Auto-Update: 2024-10-29T15:00:51.520398+00:00

CVE-1999/CVE-1999-00xx/CVE-1999-0006.json

@@ -2,7 +2,7 @@
   "id": "CVE-1999-0006",
   "sourceIdentifier": "cve@mitre.org",
   "published": "1998-07-14T04:00:00.000",
-  "lastModified": "2024-08-01T19:35:03.600",
+  "lastModified": "2024-10-29T14:35:00.930",
   "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
@@ -77,7 +77,7 @@
       "description": [
         {
           "lang": "en",
-          "value": "CWE-121"
+          "value": "CWE-125"
         }
       ]
     }

CVE-1999/CVE-1999-00xx/CVE-1999-0022.json

@@ -2,7 +2,7 @@
   "id": "CVE-1999-0022",
   "sourceIdentifier": "cve@mitre.org",
   "published": "1996-07-03T04:00:00.000",
-  "lastModified": "2024-08-01T20:35:03.600",
+  "lastModified": "2024-10-29T14:35:02.103",
   "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
@@ -77,7 +77,7 @@
       "description": [
         {
           "lang": "en",
-          "value": "CWE-121"
+          "value": "CWE-125"
         }
       ]
     }

CVE-1999/CVE-1999-00xx/CVE-1999-0036.json

@@ -2,7 +2,7 @@
   "id": "CVE-1999-0036",
   "sourceIdentifier": "cve@mitre.org",
   "published": "1997-05-26T04:00:00.000",
-  "lastModified": "2024-08-01T20:35:05.300",
+  "lastModified": "2024-10-29T14:35:02.970",
   "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
@@ -77,7 +77,7 @@
       "description": [
         {
           "lang": "en",
-          "value": "CWE-645"
+          "value": "CWE-434"
         }
       ]
     }

CVE-2003/CVE-2003-00xx/CVE-2003-0063.json

@@ -2,7 +2,7 @@
   "id": "CVE-2003-0063",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2003-03-03T05:00:00.000",
-  "lastModified": "2024-08-22T15:35:00.600",
+  "lastModified": "2024-10-29T14:35:03.790",
   "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
@@ -74,16 +74,6 @@
           "value": "NVD-CWE-Other"
         }
       ]
-    },
-    {
-      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
-      "type": "Secondary",
-      "description": [
-        {
-          "lang": "en",
-          "value": "CWE-150"
-        }
-      ]
     }
   ],
   "configurations": [

CVE-2017/CVE-2017-201xx/CVE-2017-20195.json

@@ -2,8 +2,8 @@
   "id": "CVE-2017-20195",
   "sourceIdentifier": "cna@vuldb.com",
   "published": "2024-10-29T12:15:02.917",
-  "lastModified": "2024-10-29T12:15:02.917",
+  "lastModified": "2024-10-29T14:34:04.427",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {

CVE-2017/CVE-2017-98xx/CVE-2017-9855.json

@@ -2,7 +2,7 @@
   "id": "CVE-2017-9855",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2017-08-05T17:29:00.553",
-  "lastModified": "2024-08-05T18:15:29.867",
+  "lastModified": "2024-10-29T14:35:04.070",
   "vulnStatus": "Modified",
   "cveTags": [
     {
@@ -110,7 +110,7 @@
       "description": [
         {
           "lang": "en",
-          "value": "CWE-284"
+          "value": "CWE-863"
         }
       ]
     }

CVE-2018/CVE-2018-143xx/CVE-2018-14335.json

@@ -2,7 +2,7 @@
   "id": "CVE-2018-14335",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2018-07-24T13:29:00.603",
-  "lastModified": "2024-08-01T13:41:39.203",
+  "lastModified": "2024-10-29T14:35:05.543",
   "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
@@ -103,7 +103,7 @@
       "description": [
         {
           "lang": "en",
-          "value": "CWE-277"
+          "value": "CWE-276"
         }
       ]
     }

CVE-2020/CVE-2020-143xx/CVE-2020-14318.json

@@ -2,7 +2,7 @@
   "id": "CVE-2020-14318",
   "sourceIdentifier": "secalert@redhat.com",
   "published": "2020-12-03T16:15:12.077",
-  "lastModified": "2024-07-03T01:36:17.507",
+  "lastModified": "2024-10-29T14:35:06.523",
   "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
@@ -104,16 +104,6 @@
           "value": "CWE-269"
         }
       ]
-    },
-    {
-      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
-      "type": "Secondary",
-      "description": [
-        {
-          "lang": "en",
-          "value": "CWE-266"
-        }
-      ]
     }
   ],
   "configurations": [

CVE-2020/CVE-2020-229xx/CVE-2020-22916.json

@@ -2,7 +2,7 @@
   "id": "CVE-2020-22916",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2023-08-22T19:16:19.407",
-  "lastModified": "2024-08-04T15:15:49.027",
+  "lastModified": "2024-10-29T14:35:06.790",
   "vulnStatus": "Modified",
   "cveTags": [
     {
@@ -43,6 +43,26 @@
         },
         "exploitabilityScore": 1.8,
         "impactScore": 3.6
+      },
+      {
+        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH",
+          "baseScore": 5.5,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 1.8,
+        "impactScore": 3.6
       }
     ]
   },

CVE-2020/CVE-2020-85xx/CVE-2020-8549.json

@@ -2,7 +2,7 @@
   "id": "CVE-2020-8549",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2020-02-03T17:15:17.250",
-  "lastModified": "2022-04-08T10:32:50.943",
+  "lastModified": "2024-10-29T14:02:29.840",
   "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
@@ -85,9 +85,9 @@
           "cpeMatch": [
             {
               "vulnerable": true,
-              "criteria": "cpe:2.3:a:machothemes:strong_testimonials:*:*:*:*:*:wordpress:*:*",
+              "criteria": "cpe:2.3:a:wpchill:strong_testimonials:*:*:*:*:*:wordpress:*:*",
               "versionEndExcluding": "2.40.1",
-              "matchCriteriaId": "B76F84AF-6616-4881-B568-6E6EF605ABE6"
+              "matchCriteriaId": "D190BB57-9043-4262-B8EB-60EBAB0F8E40"
             }
           ]
         }

CVE-2021/CVE-2021-373xx/CVE-2021-37386.json

@@ -2,7 +2,7 @@
   "id": "CVE-2021-37386",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2023-07-17T17:15:09.377",
-  "lastModified": "2023-08-22T22:15:08.200",
+  "lastModified": "2024-10-29T14:35:07.070",
   "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
@@ -32,6 +32,26 @@
         },
         "exploitabilityScore": 1.7,
         "impactScore": 5.3
+      },
+      {
+        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "HIGH",
+          "baseScore": 7.5,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 1.7,
+        "impactScore": 5.3
       }
     ]
   },
@@ -45,6 +65,16 @@
           "value": "CWE-79"
         }
       ]
+    },
+    {
+      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
     }
   ],
   "configurations": [

CVE-2021/CVE-2021-408xx/CVE-2021-40812.json

@@ -2,7 +2,7 @@
   "id": "CVE-2021-40812",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2021-09-08T21:15:14.083",
-  "lastModified": "2024-04-07T01:17:53.437",
+  "lastModified": "2024-10-29T14:35:07.913",
   "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
@@ -36,6 +36,26 @@
         },
         "exploitabilityScore": 2.8,
         "impactScore": 3.6
+      },
+      {
+        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH",
+          "baseScore": 6.5,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.6
       }
     ],
     "cvssMetricV2": [
@@ -74,6 +94,16 @@
           "value": "CWE-125"
         }
       ]
+    },
+    {
+      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-125"
+        }
+      ]
     }
   ],
   "configurations": [

CVE-2021/CVE-2021-426xx/CVE-2021-42694.json

@@ -2,7 +2,7 @@
   "id": "CVE-2021-42694",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2021-11-01T04:15:08.043",
-  "lastModified": "2024-08-04T04:16:06.790",
+  "lastModified": "2024-10-29T14:35:08.773",
   "vulnStatus": "Modified",
   "cveTags": [
     {
@@ -108,7 +108,7 @@
       "description": [
         {
           "lang": "en",
-          "value": "CWE-1007"
+          "value": "CWE-94"
         }
       ]
     }

CVE-2021/CVE-2021-469xx/CVE-2021-46920.json

@@ -2,8 +2,8 @@
   "id": "CVE-2021-46920",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-02-27T07:15:08.987",
-  "lastModified": "2024-04-10T14:52:39.323",
+  "lastModified": "2024-10-29T14:35:10.437",
-  "vulnStatus": "Analyzed",
+  "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
     {
@@ -36,6 +36,26 @@
         },
         "exploitabilityScore": 1.8,
         "impactScore": 3.6
+      },
+      {
+        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE",
+          "baseScore": 5.5,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 1.8,
+        "impactScore": 3.6
       }
     ]
   },

CVE-2021/CVE-2021-469xx/CVE-2021-46925.json

@@ -2,8 +2,8 @@
   "id": "CVE-2021-46925",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-02-27T10:15:07.237",
-  "lastModified": "2024-04-10T15:22:29.233",
+  "lastModified": "2024-10-29T14:35:10.930",
-  "vulnStatus": "Analyzed",
+  "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
     {
@@ -36,6 +36,26 @@
         },
         "exploitabilityScore": 1.0,
         "impactScore": 3.6
+      },
+      {
+        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
+          "attackVector": "LOCAL",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH",
+          "baseScore": 4.7,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 1.0,
+        "impactScore": 3.6
       }
     ]
   },
@@ -49,6 +69,16 @@
           "value": "CWE-362"
         }
       ]
+    },
+    {
+      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-362"
+        }
+      ]
     }
   ],
   "configurations": [

CVE-2022/CVE-2022-314xx/CVE-2022-31456.json

@@ -2,7 +2,7 @@
   "id": "CVE-2022-31456",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2023-07-26T20:15:12.380",
-  "lastModified": "2023-11-07T03:47:37.840",
+  "lastModified": "2024-10-29T14:35:12.093",
   "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
@@ -36,6 +36,26 @@
         },
         "exploitabilityScore": 2.8,
         "impactScore": 2.7
+      },
+      {
+        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 6.1,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 2.7
       }
     ]
   },

CVE-2022/CVE-2022-424xx/CVE-2022-42451.json

@@ -2,8 +2,8 @@
   "id": "CVE-2022-42451",
   "sourceIdentifier": "psirt@hcl.com",
   "published": "2023-10-11T06:15:09.387",
-  "lastModified": "2023-10-23T15:02:36.410",
+  "lastModified": "2024-10-29T14:35:12.397",
-  "vulnStatus": "Analyzed",
+  "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
     {
@@ -56,6 +56,26 @@
         },
         "exploitabilityScore": 1.5,
         "impactScore": 2.7
+      },
+      {
+        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 4.6,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 1.5,
+        "impactScore": 2.7
       }
     ]
   },

CVE-2022/CVE-2022-443xx/CVE-2022-44349.json

@@ -2,8 +2,8 @@
   "id": "CVE-2022-44349",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2023-09-01T10:15:07.677",
-  "lastModified": "2023-09-06T20:58:14.480",
+  "lastModified": "2024-10-29T14:35:12.720",
-  "vulnStatus": "Analyzed",
+  "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
     {
@@ -36,6 +36,26 @@
         },
         "exploitabilityScore": 2.3,
         "impactScore": 2.7
+      },
+      {
+        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 5.4,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.3,
+        "impactScore": 2.7
       }
     ]
   },

CVE-2022/CVE-2022-467xx/CVE-2022-46722.json

@@ -2,8 +2,8 @@
   "id": "CVE-2022-46722",
   "sourceIdentifier": "product-security@apple.com",
   "published": "2023-08-14T23:15:10.303",
-  "lastModified": "2023-08-19T00:43:34.500",
+  "lastModified": "2024-10-29T14:35:12.967",
-  "vulnStatus": "Analyzed",
+  "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
     {
@@ -36,6 +36,26 @@
         },
         "exploitabilityScore": 1.8,
         "impactScore": 3.6
+      },
+      {
+        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE",
+          "baseScore": 5.5,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 1.8,
+        "impactScore": 3.6
       }
     ]
   },

CVE-2022/CVE-2022-467xx/CVE-2022-46724.json

@@ -2,8 +2,8 @@
   "id": "CVE-2022-46724",
   "sourceIdentifier": "product-security@apple.com",
   "published": "2023-08-14T23:15:10.360",
-  "lastModified": "2023-08-19T00:43:43.330",
+  "lastModified": "2024-10-29T14:35:13.290",
-  "vulnStatus": "Analyzed",
+  "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
     {
@@ -36,6 +36,26 @@
         },
         "exploitabilityScore": 0.9,
         "impactScore": 1.4
+      },
+      {
+        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
+          "attackVector": "PHYSICAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE",
+          "baseScore": 2.4,
+          "baseSeverity": "LOW"
+        },
+        "exploitabilityScore": 0.9,
+        "impactScore": 1.4
       }
     ]
   },
@@ -49,6 +69,16 @@
           "value": "NVD-CWE-noinfo"
         }
       ]
+    },
+    {
+      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-203"
+        }
+      ]
     }
   ],
   "configurations": [

CVE-2022/CVE-2022-469xx/CVE-2022-46900.json

@@ -2,7 +2,7 @@
   "id": "CVE-2022-46900",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2023-07-25T20:15:13.087",
-  "lastModified": "2023-08-08T13:15:09.817",
+  "lastModified": "2024-10-29T14:35:14.353",
   "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
@@ -32,6 +32,26 @@
         },
         "exploitabilityScore": 2.8,
         "impactScore": 3.6
+      },
+      {
+        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE",
+          "baseScore": 6.5,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.6
       }
     ]
   },

CVE-2023/CVE-2023-378xx/CVE-2023-37822.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-37822",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2024-10-03T18:15:04.443",
-  "lastModified": "2024-10-04T14:15:05.017",
+  "lastModified": "2024-10-29T14:47:05.997",
-  "vulnStatus": "Awaiting Analysis",
+  "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
     {
@@ -15,23 +15,100 @@
       "value": "Se descubri\u00f3 que Eufy HomeBase 2 modelo T8010X v3.2.8.3h utiliza el protocolo inal\u00e1mbrico obsoleto WPA2-PSK."
     }
   ],
-  "metrics": {},
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "nvd@nist.gov",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N",
+          "attackVector": "ADJACENT_NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 8.2,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 4.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "nvd@nist.gov",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-331"
+        }
+      ]
+    }
+  ],
+  "configurations": [
+    {
+      "operator": "AND",
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:eufy:homebase_2_firmware:*:*:*:*:*:*:*:*",
+              "versionEndExcluding": "3.3.4.1h",
+              "matchCriteriaId": "241B6040-EA43-462E-94D5-8F788B8B9612"
+            }
+          ]
+        },
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:eufy:homebase_2:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "731A91CE-0078-4D0E-B90B-D7D323ACC346"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "http://anker.com",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Product"
+      ]
     },
     {
       "url": "http://eufy.com",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Product"
+      ]
     },
     {
       "url": "https://www.usenix.org/conference/woot24/presentation/goeman",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Technical Description"
+      ]
     },
     {
       "url": "https://www.usenix.org/system/files/woot24-goeman.pdf",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Technical Description"
+      ]
     }
   ]
 }

CVE-2023/CVE-2023-521xx/CVE-2023-52123.json

@@ -2,7 +2,7 @@
   "id": "CVE-2023-52123",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2024-01-05T09:15:08.800",
-  "lastModified": "2024-01-11T14:28:17.513",
+  "lastModified": "2024-10-29T14:02:29.840",
   "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
@@ -80,9 +80,9 @@
           "cpeMatch": [
             {
               "vulnerable": true,
-              "criteria": "cpe:2.3:a:machothemes:strong_testimonials:*:*:*:*:*:wordpress:*:*",
+              "criteria": "cpe:2.3:a:wpchill:strong_testimonials:*:*:*:*:*:wordpress:*:*",
               "versionEndIncluding": "3.1.10",
-              "matchCriteriaId": "1E16AF02-B3B6-4BFE-B533-F19E3E7EDEB5"
+              "matchCriteriaId": "8EDDB770-D683-46AF-81A6-C4F0C06B52A6"
             }
           ]
         }

CVE-2024/CVE-2024-07xx/CVE-2024-0726.json

@@ -2,8 +2,8 @@
   "id": "CVE-2024-0726",
   "sourceIdentifier": "cna@vuldb.com",
   "published": "2024-01-19T18:15:08.350",
-  "lastModified": "2024-05-17T02:34:54.650",
+  "lastModified": "2024-10-29T13:15:26.867",
-  "vulnStatus": "Modified",
+  "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
     {
@@ -115,8 +115,8 @@
           "cpeMatch": [
             {
               "vulnerable": true,
-              "criteria": "cpe:2.3:a:yugeshverma:student_project_allocation_system:1.0:*:*:*:*:*:*:*",
+              "criteria": "cpe:2.3:a:projectworlds:student_project_allocation_system:1.0:*:*:*:*:*:*:*",
-              "matchCriteriaId": "308E559F-7023-4284-9154-DC8EA6930349"
+              "matchCriteriaId": "8A452D93-DCCE-4A81-8133-5BE96CCA6FF0"
             }
           ]
         }

CVE-2024/CVE-2024-100xx/CVE-2024-10000.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-10000",
   "sourceIdentifier": "security@wordfence.com",
   "published": "2024-10-29T06:15:13.333",
-  "lastModified": "2024-10-29T06:15:13.333",
+  "lastModified": "2024-10-29T14:34:04.427",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "The Masteriyo LMS \u2013 eLearning and Online Course Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the question's content parameter in all versions up to, and including, 1.13.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with student-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
+    },
+    {
+      "lang": "es",
+      "value": "El complemento Masteriyo LMS \u2013 eLearning and Online Course Builder for WordPress para WordPress es vulnerable a Cross Site Scripting almacenado a trav\u00e9s del par\u00e1metro de contenido de la pregunta en todas las versiones hasta la 1.13.3 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes autenticados, con acceso de nivel de estudiante y superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-100xx/CVE-2024-10008.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-10008",
   "sourceIdentifier": "security@wordfence.com",
   "published": "2024-10-29T06:15:13.743",
-  "lastModified": "2024-10-29T06:15:13.743",
+  "lastModified": "2024-10-29T14:34:04.427",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "The Masteriyo LMS \u2013 eLearning and Online Course Builder for WordPress plugin for WordPress is vulnerable to unauthorized user profile modification due to missing authorization checks on the /wp-json/masteriyo/v1/users/$id REST API endpoint in all versions up to, and including, 1.13.3. This makes it possible for authenticated attackers, with student-level access and above, to modify the roles of arbitrary users. As a result, attackers can escalate their privileges to the Administrator and demote existing administrators to students."
+    },
+    {
+      "lang": "es",
+      "value": "El complemento Masteriyo LMS \u2013 eLearning and Online Course Builder for WordPress para WordPress es vulnerable a modificaciones no autorizadas de perfiles de usuarios debido a la falta de comprobaciones de autorizaci\u00f3n en el endpoint de la API REST /wp-json/masteriyo/v1/users/$id en todas las versiones hasta la 1.13.3 incluida. Esto permite que atacantes autenticados, con acceso de nivel de estudiante y superior, modifiquen los roles de usuarios arbitrarios. Como resultado, los atacantes pueden escalar sus privilegios al nivel de Administrador y degradar a los administradores existentes al nivel de estudiantes."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-100xx/CVE-2024-10048.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-10048",
   "sourceIdentifier": "security@wordfence.com",
   "published": "2024-10-29T09:15:06.403",
-  "lastModified": "2024-10-29T09:15:06.403",
+  "lastModified": "2024-10-29T14:34:04.427",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "The Post Status Notifier Lite and Premium plugins for WordPress is vulnerable to Reflected Cross-Site Scripting via the \u2018page\u2019 parameter in all versions up to, and including, 1.11.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
+    },
+    {
+      "lang": "es",
+      "value": "Los complementos Post Status Notifier Lite y Premium para WordPress son vulnerables a ataques de Cross-Site Scripting reflejado a trav\u00e9s del par\u00e1metro 'page' en todas las versiones hasta la 1.11.6 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n, como hacer clic en un enlace."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-100xx/CVE-2024-10049.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-10049",
   "sourceIdentifier": "security@wordfence.com",
   "published": "2024-10-18T05:15:04.977",
-  "lastModified": "2024-10-18T12:52:33.507",
+  "lastModified": "2024-10-29T14:49:04.463",
-  "vulnStatus": "Awaiting Analysis",
+  "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "The Edit WooCommerce Templates plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the \u2018page\u2019 parameter in all versions up to, and including, 1.1.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
+    },
+    {
+      "lang": "es",
+      "value": "El complemento Edit WooCommerce Templates para WordPress es vulnerable a ataques de Cross-Site Scripting Reflejado a trav\u00e9s del par\u00e1metro 'page' en todas las versiones hasta la 1.1.2 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n, como hacer clic en un enlace."
     }
   ],
   "metrics": {
@@ -47,14 +51,38 @@
       ]
     }
   ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:edit_woocommerce_templates_project:edit_woocommerce_templates:*:*:*:*:*:*:*:*",
+              "versionEndIncluding": "1.1.2",
+              "matchCriteriaId": "2C47F560-A2D3-4D11-B33D-09C25F0BAE22"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://plugins.trac.wordpress.org/browser/woo-edit-templates/trunk/includes/list-table-theme-templates.php#L87",
-      "source": "security@wordfence.com"
+      "source": "security@wordfence.com",
+      "tags": [
+        "Broken Link"
+      ]
     },
     {
       "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3704b365-cbdf-4c74-9619-59f0a10e3c6a?source=cve",
-      "source": "security@wordfence.com"
+      "source": "security@wordfence.com",
+      "tags": [
+        "Third Party Advisory"
+      ]
     }
   ]
 }

CVE-2024/CVE-2024-101xx/CVE-2024-10181.json

@@ -2,8 +2,8 @@
   "id": "CVE-2024-10181",
   "sourceIdentifier": "security@wordfence.com",
   "published": "2024-10-29T12:15:03.433",
-  "lastModified": "2024-10-29T12:15:03.433",
+  "lastModified": "2024-10-29T14:34:04.427",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {

CVE-2024/CVE-2024-101xx/CVE-2024-10184.json

@@ -2,8 +2,8 @@
   "id": "CVE-2024-10184",
   "sourceIdentifier": "security@wordfence.com",
   "published": "2024-10-29T11:15:02.930",
-  "lastModified": "2024-10-29T11:15:02.930",
+  "lastModified": "2024-10-29T14:34:04.427",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {

CVE-2024/CVE-2024-101xx/CVE-2024-10185.json

@@ -2,8 +2,8 @@
   "id": "CVE-2024-10185",
   "sourceIdentifier": "security@wordfence.com",
   "published": "2024-10-29T11:15:03.167",
-  "lastModified": "2024-10-29T11:15:03.167",
+  "lastModified": "2024-10-29T14:34:04.427",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {

CVE-2024/CVE-2024-102xx/CVE-2024-10214.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-10214",
   "sourceIdentifier": "responsibledisclosure@mattermost.com",
   "published": "2024-10-28T15:15:04.020",
-  "lastModified": "2024-10-28T15:15:04.020",
+  "lastModified": "2024-10-29T14:34:50.257",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "Mattermost versions 9.11.X <= 9.11.1, 9.5.x <= 9.5.9 icorrectly issues two sessions when using desktop SSO - one in the browser and one in desktop with incorrect settings."
+    },
+    {
+      "lang": "es",
+      "value": "Las versiones 9.11.X &lt;= 9.11.1, 9.5.x &lt;= 9.5.9 de Mattermost emiten incorrectamente dos sesiones al usar SSO de escritorio: una en el navegador y otra en el escritorio con configuraciones incorrectas."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-102xx/CVE-2024-10226.json

@@ -0,0 +1,64 @@
+{
+  "id": "CVE-2024-10226",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2024-10-29T14:15:06.170",
+  "lastModified": "2024-10-29T14:34:04.427",
+  "vulnStatus": "Awaiting Analysis",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Arconix Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'box' shortcode in all versions up to, and including, 2.1.13 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 6.4,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 3.1,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset/3176718/",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://wordpress.org/plugins/arconix-shortcodes/#developers",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/94bae97d-2959-4ace-992d-1f4b1ccc8c3b?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-102xx/CVE-2024-10227.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-10227",
   "sourceIdentifier": "security@wordfence.com",
   "published": "2024-10-29T10:15:03.183",
-  "lastModified": "2024-10-29T10:15:03.183",
+  "lastModified": "2024-10-29T14:34:04.427",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "The affiliate-toolkit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's atkp_product shortcode in all versions up to, and including, 3.6.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
+    },
+    {
+      "lang": "es",
+      "value": "El complemento affiliate-toolkit para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del c\u00f3digo abreviado atkp_product del complemento en todas las versiones hasta la 3.6.5 incluida, debido a una desinfecci\u00f3n de entrada insuficiente y al escape de salida en los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-102xx/CVE-2024-10233.json

@@ -2,8 +2,8 @@
   "id": "CVE-2024-10233",
   "sourceIdentifier": "security@wordfence.com",
   "published": "2024-10-29T11:15:03.377",
-  "lastModified": "2024-10-29T11:15:03.377",
+  "lastModified": "2024-10-29T14:34:04.427",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {

CVE-2024/CVE-2024-102xx/CVE-2024-10241.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-10241",
   "sourceIdentifier": "responsibledisclosure@mattermost.com",
   "published": "2024-10-29T08:15:11.990",
-  "lastModified": "2024-10-29T08:15:11.990",
+  "lastModified": "2024-10-29T14:34:04.427",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "Mattermost versions 9.5.x <= 9.5.9 fail to properly filter the channel data when ElasticSearch is enabled which allows a user to get\u00a0private channel names by using cmd+K/ctrl+K."
+    },
+    {
+      "lang": "es",
+      "value": "Las versiones 9.5.x &lt;= 9.5.9 de Mattermost no pueden filtrar correctamente los datos del canal cuando ElasticSearch est\u00e1 habilitado, lo que permite que un usuario obtenga nombres de canales privados mediante cmd+K/ctrl+K."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-102xx/CVE-2024-10266.json

@@ -2,8 +2,8 @@
   "id": "CVE-2024-10266",
   "sourceIdentifier": "security@wordfence.com",
   "published": "2024-10-29T11:15:03.590",
-  "lastModified": "2024-10-29T11:15:03.590",
+  "lastModified": "2024-10-29T14:34:04.427",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {

CVE-2024/CVE-2024-103xx/CVE-2024-10312.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-10312",
   "sourceIdentifier": "security@wordfence.com",
   "published": "2024-10-29T08:15:12.330",
-  "lastModified": "2024-10-29T08:15:12.330",
+  "lastModified": "2024-10-29T14:34:04.427",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.7.4 via the render function in elements/tabs/tabs.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft template data."
+    },
+    {
+      "lang": "es",
+      "value": "El complemento Exclusive Addons for Elementor para WordPress es vulnerable a la exposici\u00f3n de informaci\u00f3n confidencial en todas las versiones hasta la 2.7.4 incluida a trav\u00e9s de la funci\u00f3n de renderizado en elements/tabs/tabs.php. Esto permite que atacantes autenticados, con acceso de nivel de colaborador y superior, extraigan datos confidenciales de plantillas privadas, pendientes y en borrador."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-103xx/CVE-2024-10360.json

@@ -2,8 +2,8 @@
   "id": "CVE-2024-10360",
   "sourceIdentifier": "security@wordfence.com",
   "published": "2024-10-29T11:15:03.797",
-  "lastModified": "2024-10-29T11:15:03.797",
+  "lastModified": "2024-10-29T14:34:04.427",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {

CVE-2024/CVE-2024-104xx/CVE-2024-10423.json

@@ -2,8 +2,8 @@
   "id": "CVE-2024-10423",
   "sourceIdentifier": "cna@vuldb.com",
   "published": "2024-10-27T18:15:03.323",
-  "lastModified": "2024-10-29T00:08:57.757",
+  "lastModified": "2024-10-29T13:11:44.690",
-  "vulnStatus": "Undergoing Analysis",
+  "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
     {
@@ -66,19 +66,19 @@
         "type": "Primary",
         "cvssData": {
           "version": "3.1",
-          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
           "attackVector": "NETWORK",
           "attackComplexity": "LOW",
-          "privilegesRequired": "LOW",
+          "privilegesRequired": "NONE",
           "userInteraction": "NONE",
           "scope": "UNCHANGED",
           "confidentialityImpact": "HIGH",
           "integrityImpact": "HIGH",
           "availabilityImpact": "HIGH",
-          "baseScore": 8.8,
+          "baseScore": 9.8,
-          "baseSeverity": "HIGH"
+          "baseSeverity": "CRITICAL"
         },
-        "exploitabilityScore": 2.8,
+        "exploitabilityScore": 3.9,
         "impactScore": 5.9
       },
       {
@@ -149,8 +149,8 @@
           "cpeMatch": [
             {
               "vulnerable": true,
-              "criteria": "cpe:2.3:a:yugeshverma:student_project_allocation_system:1.0:*:*:*:*:*:*:*",
+              "criteria": "cpe:2.3:a:projectworlds:student_project_allocation_system:1.0:*:*:*:*:*:*:*",
-              "matchCriteriaId": "308E559F-7023-4284-9154-DC8EA6930349"
+              "matchCriteriaId": "8A452D93-DCCE-4A81-8133-5BE96CCA6FF0"
             }
           ]
         }

CVE-2024/CVE-2024-104xx/CVE-2024-10424.json

@@ -2,8 +2,8 @@
   "id": "CVE-2024-10424",
   "sourceIdentifier": "cna@vuldb.com",
   "published": "2024-10-27T19:15:04.273",
-  "lastModified": "2024-10-29T00:45:01.377",
+  "lastModified": "2024-10-29T13:11:42.527",
-  "vulnStatus": "Undergoing Analysis",
+  "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
     {
@@ -149,8 +149,8 @@
           "cpeMatch": [
             {
               "vulnerable": true,
-              "criteria": "cpe:2.3:a:yugeshverma:student_project_allocation_system:1.0:*:*:*:*:*:*:*",
+              "criteria": "cpe:2.3:a:projectworlds:student_project_allocation_system:1.0:*:*:*:*:*:*:*",
-              "matchCriteriaId": "308E559F-7023-4284-9154-DC8EA6930349"
+              "matchCriteriaId": "8A452D93-DCCE-4A81-8133-5BE96CCA6FF0"
             }
           ]
         }

CVE-2024/CVE-2024-104xx/CVE-2024-10425.json

@@ -2,7 +2,7 @@
   "id": "CVE-2024-10425",
   "sourceIdentifier": "cna@vuldb.com",
   "published": "2024-10-27T19:15:04.537",
-  "lastModified": "2024-10-29T00:57:33.760",
+  "lastModified": "2024-10-29T13:14:31.863",
   "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
@@ -159,8 +159,8 @@
           "cpeMatch": [
             {
               "vulnerable": true,
-              "criteria": "cpe:2.3:a:phpgurukul:student_project_allocation_system:1.0:*:*:*:*:*:*:*",
+              "criteria": "cpe:2.3:a:projectworlds:student_project_allocation_system:1.0:*:*:*:*:*:*:*",
-              "matchCriteriaId": "B00C5204-6D74-4935-8F56-F043D6701BE6"
+              "matchCriteriaId": "8A452D93-DCCE-4A81-8133-5BE96CCA6FF0"
             }
           ]
         }

CVE-2024/CVE-2024-104xx/CVE-2024-10436.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-10436",
   "sourceIdentifier": "security@wordfence.com",
   "published": "2024-10-29T10:15:03.900",
-  "lastModified": "2024-10-29T10:15:03.900",
+  "lastModified": "2024-10-29T14:34:04.427",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "The WPC Smart Messages for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.2.1 via the get_condition_value function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other \u201csafe\u201d file types can be uploaded and included."
+    },
+    {
+      "lang": "es",
+      "value": "El complemento WPC Smart Messages for WooCommerce para WordPress es vulnerable a la inclusi\u00f3n de archivos locales en todas las versiones hasta la 4.2.1 incluida a trav\u00e9s de la funci\u00f3n get_condition_value. Esto permite que atacantes autenticados, con acceso de nivel de suscriptor o superior, incluyan y ejecuten archivos arbitrarios en el servidor, lo que permite la ejecuci\u00f3n de cualquier c\u00f3digo PHP en esos archivos. Esto se puede utilizar para eludir los controles de acceso, obtener datos confidenciales o lograr la ejecuci\u00f3n de c\u00f3digo en casos en los que se puedan cargar e incluir im\u00e1genes y otros tipos de archivos \"seguros\"."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-104xx/CVE-2024-10437.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-10437",
   "sourceIdentifier": "security@wordfence.com",
   "published": "2024-10-29T10:15:04.140",
-  "lastModified": "2024-10-29T10:15:04.140",
+  "lastModified": "2024-10-29T14:34:04.427",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "The WPC Smart Messages for WooCommerce plugin for WordPress is vulnerable to unauthorized Smar Message activation/deactivation due to a missing capability check on the ajax_enable function in all versions up to, and including, 4.2.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to activate or deactivate smart messages."
+    },
+    {
+      "lang": "es",
+      "value": "El complemento WPC Smart Messages for WooCommerce para WordPress es vulnerable a la activaci\u00f3n o desactivaci\u00f3n no autorizada de mensajes inteligentes debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n ajax_enable en todas las versiones hasta la 4.2.1 incluida. Esto permite que atacantes autenticados, con acceso de nivel de suscriptor o superior, activen o desactiven los mensajes inteligentes."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-104xx/CVE-2024-10448.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-10448",
   "sourceIdentifier": "cna@vuldb.com",
   "published": "2024-10-28T14:15:04.143",
-  "lastModified": "2024-10-28T14:15:04.143",
+  "lastModified": "2024-10-29T14:34:50.257",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "A vulnerability, which was classified as problematic, has been found in code-projects Blood Bank Management System 1.0. Affected by this issue is some unknown functionality of the file /file/delete.php. The manipulation of the argument bid leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other endpoints might be affected as well."
+    },
+    {
+      "lang": "es",
+      "value": "Se ha encontrado una vulnerabilidad clasificada como problem\u00e1tica en code-projects Blood Bank Management System 1.0. Este problema afecta a algunas funciones desconocidas del archivo /file/delete.php. La manipulaci\u00f3n del argumento bid conduce a cross-site request forgery. El ataque puede ejecutarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse. Tambi\u00e9n pueden verse afectados otros endpoints."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-104xx/CVE-2024-10449.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-10449",
   "sourceIdentifier": "cna@vuldb.com",
   "published": "2024-10-28T15:15:04.303",
-  "lastModified": "2024-10-28T15:15:04.303",
+  "lastModified": "2024-10-29T14:34:50.257",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "A vulnerability, which was classified as critical, was found in Codezips Hospital Appointment System 1.0. This affects an unknown part of the file /loginAction.php. The manipulation of the argument Username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
+    },
+    {
+      "lang": "es",
+      "value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en Codezips Hospital Appointment System 1.0. Afecta a una parte desconocida del archivo /loginAction.php. La manipulaci\u00f3n del argumento Username provoca una inyecci\u00f3n SQL. Es posible iniciar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-104xx/CVE-2024-10450.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-10450",
   "sourceIdentifier": "cna@vuldb.com",
   "published": "2024-10-28T15:15:04.560",
-  "lastModified": "2024-10-28T15:15:04.560",
+  "lastModified": "2024-10-29T14:34:50.257",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "A vulnerability has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /kortex_lite/control/edit_profile.php of the component POST Parameter Handler. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used."
+    },
+    {
+      "lang": "es",
+      "value": "Se ha encontrado una vulnerabilidad en SourceCodester Kortex Lite Advocate Office Management System 1.0 y se ha clasificado como cr\u00edtica. Esta vulnerabilidad afecta al c\u00f3digo desconocido del archivo /kortex_lite/control/edit_profile.php del componente POST Parameter Handler. La manipulaci\u00f3n del argumento id provoca una inyecci\u00f3n SQL. El ataque se puede iniciar de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-104xx/CVE-2024-10455.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-10455",
   "sourceIdentifier": "cve@gitlab.com",
   "published": "2024-10-28T14:15:04.423",
-  "lastModified": "2024-10-28T14:15:04.423",
+  "lastModified": "2024-10-29T14:34:50.257",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "Reachable Assertion in BPv7 parser in \u00b5D3TN v0.14.0 allows attacker to disrupt service via malformed Extension Block"
+    },
+    {
+      "lang": "es",
+      "value": "La aserci\u00f3n alcanzable en el analizador BPv7 en \u00b5D3TN v0.14.0 permite que un atacante interrumpa el servicio a trav\u00e9s de un bloque de extensi\u00f3n mal formado"
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-104xx/CVE-2024-10458.json

@@ -0,0 +1,41 @@
+{
+  "id": "CVE-2024-10458",
+  "sourceIdentifier": "security@mozilla.org",
+  "published": "2024-10-29T13:15:03.623",
+  "lastModified": "2024-10-29T14:34:04.427",
+  "vulnStatus": "Awaiting Analysis",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A permission leak could have occurred from a trusted site to an untrusted site via `embed` or `object` elements. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1921733",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-55/",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-56/",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-57/",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-58/",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-59/",
+      "source": "security@mozilla.org"
+    }
+  ]
+}

CVE-2024/CVE-2024-104xx/CVE-2024-10459.json

@@ -0,0 +1,41 @@
+{
+  "id": "CVE-2024-10459",
+  "sourceIdentifier": "security@mozilla.org",
+  "published": "2024-10-29T13:15:03.713",
+  "lastModified": "2024-10-29T14:34:04.427",
+  "vulnStatus": "Awaiting Analysis",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An attacker could have caused a use-after-free when accessibility was enabled, leading to a potentially exploitable crash. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1919087",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-55/",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-56/",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-57/",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-58/",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-59/",
+      "source": "security@mozilla.org"
+    }
+  ]
+}

CVE-2024/CVE-2024-104xx/CVE-2024-10460.json

@@ -0,0 +1,37 @@
+{
+  "id": "CVE-2024-10460",
+  "sourceIdentifier": "security@mozilla.org",
+  "published": "2024-10-29T13:15:03.800",
+  "lastModified": "2024-10-29T14:34:04.427",
+  "vulnStatus": "Awaiting Analysis",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The origin of an external protocol handler prompt could have been obscured using a data: URL within an `iframe`. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1912537",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-55/",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-56/",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-58/",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-59/",
+      "source": "security@mozilla.org"
+    }
+  ]
+}

CVE-2024/CVE-2024-104xx/CVE-2024-10461.json

@@ -0,0 +1,72 @@
+{
+  "id": "CVE-2024-10461",
+  "sourceIdentifier": "security@mozilla.org",
+  "published": "2024-10-29T13:15:03.880",
+  "lastModified": "2024-10-29T14:35:16.270",
+  "vulnStatus": "Awaiting Analysis",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In multipart/x-mixed-replace responses, `Content-Disposition: attachment` in the response header was not respected and did not force a download, which could allow XSS attacks. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 6.1,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1914521",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-55/",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-56/",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-58/",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-59/",
+      "source": "security@mozilla.org"
+    }
+  ]
+}

CVE-2024/CVE-2024-104xx/CVE-2024-10462.json

@@ -0,0 +1,37 @@
+{
+  "id": "CVE-2024-10462",
+  "sourceIdentifier": "security@mozilla.org",
+  "published": "2024-10-29T13:15:03.963",
+  "lastModified": "2024-10-29T14:34:04.427",
+  "vulnStatus": "Awaiting Analysis",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Truncation of a long URL could have allowed origin spoofing in a permission prompt. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1920423",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-55/",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-56/",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-58/",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-59/",
+      "source": "security@mozilla.org"
+    }
+  ]
+}

CVE-2024/CVE-2024-104xx/CVE-2024-10463.json

@@ -0,0 +1,41 @@
+{
+  "id": "CVE-2024-10463",
+  "sourceIdentifier": "security@mozilla.org",
+  "published": "2024-10-29T13:15:04.040",
+  "lastModified": "2024-10-29T14:34:04.427",
+  "vulnStatus": "Awaiting Analysis",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Video frames could have been leaked between origins in some situations. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1920800",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-55/",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-56/",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-57/",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-58/",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-59/",
+      "source": "security@mozilla.org"
+    }
+  ]
+}

CVE-2024/CVE-2024-104xx/CVE-2024-10464.json

@@ -0,0 +1,37 @@
+{
+  "id": "CVE-2024-10464",
+  "sourceIdentifier": "security@mozilla.org",
+  "published": "2024-10-29T13:15:04.120",
+  "lastModified": "2024-10-29T14:34:04.427",
+  "vulnStatus": "Awaiting Analysis",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Repeated writes to history interface attributes could have been used to cause a Denial of Service condition in the browser. This was addressed by introducing rate-limiting to this API. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1913000",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-55/",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-56/",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-58/",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-59/",
+      "source": "security@mozilla.org"
+    }
+  ]
+}

CVE-2024/CVE-2024-104xx/CVE-2024-10465.json

@@ -0,0 +1,37 @@
+{
+  "id": "CVE-2024-10465",
+  "sourceIdentifier": "security@mozilla.org",
+  "published": "2024-10-29T13:15:04.197",
+  "lastModified": "2024-10-29T14:34:04.427",
+  "vulnStatus": "Awaiting Analysis",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A clipboard \"paste\" button could persist across tabs which allowed a spoofing attack. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1918853",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-55/",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-56/",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-58/",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-59/",
+      "source": "security@mozilla.org"
+    }
+  ]
+}

CVE-2024/CVE-2024-104xx/CVE-2024-10466.json

@@ -0,0 +1,37 @@
+{
+  "id": "CVE-2024-10466",
+  "sourceIdentifier": "security@mozilla.org",
+  "published": "2024-10-29T13:15:04.273",
+  "lastModified": "2024-10-29T14:34:04.427",
+  "vulnStatus": "Awaiting Analysis",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "By sending a specially crafted push message, a remote server could have hung the parent process, causing the browser to become unresponsive. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1924154",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-55/",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-56/",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-58/",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-59/",
+      "source": "security@mozilla.org"
+    }
+  ]
+}

CVE-2024/CVE-2024-104xx/CVE-2024-10467.json

@@ -0,0 +1,37 @@
+{
+  "id": "CVE-2024-10467",
+  "sourceIdentifier": "security@mozilla.org",
+  "published": "2024-10-29T13:15:04.350",
+  "lastModified": "2024-10-29T14:34:04.427",
+  "vulnStatus": "Awaiting Analysis",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thunderbird 128.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1829029%2C1888538%2C1900394%2C1904059%2C1917742%2C1919809%2C1923706",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-55/",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-56/",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-58/",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-59/",
+      "source": "security@mozilla.org"
+    }
+  ]
+}

CVE-2024/CVE-2024-104xx/CVE-2024-10468.json

@@ -0,0 +1,29 @@
+{
+  "id": "CVE-2024-10468",
+  "sourceIdentifier": "security@mozilla.org",
+  "published": "2024-10-29T13:15:04.447",
+  "lastModified": "2024-10-29T14:34:04.427",
+  "vulnStatus": "Awaiting Analysis",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Potential race conditions in IndexedDB could have caused memory corruption, leading to a potentially exploitable crash. This vulnerability affects Firefox < 132 and Thunderbird < 132."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1914982",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-55/",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-59/",
+      "source": "security@mozilla.org"
+    }
+  ]
+}

CVE-2024/CVE-2024-104xx/CVE-2024-10469.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-10469",
   "sourceIdentifier": "cret@cert.org",
   "published": "2024-10-28T16:15:03.667",
-  "lastModified": "2024-10-28T16:15:03.667",
+  "lastModified": "2024-10-29T14:34:50.257",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "VINCE versions before 3.0.9 is vulnerable to exposure of User information to authenticated users."
+    },
+    {
+      "lang": "es",
+      "value": "Las versiones de VINCE anteriores a 3.0.9 son vulnerables a la exposici\u00f3n de informaci\u00f3n del usuario a usuarios autenticados."
     }
   ],
   "metrics": {},

CVE-2024/CVE-2024-104xx/CVE-2024-10474.json

@@ -0,0 +1,48 @@
+{
+  "id": "CVE-2024-10474",
+  "sourceIdentifier": "security@mozilla.org",
+  "published": "2024-10-29T13:15:04.513",
+  "lastModified": "2024-10-29T14:35:17.140",
+  "vulnStatus": "Awaiting Analysis",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Focus was incorrectly allowing internal links to utilize the app scheme used for deeplinking, which could result in links potentially circumventing some URL safety checks This vulnerability affects Focus for iOS < 132."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE",
+          "baseScore": 9.1,
+          "baseSeverity": "CRITICAL"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 5.2
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1863832",
+      "source": "security@mozilla.org"
+    },
+    {
+      "url": "https://www.mozilla.org/security/advisories/mfsa2024-60/",
+      "source": "security@mozilla.org"
+    }
+  ]
+}

CVE-2024/CVE-2024-104xx/CVE-2024-10477.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-10477",
   "sourceIdentifier": "cna@vuldb.com",
   "published": "2024-10-29T01:15:02.843",
-  "lastModified": "2024-10-29T01:15:02.843",
+  "lastModified": "2024-10-29T14:34:04.427",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "A vulnerability classified as problematic was found in LinZhaoguan pb-cms up to 2.0.1. This vulnerability affects unknown code of the file /admin#permissions of the component Permission Management Page. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used."
+    },
+    {
+      "lang": "es",
+      "value": "Se ha encontrado una vulnerabilidad clasificada como problem\u00e1tica en LinZhaoguan pb-cms hasta la versi\u00f3n 2.0.1. Esta vulnerabilidad afecta al c\u00f3digo desconocido del archivo /admin#permissions del componente Permission Management Page. La manipulaci\u00f3n conduce a Cross Site Scripting. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-104xx/CVE-2024-10478.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-10478",
   "sourceIdentifier": "cna@vuldb.com",
   "published": "2024-10-29T01:15:03.160",
-  "lastModified": "2024-10-29T01:15:03.160",
+  "lastModified": "2024-10-29T14:34:04.427",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "A vulnerability, which was classified as problematic, has been found in LinZhaoguan pb-cms up to 2.0.1. This issue affects some unknown processing of the file /admin#article/edit?id=2 of the component Edit Article Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
+    },
+    {
+      "lang": "es",
+      "value": "Se ha encontrado una vulnerabilidad clasificada como problem\u00e1tica en LinZhaoguan pb-cms hasta la versi\u00f3n 2.0.1. Este problema afecta a algunos procesos desconocidos del archivo /admin#article/edit?id=2 del componente Edit Article Handler. La manipulaci\u00f3n conduce a Cross Site Scripting. El ataque puede iniciarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-104xx/CVE-2024-10479.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-10479",
   "sourceIdentifier": "cna@vuldb.com",
   "published": "2024-10-29T02:15:06.433",
-  "lastModified": "2024-10-29T02:15:06.433",
+  "lastModified": "2024-10-29T14:34:04.427",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "A vulnerability, which was classified as problematic, was found in LinZhaoguan pb-cms up to 2.0.1. Affected is an unknown function of the file /admin#themes of the component Theme Management Module. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
+    },
+    {
+      "lang": "es",
+      "value": "Se ha detectado una vulnerabilidad clasificada como problem\u00e1tica en LinZhaoguan pb-cms hasta la versi\u00f3n 2.0.1. Se trata de una funci\u00f3n desconocida del archivo /admin#themes del componente Theme Management Module. La manipulaci\u00f3n provoca Cross Site Scripting. Es posible lanzar el ataque de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-220xx/CVE-2024-22065.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-22065",
   "sourceIdentifier": "psirt@zte.com.cn",
   "published": "2024-10-29T02:15:06.933",
-  "lastModified": "2024-10-29T02:15:06.933",
+  "lastModified": "2024-10-29T14:34:04.427",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "There is a command injection vulnerability in ZTE MF258 Pro product. Due to insufficient validation of Ping Diagnosis interface parameter, an authenticated attacker could use the vulnerability to execute arbitrary commands."
+    },
+    {
+      "lang": "es",
+      "value": "Existe una vulnerabilidad de inyecci\u00f3n de comandos en el producto ZTE MF258 Pro. Debido a una validaci\u00f3n insuficiente del par\u00e1metro de interfaz Ping Diagnosis, un atacante autenticado podr\u00eda usar la vulnerabilidad para ejecutar comandos arbitrarios."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-220xx/CVE-2024-22066.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-22066",
   "sourceIdentifier": "psirt@zte.com.cn",
   "published": "2024-10-29T09:15:06.800",
-  "lastModified": "2024-10-29T09:15:06.800",
+  "lastModified": "2024-10-29T14:34:04.427",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "There is a privilege escalation vulnerability in ZTE ZXR10 ZSR V2 intelligent multi service router . An authenticated attacker could use the vulnerability to obtain sensitive information about the device."
+    },
+    {
+      "lang": "es",
+      "value": "Existe una vulnerabilidad de escalada de privilegios en el enrutador multiservicio inteligente ZTE ZXR10 ZSR V2. Un atacante autenticado podr\u00eda usar la vulnerabilidad para obtener informaci\u00f3n confidencial sobre el dispositivo."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-278xx/CVE-2024-27849.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-27849",
   "sourceIdentifier": "product-security@apple.com",
   "published": "2024-10-28T21:15:04.093",
-  "lastModified": "2024-10-28T21:15:04.093",
+  "lastModified": "2024-10-29T14:34:50.257",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15. An app may be able to read sensitive location information."
+    },
+    {
+      "lang": "es",
+      "value": "Se solucion\u00f3 un problema de privacidad mejorando la redacci\u00f3n de datos privados en las entradas de registro. Este problema se solucion\u00f3 en macOS Sequoia 15. Es posible que una aplicaci\u00f3n pueda leer informaci\u00f3n confidencial sobre la ubicaci\u00f3n."
     }
   ],
   "metrics": {},

CVE-2024/CVE-2024-301xx/CVE-2024-30106.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-30106",
   "sourceIdentifier": "psirt@hcl.com",
   "published": "2024-10-28T22:15:02.583",
-  "lastModified": "2024-10-28T22:15:02.583",
+  "lastModified": "2024-10-29T14:34:04.427",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "HCL Connections is vulnerable to an information disclosure vulnerability, due to an IBM WebSphere Application Server error, which could allow a user to obtain sensitive information they are not entitled to due to the improper handling of request data."
+    },
+    {
+      "lang": "es",
+      "value": "HCL Connections es vulnerable a una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n, debido a un error de IBM WebSphere Application Server, que podr\u00eda permitir que un usuario obtenga informaci\u00f3n confidencial a la que no tiene derecho debido al manejo inadecuado de los datos solicitados."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-316xx/CVE-2024-31682.json

@@ -2,7 +2,7 @@
   "id": "CVE-2024-31682",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2024-06-03T20:15:09.010",
-  "lastModified": "2024-08-01T13:51:05.133",
+  "lastModified": "2024-10-29T14:35:17.517",
   "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
@@ -46,7 +46,7 @@
       "description": [
         {
           "lang": "en",
-          "value": "CWE-284"
+          "value": "CWE-863"
         }
       ]
     }

CVE-2024/CVE-2024-345xx/CVE-2024-34537.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-34537",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2024-10-28T14:15:04.740",
-  "lastModified": "2024-10-28T17:35:05.300",
+  "lastModified": "2024-10-29T14:34:50.257",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "TYPO3 before 13.3.1 allows denial of service (interface error) in the Bookmark Toolbar (ext:backend), exploitable by an administrator-level backend user account via manipulated data saved in the bookmark toolbar of the backend user interface. The fixed versions are 10.4.46 ELTS, 11.5.40 LTS, 12.4.21 LTS, and 13.3.1."
+    },
+    {
+      "lang": "es",
+      "value": "TYPO3 anterior a la versi\u00f3n 13.3.1 permite la denegaci\u00f3n de servicio (error de interfaz) en la barra de marcadores (ext:backend), que puede ser explotada por una cuenta de usuario de backend de nivel de administrador mediante datos manipulados guardados en la barra de marcadores de la interfaz de usuario de backend. Las versiones corregidas son 10.4.46 ELTS, 11.5.40 LTS, 12.4.21 LTS y 13.3.1."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-392xx/CVE-2024-39205.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-39205",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2024-10-28T20:15:05.517",
-  "lastModified": "2024-10-28T20:15:05.517",
+  "lastModified": "2024-10-29T14:34:50.257",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "An issue in pyload-ng v0.5.0b3.dev85 running under python3.11 or below allows attackers to execute arbitrary code via a crafted HTTP request."
+    },
+    {
+      "lang": "es",
+      "value": "Un problema en pyload-ng v0.5.0b3.dev85 que se ejecuta en python3.11 o anterior permite a los atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de una solicitud HTTP manipulada espec\u00edficamente."
     }
   ],
   "metrics": {},

CVE-2024/CVE-2024-39xx/CVE-2024-3980.json

@@ -2,13 +2,13 @@
   "id": "CVE-2024-3980",
   "sourceIdentifier": "cybersecurity@hitachienergy.com",
   "published": "2024-08-27T13:15:05.210",
-  "lastModified": "2024-08-30T16:15:09.517",
+  "lastModified": "2024-10-29T14:15:06.670",
   "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
-      "value": "The product allows user input to control or influence paths or file\nnames that are used in filesystem operations, allowing the attacker to access or modify system files or other files that are\ncritical to the application."
+      "value": "The MicroSCADA Pro/X SYS600 product allows an authenticated user input to control or influence paths or file names\nthat are used in filesystem operations. If exploited the vulnerability allows the attacker to access or modify system files or\nother files that are critical to the application."
     },
     {
       "lang": "es",

CVE-2024/CVE-2024-407xx/CVE-2024-40792.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-40792",
   "sourceIdentifier": "product-security@apple.com",
   "published": "2024-10-28T21:15:04.670",
-  "lastModified": "2024-10-28T21:15:04.670",
+  "lastModified": "2024-10-29T14:34:50.257",
-  "vulnStatus": "Received",
+  "vulnStatus": "Undergoing Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. A malicious app may be able to change network settings."
+    },
+    {
+      "lang": "es",
+      "value": "Se solucion\u00f3 un problema de permisos con restricciones adicionales. Este problema se solucion\u00f3 en macOS Sequoia 15. Una aplicaci\u00f3n maliciosa podr\u00eda cambiar la configuraci\u00f3n de red."
     }
   ],
   "metrics": {},

CVE-2024/CVE-2024-408xx/CVE-2024-40851.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-40851",
   "sourceIdentifier": "product-security@apple.com",
   "published": "2024-10-28T21:15:04.740",
-  "lastModified": "2024-10-28T21:15:04.740",
+  "lastModified": "2024-10-29T14:34:50.257",
-  "vulnStatus": "Received",
+  "vulnStatus": "Undergoing Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18.1 and iPadOS 18.1. An attacker with physical access may be able to access contact photos from the lock screen."
+    },
+    {
+      "lang": "es",
+      "value": "Este problema se solucion\u00f3 restringiendo las opciones ofrecidas en un dispositivo bloqueado. Este problema se solucion\u00f3 en iOS 18.1 y iPadOS 18.1. Un atacante con acceso f\u00edsico podr\u00eda acceder a las fotos de los contactos desde la pantalla de bloqueo."
     }
   ],
   "metrics": {},

CVE-2024/CVE-2024-408xx/CVE-2024-40853.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-40853",
   "sourceIdentifier": "product-security@apple.com",
   "published": "2024-10-28T21:15:04.810",
-  "lastModified": "2024-10-28T21:15:04.810",
+  "lastModified": "2024-10-29T14:34:50.257",
-  "vulnStatus": "Received",
+  "vulnStatus": "Undergoing Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18 and iPadOS 18. An attacker may be able to use Siri to enable Auto-Answer Calls."
+    },
+    {
+      "lang": "es",
+      "value": "Este problema se solucion\u00f3 restringiendo las opciones ofrecidas en un dispositivo bloqueado. Este problema se solucion\u00f3 en iOS 18 y iPadOS 18. Un atacante podr\u00eda usar Siri para habilitar la funci\u00f3n de respuesta autom\u00e1tica a llamadas."
     }
   ],
   "metrics": {},

CVE-2024/CVE-2024-408xx/CVE-2024-40855.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-40855",
   "sourceIdentifier": "product-security@apple.com",
   "published": "2024-10-28T21:15:04.870",
-  "lastModified": "2024-10-28T21:15:04.870",
+  "lastModified": "2024-10-29T14:34:50.257",
-  "vulnStatus": "Received",
+  "vulnStatus": "Undergoing Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sequoia 15, macOS Sonoma 14.7.1. A sandboxed app may be able to access sensitive user data."
+    },
+    {
+      "lang": "es",
+      "value": "El problema se solucion\u00f3 con comprobaciones mejoradas. Este problema se solucion\u00f3 en macOS Ventura 13.7.1, macOS Sequoia 15 y macOS Sonoma 14.7.1. Una aplicaci\u00f3n aislada puede tener acceso a datos confidenciales del usuario."
     }
   ],
   "metrics": {},

CVE-2024/CVE-2024-408xx/CVE-2024-40867.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-40867",
   "sourceIdentifier": "product-security@apple.com",
   "published": "2024-10-28T21:15:04.937",
-  "lastModified": "2024-10-28T21:15:04.937",
+  "lastModified": "2024-10-29T14:34:50.257",
-  "vulnStatus": "Received",
+  "vulnStatus": "Undergoing Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "A custom URL scheme handling issue was addressed with improved input validation. This issue is fixed in iOS 18.1 and iPadOS 18.1. A remote attacker may be able to break out of Web Content sandbox."
+    },
+    {
+      "lang": "es",
+      "value": "Se solucion\u00f3 un problema de manejo de esquemas de URL personalizados con una validaci\u00f3n de entrada mejorada. Este problema se solucion\u00f3 en iOS 18.1 y iPadOS 18.1. Un atacante remoto podr\u00eda evadir el entorno limitado de contenido web."
     }
   ],
   "metrics": {},

CVE-2024/CVE-2024-411xx/CVE-2024-41153.json

@@ -0,0 +1,56 @@
+{
+  "id": "CVE-2024-41153",
+  "sourceIdentifier": "cybersecurity@hitachienergy.com",
+  "published": "2024-10-29T13:15:04.600",
+  "lastModified": "2024-10-29T14:34:04.427",
+  "vulnStatus": "Awaiting Analysis",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Command injection vulnerability in the Edge Computing UI for the\nTRO600 series radios that allows for the execution of arbitrary system commands. If exploited, an attacker with write access to the\nweb UI can execute commands on the device with root privileges,\nfar more extensive than what the write privilege intends."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cybersecurity@hitachienergy.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 7.2,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 1.2,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cybersecurity@hitachienergy.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-77"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://publisher.hitachienergy.com/preview?DocumentID=8DBD000147&LanguageCode=en&DocumentPartId=&Action=launch",
+      "source": "cybersecurity@hitachienergy.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-411xx/CVE-2024-41156.json

@@ -0,0 +1,56 @@
+{
+  "id": "CVE-2024-41156",
+  "sourceIdentifier": "cybersecurity@hitachienergy.com",
+  "published": "2024-10-29T13:15:04.847",
+  "lastModified": "2024-10-29T14:34:04.427",
+  "vulnStatus": "Awaiting Analysis",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Profile files from TRO600 series radios are extracted in plain-text\nand encrypted file formats. Profile files provide potential attackers\nvaluable configuration information about the Tropos network. Profiles\ncan only be exported by authenticated users with write access."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cybersecurity@hitachienergy.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE",
+          "baseScore": 2.7,
+          "baseSeverity": "LOW"
+        },
+        "exploitabilityScore": 1.2,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cybersecurity@hitachienergy.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-212"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://publisher.hitachienergy.com/preview?DocumentID=8DBD000147&LanguageCode=en&DocumentPartId=&Action=launch",
+      "source": "cybersecurity@hitachienergy.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-420xx/CVE-2024-42011.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-42011",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2024-10-28T21:15:05.043",
-  "lastModified": "2024-10-28T21:15:05.043",
+  "lastModified": "2024-10-29T14:34:50.257",
-  "vulnStatus": "Received",
+  "vulnStatus": "Undergoing Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "The Spotify app 8.9.58 for iOS has a buffer overflow in its use of strcat."
+    },
+    {
+      "lang": "es",
+      "value": "La aplicaci\u00f3n Spotify 8.9.58 para iOS tiene un desbordamiento de b\u00fafer en el uso de strcat."
     }
   ],
   "metrics": {},

CVE-2024/CVE-2024-420xx/CVE-2024-42028.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-42028",
   "sourceIdentifier": "support@hackerone.com",
   "published": "2024-10-28T16:15:03.820",
-  "lastModified": "2024-10-28T19:35:25.640",
+  "lastModified": "2024-10-29T14:34:50.257",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "A Local privilege escalation vulnerability found in a Self-Hosted UniFi Network Server with UniFi Network Application (Version 8.4.62 and earlier) allows a malicious actor with a local operational system user to execute high privilege actions on UniFi Network Server."
+    },
+    {
+      "lang": "es",
+      "value": "Una vulnerabilidad de escalada de privilegios locales encontrada en Self-Hosted UniFi Network Server with UniFi Network Application (versi\u00f3n 8.4.62 y anteriores) permite que un actor malicioso con un usuario del sistema operativo local ejecute acciones con altos privilegios en el servidor de red UniFi."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-429xx/CVE-2024-42930.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-42930",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2024-10-28T20:15:05.643",
-  "lastModified": "2024-10-28T20:15:05.643",
+  "lastModified": "2024-10-29T14:34:50.257",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "PbootCMS 3.2.8 is vulnerable to URL Redirect."
+    },
+    {
+      "lang": "es",
+      "value": "PbootCMS 3.2.8 es vulnerable a la redirecci\u00f3n de URL."
     }
   ],
   "metrics": {},

CVE-2024/CVE-2024-441xx/CVE-2024-44122.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-44122",
   "sourceIdentifier": "product-security@apple.com",
   "published": "2024-10-28T21:15:05.123",
-  "lastModified": "2024-10-28T21:15:05.123",
+  "lastModified": "2024-10-29T14:34:50.257",
-  "vulnStatus": "Received",
+  "vulnStatus": "Undergoing Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sequoia 15, macOS Sonoma 14.7.1. An application may be able to break out of its sandbox."
+    },
+    {
+      "lang": "es",
+      "value": "Se solucion\u00f3 un problema de l\u00f3gica con comprobaciones mejoradas. Este problema se solucion\u00f3 en macOS Ventura 13.7.1, macOS Sequoia 15 y macOS Sonoma 14.7.1. Es posible que una aplicaci\u00f3n pueda salir de su entorno limitado."
     }
   ],
   "metrics": {},

CVE-2024/CVE-2024-441xx/CVE-2024-44123.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-44123",
   "sourceIdentifier": "product-security@apple.com",
   "published": "2024-10-28T21:15:05.190",
-  "lastModified": "2024-10-28T21:15:05.190",
+  "lastModified": "2024-10-29T14:34:50.257",
-  "vulnStatus": "Received",
+  "vulnStatus": "Undergoing Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15, iOS 18 and iPadOS 18. A malicious app with root privileges may be able to access keyboard input and location information without user consent."
+    },
+    {
+      "lang": "es",
+      "value": "Se solucion\u00f3 un problema de permisos con restricciones adicionales. Este problema se solucion\u00f3 en macOS Sequoia 15, iOS 18 y iPadOS 18. Una aplicaci\u00f3n maliciosa con privilegios de superusuario podr\u00eda acceder a la informaci\u00f3n de ubicaci\u00f3n y a la entrada del teclado sin el consentimiento del usuario."
     }
   ],
   "metrics": {},

CVE-2024/CVE-2024-441xx/CVE-2024-44126.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-44126",
   "sourceIdentifier": "product-security@apple.com",
   "published": "2024-10-28T21:15:05.263",
-  "lastModified": "2024-10-28T21:15:05.263",
+  "lastModified": "2024-10-29T14:34:50.257",
-  "vulnStatus": "Received",
+  "vulnStatus": "Undergoing Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sequoia 15, iOS 17.7 and iPadOS 17.7, macOS Sonoma 14.7, visionOS 2, iOS 18 and iPadOS 18. Processing a maliciously crafted file may lead to heap corruption."
+    },
+    {
+      "lang": "es",
+      "value": "El problema se solucion\u00f3 con comprobaciones mejoradas. Este problema se solucion\u00f3 en macOS Ventura 13.7.1, macOS Sequoia 15, iOS 17.7 y iPadOS 17.7, macOS Sonoma 14.7, visionOS 2, iOS 18 y iPadOS 18. El procesamiento de un archivo manipulado con fines malintencionados puede provocar da\u00f1os en el mont\u00f3n."
     }
   ],
   "metrics": {},

CVE-2024/CVE-2024-441xx/CVE-2024-44137.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-44137",
   "sourceIdentifier": "product-security@apple.com",
   "published": "2024-10-28T21:15:05.330",
-  "lastModified": "2024-10-28T21:15:05.330",
+  "lastModified": "2024-10-29T14:34:50.257",
-  "vulnStatus": "Received",
+  "vulnStatus": "Undergoing Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sequoia 15, macOS Sonoma 14.7.1. An attacker with physical access may be able to share items from the lock screen."
+    },
+    {
+      "lang": "es",
+      "value": "El problema se solucion\u00f3 con comprobaciones mejoradas. Este problema se solucion\u00f3 en macOS Ventura 13.7.1, macOS Sequoia 15 y macOS Sonoma 14.7.1. Un atacante con acceso f\u00edsico podr\u00eda compartir elementos desde la pantalla de bloqueo."
     }
   ],
   "metrics": {},

CVE-2024/CVE-2024-441xx/CVE-2024-44144.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-44144",
   "sourceIdentifier": "product-security@apple.com",
   "published": "2024-10-28T21:15:05.397",
-  "lastModified": "2024-10-28T21:15:05.397",
+  "lastModified": "2024-10-29T14:34:50.257",
-  "vulnStatus": "Received",
+  "vulnStatus": "Undergoing Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, macOS Sequoia 15, macOS Sonoma 14.7.1, tvOS 18, watchOS 11, visionOS 2, iOS 18 and iPadOS 18. Processing a maliciously crafted file may lead to unexpected app termination."
+    },
+    {
+      "lang": "es",
+      "value": "Se solucion\u00f3 un desbordamiento de b\u00fafer mejorando la validaci\u00f3n de tama\u00f1o. Este problema se solucion\u00f3 en iOS 17.7.1 y iPadOS 17.7.1, macOS Sequoia 15, macOS Sonoma 14.7.1, tvOS 18, watchOS 11, visionOS 2, iOS 18 y iPadOS 18. El procesamiento de un archivo manipulado con fines malintencionados puede provocar la finalizaci\u00f3n inesperada de la aplicaci\u00f3n."
     }
   ],
   "metrics": {},

CVE-2024/CVE-2024-441xx/CVE-2024-44145.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-44145",
   "sourceIdentifier": "product-security@apple.com",
   "published": "2024-10-28T22:15:02.820",
-  "lastModified": "2024-10-28T22:15:02.820",
+  "lastModified": "2024-10-29T14:34:04.427",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15, iOS 18 and iPadOS 18. An attacker with physical access to a macOS device with Sidecar enabled may be able to bypass the Lock Screen."
+    },
+    {
+      "lang": "es",
+      "value": "Este problema se solucion\u00f3 mediante una mejor gesti\u00f3n del estado. Este problema se solucion\u00f3 en macOS Sequoia 15, iOS 18 y iPadOS 18. Un atacante con acceso f\u00edsico a un dispositivo macOS con Sidecar habilitado podr\u00eda ser capaz de eludir la pantalla de bloqueo."
     }
   ],
   "metrics": {},

CVE-2024/CVE-2024-441xx/CVE-2024-44155.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-44155",
   "sourceIdentifier": "product-security@apple.com",
   "published": "2024-10-28T21:15:05.460",
-  "lastModified": "2024-10-28T21:15:05.460",
+  "lastModified": "2024-10-29T14:34:50.257",
-  "vulnStatus": "Received",
+  "vulnStatus": "Undergoing Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "A custom URL scheme handling issue was addressed with improved input validation. This issue is fixed in Safari 18, iOS 17.7.1 and iPadOS 17.7.1, macOS Sequoia 15, watchOS 11, iOS 18 and iPadOS 18. Maliciously crafted web content may violate iframe sandboxing policy."
+    },
+    {
+      "lang": "es",
+      "value": "Se solucion\u00f3 un problema de manejo de esquemas de URL personalizados con una validaci\u00f3n de entrada mejorada. Este problema se solucion\u00f3 en Safari 18, iOS 17.7.1 y iPadOS 17.7.1, macOS Sequoia 15, watchOS 11, iOS 18 y iPadOS 18. El contenido web manipulado con fines malintencionados puede infringir la pol\u00edtica de la sandbox de iframe."
     }
   ],
   "metrics": {},

CVE-2024/CVE-2024-441xx/CVE-2024-44156.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-44156",
   "sourceIdentifier": "product-security@apple.com",
   "published": "2024-10-28T21:15:05.543",
-  "lastModified": "2024-10-28T21:15:05.543",
+  "lastModified": "2024-10-29T14:34:50.257",
-  "vulnStatus": "Received",
+  "vulnStatus": "Undergoing Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "A path deletion vulnerability was addressed by preventing vulnerable code from running with privileges. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to bypass Privacy preferences."
+    },
+    {
+      "lang": "es",
+      "value": "Se solucion\u00f3 una vulnerabilidad de eliminaci\u00f3n de ruta al evitar que el c\u00f3digo vulnerable se ejecutara con privilegios. Este problema se solucion\u00f3 en macOS Ventura 13.7.1 y macOS Sonoma 14.7.1. Es posible que una aplicaci\u00f3n pueda eludir las preferencias de privacidad."
     }
   ],
   "metrics": {},

CVE-2024/CVE-2024-441xx/CVE-2024-44159.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-44159",
   "sourceIdentifier": "product-security@apple.com",
   "published": "2024-10-28T21:15:05.603",
-  "lastModified": "2024-10-28T21:15:05.603",
+  "lastModified": "2024-10-29T14:34:50.257",
-  "vulnStatus": "Received",
+  "vulnStatus": "Undergoing Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "A path deletion vulnerability was addressed by preventing vulnerable code from running with privileges. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to bypass Privacy preferences."
+    },
+    {
+      "lang": "es",
+      "value": "Se solucion\u00f3 una vulnerabilidad de eliminaci\u00f3n de ruta al evitar que el c\u00f3digo vulnerable se ejecutara con privilegios. Este problema se solucion\u00f3 en macOS Ventura 13.7.1 y macOS Sonoma 14.7.1. Es posible que una aplicaci\u00f3n pueda eludir las preferencias de privacidad."
     }
   ],
   "metrics": {},

CVE-2024/CVE-2024-441xx/CVE-2024-44174.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-44174",
   "sourceIdentifier": "product-security@apple.com",
   "published": "2024-10-28T21:15:05.667",
-  "lastModified": "2024-10-28T21:15:05.667",
+  "lastModified": "2024-10-29T14:34:50.257",
-  "vulnStatus": "Received",
+  "vulnStatus": "Undergoing Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15. An attacker may be able to view restricted content from the lock screen."
+    },
+    {
+      "lang": "es",
+      "value": "El problema se solucion\u00f3 con comprobaciones mejoradas. Este problema se solucion\u00f3 en macOS Sequoia 15. Un atacante podr\u00eda ver contenido restringido desde la pantalla de bloqueo."
     }
   ],
   "metrics": {},

CVE-2024/CVE-2024-441xx/CVE-2024-44175.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-44175",
   "sourceIdentifier": "product-security@apple.com",
   "published": "2024-10-28T21:15:05.737",
-  "lastModified": "2024-10-28T21:15:05.737",
+  "lastModified": "2024-10-29T14:34:50.257",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7.1. An app may be able to access sensitive user data."
+    },
+    {
+      "lang": "es",
+      "value": "Este problema se solucion\u00f3 con una validaci\u00f3n mejorada de los enlaces simb\u00f3licos. Este problema se solucion\u00f3 en macOS Sequoia 15 y macOS Sonoma 14.7.1. Es posible que una aplicaci\u00f3n pueda acceder a datos confidenciales del usuario."
     }
   ],
   "metrics": {},

CVE-2024/CVE-2024-441xx/CVE-2024-44194.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-44194",
   "sourceIdentifier": "product-security@apple.com",
   "published": "2024-10-28T21:15:05.800",
-  "lastModified": "2024-10-28T21:15:05.800",
+  "lastModified": "2024-10-29T14:34:50.257",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in watchOS 11.1, visionOS 2.1, iOS 18.1 and iPadOS 18.1. An app may be able to access sensitive user data."
+    },
+    {
+      "lang": "es",
+      "value": "Este problema se solucion\u00f3 con una redacci\u00f3n mejorada de informaci\u00f3n confidencial. Este problema se solucion\u00f3 en watchOS 11.1, visionOS 2.1, iOS 18.1 y iPadOS 18.1. Es posible que una aplicaci\u00f3n pueda acceder a datos confidenciales del usuario."
     }
   ],
   "metrics": {},

CVE-2024/CVE-2024-441xx/CVE-2024-44196.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-44196",
   "sourceIdentifier": "product-security@apple.com",
   "published": "2024-10-28T21:15:05.860",
-  "lastModified": "2024-10-28T21:15:05.860",
+  "lastModified": "2024-10-29T14:34:50.257",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to modify protected parts of the file system."
+    },
+    {
+      "lang": "es",
+      "value": "Se solucion\u00f3 un problema de permisos con restricciones adicionales. Este problema se solucion\u00f3 en macOS Ventura 13.7.1 y macOS Sonoma 14.7.1. Es posible que una aplicaci\u00f3n pueda modificar partes protegidas del sistema de archivos."
     }
   ],
   "metrics": {},

CVE-2024/CVE-2024-441xx/CVE-2024-44197.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-44197",
   "sourceIdentifier": "product-security@apple.com",
   "published": "2024-10-28T21:15:05.917",
-  "lastModified": "2024-10-28T21:15:05.917",
+  "lastModified": "2024-10-29T14:34:50.257",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. A malicious app may be able to cause a denial-of-service."
+    },
+    {
+      "lang": "es",
+      "value": "El problema se solucion\u00f3 mejorando el manejo de la memoria. Este problema se solucion\u00f3 en macOS Ventura 13.7.1 y macOS Sonoma 14.7.1. Una aplicaci\u00f3n malintencionada puede provocar una denegaci\u00f3n de servicio."
     }
   ],
   "metrics": {},

CVE-2024/CVE-2024-442xx/CVE-2024-44203.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-44203",
   "sourceIdentifier": "product-security@apple.com",
   "published": "2024-10-28T21:15:05.977",
-  "lastModified": "2024-10-28T21:15:05.977",
+  "lastModified": "2024-10-29T14:34:50.257",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access a user's Photos Library."
+    },
+    {
+      "lang": "es",
+      "value": "Se solucion\u00f3 un problema de permisos con restricciones adicionales. Este problema se solucion\u00f3 en macOS Sequoia 15. Una aplicaci\u00f3n puede acceder a la librer\u00eda de fotos de un usuario."
     }
   ],
   "metrics": {},

CVE-2024/CVE-2024-442xx/CVE-2024-44208.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-44208",
   "sourceIdentifier": "product-security@apple.com",
   "published": "2024-10-28T21:15:06.043",
-  "lastModified": "2024-10-28T21:15:06.043",
+  "lastModified": "2024-10-29T14:34:50.257",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15. An app may be able to bypass certain Privacy preferences."
+    },
+    {
+      "lang": "es",
+      "value": "Este problema se solucion\u00f3 mediante una mejor gesti\u00f3n del estado. Este problema se solucion\u00f3 en macOS Sequoia 15. Es posible que una aplicaci\u00f3n pueda omitir ciertas preferencias de privacidad."
     }
   ],
   "metrics": {},

CVE-2024/CVE-2024-442xx/CVE-2024-44213.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-44213",
   "sourceIdentifier": "product-security@apple.com",
   "published": "2024-10-28T21:15:06.110",
-  "lastModified": "2024-10-28T21:15:06.110",
+  "lastModified": "2024-10-29T14:34:50.257",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "An issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An attacker in a privileged network position may be able to leak sensitive user information."
+    },
+    {
+      "lang": "es",
+      "value": "Exist\u00eda un problema en el an\u00e1lisis de las URL. Este problema se solucion\u00f3 mejorando la validaci\u00f3n de entrada. Este problema se solucion\u00f3 en macOS Ventura 13.7.1 y macOS Sonoma 14.7.1. Un atacante en una posici\u00f3n privilegiada en la red podr\u00eda filtrar informaci\u00f3n confidencial del usuario."
     }
   ],
   "metrics": {},

CVE-2024/CVE-2024-442xx/CVE-2024-44215.json

@@ -2,13 +2,17 @@
   "id": "CVE-2024-44215",
   "sourceIdentifier": "product-security@apple.com",
   "published": "2024-10-28T21:15:06.167",
-  "lastModified": "2024-10-28T21:15:06.167",
+  "lastModified": "2024-10-29T14:34:50.257",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
       "value": "This issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, visionOS 2.1. Processing an image may result in disclosure of process memory."
+    },
+    {
+      "lang": "es",
+      "value": "Este problema se solucion\u00f3 con comprobaciones mejoradas. Este problema se solucion\u00f3 en tvOS 18.1, iOS 18.1 y iPadOS 18.1, iOS 17.7.1 y iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1 y visionOS 2.1. El procesamiento de una imagen puede provocar la divulgaci\u00f3n de la memoria del proceso."
     }
   ],
   "metrics": {},