260b76ffb39c300de909092827b71c,2024-03-12T13:15:50.023000 CVE-2024-23940,0,0,88f3246b7d729e9740dbc7accb734f511d890171cb976d7dde750494e61216dd,2024-02-06T19:19:33.920000 CVE-2024-23941,0,0,12a475e2ca4f3cbb312854167865e0f548c636a650b921a0048a701032c53d0b,2024-02-06T21:37:12.433000 CVE-2024-23946,0,0,67207dc21b70d63cbdae4722a9a6dbbdd5a8b23e3f3d2747069a1e0801760d74,2024-02-29T13:49:29.390000 @@ -240146,11 +240158,11 @@ CVE-2024-24139,0,0,05c351b81221b5d5c15dcf71f081eedef16ed9d4e424f31397653840e8359 CVE-2024-24140,0,0,edb6cb4ec986c775b7110ec85e17a0d3630983c68d76dae4ec67a23c27d94ebf,2024-02-02T23:36:15.563000 CVE-2024-24141,0,0,a78f0d290364c4e971462be129e00fe95b6f5f6aadbfff8d226d838529b48698,2024-02-02T23:36:54.307000 CVE-2024-24142,0,0,8ffe4b6f45f62bc8b2280c215293579b6801f0de85603ad6edace5f26dc72e2e,2024-02-14T13:59:35.580000 -CVE-2024-24146,0,0,f7393ff7ef663920a6824a801a0175d0bf9716e5dc20ab8ff594f5ab279f91f0,2024-02-29T13:49:29.390000 -CVE-2024-24147,0,0,79107b03afb606c4d126023bef7a7b87a6ba6248cb0459dd2bd1dd4396e41b5a,2024-02-29T13:49:29.390000 +CVE-2024-24146,0,1,598b1c8aebc19c3a5c453e8bbf208ef36d8ba646d413c6e8bc5b26033ce6d9c7,2024-03-12T14:56:47.377000 +CVE-2024-24147,0,1,c1c7f80a36a8f2f6ccb01c6fc406047422bdfd99cacf5a815059414edfe4fd68,2024-03-12T14:57:28.893000 CVE-2024-24148,0,0,11b50ddcb54d0d0a572a09d7a2c1d154bda6a3e05243ee752db10dd40d04cfaa,2024-02-29T13:49:47.277000 -CVE-2024-24149,0,0,7b4593afc814c1bd180da34dfe9061eea3b005f9cec84216a3d23d28698be49a,2024-02-29T13:49:29.390000 -CVE-2024-24150,0,0,bc3814575f77d1a830367dffaaadbe8292d8b1c36cd0a619b604f35f60f1b992,2024-02-29T13:49:29.390000 +CVE-2024-24149,0,1,14be6d00bae4dcad5218983d589e9e6fa98bad49a68087dda7cd84a1f3d90829,2024-03-12T14:57:32.097000 +CVE-2024-24150,0,1,bb25001b58b37c3faaa913f21b26ac84ab72443ce7d6507597696a74e7617fa2,2024-03-12T14:59:55.920000 CVE-2024-24155,0,0,10c171627af94c3bd4daf19b208285b8ec76f14a02b213a0d4d44a43fe851505,2024-02-29T13:49:29.390000 CVE-2024-24160,0,0,cfef8a3cb10ac6cf5fe849694fa5021f72cd98bc85770980c25e5b7851a1891e,2024-02-06T20:59:08.493000 CVE-2024-24161,0,0,4562d973369fe14dca9774df5d40611a7dfeda1d9b2131a90de46c2f4f44765f,2024-02-06T21:21:36.413000 @@ -240419,7 +240431,7 @@ CVE-2024-24941,0,0,3ce7539cc2c00ca21eaf8843bb8dfa494f8daac6c677d25fe85a072b680ae CVE-2024-24942,0,0,98967e5f253d2f0e2d6c9adde01d5feb324664bac3fce3b7b875de585c5550eb,2024-02-09T01:03:13.453000 CVE-2024-24943,0,0,cecde2b734965816be739f7278af2a22cd088f91f77e60d1e6c087126d44acbd,2024-02-09T01:03:03.970000 CVE-2024-24945,0,0,c6e7443a15ad58b887b66a1afc517e5c6d2b064a4aecae431013860646a47dfe,2024-02-07T17:14:48.630000 -CVE-2024-24964,0,0,468b04e302b58c75b8bd9cc0f81cb3668ca463aa56d1cf0103ee209bd8942c22,2024-03-12T08:15:45.327000 +CVE-2024-24964,0,1,3c015ff9319add283b75ba9284dbb0964a9d4ce7edb50d2870b6147733f7e6d5,2024-03-12T12:40:13.500000 CVE-2024-24966,0,0,b8b1142fa7a04127bebdbfe2d935a3fd815c1f2bb5c99e70bfcbb30576800e5e,2024-02-14T18:04:45.380000 CVE-2024-24988,0,0,5be9c22e9d6c42885be25053a8e3f832fee202eb91ce1cb05a36918eae761d1a,2024-02-29T13:49:29.390000 CVE-2024-24989,0,0,39be90963d0952b8475635420a2f64ca0893f9b2941aa846029d2a39bd57b9e9,2024-02-14T18:04:45.380000 @@ -240453,7 +240465,7 @@ CVE-2024-25110,0,0,24d08fbde056008d1573de20c59de5968ddecd641d43f19a3146bb63dda83 CVE-2024-25111,0,0,8d304b96b70aec61377c997bcf1349baefa2e910003e5b26a2a113712a3f02d6,2024-03-06T21:42:48.053000 CVE-2024-25112,0,0,9f92b56982d5d0e159eb7030e033a87c46cac6fe6908722221c7e2c374361051,2024-02-13T14:01:40.577000 CVE-2024-25113,0,0,e5d677582d1aad971970a68e649e33cfa2ee5186bf6cd06840ccc711efadc8c5,2024-02-17T22:15:46.660000 -CVE-2024-25114,0,0,ea667be1817401fae4fcbb24f0129b30a9d5ca8aa9ba946fe9467bf5b7a63a45,2024-03-11T22:15:54.870000 +CVE-2024-25114,0,1,ecee9bf310f42cdc25e42eb7e8e0873fc105e6d49306efcf1c5e89293138d56c,2024-03-12T12:40:13.500000 CVE-2024-25117,0,0,cce25568087f33e003e408ef917e795ca999bd847bf0523692770a2f14b70a2f,2024-02-22T19:07:27.197000 CVE-2024-25118,0,0,557c105a7b5782a478cbc7b92a63142660ddc2cae3207683e4d3fac47f331dc4,2024-02-14T13:59:35.580000 CVE-2024-25119,0,0,bbb39e4f066a0670237cfd7766ee329ec0be6e95761cf28e3f81545c0f84a41b,2024-02-14T13:59:35.580000 @@ -240546,9 +240558,9 @@ CVE-2024-25315,0,0,136f14dd76f8699fd29eef34984e013f6cdb8770a204b6452b0d939ebb290 CVE-2024-25316,0,0,dccaf090a474bca51fc0821682da4c5c2112d945aeae3ef07f57e1e971411620,2024-02-12T14:23:16.537000 CVE-2024-25318,0,0,e87647abcdb6f28062346e5c03e3ffb63c878809c19788b614db3d2291a96d12,2024-02-12T21:37:44.753000 CVE-2024-25320,0,0,56ee093beb049b07518afee56858a8d8ace3b9803f6562a14fef92d8b7d67178,2024-02-16T19:26:55.393000 -CVE-2024-25325,0,0,589a30593cea607ea01a98707850df5d9c9f4004e38d8d92e960c8b3d3482717,2024-03-12T08:15:45.370000 +CVE-2024-25325,0,1,8bc90d1a62ad4d34bac08e20579a9a62b335b7a18a1a28110fe5bb69acbf6c97,2024-03-12T12:40:13.500000 CVE-2024-25327,0,0,ed53fcf930246e366b75ca3dbc41603185b262291cf82ff3e550f2ed4e97b776,2024-03-08T14:02:57.420000 -CVE-2024-25331,0,0,1b67ab35390171edc6f83c2effd868aa2be9b14c34be6dc15894eaf947892a71,2024-03-12T06:15:07.970000 +CVE-2024-25331,0,1,60a22b9e40d224a5f3b5e272a457dd70292f6aef15fb2558c273ff847702ea0c,2024-03-12T12:40:13.500000 CVE-2024-25344,0,0,5140bac0aef452b65d54f79c6217b05ec44dd1a460f10a2ceaa1e65877e2e6fa,2024-02-26T16:32:25.577000 CVE-2024-25350,0,0,3b5e1a464fb4fcd28f6d7166045a369486403df18ae61c0e2fab4e4e5871d428,2024-02-29T13:49:47.277000 CVE-2024-25351,0,0,28c4ca40865cd756499ab4d2ad9d55bb73b890cae2259528816b47b2a536dca5,2024-02-29T13:49:47.277000 @@ -240636,8 +240648,8 @@ CVE-2024-25636,0,0,25ca08d2d7942010a89cee168f33ec13089ab5d688be0f620a303dd1bdaf7 CVE-2024-25640,0,0,e7a5a66e06481c463ef3267e2ad9b6391b00223315aeb71281eb8d63b041ce79,2024-02-20T19:50:53.960000 CVE-2024-25642,0,0,bf91eeb1502dedca60fe6c035b93d7dfc5a440bc6932322c6ae4d128b4c7c145,2024-02-13T14:01:40.577000 CVE-2024-25643,0,0,08f3e6c0d454841d4e4dc84aae81812246ffbd96bb71cc2e9e4566cd4077e910,2024-02-13T14:01:07.747000 -CVE-2024-25644,0,0,78d79784a352fb21edf57e17afc353ddf416b192884d884b149b469d3f3c7a3e,2024-03-12T01:15:49.567000 -CVE-2024-25645,0,0,f383e5e1d140d2087e3b734346e20fee8cc9cccbdb85fa7be0e803c798f628d1,2024-03-12T01:15:49.780000 +CVE-2024-25644,0,1,cad748db94c87605f745ac8efbb54ef36e9bf866e1bcdbdf96bff9a05dfcf738,2024-03-12T12:40:13.500000 +CVE-2024-25645,0,1,611af6391fb4617a6b65e5d2ff91bac5a4003873b65f133d0cd2495d911bd094,2024-03-12T12:40:13.500000 CVE-2024-25674,0,0,880844ace2ad9fa6a214f1eff7f46e3beaded8f86ef202dfc09585e1e07ca21c,2024-02-12T14:30:40.343000 CVE-2024-25675,0,0,7eb120f8543ce89181641a0a8c791e82666c8e07d23577075c360f9dbf73d233,2024-02-12T14:30:28.640000 CVE-2024-25677,0,0,1d7f4f51208daa48b27418602ba1484337c537523201080701287445cfed0006,2024-02-15T19:43:24.983000 @@ -240691,7 +240703,7 @@ CVE-2024-25848,0,0,5895359e1a5386228352b229e7b9653c0bf0c5830f471332dfc6294d51c68 CVE-2024-25849,0,0,fd6a8a3b861265723369727f5c31932283295a2905dc4ab7ca20ef4c116b9249,2024-03-08T14:02:57.420000 CVE-2024-25850,0,0,692066b7b812d3f581962a79e3b9fc15f6aba377d7bab52c8307a8f270f93599,2024-02-22T19:07:27.197000 CVE-2024-25851,0,0,bd0046433b2fafcbbbb1e5febcb4c1f8638f8ee71fb735a659aa488f84a496bf,2024-03-11T22:15:55.150000 -CVE-2024-25854,0,0,1611908d390b3ffb8a04b3e4456ae3e747529a9d4befb6eeb0983cf67cec5dd5,2024-03-11T22:15:55.210000 +CVE-2024-25854,0,1,46fbf43a98bd39907390458f316c987060b7ad9ff54021918a7edbe500e3d2d7,2024-03-12T12:40:13.500000 CVE-2024-25858,0,0,e3703a6486af47542a5758b9a0dbed02e4c149644fb605d74af0ebc4b01ef273,2024-03-06T15:18:08.093000 CVE-2024-25859,0,0,535afe19fadca146fcb852c884e13f1f96dd0ffd0b267def3f0a58c94171106c,2024-02-29T13:49:47.277000 CVE-2024-25865,0,0,3c1600c9938d3c741a0c565875112497fc6aab8ca57710df7f556dbbd2f4c5d8,2024-03-04T13:58:23.447000 @@ -240737,28 +240749,28 @@ CVE-2024-25980,0,0,d14541c9bd05a1639b1a62b0f754591e13211a9cd13e14f154a9be2b3d087 CVE-2024-25981,0,0,b1e3e7b3112b200a12d00f066add816f7584aa68dc501d60e52b5fde4e625430,2024-02-29T03:15:07.267000 CVE-2024-25982,0,0,2ce9a54c1a7816fbeec4bd16145642068435e7c887fd25687a9f7d22cb5d12e6,2024-02-29T03:15:07.330000 CVE-2024-25983,0,0,ff154fc00e6515081197744006f01532137b922b6260f549c6b1a3e405b64cb0,2024-02-29T03:15:07.400000 -CVE-2024-25984,0,0,fa24a1d0575f4812ea69c48ccbc1fdc974868c8b4ea283f5ea86c12beccaa42c,2024-03-11T19:15:47.460000 -CVE-2024-25985,0,0,0ca4e4f4f7e07b9f40fa84f446a57a6f354b2f08ca426baedaeeae74a0262d4a,2024-03-11T19:15:47.513000 -CVE-2024-25986,0,0,35f724ac07762317864cb75b0cd0baa278b9e3095115d740aa78f14b94b0573b,2024-03-11T19:15:47.560000 -CVE-2024-25987,0,0,70e6b65b2ce7e61688758c616ebab00fae03b777d6a61741b83e75cb2d57ae93,2024-03-11T19:15:47.603000 -CVE-2024-25988,0,0,ce6e450eda03cb1041dcfd931464388d8064f92f66e692b8deb51942ecaeb992,2024-03-11T19:15:47.650000 -CVE-2024-25989,0,0,d548f640aa9f027469526f81efcc62bbdbba552065578f2fe3fa45c3012c1ccc,2024-03-11T19:15:47.697000 -CVE-2024-25990,0,0,9e138ffaad52d85463615618b6a4a2763965b5fa1f6c44fe92235c258fe6d279,2024-03-11T19:15:47.743000 -CVE-2024-25991,0,0,5b51dd67d56acb1790c815f7985917f74848324981ed3e8498b2fb33c0f9651b,2024-03-11T19:15:47.793000 -CVE-2024-25992,0,0,a7c311d727b6e94f9cb331f80e0a2d766bacc29a3421ebd6697ff5a902acf399,2024-03-11T19:15:47.840000 -CVE-2024-25993,0,0,d150b8d2fc6c187cd1644f9278d5030c67801b6cd620e5c9c609ae1b72f0e2f3,2024-03-11T19:15:47.883000 -CVE-2024-25994,1,1,3eaa477d01972be06fdfa72253d841a3cda875bb1f7fb4fe7408f47b74f83370,2024-03-12T09:15:07.080000 -CVE-2024-25995,1,1,01523ced9f473e004ff369a2d22b38bfc2ff24440e5c05b6422b62577d1eb629,2024-03-12T09:15:07.343000 -CVE-2024-25996,1,1,9d515de03bf6eedce1c877aa2c061369bc1b16651357f621ad982740a7d9e83f,2024-03-12T09:15:07.573000 -CVE-2024-25997,1,1,fc7e8a12244cbea627773a9c60c8e68f8e2a09a87c0e18561dc2e7ed8789067f,2024-03-12T09:15:07.810000 -CVE-2024-25998,1,1,c31fa56bf2f49871c5dc1e14f76d5c09a3df6bb608e6df90d36959b7c96896fd,2024-03-12T09:15:08.020000 -CVE-2024-25999,1,1,9a9736e18529d6ecb69a45e5f50a2d22df47d45f94a8beab78ab2363130fad8f,2024-03-12T09:15:08.233000 -CVE-2024-26000,1,1,6bf7403d6da4b4c666761060708d701098c653b4dada42039ee4ccf245bfac90,2024-03-12T09:15:08.493000 -CVE-2024-26001,1,1,61345b3a402c866c5c934abe6aa63b2fe471f296223a4e4e6158ee3ade2957e2,2024-03-12T09:15:08.730000 -CVE-2024-26002,1,1,15580e9808e39c47ecadbdcb59d9ad810f08f45addcc8390a32605c37d7d81c0,2024-03-12T09:15:08.940000 -CVE-2024-26003,1,1,f4125d5dade9b0b582e7c2009bbeb2254fea172ed610b6d16c296012666085b5,2024-03-12T09:15:09.140000 -CVE-2024-26004,1,1,9735d59fac7c071ea05125372f62720cb69e32fe1902485777bf9ecb980675b2,2024-03-12T09:15:09.357000 -CVE-2024-26005,1,1,0842dc42746c205f490fd9fa8decf1d30a2e268c99e491cfde5d4ab17d0ce293,2024-03-12T09:15:09.577000 +CVE-2024-25984,0,1,f29542b8a5cd4a722a0ce32348c18e4ee581fafbe4540e086302c038abf1735b,2024-03-12T12:40:13.500000 +CVE-2024-25985,0,1,bac38b4246a8f9a196a96b86cad0937dba375236874f09853582183ab3f9c3f2,2024-03-12T12:40:13.500000 +CVE-2024-25986,0,1,524dde69699a00f5326e42f259bbd049904aeac06efbd78b7886b7422ebc750c,2024-03-12T12:40:13.500000 +CVE-2024-25987,0,1,7b97ddb07235a3b283e9bef9ea52a9962285138adf03bc897caee778b9c1e195,2024-03-12T12:40:13.500000 +CVE-2024-25988,0,1,967626610e7f6cf765cfae00820122e110bf20596df5a89c9d43e7491c581545,2024-03-12T12:40:13.500000 +CVE-2024-25989,0,1,c424c00d097d8dbf4ed7b8513136f9266e40342fd4d8cd3f599fcca8f7f8fdc0,2024-03-12T12:40:13.500000 +CVE-2024-25990,0,1,e554a284c58f02334ee9fe366ade7f64a6fffefec755de7d9701619efe4d9dbe,2024-03-12T12:40:13.500000 +CVE-2024-25991,0,1,c0016f9c1f24bbc851565ec14261d16136d3f8a0f62e2d916f26adb68fb29152,2024-03-12T12:40:13.500000 +CVE-2024-25992,0,1,1f7ad4f72b4c1d712215cee7ed1df3013982ff7adc38636122505d884f3b7005,2024-03-12T12:40:13.500000 +CVE-2024-25993,0,1,1b3ae99e1eb10b4e6c003ddb62d49d85753271105b8e96700fc935b9386879ec,2024-03-12T12:40:13.500000 +CVE-2024-25994,0,1,70a41ee6a2c2b851362bb702d073453d4274728db4228c1ad1e37f18acbc7141,2024-03-12T12:40:13.500000 +CVE-2024-25995,0,1,0a8e9f6ca79399f6887c4f94b3bc13db856b9b14bf63eea5f5f7ddd62e689023,2024-03-12T12:40:13.500000 +CVE-2024-25996,0,1,2ae3d35fdb34b4ae210949739ce8f28721f34c2d69f0bbdf4a294c721634845d,2024-03-12T12:40:13.500000 +CVE-2024-25997,0,1,f7b2100f6c3446a36719092ec3f2bc0f9154660c9fe035f2ea4b3779e81500ec,2024-03-12T12:40:13.500000 +CVE-2024-25998,0,1,666a47e123ff95bad84e510b0140d6041be75bd0db38e73a3af9efe0f1900cf0,2024-03-12T12:40:13.500000 +CVE-2024-25999,0,1,88594eaa36dde211bbbcc4a09c2f512fc7fe20f424a105f350790eb38484f8f2,2024-03-12T12:40:13.500000 +CVE-2024-26000,0,1,ed7b65ab947f7129109e1027c1d78cb3a8871afc9d64e74076df6bd2df4fcbed,2024-03-12T12:40:13.500000 +CVE-2024-26001,0,1,f096c1484e30288878cbc800288fceba5062faabc9fe1b56bd709bb60e9f0151,2024-03-12T12:40:13.500000 +CVE-2024-26002,0,1,9d7a67a43d104f42e81288bba3a7041826f613c8a39ab0788bc3ad8571a6515a,2024-03-12T12:40:13.500000 +CVE-2024-26003,0,1,fa8874de1288018456c2c5e60f788d74da5e6a9794ed476433e2f3d61198061d,2024-03-12T12:40:13.500000 +CVE-2024-26004,0,1,246387e032da3fec432fd431d962194949239cd6f63c6608ded252f81c7603e5,2024-03-12T12:40:13.500000 +CVE-2024-26005,0,1,5612768f564be605b53cca364087e5ce4582a430bf26d99195869094006f4e9a,2024-03-12T12:40:13.500000 CVE-2024-26016,0,0,225df2de732dbe1aa65450d758c74d9fd62d1571f14eb88fac267d40c0b495b0,2024-02-28T15:15:09.320000 CVE-2024-26128,0,0,487fd4a47ca7d01d688a4160da954eb7676a1080733cdfedc265ac6cf53a8666,2024-02-23T02:42:54.547000 CVE-2024-26129,0,0,968e60f64e57be6f8f2df784210f5788e81353ced4a4f4353953a10484d71d0a,2024-02-20T19:50:53.960000 @@ -240803,7 +240815,7 @@ CVE-2024-26282,0,0,12e16d0664d3e5a788224f350268a476b4e20310c71580f41399047d3e3cf CVE-2024-26283,0,0,acb579234a4dab2cbb94d4bb731f89858224ededc4bd5cb439d12f833a83f13e,2024-02-22T19:07:27.197000 CVE-2024-26284,0,0,4b115033c97c6dcf9a0c1ba6e40593b4b63c142a50153b65619b5e6fc70a8159,2024-02-22T19:07:27.197000 CVE-2024-26287,0,0,c39408b47e386d860866dbaf91481bf6cc5c7b2fdab909e591b6b072220a00ce,2024-02-22T12:15:46.420000 -CVE-2024-26288,1,1,3638380ec7ff1f637bddc915d3f02d05f39908378c341c4fbd9645a93359cc4a,2024-03-12T09:15:09.823000 +CVE-2024-26288,0,1,d09d5769f2845cca860d6607c437523a6856a9ad896646c33e831fd58d53d7c6,2024-03-12T12:40:13.500000 CVE-2024-26294,0,0,8f2653a28865ca804b8370948c9e7d3e637353d4b46577fce92b2448c794af47,2024-02-28T14:06:45.783000 CVE-2024-26295,0,0,65ee85dc804537ea0b26ffe740c08dea57534a215c648fbb89367faf852ebc5e,2024-02-28T14:06:45.783000 CVE-2024-26296,0,0,605ae92905fdb68934567fb8547e00d5489754f8b0ed164ce1db4cfe8b788863,2024-02-28T14:06:45.783000 @@ -240856,7 +240868,7 @@ CVE-2024-26489,0,0,de79f1495737dd1b8577e3e02ec381880aa1980ded294214617e55a244fa4 CVE-2024-26490,0,0,b6f6bbce17cb8b3e0d7ffc74af2883f439e6d11d15d184e2f1a2e43e85a99a1d,2024-02-22T19:07:27.197000 CVE-2024-26491,0,0,73ef4da115c90ed06a18a1a334653b2533761b4f911c3db9814bd0d18285bcac,2024-02-22T19:07:27.197000 CVE-2024-26492,0,0,223ddadc0c7efe7b0886f487630808be0927541c8864c0a1df96647191c41c4f,2024-03-08T14:02:57.420000 -CVE-2024-26521,0,0,1ecd18ce0cb70a44ef6c4249276a932e49951ac4f689dc4bbb96b1c6d07658ac,2024-03-12T05:15:47.653000 +CVE-2024-26521,0,1,0e3dff2f526dd01b3807e889e548f69877c6fbe716f338bf9b68ff7b3cd2a892,2024-03-12T12:40:13.500000 CVE-2024-26542,0,0,84bcc676050237f7706e936cd8d9d490aa0a127cdccddbe7afe739c073267e25,2024-02-28T14:06:45.783000 CVE-2024-26548,0,0,7b31129407d10e539a4174451b23a0f83a48cdb246d6dd13af61036fdc95df1c,2024-03-01T14:04:26.010000 CVE-2024-26559,0,0,3b7b5127dd0e422a83fadfb79310bdd57e4fb71532d47a597a5aa1449637c0ce,2024-02-29T13:49:47.277000 @@ -240890,19 +240902,19 @@ CVE-2024-26604,0,0,9ac74be28974ad0b6cacf865aee48ec771430720d721be3ed86217b87f579 CVE-2024-26605,0,0,e05b1bce50a73fc2e4dc7ff327f42f6259e6a48652bd3e37fa6d78c518e1732d,2024-02-26T16:32:25.577000 CVE-2024-26606,0,0,20fa425762db9f3f8661f6a0d75963b997124489c62106fe03a6af0cc1a2a171,2024-03-11T18:15:18.890000 CVE-2024-26607,0,0,e7fd96eef289c77fd773a24454d38a76fd6b196cc2106426c9f3e8e507f21aa1,2024-02-29T13:49:29.390000 -CVE-2024-26608,0,0,fd5b8d093036c104b0be036f540b30a2e8d42249a8300763c5bff887616b5aa2,2024-03-11T18:15:18.953000 -CVE-2024-26609,0,0,5edb2d5589592a688951c418c6518b7a4581adff62f9111e7d8d6df666381da6,2024-03-11T18:15:19.010000 -CVE-2024-26610,0,0,84dbeab32c720e4975ed7bc823c87836bb692015019b80ce0a13cd51071c5a16,2024-03-11T18:15:19.067000 -CVE-2024-26611,0,0,55a4fad2c65012420d5e4f24fd81e9c9f1aff61728b14757b17f252a7e3dc379,2024-03-11T18:15:19.123000 -CVE-2024-26612,0,0,59ef74c840f5e78573ba31fe5d7edaafb89b883b58653b8bbfd04d3a87d50cf4,2024-03-11T18:15:19.170000 -CVE-2024-26613,0,0,fb23f604053865066a3c9d8982f50e4de8613caa38e417e2b338604def7e7d8a,2024-03-11T18:15:19.223000 -CVE-2024-26614,0,0,daf122eb760ecf6185a607ccc39ddb83c052c90dddd9b7c14620e57ecdc9bdcb,2024-03-11T18:15:19.280000 -CVE-2024-26615,0,0,e2714f167806f871c82c656fc4a4ad69cacc55b7d9ac60c0615860d6230d497b,2024-03-11T18:15:19.337000 -CVE-2024-26616,0,0,c20f4a5df1579867318b9677239d5c2a37e9bb60d885a474f2417c0c9adcddb3,2024-03-11T18:15:19.400000 -CVE-2024-26617,0,0,c7363c0492533ec6009828d2bb60712339bb0c62cc86b447d83e1408fc8071f4,2024-03-11T18:15:19.457000 -CVE-2024-26618,0,0,0a87a6bf272e7c9d9cac3b2ca577337cddbed85104d999ac433e414e0aa2ebcf,2024-03-11T18:15:19.510000 -CVE-2024-26619,0,0,c377d640c384437eb85cc6c65468d766cb060205965c207673e61805cdc71835,2024-03-11T18:15:19.563000 -CVE-2024-26620,0,0,cbc945e86b2361436d14323c20dc1e4355a2351287d13a1249ef8f6a554fde37,2024-03-11T18:15:19.613000 +CVE-2024-26608,0,1,85f26a8f7fae30a88dc007823095841d57fd69cdf5b93527544152c0c3c11712,2024-03-12T12:40:13.500000 +CVE-2024-26609,0,1,eba52c1ed17b7c8e6fdbc8e74f6dcae3f10c0a54b31264558f9d09c22050a68b,2024-03-12T14:15:07.133000 +CVE-2024-26610,0,1,0dd4550daef3a0629c6ad53a0a5bb3eb8f5a6c18acb4f14d0921c300a81962a2,2024-03-12T12:40:13.500000 +CVE-2024-26611,0,1,f5f8014c0e69bcecfc82fb6ddb784269feb2e65f820ec263e9cce416d0ed93c1,2024-03-12T12:40:13.500000 +CVE-2024-26612,0,1,8aed1fb02f1716120a0022f10f4a714d68db0d4b4d2925de3b8f6beea867331c,2024-03-12T12:40:13.500000 +CVE-2024-26613,0,1,9c21d59a031359f7ae8bda7d354e38c722398af816f84698954e197439d47726,2024-03-12T14:15:07.310000 +CVE-2024-26614,0,1,c971f1c1755edec55600b626a96d6e54303ebabc78f060bd894cf63f3fd56aab,2024-03-12T12:40:13.500000 +CVE-2024-26615,0,1,00b44cd15cd9b5b12d97c4ad0c3c0f7243cbe5cd7f67c373530fb7d64deaafc3,2024-03-12T12:40:13.500000 +CVE-2024-26616,0,1,69909e1c3ebcb894022c9b1adf7dee46db599666dffe34d340bb7290b5dce361,2024-03-12T12:40:13.500000 +CVE-2024-26617,0,1,98f25d07957e43a68ce783dc66385cb1d945d9b9e46d62254cc9fb65f4260d30,2024-03-12T12:40:13.500000 +CVE-2024-26618,0,1,b4ee02e43411773445d9502213c0c8ee13dbb28e9adadb6062e2443b8f28756e,2024-03-12T12:40:13.500000 +CVE-2024-26619,0,1,4bc519bd153c025ad692ee69af117d5945ba0b94f5c3e5862c457953e2f5d4bd,2024-03-12T12:40:13.500000 +CVE-2024-26620,0,1,80563616408219b46d43eee5ccdc785e61822b56ce7e61a910cff65876874c46,2024-03-12T12:40:13.500000 CVE-2024-26621,0,0,eba0c21ed3ef4cfa6360555e22a44f48e6f6b17a1f446df92f554dd254f62ab7,2024-03-06T23:15:07.297000 CVE-2024-26622,0,0,0a20ab4397987085009b8061821a95b61d2693e95e945ba93e14b50217e13eb7,2024-03-11T18:15:19.673000 CVE-2024-26623,0,0,5692b1c30d07fd10d73a2d8d099143935e519ebf33db10f9328fbf12228012a8,2024-03-06T15:18:08.093000 @@ -240922,7 +240934,7 @@ CVE-2024-27093,0,0,2adc536c19af535e2a03a5b98ba4818457cc5a617ec41b1d012943c718349 CVE-2024-27099,0,0,175d10b027dcaefa30f4f3d08f108961158696c2e68858dfb01ba6e05070217d,2024-02-28T14:06:45.783000 CVE-2024-27101,0,0,5e1cdb7fd021f767632e89261ae8cd71ddf2db43a5c2430745ab100b28a7d944,2024-03-01T22:22:25.913000 CVE-2024-27103,0,0,ba41469ea697f39b66b49d222d300153b0a74c2fb1fbae161829f573b3ab98cc,2024-02-29T13:49:47.277000 -CVE-2024-27121,0,0,75f49cfe4a229f6546130b0064f10aa566c5ff6169cc2093dd3f8b9bc60b00c8,2024-03-12T08:15:45.413000 +CVE-2024-27121,0,1,9ff77f57a33b5e7894f52bbf3c39c57fbfb06ac4fc9de183cada29d2e4e25cb4,2024-03-12T12:40:13.500000 CVE-2024-27132,0,0,3211e33e39363e184b8550fc16d833a0f590c8e4cd3ef270e1d091501b93f80e,2024-02-26T13:42:22.567000 CVE-2024-27133,0,0,1abfe171f722b9df6ead5b24935068c395a52a06c146ec300701d2b7e86523ce,2024-02-26T13:42:22.567000 CVE-2024-27138,0,0,1ec0ded3b41c12b07651e921188be783731716c54fb55c30f65f5b3e8197e8cc,2024-03-01T22:22:25.913000 @@ -240930,38 +240942,38 @@ CVE-2024-27139,0,0,66ddd9efc34252e5e972ac0e5a31e042faa3995b86c5ae6f0f108c10e1d7b CVE-2024-27140,0,0,34daddef6e0d13f2bea16bc1184887cdd01053137a36a3bc5699d2875c449127,2024-03-01T22:22:25.913000 CVE-2024-27198,0,0,e4259fe3d4611134ab5dfb0d4f88f5b563c21b8238f30b4253811838ad004753,2024-03-11T15:15:47.483000 CVE-2024-27199,0,0,3dd3bfb58b796a8c7735f0a6f342852f32998fc13795786d35eb3d4375df0417,2024-03-11T15:15:47.663000 -CVE-2024-27204,0,0,824209b6e9ba470551c63e3d3d81a08ab679d34202c3f3f5916084eff37ad745,2024-03-11T19:15:47.930000 -CVE-2024-27205,0,0,21b986f37fa2e8c4df712a0552119440cd4a6314ff7f4b19fc00174982caf0b1,2024-03-11T19:15:47.977000 -CVE-2024-27206,0,0,2103573414ee19bb9c7ebb35385d2ea9706e79e011c742fcc090d8a141ef03bf,2024-03-11T19:15:48.020000 -CVE-2024-27207,0,0,66bd21b251acb24164ef2e7ea08fbf76aae38b42f2e35a23032517537b813be8,2024-03-11T20:15:07.090000 -CVE-2024-27208,0,0,5c3466a9b81e5fff7160138c3417a94c41eb95f508f4229480f9baad77b094b4,2024-03-11T19:15:48.107000 -CVE-2024-27209,0,0,61f7901a575a445fbb10ff4a0ab07fc9b192a7c83a695674b0663d0cd049c420,2024-03-11T19:15:48.160000 -CVE-2024-27210,0,0,2bd436b550fbe76b4828b60f270f46944f2c7dda412c82bff13c64aa30e6430c,2024-03-11T19:15:48.200000 -CVE-2024-27211,0,0,c1191de0809b223fca72ae941a378c862efcf40de51620512bdd567502e5a9df,2024-03-11T19:15:48.247000 -CVE-2024-27212,0,0,c43ad32f935f60a51c45cc36e9a8b625c9a51c5add7e48b713d38ed5e86c7bb6,2024-03-11T19:15:48.290000 -CVE-2024-27213,0,0,03c341f084fce516200404f6cfa6d04f0c70c178b8fba117a9074592a21abf64,2024-03-11T19:15:48.333000 +CVE-2024-27204,0,1,2f9f2ac2078c33addc2c698f165f7aff9339fcf3fa26f2cdd29a6de3328c8c2a,2024-03-12T12:40:13.500000 +CVE-2024-27205,0,1,73f9b9e86c11b7de9003150a8798345ef41b3ad8d27b08882b0bc509c1ccfa11,2024-03-12T12:40:13.500000 +CVE-2024-27206,0,1,92c68e185929db03b8d5dc4439eb17923fa5f8f16aed00c4c17b3a554628d54c,2024-03-12T12:40:13.500000 +CVE-2024-27207,0,1,9ee5e2121cb05738b6e4864a34c3fc640f52d01b72d48c5b86ec6c558cf53130,2024-03-12T12:40:13.500000 +CVE-2024-27208,0,1,0e772defc98dc91b42f9859d11e903e359962e4706a8f997f3911336bb8edae6,2024-03-12T12:40:13.500000 +CVE-2024-27209,0,1,b1ca0728e05d59c301601f36d7c5c974016de1a5ad658e12ce969aee01b8ee63,2024-03-12T12:40:13.500000 +CVE-2024-27210,0,1,2c2c18b850fd980b72c6b79f26d41312bff65d3625d7c21f383d0ec8942ab28f,2024-03-12T12:40:13.500000 +CVE-2024-27211,0,1,2bfc5310379854b3ad1b40a4f30638246c27b2f4f7578164bb10135926f76622,2024-03-12T12:40:13.500000 +CVE-2024-27212,0,1,36f6aca46790973f1506b0389863d8a4153b92351edbe9ddec3d7705bb23e9cc,2024-03-12T12:40:13.500000 +CVE-2024-27213,0,1,33892e4d94d0b54e6d4249626fe053cc0b69e36c215b31fa7aad394b0392111e,2024-03-12T12:40:13.500000 CVE-2024-27215,0,0,651ced2c4948681508a9ad090546fd018840608eea0c7482bdd7848315ac417f,2024-02-21T18:15:52.060000 -CVE-2024-27218,0,0,a236b632a2aa002560982ee2fcebf0b8d15ed0fbb62beec1352a77ee182b13bb,2024-03-11T19:15:48.380000 -CVE-2024-27219,0,0,e78ab0ea8943a03430f4e2554a61777cdcad07704c3e2eb6adaadb83aeaf49f4,2024-03-11T19:15:48.423000 -CVE-2024-27220,0,0,ae7914dca545aa12d673285dc2b4ea6cde6e964c6435268aed8d7e17c22effad,2024-03-11T19:15:48.470000 -CVE-2024-27221,0,0,4d8e7e5e726bb9fee100153fa0c5d5b7e3d89796416f05a4afe0fdb21afdbd7a,2024-03-11T19:15:48.513000 -CVE-2024-27222,0,0,ff7739836f61380f5264fd6a30a21e1e40dc2117936cf4eba96e6c91793fbbb9,2024-03-11T19:15:48.560000 -CVE-2024-27223,0,0,c9252fd292973e8286614474bf8d5b60c5c0c39a521b624a9063dcda9dc9053a,2024-03-11T19:15:48.603000 -CVE-2024-27224,0,0,f168c98e661174930a9ebf515ace3a4f984cdd3a3b42c1b7bc24d8fe1afa5e41,2024-03-11T19:15:48.647000 -CVE-2024-27225,0,0,d37995bba00c59b1bb5527ed615f498fcf485bce505677152e600ef89a11719d,2024-03-11T19:15:48.693000 -CVE-2024-27226,0,0,b5c55e32c69a54e7db76c6bca2b37f2633a42147b4c19e52d7f6ccdab12461af,2024-03-11T19:15:48.737000 -CVE-2024-27227,0,0,cf39bcc17992e1f390364b159848486f290b1dd25d345367db152dcee8bfe11f,2024-03-11T20:15:07.137000 -CVE-2024-27228,0,0,bc9ab05120f5c79221abc807afeb677d440a6a97c101129fcdf9ef5f9fc2672f,2024-03-11T19:15:48.827000 -CVE-2024-27229,0,0,67c4acb2995c43da4f01f93ae6334c8559cf21aa1551e9e1895d15dde882ad51,2024-03-11T19:15:48.873000 -CVE-2024-27230,0,0,4f1f2d2153776ed5ed98a9e562d54ced7dc27861a96ae74576e37e3fa343b6e4,2024-03-11T19:15:48.920000 -CVE-2024-27233,0,0,eafb788de644bbe48248352ce855f8d67f92c631325eae857ceafed04d674dc9,2024-03-11T19:15:48.963000 -CVE-2024-27234,0,0,827c9d6dace72ad075eba6081b9a38dd5b71d2b454a21df757ad3aac74322bb3,2024-03-11T19:15:49.010000 -CVE-2024-27235,0,0,dde9ac25e3dc28ca1eb542e7721afb29f428c971e5de3c7b52f8a95c0a5d34fe,2024-03-11T19:15:49.057000 -CVE-2024-27236,0,0,282b94bf5a7d0d2e513a4bf96e41fe02f99a50dc299b4c04b5b554698e6d9893,2024-03-11T19:15:49.100000 -CVE-2024-27237,0,0,6e6c1327fba165e84802328ddd95f3b756fd6dd1ae76c621cb6fa8e9149e0d13,2024-03-11T19:15:49.143000 +CVE-2024-27218,0,1,e8e076c6f1be511469743c55f5520043221ec4ac52cf0cad673fa854cf17b8c7,2024-03-12T12:40:13.500000 +CVE-2024-27219,0,1,7a0a76842ad14d87eee010cdcc49f2a5889b1688d4e2b22f53088926c2436c2a,2024-03-12T12:40:13.500000 +CVE-2024-27220,0,1,5f24311eb2f1d1f3f9eec577747c37d8cb4c7b1dd572629cade6643c4bb6eca7,2024-03-12T12:40:13.500000 +CVE-2024-27221,0,1,098d79d15543b0aadfc8d9223406a3f0c5fbab8ad41ffb78cd7285b5d10fa2e5,2024-03-12T12:40:13.500000 +CVE-2024-27222,0,1,4d7014f731a9b273fc3bdf911c925709a4272fe6575a06a86054132ac7e23a36,2024-03-12T12:40:13.500000 +CVE-2024-27223,0,1,4f505b92cfc1a725e594f3cba3161995256af8862e1e2c55e5a7ad6151582714,2024-03-12T12:40:13.500000 +CVE-2024-27224,0,1,eb3b7e9fba73da87cb869e75d6ad938ecefbe63ecda00bd904cf2b43a7f9750d,2024-03-12T12:40:13.500000 +CVE-2024-27225,0,1,945d467e9a60d6d98091098d2a3dab32c3e81b0989d8123ad0a32d99839d5fef,2024-03-12T12:40:13.500000 +CVE-2024-27226,0,1,e8106abc781c0ff67f8830f3a3e440b3127704449799d594fecae225d2cc5320,2024-03-12T12:40:13.500000 +CVE-2024-27227,0,1,5638f870f79cece816fd68cde4125b94febfaef47664749c791752ea7755aba7,2024-03-12T12:40:13.500000 +CVE-2024-27228,0,1,b58e50cbc9088637a12568844da0ff0e86634785d339ec759875a3e1fa6b2956,2024-03-12T12:40:13.500000 +CVE-2024-27229,0,1,a723b1ad8491c1fc93802f8fecc343d9d1e4f0951b98a1a99f181cf2ba1aa848,2024-03-12T12:40:13.500000 +CVE-2024-27230,0,1,c7763bc0ef3ba362ff27028ad0a4ee6dc51f834ec1d74bc7b4e735a7089dbf69,2024-03-12T12:40:13.500000 +CVE-2024-27233,0,1,7b8043ee4b07bedf143f62926829193f3e94b62f5f4f2482d3d5d7a8d5b8b166,2024-03-12T12:40:13.500000 +CVE-2024-27234,0,1,3c37943874f6fa961c0722ff27eeaaa90af5bf119e771a7f4501c93ac13ff648,2024-03-12T12:40:13.500000 +CVE-2024-27235,0,1,7945730c880341828744b74178a4130752f96577b7b21da1564dd4f76d2e7515,2024-03-12T12:40:13.500000 +CVE-2024-27236,0,1,050a1052e26047f2e5d0b58d8351e3e856ec1c52f1b2daf95f02084addfb027c,2024-03-12T12:40:13.500000 +CVE-2024-27237,0,1,952387726c7567ea2371af0e500cab297b027867a108431eaa82a39745a31338,2024-03-12T12:40:13.500000 CVE-2024-27255,0,0,07d4523d50b3b6ceec1ed85c31e8859376bfd63a9732f2f4d2cf6e5b4c34b76b,2024-03-04T13:58:23.447000 CVE-2024-27278,0,0,2ef9546b6eb3a76ad70be700186038d995dd630654759ed72b9b3d10968f6d39,2024-03-06T15:18:08.093000 -CVE-2024-27279,1,1,1048abda2f15a4b6135ca6227ac9748ab11f73bad1afb3c2480ad66ccad09035,2024-03-12T09:15:10.070000 +CVE-2024-27279,0,1,a0a465925dfcee0f633443a4d3db070f2bf023c10d4135b020d1a0fbe76c5a4b,2024-03-12T12:40:13.500000 CVE-2024-27283,0,0,d0d6cc69e38ce7977029c4d3a011dff4f743808fa73bec6f0327124024522ffa,2024-02-22T19:07:27.197000 CVE-2024-27284,0,0,175f1326a6788bb22369d3d45f083399d573a3449ac45961b1b25c8fedd102cb,2024-02-29T13:49:29.390000 CVE-2024-27285,0,0,b841c234627c5270e595cda0ce9ff961da8dfede93f4e4fd350e864c6c175a71,2024-03-06T23:15:07.363000 @@ -240971,7 +240983,7 @@ CVE-2024-27289,0,0,47af4bc7cdfd8b932586f8ab9b118be2b9049675bb63c3d42c32ea7c51cb1 CVE-2024-27294,0,0,1e7e6995898095f1d685eff7bc88643d7927f9fb3d48787703721f8c8c06100b,2024-03-01T14:04:26.010000 CVE-2024-27295,0,0,7b61bc68a0e7596ec39f45cf16eb56847e1e2291e2b9c36b655d40907b3609d3,2024-03-01T22:22:25.913000 CVE-2024-27296,0,0,efeac0d0835ce5e895a91174ac6e0936bc76da32bc1ae41fcb14571a12d2985d,2024-03-01T22:22:25.913000 -CVE-2024-27297,0,0,12baf4f69a16e3a9085769a61c18918da91db5e71583d869fbef36b2fba203b8,2024-03-11T22:15:55.277000 +CVE-2024-27297,0,1,4adef5b6b344504047ea652a2ba40cd8b6a71ad7086f702d549e1a8bda9ad1af,2024-03-12T12:40:13.500000 CVE-2024-27298,0,0,1aaf802a3586818726ce977e3c4d8b52b79c9b45f43876bfaeae085dddddd041,2024-03-01T22:22:25.913000 CVE-2024-27302,0,0,f49f7cb8056f6127ae14fec0cfff2d0bf177dfba1318b206d31d7b548bf3e9f5,2024-03-06T21:42:48.053000 CVE-2024-27303,0,0,5bf58561ed507a70ca73108a11218e0be9a2a377c18b42118ebe9af756d8ec79,2024-03-06T21:42:48.053000 @@ -241042,16 +241054,17 @@ CVE-2024-27747,0,0,eda09f2b4b6af0e7dd609f89b3c49bd0b33e897e57a0119562f4261f2003f CVE-2024-27764,0,0,a6da085213081f41482d74001d5b27250ddae1567bc465fa0f4b1023f8322f06,2024-03-06T15:18:08.093000 CVE-2024-27765,0,0,c9283b485df441e5cf44e98a2bcaa6921e6b7ae7825314dc1fd3bb862197fb6e,2024-03-06T15:18:08.093000 CVE-2024-27889,0,0,a24eb09c70fc8e243900497cf84a2002dc9fb9fdcf0cc7381ab2bee2e01200d8,2024-03-05T13:41:01.900000 -CVE-2024-27900,0,0,3dbddeddcb80d3abc8bc72be714a2eaef381db51354a2393f9a881a8da10998f,2024-03-12T01:15:49.980000 -CVE-2024-27902,0,0,9d3ceda02c4908a2828b39e1d8a426c64ed6f51ac94f3df5bee5307b4491f773,2024-03-12T01:15:50.193000 +CVE-2024-27900,0,1,00f9885d5a06fec36b56a14fdc3be21ddc255c1561a408e91e09aee1b7ac8b37,2024-03-12T12:40:13.500000 +CVE-2024-27902,0,1,7aa835c5c3cccf2434107e43a6dd21c3ee48d8e6664a62d49734964bcc016141,2024-03-12T12:40:13.500000 CVE-2024-27905,0,0,c7138ee734428b73e57ef70bc0c3a87d66350c09e2b81d6d3c89882bb51a7608,2024-02-28T14:07:00.563000 CVE-2024-27906,0,0,ae9bda7656d6e7e0689cf95cd57f8618d70aeb9672c7e9157dbd08c58d363490,2024-02-29T13:49:29.390000 +CVE-2024-27907,1,1,2cf144af50787dc82429a23d2a0b2229478c7da13f6dc58aa9ace99a59b03722,2024-03-12T12:40:13.500000 CVE-2024-27913,0,0,4ab4f3916b8428dbf6a53f81f4240223329f17f5e9f63a6de1fd6dc690b5ff6a,2024-02-28T14:06:45.783000 CVE-2024-27915,0,0,e3ea2d621ba17649c82b1ac50772a17f6f4bcbc919f498c03dc3f90c544f5ce4,2024-03-06T21:42:48.053000 CVE-2024-27917,0,0,af242c2d21e7486c1314f58994d4b13c43efcfe28649da8aeb5e5a5a818348df,2024-03-06T21:42:48.053000 CVE-2024-27929,0,0,39502b4a24aeb4ce49408f96b15d6d1bf553bf86f106f7b47d0609503cbda65d,2024-03-06T22:15:57.473000 CVE-2024-27931,0,0,edca36e5744b6d31feb40b55ed56762c342a513bdb2558b00d26097669ed2360,2024-03-05T18:50:18.333000 -CVE-2024-27938,0,0,c8ca69ce2258bdddcda67deec477d574172f24f3b31129c18250836627bd67c3,2024-03-11T22:15:55.490000 +CVE-2024-27938,0,1,992243c7c9e4bac66f51bd7113f98af62b9886d66d4d9e32776474fa2dcd307d,2024-03-12T12:40:13.500000 CVE-2024-27948,0,0,67e156b37ac5c6da6ca4063513792c829bdbe8e804f7b01b28e54c9fc1c182b2,2024-02-29T13:49:47.277000 CVE-2024-27949,0,0,12ee9b935394b527d1677a59b517c94d0df067a0b32bfff31d7cb2be5b4b5d00,2024-03-01T14:04:26.010000 CVE-2024-27950,0,0,56d632dad56c45d949d3327de16e5b70b08683cea8ce7876ca8c59cc37ee8062,2024-03-01T14:04:04.827000 @@ -241065,7 +241078,7 @@ CVE-2024-28097,0,0,ad0a3d7a6b96970687d28d32c41921c3200422c4265f25f269de512c4cb80 CVE-2024-28110,0,0,0aa63c709bee34101fee09332c67840fa8b7d5aea01ed58b7f238cd7f26f2f87,2024-03-07T13:52:27.110000 CVE-2024-28111,0,0,ef109000cb681b8950a504435d888106cd334990070bd9ca1f33bba165c1974a,2024-03-07T13:52:27.110000 CVE-2024-28115,0,0,3e0e705412ec4ecfb9fabefcb95634cd838a6bf7c9c03087d677ba199986f693,2024-03-08T14:02:57.420000 -CVE-2024-28120,0,0,4613f1ac8a551507991d8653bc519be257b1eb177402e232f9525bbbf7446e2f,2024-03-11T22:15:55.707000 +CVE-2024-28120,0,1,1945ab744b479cd2a55b16e82913f94d84bcc236918a39e22cfe06aca7010c4c,2024-03-12T12:40:13.500000 CVE-2024-28122,0,0,3209f9a611aea4804720e8e5b4eeb3a02772982f302e787ac8040299af464092,2024-03-11T01:32:39.697000 CVE-2024-28149,0,0,bb1327eb2ceb44ae2cc8e952fde2f54b109f1740591e1ece1b912c644025402b,2024-03-06T21:42:54.697000 CVE-2024-28150,0,0,bd9c785686979f74fc956d3a9d80b65ba208ec849a10e17a7f0c9226761980a2,2024-03-06T21:42:54.697000 @@ -241081,16 +241094,16 @@ CVE-2024-28159,0,0,03ab5419913406dda33ba2555a6f6cb8daff27a74103bcc7559c9bf5674b1 CVE-2024-28160,0,0,56d3ee6a5af0d0e09e6c9aa1c04c5e7191044a0b97474702c1a3af2bea0d6256,2024-03-06T21:42:54.697000 CVE-2024-28161,0,0,a8b5439e973c7cdb8f91b0ae68db3c77b6c3c773d21694d3bca0cd7aa286762f,2024-03-06T21:42:54.697000 CVE-2024-28162,0,0,9f95dea899a301f3d7e776202ce6567032bc57cf37ea2c387cd5d210ccf05a4b,2024-03-06T21:42:54.697000 -CVE-2024-28163,0,0,b003bc050b980d7fa8bde2e9f70a0b9b560b968882bfe1f27a1c997f149e486a,2024-03-12T01:15:50.390000 +CVE-2024-28163,0,1,e6f158d88c83d394762ccab484b2ad85c85d5028e78ed16fd0744829e8f59484,2024-03-12T12:40:13.500000 CVE-2024-28173,0,0,e0fed71b03fa1080cdfc47a71a0b80da5e87b19e624557c11c0e172f4b2c098a,2024-03-06T21:42:54.697000 CVE-2024-28174,0,0,fa1674b985861bddf4d0ff5ab075ec0e4328a9665c668bfe339f9f0de580d6b1,2024-03-06T21:42:54.697000 CVE-2024-28176,0,0,5bb6d329167995170bd276a45554624691bdda8cbb6c83c2d08f42eba9f617aa,2024-03-11T01:32:39.697000 CVE-2024-28180,0,0,1e73ce45496cde15ab7710e8895a9f7d4caf4d2dcdb0d6de4d94afa753e9a64b,2024-03-11T01:32:39.697000 CVE-2024-28184,0,0,043b0bc7533d0fc96bb6df4be7b21b8477ffe807b0ac6ed0c4b06cf7d8241c3c,2024-03-11T01:32:39.697000 -CVE-2024-28187,0,0,6ad3874ba881443f641f39e3a3b8faab086575f93d3871aa198b7b52707f1e2f,2024-03-11T20:15:07.180000 -CVE-2024-28197,0,0,81a6695e3f35180411e9e1480d63884dec3c7546044011915077e5a9022c6f52,2024-03-11T20:15:07.420000 -CVE-2024-28198,0,0,b69b10822779767b360027621125c34db7967289e82c7e08b708ce0af64114c2,2024-03-11T20:15:07.643000 -CVE-2024-28199,0,0,a3be8fb6ebc7387ff885519fed0f6735e2c51f4746826102d87b5337e44f280f,2024-03-11T23:15:47.333000 +CVE-2024-28187,0,1,ac9aee9b90f5e80eaf35f8c7ff9228de1d46fc7e7981b3ae0d130073676ebc09,2024-03-12T12:40:13.500000 +CVE-2024-28197,0,1,e70c7d0bb2a78854377299eb50fe7994eaf82f7d86398ed826c936d249a753e2,2024-03-12T12:40:13.500000 +CVE-2024-28198,0,1,8816bcf1852d0abd4f85184964ff047a5ee5921e29485ae07c6ebc27fd66ef45,2024-03-12T12:40:13.500000 +CVE-2024-28199,0,1,5231113c7bbca70ece75822b236d9f7f6bc016001a14be8a22889155290ed75b,2024-03-12T12:40:13.500000 CVE-2024-28211,0,0,c1ed1ddd829861cccd703be6254c437e62099ef974f2a29a31d06b3aa407dda5,2024-03-07T13:52:27.110000 CVE-2024-28212,0,0,5a2751cb50b15d5c440d2b8966e76c727b56c2f7e1085394c9464fe62a449a7f,2024-03-07T13:52:27.110000 CVE-2024-28213,0,0,123dce2bcd1dc69568d6c5cbaff040ae81dbab0468f48456713cfbf9a03f5945,2024-03-07T13:52:27.110000 @@ -241101,6 +241114,8 @@ CVE-2024-28222,0,0,fc2bb6625872999de46c3fec787964c81811fbafba85fd6aa0a9c0c190c12 CVE-2024-28228,0,0,fafeac90b4103ecc037c0d15d4376f652ba43048a680a73a3c13807568e40859,2024-03-07T13:52:27.110000 CVE-2024-28229,0,0,7bfc3b59e790a5126732ec4d8d480f9938166a41475488b32e066c1e064ccb9f,2024-03-07T13:52:27.110000 CVE-2024-28230,0,0,3036aa70102b53b9cc695265dc4a11e5a4f5b8d26f6120835dbd1a9c3d93e7ec,2024-03-07T13:52:27.110000 +CVE-2024-28535,1,1,e58cd4aed3b61429b785fc6c45dd8d4a192a4b4494158a527e1448c1133f7de2,2024-03-12T13:15:49.690000 +CVE-2024-28553,1,1,a4257619fcea3176c16a6404a2dbfc6421fcd521ef70268e6cd89a5e43ef392b,2024-03-12T13:15:49.763000 CVE-2024-28753,0,0,73ca850c1b6879daba607bc61d7d16457b56173a47004b8bff799b514a526c36,2024-03-11T01:32:39.697000 CVE-2024-28754,0,0,9281349f951cf3fa92b3f484f1e5f3e3b9f20229dcabe6872ba34e9bebaf3b2c,2024-03-11T01:32:39.697000 CVE-2024-28757,0,0,2ea8a9bd701b62a4c7d927e860f5361b09b4376e3bc3bbb014ff5d4ca725cec6,2024-03-11T01:32:29.610000