diff --git a/CVE-2019/CVE-2019-252xx/CVE-2019-25211.json b/CVE-2019/CVE-2019-252xx/CVE-2019-25211.json index 64bc0582e7c..254d4401df8 100644 --- a/CVE-2019/CVE-2019-252xx/CVE-2019-25211.json +++ b/CVE-2019/CVE-2019-252xx/CVE-2019-25211.json @@ -2,13 +2,17 @@ "id": "CVE-2019-25211", "sourceIdentifier": "cve@mitre.org", "published": "2024-06-29T00:15:02.107", - "lastModified": "2024-06-29T00:15:02.107", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "parseWildcardRules in Gin-Gonic CORS middleware before 1.6.0 mishandles a wildcard at the end of an origin string, e.g., https://example.community/* is allowed when the intention is that only https://example.com/* should be allowed, and http://localhost.example.com/* is allowed when the intention is that only http://localhost/* should be allowed." + }, + { + "lang": "es", + "value": "parseWildcardRules en el middleware Gin-Gonic CORS anterior a 1.6.0 maneja mal un comod\u00edn al final de una cadena de origen, por ejemplo, https://example.community/* se permite cuando la intenci\u00f3n es que solo https://example.com/* debe permitirse, y http://localhost.example.com/* est\u00e1 permitido cuando la intenci\u00f3n es que solo se debe permitir http://localhost/*." } ], "metrics": {}, diff --git a/CVE-2022/CVE-2022-275xx/CVE-2022-27540.json b/CVE-2022/CVE-2022-275xx/CVE-2022-27540.json index cfb7fd563bd..74cde1619b0 100644 --- a/CVE-2022/CVE-2022-275xx/CVE-2022-27540.json +++ b/CVE-2022/CVE-2022-275xx/CVE-2022-27540.json @@ -2,13 +2,17 @@ "id": "CVE-2022-27540", "sourceIdentifier": "hp-security-alert@hp.com", "published": "2024-06-28T19:15:03.407", - "lastModified": "2024-06-28T19:15:03.407", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A potential Time-of-Check to Time-of Use (TOCTOU) vulnerability has been identified in the HP BIOS for certain HP PC products, which might allow arbitrary code execution, denial of service, and information disclosure. HP is releasing BIOS updates to mitigate the potential vulnerability." + }, + { + "lang": "es", + "value": "Se ha identificado una posible vulnerabilidad de tiempo de verificaci\u00f3n a tiempo de uso (TOCTOU) en el BIOS de HP para ciertos productos de PC HP, que podr\u00eda permitir la ejecuci\u00f3n de c\u00f3digo arbitrario, denegaci\u00f3n de servicio y divulgaci\u00f3n de informaci\u00f3n. HP est\u00e1 lanzando actualizaciones de BIOS para mitigar la vulnerabilidad potencial." } ], "metrics": {}, diff --git a/CVE-2022/CVE-2022-383xx/CVE-2022-38383.json b/CVE-2022/CVE-2022-383xx/CVE-2022-38383.json index 20a891b0525..eb64d8f3566 100644 --- a/CVE-2022/CVE-2022-383xx/CVE-2022-38383.json +++ b/CVE-2022/CVE-2022-383xx/CVE-2022-38383.json @@ -2,13 +2,17 @@ "id": "CVE-2022-38383", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-06-28T19:15:03.670", - "lastModified": "2024-06-28T19:15:03.670", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Software Suite 1.10.12.0 through 1.10.21.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 233673." + }, + { + "lang": "es", + "value": "IBM Cloud Pak for Security (CP4S) 1.10.0.0 a 1.10.11.0 e IBM QRadar Software Suite 1.10.12.0 a 1.10.21.0 permiten almacenar localmente p\u00e1ginas web que pueden ser le\u00eddas por otro usuario en el sistema. ID de IBM X-Force: 233673." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-350xx/CVE-2023-35022.json b/CVE-2023/CVE-2023-350xx/CVE-2023-35022.json index 1232827b403..308e64624be 100644 --- a/CVE-2023/CVE-2023-350xx/CVE-2023-35022.json +++ b/CVE-2023/CVE-2023-350xx/CVE-2023-35022.json @@ -2,13 +2,17 @@ "id": "CVE-2023-35022", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-06-30T16:15:02.600", - "lastModified": "2024-06-30T16:15:02.600", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM InfoSphere Information Server 11.7 could allow a local user to update projects that they do not have the authorization to access. IBM X-Force ID: 258254." + }, + { + "lang": "es", + "value": "IBM InfoSphere Information Server 11.7 podr\u00eda permitir a un usuario local actualizar proyectos a los que no tiene autorizaci\u00f3n para acceder. ID de IBM X-Force: 258254." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-40xx/CVE-2023-4017.json b/CVE-2023/CVE-2023-40xx/CVE-2023-4017.json index 4767f13f08e..9cd5839f496 100644 --- a/CVE-2023/CVE-2023-40xx/CVE-2023-4017.json +++ b/CVE-2023/CVE-2023-40xx/CVE-2023-4017.json @@ -2,13 +2,17 @@ "id": "CVE-2023-4017", "sourceIdentifier": "security@wordfence.com", "published": "2024-06-29T12:15:09.863", - "lastModified": "2024-06-29T12:15:09.863", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Goya theme for WordPress is vulnerable to Reflected Cross-Site Scripting via the \u2018attra-color\u2019, 'attra-size', and 'product-cata' parameters in versions up to, and including, 1.0.8.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El tema Goya para WordPress es vulnerable a Cross-Site Scripting Reflejado a trav\u00e9s de los par\u00e1metros 'attra-color', 'attra-size' y 'product-cata' en versiones hasta la 1.0.8.7 incluida debido a una sanitizaci\u00f3n insuficiente de los insumos y al escape de los productos. Esto hace posible que atacantes no autenticados inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-509xx/CVE-2023-50952.json b/CVE-2023/CVE-2023-509xx/CVE-2023-50952.json index 25f76dbe3df..d0d4f99e04a 100644 --- a/CVE-2023/CVE-2023-509xx/CVE-2023-50952.json +++ b/CVE-2023/CVE-2023-509xx/CVE-2023-50952.json @@ -2,13 +2,17 @@ "id": "CVE-2023-50952", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-06-30T18:15:02.733", - "lastModified": "2024-06-30T18:15:02.733", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM InfoSphere Information Server 11.7 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 275774." + }, + { + "lang": "es", + "value": "IBM InfoSphere Information Server 11.7 es vulnerable a Server-Side Request Forgery (SSRF). Esto puede permitir que un atacante autenticado env\u00ede solicitudes no autorizadas desde el sistema, lo que podr\u00eda provocar la enumeraci\u00f3n de la red o facilitar otros ataques. ID de IBM X-Force: 275774." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-509xx/CVE-2023-50953.json b/CVE-2023/CVE-2023-509xx/CVE-2023-50953.json index 76269176499..7944604a938 100644 --- a/CVE-2023/CVE-2023-509xx/CVE-2023-50953.json +++ b/CVE-2023/CVE-2023-509xx/CVE-2023-50953.json @@ -2,13 +2,17 @@ "id": "CVE-2023-50953", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-06-30T18:15:02.970", - "lastModified": "2024-06-30T18:15:02.970", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system. IBM X-Force ID: 275775." + }, + { + "lang": "es", + "value": "IBM InfoSphere Information Server 11.7 podr\u00eda permitir a un atacante remoto obtener informaci\u00f3n confidencial cuando se devuelve un mensaje de error t\u00e9cnico detallado. Esta informaci\u00f3n podr\u00eda usarse en futuros ataques contra el sistema. ID de IBM X-Force: 275775." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-509xx/CVE-2023-50954.json b/CVE-2023/CVE-2023-509xx/CVE-2023-50954.json index 38c0373b328..d9183fe2bbc 100644 --- a/CVE-2023/CVE-2023-509xx/CVE-2023-50954.json +++ b/CVE-2023/CVE-2023-509xx/CVE-2023-50954.json @@ -2,13 +2,17 @@ "id": "CVE-2023-50954", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-06-30T17:15:02.470", - "lastModified": "2024-06-30T17:15:02.470", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM InfoSphere Information Server 11.7 returns sensitive information in URL information that could be used in further attacks against the system. IBM X-Force ID: 275776." + }, + { + "lang": "es", + "value": "IBM InfoSphere Information Server 11.7 devuelve informaci\u00f3n confidencial en informaci\u00f3n URL que podr\u00eda usarse en futuros ataques contra el sistema. ID de IBM X-Force: 275776." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-509xx/CVE-2023-50964.json b/CVE-2023/CVE-2023-509xx/CVE-2023-50964.json index f49cbf7ae56..1a3bf940191 100644 --- a/CVE-2023/CVE-2023-509xx/CVE-2023-50964.json +++ b/CVE-2023/CVE-2023-509xx/CVE-2023-50964.json @@ -2,13 +2,17 @@ "id": "CVE-2023-50964", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-06-30T19:15:02.007", - "lastModified": "2024-06-30T19:15:02.007", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 276102." + }, + { + "lang": "es", + "value": "IBM InfoSphere Information Server 11.7 es vulnerable a cross site scripting. Esta vulnerabilidad permite a los usuarios incrustar c\u00f3digo JavaScript arbitrario en la interfaz de usuario web, alterando as\u00ed la funcionalidad prevista, lo que podr\u00eda conducir a la divulgaci\u00f3n de credenciales dentro de una sesi\u00f3n confiable. ID de IBM X-Force: 276102." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-01xx/CVE-2024-0153.json b/CVE-2024/CVE-2024-01xx/CVE-2024-0153.json index c4df0a814f5..fbf11ae11a7 100644 --- a/CVE-2024/CVE-2024-01xx/CVE-2024-0153.json +++ b/CVE-2024/CVE-2024-01xx/CVE-2024-0153.json @@ -2,13 +2,17 @@ "id": "CVE-2024-0153", "sourceIdentifier": "arm-security@arm.com", "published": "2024-07-01T09:15:06.343", - "lastModified": "2024-07-01T09:15:06.343", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Valhall GPU Firmware, Arm Ltd Arm 5th Gen GPU Architecture Firmware allows a local non-privileged user to make improper GPU processing operations to access a limited amount outside of buffer bounds. If the operations are carefully prepared, then this in turn could give them access to all system memory. This issue affects Valhall GPU Firmware: from r29p0 through r46p0; Arm 5th Gen GPU Architecture Firmware: from r41p0 through r46p0." + }, + { + "lang": "es", + "value": "Vulnerabilidad de restricci\u00f3n inadecuada de operaciones dentro de los l\u00edmites de un b\u00fafer de memoria en Arm Ltd Valhall GPU Firmware, Arm Ltd Arm 5th Gen GPU Architecture Firmware permite a un usuario local sin privilegios realizar operaciones de procesamiento de GPU inadecuadas para acceder a una cantidad limitada fuera de los l\u00edmites del b\u00fafer. Si las operaciones se preparan cuidadosamente, esto a su vez podr\u00eda darles acceso a toda la memoria del sistema. Este problema afecta al firmware de la GPU Valhall: desde r29p0 hasta r46p0; Firmware de arquitectura de GPU Arm de quinta generaci\u00f3n: desde r41p0 hasta r46p0." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-200xx/CVE-2024-20076.json b/CVE-2024/CVE-2024-200xx/CVE-2024-20076.json index 1b788c1e72a..f1f1f54ddd6 100644 --- a/CVE-2024/CVE-2024-200xx/CVE-2024-20076.json +++ b/CVE-2024/CVE-2024-200xx/CVE-2024-20076.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20076", "sourceIdentifier": "security@mediatek.com", "published": "2024-07-01T05:15:03.957", - "lastModified": "2024-07-01T05:15:03.957", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01297806; Issue ID: MSV-1481." + }, + { + "lang": "es", + "value": "En Modem, existe una posible falla del sistema debido a un manejo incorrecto de errores. Esto podr\u00eda provocar una denegaci\u00f3n remota de servicio sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: MOLY01297806; ID del problema: MSV-1481." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-200xx/CVE-2024-20077.json b/CVE-2024/CVE-2024-200xx/CVE-2024-20077.json index d9e922c0bbd..1ca7cc0059c 100644 --- a/CVE-2024/CVE-2024-200xx/CVE-2024-20077.json +++ b/CVE-2024/CVE-2024-200xx/CVE-2024-20077.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20077", "sourceIdentifier": "security@mediatek.com", "published": "2024-07-01T05:15:04.133", - "lastModified": "2024-07-01T05:15:04.133", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01297807; Issue ID: MSV-1482." + }, + { + "lang": "es", + "value": "En Modem, existe una posible falla del sistema debido a un manejo incorrecto de errores. Esto podr\u00eda provocar una denegaci\u00f3n remota de servicio sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: MOLY01297807; ID del problema: MSV-1482." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-200xx/CVE-2024-20078.json b/CVE-2024/CVE-2024-200xx/CVE-2024-20078.json index 48adc637d68..86cfbf8d781 100644 --- a/CVE-2024/CVE-2024-200xx/CVE-2024-20078.json +++ b/CVE-2024/CVE-2024-200xx/CVE-2024-20078.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20078", "sourceIdentifier": "security@mediatek.com", "published": "2024-07-01T05:15:04.227", - "lastModified": "2024-07-01T05:15:04.227", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In venc, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08737250; Issue ID: MSV-1452." + }, + { + "lang": "es", + "value": "En venc, existe una posible escritura fuera de los l\u00edmites debido a una confusi\u00f3n de tipos. Esto podr\u00eda conducir a una escalada local de privilegios con permisos de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS08737250; ID del problema: MSV-1452." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-200xx/CVE-2024-20079.json b/CVE-2024/CVE-2024-200xx/CVE-2024-20079.json index 2e0e5121e1d..8c413cad258 100644 --- a/CVE-2024/CVE-2024-200xx/CVE-2024-20079.json +++ b/CVE-2024/CVE-2024-200xx/CVE-2024-20079.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20079", "sourceIdentifier": "security@mediatek.com", "published": "2024-07-01T05:15:04.333", - "lastModified": "2024-07-01T05:15:04.333", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08044040; Issue ID: MSV-1491." + }, + { + "lang": "es", + "value": "En el servicio gnss, existe una posible escritura fuera de los l\u00edmites debido a una validaci\u00f3n de entrada incorrecta. Esto podr\u00eda conducir a una escalada local de privilegios con permisos de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS08044040; ID del problema: MSV-1491." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-200xx/CVE-2024-20080.json b/CVE-2024/CVE-2024-200xx/CVE-2024-20080.json index 17665155247..122b8bef1a7 100644 --- a/CVE-2024/CVE-2024-200xx/CVE-2024-20080.json +++ b/CVE-2024/CVE-2024-200xx/CVE-2024-20080.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20080", "sourceIdentifier": "security@mediatek.com", "published": "2024-07-01T05:15:04.430", - "lastModified": "2024-07-01T05:15:04.430", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In gnss service, there is a possible escalation of privilege due to improper certificate validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08720039; Issue ID: MSV-1424." + }, + { + "lang": "es", + "value": "En el servicio gnss existe una posible escalada de privilegios debido a una validaci\u00f3n inadecuada del certificado. Esto podr\u00eda conducir a una escalada remota de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS08720039; ID del problema: MSV-1424." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-200xx/CVE-2024-20081.json b/CVE-2024/CVE-2024-200xx/CVE-2024-20081.json index aaf8d21cba2..c8a05b49af6 100644 --- a/CVE-2024/CVE-2024-200xx/CVE-2024-20081.json +++ b/CVE-2024/CVE-2024-200xx/CVE-2024-20081.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20081", "sourceIdentifier": "security@mediatek.com", "published": "2024-07-01T05:15:04.520", - "lastModified": "2024-07-01T05:15:04.520", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08719602; Issue ID: MSV-1412." + }, + { + "lang": "es", + "value": "En el servicio gnss, existe una posible escritura fuera de los l\u00edmites debido a una validaci\u00f3n de entrada incorrecta. Esto podr\u00eda conducir a una escalada local de privilegios con permisos de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS08719602; ID del problema: MSV-1412." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-23xx/CVE-2024-2386.json b/CVE-2024/CVE-2024-23xx/CVE-2024-2386.json index 8c7cce04ede..20511805b18 100644 --- a/CVE-2024/CVE-2024-23xx/CVE-2024-2386.json +++ b/CVE-2024/CVE-2024-23xx/CVE-2024-2386.json @@ -2,13 +2,17 @@ "id": "CVE-2024-2386", "sourceIdentifier": "security@wordfence.com", "published": "2024-06-29T13:15:10.740", - "lastModified": "2024-06-29T13:15:10.740", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The WordPress Plugin for Google Maps \u2013 WP MAPS plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter of the 'put_wpgm' shortcode in all versions up to, and including, 4.6.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database." + }, + { + "lang": "es", + "value": "El complemento WordPress Plugin for Google Maps \u2013 WP MAPS para WordPress es vulnerable a la inyecci\u00f3n SQL a trav\u00e9s del par\u00e1metro 'id' del c\u00f3digo corto 'put_wpgm' en todas las versiones hasta la 4.6.1 inclusive debido a un escape insuficiente en el par\u00e1metro proporcionado por el usuario y a la falta de preparaci\u00f3n suficiente en la consulta SQL existente. Esto hace posible que los atacantes autenticados, con acceso de nivel de colaborador y superior, agreguen consultas SQL adicionales a consultas ya existentes que pueden usarse para extraer informaci\u00f3n confidencial de la base de datos." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-250xx/CVE-2024-25031.json b/CVE-2024/CVE-2024-250xx/CVE-2024-25031.json index 174f9b3b346..a8be7a7144e 100644 --- a/CVE-2024/CVE-2024-250xx/CVE-2024-25031.json +++ b/CVE-2024/CVE-2024-250xx/CVE-2024-25031.json @@ -2,13 +2,17 @@ "id": "CVE-2024-25031", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-06-28T19:15:04.433", - "lastModified": "2024-06-28T19:15:04.433", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 uses an inadequate account lockout setting that could allow an attacker on the network to brute force account credentials. IBM X-Force ID: 281678." + }, + { + "lang": "es", + "value": "IBM Storage Defender - Resiliency Service 2.0.0 a 2.0.4 utiliza una configuraci\u00f3n de bloqueo de cuenta inadecuada que podr\u00eda permitir a un atacante en la red utilizar fuerza bruta en las credenciales de la cuenta. ID de IBM X-Force: 281678." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-250xx/CVE-2024-25041.json b/CVE-2024/CVE-2024-250xx/CVE-2024-25041.json index 4ee272b6408..f13d2b4514c 100644 --- a/CVE-2024/CVE-2024-250xx/CVE-2024-25041.json +++ b/CVE-2024/CVE-2024-250xx/CVE-2024-25041.json @@ -2,13 +2,17 @@ "id": "CVE-2024-25041", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-06-28T19:15:04.653", - "lastModified": "2024-06-28T19:15:04.653", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, and 12.0.2 is potentially vulnerable to cross site scripting (XSS). A remote attacker could execute malicious commands due to improper validation of column headings in Cognos Assistant. IBM X-Force ID: 282780." + }, + { + "lang": "es", + "value": "IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1 y 12.0.2 es potencialmente vulnerable a cross site scripting (XSS). Un atacante remoto podr\u00eda ejecutar comandos maliciosos debido a una validaci\u00f3n incorrecta de los encabezados de las columnas en Cognos Assistant. ID de IBM X-Force: 282780." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-250xx/CVE-2024-25053.json b/CVE-2024/CVE-2024-250xx/CVE-2024-25053.json index b4422bba774..e58e9f812b8 100644 --- a/CVE-2024/CVE-2024-250xx/CVE-2024-25053.json +++ b/CVE-2024/CVE-2024-250xx/CVE-2024-25053.json @@ -2,13 +2,17 @@ "id": "CVE-2024-25053", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-06-28T19:15:04.933", - "lastModified": "2024-06-28T19:15:04.933", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, and 12.0.2 is vulnerable to improper certificate validation when using the IBM Planning Analytics Data Source Connection. This could allow an attacker to spoof a trusted entity by interfering in the communication path between IBM Planning Analytics server and IBM Cognos Analytics server. IBM X-Force ID: 283364." + }, + { + "lang": "es", + "value": "IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1 y 12.0.2 es vulnerable a una validaci\u00f3n de certificado incorrecta cuando se utiliza la conexi\u00f3n de origen de datos de IBM Planning Analytics . Esto podr\u00eda permitir a un atacante falsificar una entidad de confianza interfiriendo en la ruta de comunicaci\u00f3n entre el servidor IBM Planning Analytics y el servidor IBM Cognos Analytics. ID de IBM X-Force: 283364." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-259xx/CVE-2024-25943.json b/CVE-2024/CVE-2024-259xx/CVE-2024-25943.json index b4a0f39b6e5..66aea2d519c 100644 --- a/CVE-2024/CVE-2024-259xx/CVE-2024-25943.json +++ b/CVE-2024/CVE-2024-259xx/CVE-2024-25943.json @@ -2,13 +2,17 @@ "id": "CVE-2024-25943", "sourceIdentifier": "security_alert@emc.com", "published": "2024-06-29T13:15:10.403", - "lastModified": "2024-06-29T13:15:10.403", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "iDRAC9, versions prior to 7.00.00.172 for 14th Generation and 7.10.50.00 for 15th and 16th Generations, contains a session hijacking vulnerability in IPMI. A remote attacker could potentially exploit this vulnerability, leading to arbitrary code execution on the vulnerable application." + }, + { + "lang": "es", + "value": "iDRAC9, versiones anteriores a 7.00.00.172 para la 14.\u00aa generaci\u00f3n y 7.10.50.00 para las 15.\u00aa y 16.\u00aa generaci\u00f3n, contiene una vulnerabilidad de secuestro de sesi\u00f3n en IPMI. Un atacante remoto podr\u00eda explotar esta vulnerabilidad, lo que provocar\u00eda la ejecuci\u00f3n de c\u00f3digo arbitrario en la aplicaci\u00f3n vulnerable." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-276xx/CVE-2024-27628.json b/CVE-2024/CVE-2024-276xx/CVE-2024-27628.json index c640508b375..ad7d2da1a7a 100644 --- a/CVE-2024/CVE-2024-276xx/CVE-2024-27628.json +++ b/CVE-2024/CVE-2024-276xx/CVE-2024-27628.json @@ -2,13 +2,17 @@ "id": "CVE-2024-27628", "sourceIdentifier": "cve@mitre.org", "published": "2024-06-28T19:15:05.180", - "lastModified": "2024-06-28T19:15:05.180", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer Overflow vulnerability in DCMTK v.3.6.8 allows an attacker to execute arbitrary code via the EctEnhancedCT method component." + }, + { + "lang": "es", + "value": "La vulnerabilidad de desbordamiento de b\u00fafer en DCMTK v.3.6.8 permite a un atacante ejecutar c\u00f3digo arbitrario a trav\u00e9s del componente del m\u00e9todo EctEnhancedCT." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-276xx/CVE-2024-27629.json b/CVE-2024/CVE-2024-276xx/CVE-2024-27629.json index 8e3db5ee5fb..e9b04d38758 100644 --- a/CVE-2024/CVE-2024-276xx/CVE-2024-27629.json +++ b/CVE-2024/CVE-2024-276xx/CVE-2024-27629.json @@ -2,13 +2,17 @@ "id": "CVE-2024-27629", "sourceIdentifier": "cve@mitre.org", "published": "2024-06-28T19:15:05.243", - "lastModified": "2024-06-28T19:15:05.243", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in dc2niix before v.1.0.20240202 allows a local attacker to execute arbitrary code via the generated file name is not properly escaped and injected into a system call when certain types of compression are used." + }, + { + "lang": "es", + "value": "Un problema en dc2niix anterior a v.1.0.20240202 permite a un atacante local ejecutar c\u00f3digo arbitrario a trav\u00e9s del nombre del archivo generado que no se escapa correctamente ni se inyecta en una llamada al sistema cuando se utilizan ciertos tipos de compresi\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-287xx/CVE-2024-28794.json b/CVE-2024/CVE-2024-287xx/CVE-2024-28794.json index 09480161bac..b0b59737a05 100644 --- a/CVE-2024/CVE-2024-287xx/CVE-2024-28794.json +++ b/CVE-2024/CVE-2024-287xx/CVE-2024-28794.json @@ -2,13 +2,17 @@ "id": "CVE-2024-28794", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-06-30T19:15:02.233", - "lastModified": "2024-06-30T19:15:02.233", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 286831." + }, + { + "lang": "es", + "value": "IBM InfoSphere Information Server 11.7 es vulnerable a cross site scripting. Esta vulnerabilidad permite a los usuarios incrustar c\u00f3digo JavaScript arbitrario en la interfaz de usuario web, alterando as\u00ed la funcionalidad prevista, lo que podr\u00eda conducir a la divulgaci\u00f3n de credenciales dentro de una sesi\u00f3n confiable. ID de IBM X-Force: 286831." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-287xx/CVE-2024-28795.json b/CVE-2024/CVE-2024-287xx/CVE-2024-28795.json index b03b3be49c4..9b08d020e0d 100644 --- a/CVE-2024/CVE-2024-287xx/CVE-2024-28795.json +++ b/CVE-2024/CVE-2024-287xx/CVE-2024-28795.json @@ -2,13 +2,17 @@ "id": "CVE-2024-28795", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-06-30T16:15:02.987", - "lastModified": "2024-06-30T16:15:02.987", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 286832." + }, + { + "lang": "es", + "value": "IBM InfoSphere Information Server 11.7 es vulnerable a cross site scripting. Esta vulnerabilidad permite a los usuarios incrustar c\u00f3digo JavaScript arbitrario en la interfaz de usuario web, alterando as\u00ed la funcionalidad prevista, lo que podr\u00eda conducir a la divulgaci\u00f3n de credenciales dentro de una sesi\u00f3n confiable. ID de IBM X-Force: 286832." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-287xx/CVE-2024-28797.json b/CVE-2024/CVE-2024-287xx/CVE-2024-28797.json index 6a824ecae43..8388b277fd1 100644 --- a/CVE-2024/CVE-2024-287xx/CVE-2024-28797.json +++ b/CVE-2024/CVE-2024-287xx/CVE-2024-28797.json @@ -2,13 +2,17 @@ "id": "CVE-2024-28797", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-06-30T18:15:03.480", - "lastModified": "2024-06-30T18:15:03.480", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM InfoSphere Information Server 11.7 is vulnerable stored to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 287136." + }, + { + "lang": "es", + "value": "IBM InfoSphere Information Server 11.7 es vulnerable cross site scripting almacenado. Esta vulnerabilidad permite a los usuarios incrustar c\u00f3digo JavaScript arbitrario en la interfaz de usuario web, alterando as\u00ed la funcionalidad prevista, lo que podr\u00eda conducir a la divulgaci\u00f3n de credenciales dentro de una sesi\u00f3n confiable. ID de IBM X-Force: 287136." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-287xx/CVE-2024-28798.json b/CVE-2024/CVE-2024-287xx/CVE-2024-28798.json index 7e9b6a737e6..66e9ee5955c 100644 --- a/CVE-2024/CVE-2024-287xx/CVE-2024-28798.json +++ b/CVE-2024/CVE-2024-287xx/CVE-2024-28798.json @@ -2,13 +2,17 @@ "id": "CVE-2024-28798", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-06-30T17:15:02.720", - "lastModified": "2024-06-30T17:15:02.720", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 287172." + }, + { + "lang": "es", + "value": "IBM InfoSphere Information Server 11.7 es vulnerable a cross site scripting almacenado. Esta vulnerabilidad permite a los usuarios incrustar c\u00f3digo JavaScript arbitrario en la interfaz de usuario web, alterando as\u00ed la funcionalidad prevista, lo que podr\u00eda conducir a la divulgaci\u00f3n de credenciales dentro de una sesi\u00f3n confiable. ID de IBM X-Force: 287172." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-290xx/CVE-2024-29038.json b/CVE-2024/CVE-2024-290xx/CVE-2024-29038.json index 84d419b63f7..b2aca30badc 100644 --- a/CVE-2024/CVE-2024-290xx/CVE-2024-29038.json +++ b/CVE-2024/CVE-2024-290xx/CVE-2024-29038.json @@ -2,13 +2,17 @@ "id": "CVE-2024-29038", "sourceIdentifier": "security-advisories@github.com", "published": "2024-06-28T14:15:03.033", - "lastModified": "2024-06-28T14:15:03.033", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "tpm2-tools is the source repository for the Trusted Platform Module (TPM2.0) tools. A malicious attacker can generate arbitrary quote data which is not detected by `tpm2 checkquote`. This issue was patched in version 5.7." + }, + { + "lang": "es", + "value": "tpm2-tools es el repositorio de origen de las herramientas del M\u00f3dulo de plataforma segura (TPM2.0). Un atacante malintencionado puede generar datos de cotizaciones arbitrarios que no son detectados por \"tpm2 checkquote\". Este problema se solucion\u00f3 en la versi\u00f3n 5.7." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-290xx/CVE-2024-29039.json b/CVE-2024/CVE-2024-290xx/CVE-2024-29039.json index 4b1bcaf712d..8477c95ad51 100644 --- a/CVE-2024/CVE-2024-290xx/CVE-2024-29039.json +++ b/CVE-2024/CVE-2024-290xx/CVE-2024-29039.json @@ -2,8 +2,8 @@ "id": "CVE-2024-29039", "sourceIdentifier": "security-advisories@github.com", "published": "2024-06-28T16:15:03.777", - "lastModified": "2024-06-28T16:15:03.777", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-290xx/CVE-2024-29040.json b/CVE-2024/CVE-2024-290xx/CVE-2024-29040.json index 23814ddd8c5..a78fc2aa6eb 100644 --- a/CVE-2024/CVE-2024-290xx/CVE-2024-29040.json +++ b/CVE-2024/CVE-2024-290xx/CVE-2024-29040.json @@ -2,13 +2,17 @@ "id": "CVE-2024-29040", "sourceIdentifier": "security-advisories@github.com", "published": "2024-06-28T21:15:02.773", - "lastModified": "2024-06-28T21:15:02.773", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "This repository hosts source code implementing the Trusted Computing Group's (TCG) TPM2 Software Stack (TSS). The JSON Quote Info returned by Fapi_Quote has to be deserialized by Fapi_VerifyQuote to the TPM Structure `TPMS_ATTEST`. For the field `TPM2_GENERATED magic` of this structure any number can be used in the JSON structure. The verifier can receive a state which does not represent the actual, possibly malicious state of the device under test. The malicious device might get access to data it shouldn't, or can use services it shouldn't be able to. This \nissue has been patched in version 4.1.0." + }, + { + "lang": "es", + "value": "Este repositorio aloja el c\u00f3digo fuente que implementa la pila de software (TSS) TPM2 de Trusted Computing Group (TCG). Fapi_VerifyQuote debe deserializar la informaci\u00f3n de cotizaci\u00f3n JSON devuelta por Fapi_Quote a la estructura TPM `TPMS_ATTEST`. Para el campo `TPM2_GENERATED magic` de esta estructura se puede utilizar cualquier n\u00famero en la estructura JSON. El verificador puede recibir un estado que no representa el estado real, posiblemente malicioso, del dispositivo bajo prueba. El dispositivo malicioso puede obtener acceso a datos que no deber\u00eda o puede utilizar servicios que no deber\u00eda poder. Este problema se solucion\u00f3 en la versi\u00f3n 4.1.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-318xx/CVE-2024-31898.json b/CVE-2024/CVE-2024-318xx/CVE-2024-31898.json index cd50f810c65..55ff6415b0b 100644 --- a/CVE-2024/CVE-2024-318xx/CVE-2024-31898.json +++ b/CVE-2024/CVE-2024-318xx/CVE-2024-31898.json @@ -2,13 +2,17 @@ "id": "CVE-2024-31898", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-06-30T18:15:03.693", - "lastModified": "2024-06-30T18:15:03.693", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM InfoSphere Information Server 11.7 could allow an authenticated user to read or modify sensitive information by bypassing authentication using insecure direct object references. IBM X-Force ID: 288182." + }, + { + "lang": "es", + "value": "IBM InfoSphere Information Server 11.7 podr\u00eda permitir que un usuario autenticado lea o modifique informaci\u00f3n confidencial eludiendo la autenticaci\u00f3n utilizando referencias directas a objetos inseguros. ID de IBM X-Force: 288182." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-319xx/CVE-2024-31902.json b/CVE-2024/CVE-2024-319xx/CVE-2024-31902.json index fa982ee079b..d4a2b475051 100644 --- a/CVE-2024/CVE-2024-319xx/CVE-2024-31902.json +++ b/CVE-2024/CVE-2024-319xx/CVE-2024-31902.json @@ -2,13 +2,17 @@ "id": "CVE-2024-31902", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-06-30T17:15:02.923", - "lastModified": "2024-06-30T17:15:02.923", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 289234." + }, + { + "lang": "es", + "value": "IBM InfoSphere Information Server 11.7 es vulnerable a Cross-Site Request Forgery, lo que podr\u00eda permitir a un atacante ejecutar acciones maliciosas y no autorizadas transmitidas por un usuario en el que conf\u00eda el sitio web. ID de IBM X-Force: 289234." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-319xx/CVE-2024-31912.json b/CVE-2024/CVE-2024-319xx/CVE-2024-31912.json index f34095ce01c..c259375ef91 100644 --- a/CVE-2024/CVE-2024-319xx/CVE-2024-31912.json +++ b/CVE-2024/CVE-2024-319xx/CVE-2024-31912.json @@ -2,13 +2,17 @@ "id": "CVE-2024-31912", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-06-28T18:15:03.673", - "lastModified": "2024-06-28T18:15:03.673", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM MQ 9.3 LTS and 9.3 CD could allow an authenticated user to escalate their privileges under certain configurations due to incorrect privilege assignment. IBM X-Force ID: 289894." + }, + { + "lang": "es", + "value": "IBM MQ 9.3 LTS y 9.3 CD podr\u00edan permitir que un usuario autenticado escale sus privilegios bajo ciertas configuraciones debido a una asignaci\u00f3n de privilegios incorrecta. ID de IBM X-Force: 289894." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-319xx/CVE-2024-31919.json b/CVE-2024/CVE-2024-319xx/CVE-2024-31919.json index e666c8f4c2f..3288de76528 100644 --- a/CVE-2024/CVE-2024-319xx/CVE-2024-31919.json +++ b/CVE-2024/CVE-2024-319xx/CVE-2024-31919.json @@ -2,13 +2,17 @@ "id": "CVE-2024-31919", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-06-28T18:15:03.940", - "lastModified": "2024-06-28T18:15:03.940", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS and 9.3 CD, in certain configurations, is vulnerable to a denial of service attack caused by an error processing messages when an API Exit using MQBUFMH is used. IBM X-Force ID: 290259." + }, + { + "lang": "es", + "value": "IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS y 9.3 CD, en determinadas configuraciones, es vulnerable a un ataque de denegaci\u00f3n de servicio provocado por un error al procesar mensajes cuando se utiliza una salida de API utilizando MQBUFMH. ID de IBM X-Force: 290259." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-31xx/CVE-2024-3122.json b/CVE-2024/CVE-2024-31xx/CVE-2024-3122.json index 4be99b63d46..924d0161f1b 100644 --- a/CVE-2024/CVE-2024-31xx/CVE-2024-3122.json +++ b/CVE-2024/CVE-2024-31xx/CVE-2024-3122.json @@ -2,13 +2,17 @@ "id": "CVE-2024-3122", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-07-01T05:15:04.693", - "lastModified": "2024-07-01T05:15:04.693", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "CHANGING Mobile One Time Password does not properly filter parameters for the file download functionality, allowing remote attackers with administrator privilege to read arbitrary file on the system." + }, + { + "lang": "es", + "value": "CHANGING Mobile One Time Password no filtra adecuadamente los par\u00e1metros para la funcionalidad de descarga de archivos, lo que permite a atacantes remotos con privilegios de administrador leer archivos arbitrarios en el sistema." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-31xx/CVE-2024-3123.json b/CVE-2024/CVE-2024-31xx/CVE-2024-3123.json index ee45fc8b1a2..01b8d8532c5 100644 --- a/CVE-2024/CVE-2024-31xx/CVE-2024-3123.json +++ b/CVE-2024/CVE-2024-31xx/CVE-2024-3123.json @@ -2,13 +2,17 @@ "id": "CVE-2024-3123", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-07-01T05:15:04.973", - "lastModified": "2024-07-01T05:15:04.973", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "CHANGING Mobile One Time Password's uploading function in a hidden page does not filter file type properly. Remote attackers with administrator privilege can exploit this vulnerability to upload and run malicious file to execute system commands." + }, + { + "lang": "es", + "value": "CHANGING la funci\u00f3n de carga de Mobile One Time Password en una p\u00e1gina oculta no filtra el tipo de archivo correctamente. Los atacantes remotos con privilegios de administrador pueden aprovechar esta vulnerabilidad para cargar y ejecutar archivos maliciosos para ejecutar comandos del sistema." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-347xx/CVE-2024-34703.json b/CVE-2024/CVE-2024-347xx/CVE-2024-34703.json index a34573e0271..a93c72d850d 100644 --- a/CVE-2024/CVE-2024-347xx/CVE-2024-34703.json +++ b/CVE-2024/CVE-2024-347xx/CVE-2024-34703.json @@ -2,13 +2,17 @@ "id": "CVE-2024-34703", "sourceIdentifier": "security-advisories@github.com", "published": "2024-06-30T21:15:02.053", - "lastModified": "2024-06-30T21:15:02.053", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. Prior to versions 3.3.0 and 2.19.4, an attacker could present an ECDSA X.509 certificate using explicit encoding where the parameters are very large. The proof of concept used a 16Kbit prime for this purpose. When parsing, the parameter is checked to be prime, causing excessive computation. This was patched in 2.19.4 and 3.3.0 to allow the prime parameter of the elliptic curve to be at most 521 bits. No known workarounds are available. Note that support for explicit encoding of elliptic curve parameters is deprecated in Botan.\n" + }, + { + "lang": "es", + "value": "Botan es una librer\u00eda de criptograf\u00eda C++. Los certificados X.509 pueden identificar curvas el\u00edpticas utilizando un identificador de objeto o una codificaci\u00f3n expl\u00edcita de los par\u00e1metros. Antes de las versiones 3.3.0 y 2.19.4, un atacante pod\u00eda presentar un certificado ECDSA X.509 usando codificaci\u00f3n expl\u00edcita donde los par\u00e1metros eran muy grandes. La prueba de concepto utiliz\u00f3 un prime de 16 Kbit para este prop\u00f3sito. Al analizar, se comprueba que el par\u00e1metro sea primo, lo que provoca un c\u00e1lculo excesivo. Esto fue parcheado en 2.19.4 y 3.3.0 para permitir que el par\u00e1metro principal de la curva el\u00edptica tenga como m\u00e1ximo 521 bits. No hay workarounds disponibles. Tenga en cuenta que la compatibilidad con la codificaci\u00f3n expl\u00edcita de par\u00e1metros de curvas el\u00edpticas est\u00e1 obsoleta en Botan." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-351xx/CVE-2024-35116.json b/CVE-2024/CVE-2024-351xx/CVE-2024-35116.json index e2bb79727d9..a8f5d552099 100644 --- a/CVE-2024/CVE-2024-351xx/CVE-2024-35116.json +++ b/CVE-2024/CVE-2024-351xx/CVE-2024-35116.json @@ -2,13 +2,17 @@ "id": "CVE-2024-35116", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-06-28T19:15:05.677", - "lastModified": "2024-06-28T19:15:05.677", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, and 9.3 CD is vulnerable to a denial of service attack caused by an error applying configuration changes. IBM X-Force ID: 290335." + }, + { + "lang": "es", + "value": "IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS y 9.3 CD es vulnerable a un ataque de denegaci\u00f3n de servicio causado por un error al aplicar cambios de configuraci\u00f3n. ID de IBM X-Force: 290335." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-351xx/CVE-2024-35119.json b/CVE-2024/CVE-2024-351xx/CVE-2024-35119.json index 110bbd68bf6..2a8d7029b9f 100644 --- a/CVE-2024/CVE-2024-351xx/CVE-2024-35119.json +++ b/CVE-2024/CVE-2024-351xx/CVE-2024-35119.json @@ -2,13 +2,17 @@ "id": "CVE-2024-35119", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-06-30T17:15:03.153", - "lastModified": "2024-06-30T17:15:03.153", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in a stack trace. This information could be used in further attacks against the system. IBM X-Force ID: 290342." + }, + { + "lang": "es", + "value": "IBM InfoSphere Information Server 11.7 podr\u00eda permitir a un atacante remoto obtener informaci\u00f3n confidencial cuando se devuelve un mensaje de error t\u00e9cnico detallado en un seguimiento de la pila. Esta informaci\u00f3n podr\u00eda usarse en futuros ataques contra el sistema. ID de IBM X-Force: 290342." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-351xx/CVE-2024-35137.json b/CVE-2024/CVE-2024-351xx/CVE-2024-35137.json index d5712a8ed29..db76d5e2370 100644 --- a/CVE-2024/CVE-2024-351xx/CVE-2024-35137.json +++ b/CVE-2024/CVE-2024-351xx/CVE-2024-35137.json @@ -2,8 +2,8 @@ "id": "CVE-2024-35137", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-06-28T16:15:04.150", - "lastModified": "2024-06-28T16:15:04.150", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-351xx/CVE-2024-35139.json b/CVE-2024/CVE-2024-351xx/CVE-2024-35139.json index 586a5d6be60..5c3c33bf453 100644 --- a/CVE-2024/CVE-2024-351xx/CVE-2024-35139.json +++ b/CVE-2024/CVE-2024-351xx/CVE-2024-35139.json @@ -2,8 +2,8 @@ "id": "CVE-2024-35139", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-06-28T16:15:04.380", - "lastModified": "2024-06-28T16:15:04.380", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-351xx/CVE-2024-35155.json b/CVE-2024/CVE-2024-351xx/CVE-2024-35155.json index 4aac030ea63..2657d402f56 100644 --- a/CVE-2024/CVE-2024-351xx/CVE-2024-35155.json +++ b/CVE-2024/CVE-2024-351xx/CVE-2024-35155.json @@ -2,13 +2,17 @@ "id": "CVE-2024-35155", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-06-28T18:15:04.170", - "lastModified": "2024-06-28T18:15:04.170", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM MQ Console 9.3 LTS and 9.3 CD could disclose could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 292765." + }, + { + "lang": "es", + "value": "IBM MQ Console 9.3 LTS y 9.3 CD podr\u00edan revelar que podr\u00edan permitir a un atacante remoto obtener informaci\u00f3n confidencial cuando se devuelve un mensaje de error t\u00e9cnico detallado en el navegador. Esta informaci\u00f3n podr\u00eda usarse en futuros ataques contra el sistema. ID de IBM X-Force: 292765." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-351xx/CVE-2024-35156.json b/CVE-2024/CVE-2024-351xx/CVE-2024-35156.json index 55d68774c53..92cdfc0ffaf 100644 --- a/CVE-2024/CVE-2024-351xx/CVE-2024-35156.json +++ b/CVE-2024/CVE-2024-351xx/CVE-2024-35156.json @@ -2,13 +2,17 @@ "id": "CVE-2024-35156", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-06-28T19:15:05.917", - "lastModified": "2024-06-28T19:15:05.917", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM MQ 9.3 LTS and 9.3 CD could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 292766." + }, + { + "lang": "es", + "value": "IBM MQ 9.3 LTS y 9.3 CD podr\u00edan permitir a un atacante remoto obtener informaci\u00f3n confidencial cuando se devuelve un mensaje de error t\u00e9cnico detallado en el navegador. Esta informaci\u00f3n podr\u00eda usarse en futuros ataques contra el sistema. ID de IBM X-Force: 292766." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-373xx/CVE-2024-37370.json b/CVE-2024/CVE-2024-373xx/CVE-2024-37370.json index 4b7bac4b7c8..ce4eaf16eaf 100644 --- a/CVE-2024/CVE-2024-373xx/CVE-2024-37370.json +++ b/CVE-2024/CVE-2024-373xx/CVE-2024-37370.json @@ -2,13 +2,17 @@ "id": "CVE-2024-37370", "sourceIdentifier": "cve@mitre.org", "published": "2024-06-28T22:15:02.293", - "lastModified": "2024-06-28T22:15:02.293", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application." + }, + { + "lang": "es", + "value": "En MIT Kerberos 5 (tambi\u00e9n conocido como krb5) anterior a 1.21.3, un atacante puede modificar el campo Extra Count de texto plano de un token de envoltura GSS krb5 confidencial, lo que hace que el token desenvuelto aparezca truncado para la aplicaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-373xx/CVE-2024-37371.json b/CVE-2024/CVE-2024-373xx/CVE-2024-37371.json index 7410e2783d2..3e58018711f 100644 --- a/CVE-2024/CVE-2024-373xx/CVE-2024-37371.json +++ b/CVE-2024/CVE-2024-373xx/CVE-2024-37371.json @@ -2,13 +2,17 @@ "id": "CVE-2024-37371", "sourceIdentifier": "cve@mitre.org", "published": "2024-06-28T23:15:11.603", - "lastModified": "2024-06-28T23:15:11.603", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields." + }, + { + "lang": "es", + "value": "En MIT Kerberos 5 (tambi\u00e9n conocido como krb5) anterior a 1.21.3, un atacante puede provocar lecturas de memoria no v\u00e1lidas durante el manejo de tokens de mensajes GSS al enviar tokens de mensajes con campos de longitud no v\u00e1lidos." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-379xx/CVE-2024-37905.json b/CVE-2024/CVE-2024-379xx/CVE-2024-37905.json index 017a789efc3..33a76aaff0a 100644 --- a/CVE-2024/CVE-2024-379xx/CVE-2024-37905.json +++ b/CVE-2024/CVE-2024-379xx/CVE-2024-37905.json @@ -2,13 +2,17 @@ "id": "CVE-2024-37905", "sourceIdentifier": "security-advisories@github.com", "published": "2024-06-28T18:15:04.400", - "lastModified": "2024-06-28T18:15:04.400", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "authentik is an open-source Identity Provider that emphasizes flexibility and versatility. Authentik API-Access-Token mechanism can be exploited to gain admin user privileges. A successful exploit of the issue will result in a user gaining full admin access to the Authentik application, including resetting user passwords and more. This issue has been patched in version(s) 2024.2.4, 2024.4.2 and 2024.6.0.\n" + }, + { + "lang": "es", + "value": "authentik es un proveedor de identidades de c\u00f3digo abierto que enfatiza la flexibilidad y la versatilidad. El mecanismo Authentik API-Access-Token se puede explotar para obtener privilegios de usuario administrador. Una explotaci\u00f3n exitosa del problema dar\u00e1 como resultado que un usuario obtenga acceso de administrador completo a la aplicaci\u00f3n Authentik, incluido el restablecimiento de contrase\u00f1as de usuario y m\u00e1s. Este problema se solucion\u00f3 en las versiones 2024.2.4, 2024.4.2 y 2024.6.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-383xx/CVE-2024-38322.json b/CVE-2024/CVE-2024-383xx/CVE-2024-38322.json index d20674ada6c..06a950cddea 100644 --- a/CVE-2024/CVE-2024-383xx/CVE-2024-38322.json +++ b/CVE-2024/CVE-2024-383xx/CVE-2024-38322.json @@ -2,13 +2,17 @@ "id": "CVE-2024-38322", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-06-28T19:15:06.317", - "lastModified": "2024-06-28T19:15:06.317", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error response discrepancy exposes product to brute force enumeration. IBM X-Force ID: 294869." + }, + { + "lang": "es", + "value": "IBM Storage Defender - Resiliency Service 2.0.0 a 2.0.4 La discrepancia en la respuesta de error de nombre de usuario y contrase\u00f1a del agente expone el producto a una enumeraci\u00f3n de fuerza bruta. ID de IBM X-Force: 294869." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-383xx/CVE-2024-38371.json b/CVE-2024/CVE-2024-383xx/CVE-2024-38371.json index 7ce0808686d..980e2131f24 100644 --- a/CVE-2024/CVE-2024-383xx/CVE-2024-38371.json +++ b/CVE-2024/CVE-2024-383xx/CVE-2024-38371.json @@ -2,13 +2,17 @@ "id": "CVE-2024-38371", "sourceIdentifier": "security-advisories@github.com", "published": "2024-06-28T18:15:04.647", - "lastModified": "2024-06-28T18:15:04.647", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "authentik is an open-source Identity Provider. Access restrictions assigned to an application were not checked when using the OAuth2 Device code flow. This could potentially allow users without the correct authorization to get OAuth tokens for an application and access it. This issue has been patched in version(s) 2024.6.0, 2024.2.4 and 2024.4.3." + }, + { + "lang": "es", + "value": "authentik es un proveedor de identidades de c\u00f3digo abierto. Las restricciones de acceso asignadas a una aplicaci\u00f3n no se verificaron cuando se utiliz\u00f3 el flujo de c\u00f3digo del dispositivo OAuth2. Potencialmente, esto podr\u00eda permitir a los usuarios sin la autorizaci\u00f3n correcta obtener tokens OAuth para una aplicaci\u00f3n y acceder a ella. Este problema se solucion\u00f3 en las versiones 2024.6.0, 2024.2.4 y 2024.4.3." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-383xx/CVE-2024-38374.json b/CVE-2024/CVE-2024-383xx/CVE-2024-38374.json index b8a94658828..a783a1b6636 100644 --- a/CVE-2024/CVE-2024-383xx/CVE-2024-38374.json +++ b/CVE-2024/CVE-2024-383xx/CVE-2024-38374.json @@ -2,13 +2,17 @@ "id": "CVE-2024-38374", "sourceIdentifier": "security-advisories@github.com", "published": "2024-06-28T18:15:04.853", - "lastModified": "2024-06-28T18:15:04.853", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The CycloneDX core module provides a model representation of the SBOM along with utilities to assist in creating, validating, and parsing SBOMs. Before deserializing CycloneDX Bill of Materials in XML format, _cyclonedx-core-java_ leverages XPath expressions to determine the schema version of the BOM. The `DocumentBuilderFactory` used to evaluate XPath expressions was not configured securely, making the library vulnerable to XML External Entity (XXE) injection. This vulnerability has been fixed in cyclonedx-core-java version 9.0.4.\n" + }, + { + "lang": "es", + "value": "El m\u00f3dulo principal de CycloneDX proporciona una representaci\u00f3n modelo del SBOM junto con utilidades para ayudar a crear, validar y analizar SBOM. Antes de deserializar la lista de materiales de CycloneDX en formato XML, _cyclonedx-core-java_ aprovecha las expresiones XPath para determinar la versi\u00f3n del esquema de la lista de materiales. El `DocumentBuilderFactory` utilizado para evaluar expresiones XPath no estaba configurado de forma segura, lo que hac\u00eda que la biblioteca fuera vulnerable a la inyecci\u00f3n de entidad externa XML (XXE). Esta vulnerabilidad se ha solucionado en cyclonedx-core-java versi\u00f3n 9.0.4." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-384xx/CVE-2024-38480.json b/CVE-2024/CVE-2024-384xx/CVE-2024-38480.json index 96c689f1491..21e66db8520 100644 --- a/CVE-2024/CVE-2024-384xx/CVE-2024-38480.json +++ b/CVE-2024/CVE-2024-384xx/CVE-2024-38480.json @@ -2,13 +2,17 @@ "id": "CVE-2024-38480", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-07-01T05:15:04.613", - "lastModified": "2024-07-01T05:15:04.613", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "\"Piccoma\" App for Android and iOS versions prior to 6.20.0 uses a hard-coded API key for an external service, which may allow a local attacker to obtain the API key. Note that the users of the app are not directly affected by this vulnerability." + }, + { + "lang": "es", + "value": "La aplicaci\u00f3n \"Piccoma\" para versiones de Android e iOS anteriores a la 6.20.0 utiliza una clave API codificada para un servicio externo, lo que puede permitir que un atacante local obtenga la clave API. Tenga en cuenta que los usuarios de la aplicaci\u00f3n no se ven directamente afectados por esta vulnerabilidad." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-385xx/CVE-2024-38514.json b/CVE-2024/CVE-2024-385xx/CVE-2024-38514.json index 0cf94181f3c..6f1348bc8df 100644 --- a/CVE-2024/CVE-2024-385xx/CVE-2024-38514.json +++ b/CVE-2024/CVE-2024-385xx/CVE-2024-38514.json @@ -2,13 +2,17 @@ "id": "CVE-2024-38514", "sourceIdentifier": "security-advisories@github.com", "published": "2024-06-28T19:15:06.530", - "lastModified": "2024-06-28T19:15:06.530", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "NextChat is a cross-platform ChatGPT/Gemini UI. There is a Server-Side Request Forgery (SSRF) vulnerability due to a lack of validation of the `endpoint` GET parameter on the WebDav API endpoint. This SSRF can be used to perform arbitrary HTTPS request from the vulnerable instance (MKCOL, PUT and GET methods supported), or to target NextChat users and make them execute arbitrary JavaScript code in their browser. This vulnerability has been patched in version 2.12.4.\n" + }, + { + "lang": "es", + "value": "NextChat es una interfaz de usuario ChatGPT/Gemini multiplataforma. Existe una vulnerabilidad de Server-Side Request Forgery (SSRF) debido a la falta de validaci\u00f3n del par\u00e1metro GET \"endpoint\" en el endpoint de la API WebDav. Este SSRF se puede utilizar para realizar solicitudes HTTPS arbitrarias desde la instancia vulnerable (se admiten m\u00e9todos MKCOL, PUT y GET), o para dirigirse a los usuarios de NextChat y hacer que ejecuten c\u00f3digo JavaScript arbitrario en su navegador. Esta vulnerabilidad ha sido parcheada en la versi\u00f3n 2.12.4." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-385xx/CVE-2024-38518.json b/CVE-2024/CVE-2024-385xx/CVE-2024-38518.json index a0d74a0d99b..fbd080e0161 100644 --- a/CVE-2024/CVE-2024-385xx/CVE-2024-38518.json +++ b/CVE-2024/CVE-2024-385xx/CVE-2024-38518.json @@ -2,13 +2,17 @@ "id": "CVE-2024-38518", "sourceIdentifier": "security-advisories@github.com", "published": "2024-06-28T21:15:03.180", - "lastModified": "2024-06-28T21:15:03.180", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "BigBlueButton is an open-source virtual classroom designed to help teachers teach and learners learn. An attacker with a valid join link to a meeting can trick BigBlueButton into generating a signed join link with additional parameters. One of those parameters may be \"role=moderator\", allowing an attacker to join a meeting as moderator using a join link that was originally created for viewer access. This vulnerability has been patched in version(s) 2.6.18, 2.7.8 and 3.0.0-alpha.7." + }, + { + "lang": "es", + "value": "BigBlueButton es un aula virtual de c\u00f3digo abierto dise\u00f1ada para ayudar a los profesores a ense\u00f1ar y a los alumnos a aprender. Un atacante con un enlace de entrada v\u00e1lido para una reuni\u00f3n puede enga\u00f1ar a BigBlueButton para que genere un enlace de entrada firmado con par\u00e1metros adicionales. Uno de esos par\u00e1metros puede ser \"rol=moderador\", lo que permite a un atacante unirse a una reuni\u00f3n como moderador utilizando un enlace para unirse que se cre\u00f3 originalmente para el acceso de los espectadores. Esta vulnerabilidad ha sido parcheada en las versiones 2.6.18, 2.7.8 y 3.0.0-alpha.7." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-385xx/CVE-2024-38521.json b/CVE-2024/CVE-2024-385xx/CVE-2024-38521.json index 8b5a02e45ff..6377032a74c 100644 --- a/CVE-2024/CVE-2024-385xx/CVE-2024-38521.json +++ b/CVE-2024/CVE-2024-385xx/CVE-2024-38521.json @@ -2,8 +2,8 @@ "id": "CVE-2024-38521", "sourceIdentifier": "security-advisories@github.com", "published": "2024-06-28T16:15:04.577", - "lastModified": "2024-06-28T16:15:04.577", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-385xx/CVE-2024-38522.json b/CVE-2024/CVE-2024-385xx/CVE-2024-38522.json index 9a8b9612827..ec5d02f9b69 100644 --- a/CVE-2024/CVE-2024-385xx/CVE-2024-38522.json +++ b/CVE-2024/CVE-2024-385xx/CVE-2024-38522.json @@ -2,13 +2,17 @@ "id": "CVE-2024-38522", "sourceIdentifier": "security-advisories@github.com", "published": "2024-06-28T17:15:03.527", - "lastModified": "2024-06-28T17:15:03.527", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Hush Line is a free and open-source, anonymous-tip-line-as-a-service for organizations or individuals. The CSP policy applied on the `tips.hushline.app` website and bundled by default in this repository is trivial to bypass. This vulnerability has been patched in version 0.1.0." + }, + { + "lang": "es", + "value": "Hush Line es una l\u00ednea de sugerencias an\u00f3nimas como servicio, gratuita y de c\u00f3digo abierto para organizaciones o individuos. Es f\u00e1cil omitir la pol\u00edtica de CSP aplicada en el sitio web `tips.hushline.app` e incluida de forma predeterminada en este repositorio. Esta vulnerabilidad ha sido parcheada en la versi\u00f3n 0.1.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-385xx/CVE-2024-38525.json b/CVE-2024/CVE-2024-385xx/CVE-2024-38525.json index 66fe1db955d..c58fc6fa596 100644 --- a/CVE-2024/CVE-2024-385xx/CVE-2024-38525.json +++ b/CVE-2024/CVE-2024-385xx/CVE-2024-38525.json @@ -2,13 +2,17 @@ "id": "CVE-2024-38525", "sourceIdentifier": "security-advisories@github.com", "published": "2024-06-28T22:15:02.567", - "lastModified": "2024-06-28T22:15:02.567", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "dd-trace-cpp is the Datadog distributed tracing for C++. When the library fails to extract trace context due to malformed unicode, it logs the list of audited headers and their values using the `nlohmann` JSON library. However, due to the way the JSON library is invoked, it throws an uncaught exception, which results in a crash. This vulnerability has been patched in version 0.2.2." + }, + { + "lang": "es", + "value": "dd-trace-cpp es el seguimiento distribuido de Datadog para C++. Cuando la librer\u00eda no puede extraer el contexto de seguimiento debido a un Unicode con formato incorrecto, registra la lista de encabezados auditados y sus valores utilizando la librer\u00eda JSON `nlohmann`. Sin embargo, debido a la forma en que se invoca la librer\u00eda JSON, genera una excepci\u00f3n no detectada, lo que provoca un bloqueo. Esta vulnerabilidad ha sido parcheada en la versi\u00f3n 0.2.2." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-385xx/CVE-2024-38528.json b/CVE-2024/CVE-2024-385xx/CVE-2024-38528.json index bb935ef33af..9d6a9760a6c 100644 --- a/CVE-2024/CVE-2024-385xx/CVE-2024-38528.json +++ b/CVE-2024/CVE-2024-385xx/CVE-2024-38528.json @@ -2,13 +2,17 @@ "id": "CVE-2024-38528", "sourceIdentifier": "security-advisories@github.com", "published": "2024-06-28T20:15:02.533", - "lastModified": "2024-06-28T20:15:02.533", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "nptd-rs is a tool for synchronizing your computer's clock, implementing the NTP and NTS protocols. There is a missing limit for accepted NTS-KE connections. This allows an unauthenticated remote attacker to crash ntpd-rs when an NTS-KE server is configured. Non NTS-KE server configurations, such as the default ntpd-rs configuration, are unaffected. This vulnerability has been patched in version 1.1.3.\n" + }, + { + "lang": "es", + "value": "nptd-rs es una herramienta para sincronizar el reloj de tu ordenador, implementando los protocolos NTP y NTS. Falta un l\u00edmite para las conexiones NTS-KE aceptadas. Esto permite que un atacante remoto no autenticado bloquee ntpd-rs cuando se configura un servidor NTS-KE. Las configuraciones de servidor que no son NTS-KE, como la configuraci\u00f3n predeterminada de ntpd-rs, no se ven afectadas. Esta vulnerabilidad ha sido parcheada en la versi\u00f3n 1.1.3." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-385xx/CVE-2024-38531.json b/CVE-2024/CVE-2024-385xx/CVE-2024-38531.json index 4f6bc2a5cb0..eff4bf158df 100644 --- a/CVE-2024/CVE-2024-385xx/CVE-2024-38531.json +++ b/CVE-2024/CVE-2024-385xx/CVE-2024-38531.json @@ -2,13 +2,17 @@ "id": "CVE-2024-38531", "sourceIdentifier": "security-advisories@github.com", "published": "2024-06-28T14:15:03.293", - "lastModified": "2024-06-28T14:15:03.293", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Nix is a package manager for Linux and other Unix systems that makes package management reliable and reproducible. A build process has access to and can change the permissions of the build directory. After creating a setuid binary in a globally accessible location, a malicious local user can assume the permissions of a Nix daemon worker and hijack all future builds. This issue was patched in version(s) 2.23.1, 2.22.2, 2.21.3, 2.20.7, 2.19.5 and 2.18.4." + }, + { + "lang": "es", + "value": "Nix es un administrador de paquetes para Linux y otros sistemas Unix que hace que la administraci\u00f3n de paquetes sea confiable y reproducible. Un proceso de compilaci\u00f3n tiene acceso y puede cambiar los permisos del directorio de compilaci\u00f3n. Despu\u00e9s de crear un binario setuid en una ubicaci\u00f3n accesible globalmente, un usuario local malicioso puede asumir los permisos de un daemon trabajador de Nix y secuestrar todas las compilaciones futuras. Este problema se solucion\u00f3 en las versiones 2.23.1, 2.22.2, 2.21.3, 2.20.7, 2.19.5 y 2.18.4." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-385xx/CVE-2024-38532.json b/CVE-2024/CVE-2024-385xx/CVE-2024-38532.json index 0c1374c542e..423834c28ca 100644 --- a/CVE-2024/CVE-2024-385xx/CVE-2024-38532.json +++ b/CVE-2024/CVE-2024-385xx/CVE-2024-38532.json @@ -2,13 +2,17 @@ "id": "CVE-2024-38532", "sourceIdentifier": "security-advisories@github.com", "published": "2024-06-28T22:15:03.157", - "lastModified": "2024-06-28T22:15:03.157", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The NXP Data Co-Processor (DCP) is a built-in hardware module for specific NXP SoCs\u00b9 that implements a dedicated AES cryptographic engine for encryption/decryption operations. The dcp_tool reference implementation included in the repository selected the test key, regardless of its `-t` argument. This issue has been patched in commit 26a7." + }, + { + "lang": "es", + "value": "El coprocesador de datos (DCP) de NXP es un m\u00f3dulo de hardware integrado para SoC\u00b9 de NXP espec\u00edficos que implementa un motor criptogr\u00e1fico AES dedicado para operaciones de cifrado/descifrado. La implementaci\u00f3n de referencia dcp_tool incluida en el repositorio seleccion\u00f3 la clave de prueba, independientemente de su argumento `-t`. Este problema se solucion\u00f3 en el commit 26a7." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-385xx/CVE-2024-38533.json b/CVE-2024/CVE-2024-385xx/CVE-2024-38533.json index bcf973b1789..b82879f4f44 100644 --- a/CVE-2024/CVE-2024-385xx/CVE-2024-38533.json +++ b/CVE-2024/CVE-2024-385xx/CVE-2024-38533.json @@ -2,13 +2,17 @@ "id": "CVE-2024-38533", "sourceIdentifier": "security-advisories@github.com", "published": "2024-06-28T22:15:03.720", - "lastModified": "2024-06-28T22:15:03.720", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "ZKsync Era is a layer 2 rollup that uses zero-knowledge proofs to scale Ethereum. There is possible invalid stack access due to the addresses used to access the stack not properly being converted to cells. This issue has been patched in version 1.5.0." + }, + { + "lang": "es", + "value": "ZKsync Era es un paquete acumulativo de capa 2 que utiliza pruebas de conocimiento cero para escalar Ethereum. Es posible que el acceso a la pila no sea v\u00e1lido debido a que las direcciones utilizadas para acceder a la pila no se convierten correctamente en celdas. Este problema se solucion\u00f3 en la versi\u00f3n 1.5.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-389xx/CVE-2024-38987.json b/CVE-2024/CVE-2024-389xx/CVE-2024-38987.json new file mode 100644 index 00000000000..d03d24d824a --- /dev/null +++ b/CVE-2024/CVE-2024-389xx/CVE-2024-38987.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-38987", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-07-01T13:15:04.717", + "lastModified": "2024-07-01T13:15:04.717", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "aofl cli-lib v3.14.0 was discovered to contain a prototype pollution via the component defaultsDeep. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gist.github.com/mestrtee/29636943e6989e67f38251580cbcea73", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/AgeOfLearning/aofl/issues/35", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-389xx/CVE-2024-38990.json b/CVE-2024/CVE-2024-389xx/CVE-2024-38990.json new file mode 100644 index 00000000000..bd1b70fd57b --- /dev/null +++ b/CVE-2024/CVE-2024-389xx/CVE-2024-38990.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-38990", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-07-01T13:15:04.807", + "lastModified": "2024-07-01T13:15:04.807", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Tada5hi sp-common v0.5.4 was discovered to contain a prototype pollution via the function mergeDeep. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gist.github.com/mestrtee/ae5f6b0d8f5d7de716e6af6d189b2169", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-389xx/CVE-2024-38991.json b/CVE-2024/CVE-2024-389xx/CVE-2024-38991.json new file mode 100644 index 00000000000..0744b854c04 --- /dev/null +++ b/CVE-2024/CVE-2024-389xx/CVE-2024-38991.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-38991", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-07-01T13:15:04.863", + "lastModified": "2024-07-01T13:15:04.863", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "akbr patch-into v1.0.1 was discovered to contain a prototype pollution via the function patchInto. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gist.github.com/mestrtee/8851413e3b33a96f191f0e9c81706532", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-389xx/CVE-2024-38992.json b/CVE-2024/CVE-2024-389xx/CVE-2024-38992.json new file mode 100644 index 00000000000..fa327cd23cc --- /dev/null +++ b/CVE-2024/CVE-2024-389xx/CVE-2024-38992.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-38992", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-07-01T13:15:04.930", + "lastModified": "2024-07-01T13:15:04.930", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "airvertco frappejs v0.0.11 was discovered to contain a prototype pollution via the function registerView. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gist.github.com/mestrtee/10c88b9069229979ac7e52e0efc98055", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-389xx/CVE-2024-38993.json b/CVE-2024/CVE-2024-389xx/CVE-2024-38993.json new file mode 100644 index 00000000000..acea7a1be13 --- /dev/null +++ b/CVE-2024/CVE-2024-389xx/CVE-2024-38993.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-38993", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-07-01T13:15:04.987", + "lastModified": "2024-07-01T13:15:04.987", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "rjrodger jsonic-next v2.12.1 was discovered to contain a prototype pollution via the function empty. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gist.github.com/mestrtee/9a2b522d59c53f31f45c1edb96459693", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-389xx/CVE-2024-38994.json b/CVE-2024/CVE-2024-389xx/CVE-2024-38994.json new file mode 100644 index 00000000000..b8ce09861a8 --- /dev/null +++ b/CVE-2024/CVE-2024-389xx/CVE-2024-38994.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-38994", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-07-01T13:15:05.047", + "lastModified": "2024-07-01T13:15:05.047", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "amoyjs amoy common v1.0.10 was discovered to contain a prototype pollution via the function extend. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gist.github.com/mestrtee/02091aa86c6c14c29b9703642439dd03", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-389xx/CVE-2024-38996.json b/CVE-2024/CVE-2024-389xx/CVE-2024-38996.json new file mode 100644 index 00000000000..f5520846091 --- /dev/null +++ b/CVE-2024/CVE-2024-389xx/CVE-2024-38996.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-38996", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-07-01T13:15:05.103", + "lastModified": "2024-07-01T13:15:05.103", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "ag-grid-community v31.3.2 and ag-grid-enterprise v31.3.2 were discovered to contain a prototype pollution via the _.mergeDeep function. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gist.github.com/mestrtee/18e8c27f3a6376e7cf082cfe1ca766fa", + "source": "cve@mitre.org" + }, + { + "url": "https://gist.github.com/mestrtee/c1590660750744f25e86ba1bf240844b", + "source": "cve@mitre.org" + }, + { + "url": "https://gist.github.com/mestrtee/f8037d492dab0d77bca719e05d31c08b", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-389xx/CVE-2024-38997.json b/CVE-2024/CVE-2024-389xx/CVE-2024-38997.json new file mode 100644 index 00000000000..4599b43b75e --- /dev/null +++ b/CVE-2024/CVE-2024-389xx/CVE-2024-38997.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-38997", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-07-01T13:15:05.160", + "lastModified": "2024-07-01T13:15:05.160", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "adolph_dudu ratio-swiper v0.0.2 was discovered to contain a prototype pollution via the function extendDefaults. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gist.github.com/mestrtee/840f5d160aab4151bd0451cfb822e6b5", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-389xx/CVE-2024-38998.json b/CVE-2024/CVE-2024-389xx/CVE-2024-38998.json new file mode 100644 index 00000000000..308b0e89bf3 --- /dev/null +++ b/CVE-2024/CVE-2024-389xx/CVE-2024-38998.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-38998", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-07-01T13:15:05.223", + "lastModified": "2024-07-01T13:15:05.223", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "jrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function config. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gist.github.com/mestrtee/9acae342285bd2998fa09ebcb1e6d30a", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-389xx/CVE-2024-38999.json b/CVE-2024/CVE-2024-389xx/CVE-2024-38999.json new file mode 100644 index 00000000000..a4427b9bd53 --- /dev/null +++ b/CVE-2024/CVE-2024-389xx/CVE-2024-38999.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-38999", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-07-01T13:15:05.280", + "lastModified": "2024-07-01T13:15:05.280", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "jrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function s.contexts._.configure. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gist.github.com/mestrtee/9acae342285bd2998fa09ebcb1e6d30a", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-390xx/CVE-2024-39000.json b/CVE-2024/CVE-2024-390xx/CVE-2024-39000.json new file mode 100644 index 00000000000..a96cc2a80f1 --- /dev/null +++ b/CVE-2024/CVE-2024-390xx/CVE-2024-39000.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-39000", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-07-01T13:15:05.340", + "lastModified": "2024-07-01T13:15:05.340", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "adolph_dudu ratio-swiper v0.0.2 was discovered to contain a prototype pollution via the function parse. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gist.github.com/mestrtee/840f5d160aab4151bd0451cfb822e6b5", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-390xx/CVE-2024-39001.json b/CVE-2024/CVE-2024-390xx/CVE-2024-39001.json new file mode 100644 index 00000000000..776db6b91c4 --- /dev/null +++ b/CVE-2024/CVE-2024-390xx/CVE-2024-39001.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-39001", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-07-01T13:15:05.397", + "lastModified": "2024-07-01T13:15:05.397", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "ag-grid-enterprise v31.3.2 was discovered to contain a prototype pollution via the component _ModuleSupport.jsonApply. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gist.github.com/mestrtee/18e8c27f3a6376e7cf082cfe1ca766fa", + "source": "cve@mitre.org" + }, + { + "url": "https://gist.github.com/mestrtee/c1590660750744f25e86ba1bf240844b", + "source": "cve@mitre.org" + }, + { + "url": "https://gist.github.com/mestrtee/f8037d492dab0d77bca719e05d31c08b", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-390xx/CVE-2024-39002.json b/CVE-2024/CVE-2024-390xx/CVE-2024-39002.json new file mode 100644 index 00000000000..c476ee5f151 --- /dev/null +++ b/CVE-2024/CVE-2024-390xx/CVE-2024-39002.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-39002", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-07-01T13:15:05.450", + "lastModified": "2024-07-01T13:15:05.450", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "rjrodger jsonic-next v2.12.1 was discovered to contain a prototype pollution via the function util.clone. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gist.github.com/mestrtee/9a2b522d59c53f31f45c1edb96459693", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-390xx/CVE-2024-39003.json b/CVE-2024/CVE-2024-390xx/CVE-2024-39003.json new file mode 100644 index 00000000000..95e86a6fffa --- /dev/null +++ b/CVE-2024/CVE-2024-390xx/CVE-2024-39003.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-39003", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-07-01T13:15:05.513", + "lastModified": "2024-07-01T13:15:05.513", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "amoyjs amoy common v1.0.10 was discovered to contain a prototype pollution via the function setValue. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gist.github.com/mestrtee/02091aa86c6c14c29b9703642439dd03", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-390xx/CVE-2024-39008.json b/CVE-2024/CVE-2024-390xx/CVE-2024-39008.json new file mode 100644 index 00000000000..8d67434958a --- /dev/null +++ b/CVE-2024/CVE-2024-390xx/CVE-2024-39008.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-39008", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-07-01T13:15:05.590", + "lastModified": "2024-07-01T13:15:05.590", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "robinweser fast-loops v1.1.3 was discovered to contain a prototype pollution via the function objectMergeDeep. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gist.github.com/mestrtee/f09a507c8d59fbbb7fd40880cd9b87ed", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-390xx/CVE-2024-39013.json b/CVE-2024/CVE-2024-390xx/CVE-2024-39013.json new file mode 100644 index 00000000000..b66fa68d465 --- /dev/null +++ b/CVE-2024/CVE-2024-390xx/CVE-2024-39013.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-39013", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-07-01T13:15:05.650", + "lastModified": "2024-07-01T13:15:05.650", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "2o3t-utility v0.1.2 was discovered to contain a prototype pollution via the function extend. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gist.github.com/mestrtee/a2be744675af5ece3240c19fd04fc5e1", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-390xx/CVE-2024-39014.json b/CVE-2024/CVE-2024-390xx/CVE-2024-39014.json new file mode 100644 index 00000000000..9b60ce87596 --- /dev/null +++ b/CVE-2024/CVE-2024-390xx/CVE-2024-39014.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-39014", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-07-01T13:15:05.703", + "lastModified": "2024-07-01T13:15:05.703", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "ahilfoley cahil/utils v2.3.2 was discovered to contain a prototype pollution via the function set. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gist.github.com/mestrtee/0501db31c1a6864a169e47097f26ac57", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-390xx/CVE-2024-39015.json b/CVE-2024/CVE-2024-390xx/CVE-2024-39015.json new file mode 100644 index 00000000000..3a4841e3ebf --- /dev/null +++ b/CVE-2024/CVE-2024-390xx/CVE-2024-39015.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-39015", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-07-01T13:15:05.767", + "lastModified": "2024-07-01T13:15:05.767", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "cafebazaar hod v0.4.14 was discovered to contain a prototype pollution via the function request. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gist.github.com/mestrtee/7ab061d9eb901cc89652e7666ca3ef52", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-390xx/CVE-2024-39016.json b/CVE-2024/CVE-2024-390xx/CVE-2024-39016.json new file mode 100644 index 00000000000..54b785e9f95 --- /dev/null +++ b/CVE-2024/CVE-2024-390xx/CVE-2024-39016.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-39016", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-07-01T13:15:05.823", + "lastModified": "2024-07-01T13:15:05.823", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "che3vinci c3/utils-1 1.0.131 was discovered to contain a prototype pollution via the function assign. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gist.github.com/mestrtee/865a957857a096221fe6f8b258b282ac", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-390xx/CVE-2024-39017.json b/CVE-2024/CVE-2024-390xx/CVE-2024-39017.json new file mode 100644 index 00000000000..cd09d4414fe --- /dev/null +++ b/CVE-2024/CVE-2024-390xx/CVE-2024-39017.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-39017", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-07-01T13:15:05.893", + "lastModified": "2024-07-01T13:15:05.893", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "agreejs shared v0.0.1 was discovered to contain a prototype pollution via the function mergeInternalComponents. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gist.github.com/mestrtee/039e3e337642e6bb7f36aeddfde41b8b", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-390xx/CVE-2024-39018.json b/CVE-2024/CVE-2024-390xx/CVE-2024-39018.json new file mode 100644 index 00000000000..5597ee22141 --- /dev/null +++ b/CVE-2024/CVE-2024-390xx/CVE-2024-39018.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-39018", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-07-01T13:15:05.950", + "lastModified": "2024-07-01T13:15:05.950", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "harvey-woo cat5th/key-serializer v0.2.5 was discovered to contain a prototype pollution via the function \"query\". This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gist.github.com/mestrtee/be75c60307b2292884cc03cebd361f3f", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-393xx/CVE-2024-39302.json b/CVE-2024/CVE-2024-393xx/CVE-2024-39302.json index b6722fd49f2..f5f0371b094 100644 --- a/CVE-2024/CVE-2024-393xx/CVE-2024-39302.json +++ b/CVE-2024/CVE-2024-393xx/CVE-2024-39302.json @@ -2,13 +2,17 @@ "id": "CVE-2024-39302", "sourceIdentifier": "security-advisories@github.com", "published": "2024-06-28T21:15:03.437", - "lastModified": "2024-06-28T21:15:03.437", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "BigBlueButton is an open-source virtual classroom designed to help teachers teach and learners learn. An attacker may be able to exploit the overly elevated file permissions in the `/usr/local/bigbluebutton/core/vendor/bundle/ruby/2.7.0/gems/resque-2.6.0` directory with the goal of privilege escalation, potentially exposing sensitive information on the server. This issue has been patched in version(s) 2.6.18, 2.7.8 and 3.0.0-alpha.7.\n" + }, + { + "lang": "es", + "value": "BigBlueButton es un aula virtual de c\u00f3digo abierto dise\u00f1ada para ayudar a los profesores a ense\u00f1ar y a los alumnos a aprender. Un atacante puede explotar los permisos de archivos demasiado elevados en el directorio `/usr/local/bigbluebutton/core/vendor/bundle/ruby/2.7.0/gems/resque-2.6.0` con el objetivo de escalar privilegios. potencialmente exponer informaci\u00f3n confidencial en el servidor. Este problema se solucion\u00f3 en las versiones 2.6.18, 2.7.8 y 3.0.0-alpha.7." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-393xx/CVE-2024-39307.json b/CVE-2024/CVE-2024-393xx/CVE-2024-39307.json index 4eefdc9342a..1f5411c32e6 100644 --- a/CVE-2024/CVE-2024-393xx/CVE-2024-39307.json +++ b/CVE-2024/CVE-2024-393xx/CVE-2024-39307.json @@ -2,13 +2,17 @@ "id": "CVE-2024-39307", "sourceIdentifier": "security-advisories@github.com", "published": "2024-06-28T21:15:03.713", - "lastModified": "2024-06-28T21:15:03.713", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Kavita is a cross platform reading server. Opening an ebook with malicious scripts inside leads to code execution inside the browsing context. Kavita doesn't sanitize or sandbox the contents of epubs, allowing scripts inside ebooks to execute. This vulnerability was patched in version 0.8.1." + }, + { + "lang": "es", + "value": "Kavita es un servidor de lectura multiplataforma. Abrir un libro electr\u00f3nico que contiene scripts maliciosos conduce a la ejecuci\u00f3n del c\u00f3digo dentro del contexto de navegaci\u00f3n. Kavita no sanitiza ni protege el contenido de los epubs, lo que permite que se ejecuten scripts dentro de los libros electr\u00f3nicos. Esta vulnerabilidad fue parcheada en la versi\u00f3n 0.8.1." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-394xx/CVE-2024-39427.json b/CVE-2024/CVE-2024-394xx/CVE-2024-39427.json index cb41be892f4..33bf3009680 100644 --- a/CVE-2024/CVE-2024-394xx/CVE-2024-39427.json +++ b/CVE-2024/CVE-2024-394xx/CVE-2024-39427.json @@ -2,13 +2,17 @@ "id": "CVE-2024-39427", "sourceIdentifier": "security@unisoc.com", "published": "2024-07-01T09:15:06.493", - "lastModified": "2024-07-01T09:15:06.493", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In trusty service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed" + }, + { + "lang": "es", + "value": "En un servicio trusty, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltante. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local con privilegios de ejecuci\u00f3n de System necesarios." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-394xx/CVE-2024-39428.json b/CVE-2024/CVE-2024-394xx/CVE-2024-39428.json index 7f149c56c19..89ab319cb90 100644 --- a/CVE-2024/CVE-2024-394xx/CVE-2024-39428.json +++ b/CVE-2024/CVE-2024-394xx/CVE-2024-39428.json @@ -2,13 +2,17 @@ "id": "CVE-2024-39428", "sourceIdentifier": "security@unisoc.com", "published": "2024-07-01T09:15:06.720", - "lastModified": "2024-07-01T09:15:06.720", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In trusty service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed" + }, + { + "lang": "es", + "value": "En un servicio trusty, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltante. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local con privilegios de ejecuci\u00f3n de System necesarios." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-394xx/CVE-2024-39429.json b/CVE-2024/CVE-2024-394xx/CVE-2024-39429.json index 34e0de242e0..1f5adcaa456 100644 --- a/CVE-2024/CVE-2024-394xx/CVE-2024-39429.json +++ b/CVE-2024/CVE-2024-394xx/CVE-2024-39429.json @@ -2,13 +2,17 @@ "id": "CVE-2024-39429", "sourceIdentifier": "security@unisoc.com", "published": "2024-07-01T09:15:06.893", - "lastModified": "2024-07-01T09:15:06.893", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In faceid servive, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed" + }, + { + "lang": "es", + "value": "En el servicio faceid, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local sin necesidad de privilegios de ejecuci\u00f3n adicionales." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-394xx/CVE-2024-39430.json b/CVE-2024/CVE-2024-394xx/CVE-2024-39430.json index 0ac5c677c71..8c35e2f002d 100644 --- a/CVE-2024/CVE-2024-394xx/CVE-2024-39430.json +++ b/CVE-2024/CVE-2024-394xx/CVE-2024-39430.json @@ -2,13 +2,17 @@ "id": "CVE-2024-39430", "sourceIdentifier": "security@unisoc.com", "published": "2024-07-01T09:15:07.070", - "lastModified": "2024-07-01T09:15:07.070", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In faceid servive, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed" + }, + { + "lang": "es", + "value": "En el servicio faceid, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local sin necesidad de privilegios de ejecuci\u00f3n adicionales." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-398xx/CVE-2024-39828.json b/CVE-2024/CVE-2024-398xx/CVE-2024-39828.json index c990081d4fa..a53c7cbec10 100644 --- a/CVE-2024/CVE-2024-398xx/CVE-2024-39828.json +++ b/CVE-2024/CVE-2024-398xx/CVE-2024-39828.json @@ -2,13 +2,17 @@ "id": "CVE-2024-39828", "sourceIdentifier": "cve@mitre.org", "published": "2024-06-28T22:15:04.287", - "lastModified": "2024-06-30T02:15:02.267", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "R74n Sandboxels 1.9 through 1.9.5 allows XSS via a message in a modified saved-game file. This was fixed in a hotfix to 1.9.5 on 2024-06-29." + }, + { + "lang": "es", + "value": "R74n Sandboxels 1.9 a 1.9.5 permite XSS a trav\u00e9s de un mensaje en un archivo de juego guardado modificado. Esto se solucion\u00f3 en una revisi\u00f3n de 1.9.5 el 29 de junio de 2024." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-398xx/CVE-2024-39840.json b/CVE-2024/CVE-2024-398xx/CVE-2024-39840.json index 57cb7c70189..4545719b74e 100644 --- a/CVE-2024/CVE-2024-398xx/CVE-2024-39840.json +++ b/CVE-2024/CVE-2024-398xx/CVE-2024-39840.json @@ -2,13 +2,17 @@ "id": "CVE-2024-39840", "sourceIdentifier": "cve@mitre.org", "published": "2024-06-29T17:15:09.857", - "lastModified": "2024-06-29T17:15:09.857", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Factorio before 1.1.101 allows a crafted server to execute arbitrary code on clients via a custom map that leverages the ability of certain Lua base module functions to execute bytecode and generate fake objects." + }, + { + "lang": "es", + "value": "Factorio anterior a 1.1.101 permite que un servidor manipulado ejecute c\u00f3digo arbitrario en clientes a trav\u00e9s de un mapa personalizado que aprovecha la capacidad de ciertas funciones del m\u00f3dulo base de Lua para ejecutar c\u00f3digo de bytes y generar objetos falsos." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-398xx/CVE-2024-39846.json b/CVE-2024/CVE-2024-398xx/CVE-2024-39846.json index a2d1955ab77..443301e7339 100644 --- a/CVE-2024/CVE-2024-398xx/CVE-2024-39846.json +++ b/CVE-2024/CVE-2024-398xx/CVE-2024-39846.json @@ -2,13 +2,17 @@ "id": "CVE-2024-39846", "sourceIdentifier": "cve@mitre.org", "published": "2024-06-29T21:15:09.917", - "lastModified": "2024-06-29T21:15:09.917", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "NewPass before 1.2.0 stores passwords (rather than password hashes) directly, which makes it easier to obtain unauthorized access to sensitive information. NOTE: in each case, data at rest is encrypted, but is decrypted within process memory during use." + }, + { + "lang": "es", + "value": "NewPass anterior a 1.2.0 almacena contrase\u00f1as (en lugar de hashes de contrase\u00f1as) directamente, lo que facilita la obtenci\u00f3n de acceso no autorizado a informaci\u00f3n confidencial. NOTA: en cada caso, los datos en reposo se cifran, pero se descifran dentro de la memoria del proceso durante el uso." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-398xx/CVE-2024-39848.json b/CVE-2024/CVE-2024-398xx/CVE-2024-39848.json index 1e6fb0476f2..8a0a3a975dd 100644 --- a/CVE-2024/CVE-2024-398xx/CVE-2024-39848.json +++ b/CVE-2024/CVE-2024-398xx/CVE-2024-39848.json @@ -2,13 +2,17 @@ "id": "CVE-2024-39848", "sourceIdentifier": "cve@mitre.org", "published": "2024-06-29T22:15:02.263", - "lastModified": "2024-06-29T22:15:02.263", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Internet2 Grouper before 5.6 allows authentication bypass when LDAP authentication is used in certain ways. This is related to internet2.middleware.grouper.ws.security.WsGrouperLdapAuthentication and the use of the UyY29r password for the M3vwHr account. This also affects \"Grouper for Web Services\" before 4.13.1." + }, + { + "lang": "es", + "value": "Internet2 Grouper anterior a 5.6 permite omitir la autenticaci\u00f3n cuando la autenticaci\u00f3n LDAP se utiliza de ciertas maneras. Esto est\u00e1 relacionado con internet2.middleware.grouper.ws.security.WsGrouperLdapAuthentication y el uso de la contrase\u00f1a UyY29r para la cuenta M3vwHr. Esto tambi\u00e9n afecta a \"Grouper for Web Services\" anteriores a 4.13.1." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-398xx/CVE-2024-39853.json b/CVE-2024/CVE-2024-398xx/CVE-2024-39853.json new file mode 100644 index 00000000000..041b80aa4a3 --- /dev/null +++ b/CVE-2024/CVE-2024-398xx/CVE-2024-39853.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-39853", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-07-01T13:15:06.013", + "lastModified": "2024-07-01T13:15:06.013", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "adolph_dudu ratio-swiper 0.0.2 was discovered to contain a prototype pollution via the function parse. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gist.github.com/mestrtee/840f5d160aab4151bd0451cfb822e6b5", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-39xx/CVE-2024-3995.json b/CVE-2024/CVE-2024-39xx/CVE-2024-3995.json index 5ae354ad378..640c78906ea 100644 --- a/CVE-2024/CVE-2024-39xx/CVE-2024-3995.json +++ b/CVE-2024/CVE-2024-39xx/CVE-2024-3995.json @@ -2,13 +2,17 @@ "id": "CVE-2024-3995", "sourceIdentifier": "security@puppet.com", "published": "2024-06-28T20:15:02.820", - "lastModified": "2024-06-28T20:15:02.820", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Helix ALM versions prior to 2024.2.0, a local command injection was identified. Reported by Bryan Riggins." + }, + { + "lang": "es", + "value": "En las versiones de Helix ALM anteriores a la 2024.2.0, se identific\u00f3 una inyecci\u00f3n de comando local. Reportado por Bryan Riggins." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-40xx/CVE-2024-4007.json b/CVE-2024/CVE-2024-40xx/CVE-2024-4007.json new file mode 100644 index 00000000000..b295b299748 --- /dev/null +++ b/CVE-2024/CVE-2024-40xx/CVE-2024-4007.json @@ -0,0 +1,100 @@ +{ + "id": "CVE-2024-4007", + "sourceIdentifier": "cybersecurity@ch.abb.com", + "published": "2024-07-01T13:15:06.077", + "lastModified": "2024-07-01T13:15:06.077", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Default credential in install package in ABB ASPECT; NEXUS Series; MATRIX Series version 3.07 allows attacker to login to product instances wrongly configured." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cybersecurity@ch.abb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Red", + "attackVector": "ADJACENT", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NEGLIGIBLE", + "automatable": "NO", + "recovery": "USER", + "valueDensity": "DIFFUSE", + "vulnerabilityResponseEffort": "LOW", + "providerUrgency": "RED", + "baseScore": 8.7, + "baseSeverity": "HIGH" + } + } + ], + "cvssMetricV31": [ + { + "source": "cybersecurity@ch.abb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "cybersecurity@ch.abb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-1392" + } + ] + } + ], + "references": [ + { + "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK108469A6101&LanguageCode=en&DocumentPartId=&Action=Launch", + "source": "cybersecurity@ch.abb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-49xx/CVE-2024-4934.json b/CVE-2024/CVE-2024-49xx/CVE-2024-4934.json index b339b7ba2cd..76c0466a521 100644 --- a/CVE-2024/CVE-2024-49xx/CVE-2024-4934.json +++ b/CVE-2024/CVE-2024-49xx/CVE-2024-4934.json @@ -2,13 +2,17 @@ "id": "CVE-2024-4934", "sourceIdentifier": "contact@wpscan.com", "published": "2024-07-01T06:15:23.847", - "lastModified": "2024-07-01T06:15:23.847", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Quiz and Survey Master (QSM) WordPress plugin before 9.0.2 does not validate and escape some of its Quiz fields before outputting them back in a page/post where the Quiz is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks" + }, + { + "lang": "es", + "value": "El complemento Quiz and Survey Master (QSM) WordPress anterior a 9.0.2 no valida ni escapa algunos de sus campos del cuestionario antes de devolverlos a una p\u00e1gina/publicaci\u00f3n donde est\u00e1 incrustado el cuestionario, lo que podr\u00eda permitir a los usuarios con el rol de colaborador y superiores realizar ataques de cross site scripting almacenado" } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-50xx/CVE-2024-5062.json b/CVE-2024/CVE-2024-50xx/CVE-2024-5062.json index 29ed6a59587..790e1a5cffd 100644 --- a/CVE-2024/CVE-2024-50xx/CVE-2024-5062.json +++ b/CVE-2024/CVE-2024-50xx/CVE-2024-5062.json @@ -2,13 +2,17 @@ "id": "CVE-2024-5062", "sourceIdentifier": "security@huntr.dev", "published": "2024-06-30T16:15:03.217", - "lastModified": "2024-06-30T16:15:03.217", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A reflected Cross-Site Scripting (XSS) vulnerability was identified in zenml-io/zenml version 0.57.1. The vulnerability exists due to improper neutralization of input during web page generation, specifically within the survey redirect parameter. This flaw allows an attacker to redirect users to a specified URL after completing a survey, without proper validation of the 'redirect' parameter. Consequently, an attacker can execute arbitrary JavaScript code in the context of the user's browser session. This vulnerability could be exploited to steal cookies, potentially leading to account takeover." + }, + { + "lang": "es", + "value": "Se identific\u00f3 una vulnerabilidad de Cross-Site Scripting (XSS) Reflejado en zenml-io/zenml versi\u00f3n 0.57.1. La vulnerabilidad existe debido a una neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de la p\u00e1gina web, espec\u00edficamente dentro del par\u00e1metro de redireccionamiento de la encuesta. Esta falla permite a un atacante redirigir a los usuarios a una URL espec\u00edfica despu\u00e9s de completar una encuesta, sin una validaci\u00f3n adecuada del par\u00e1metro \"redirect\". En consecuencia, un atacante puede ejecutar c\u00f3digo JavaScript arbitrario en el contexto de la sesi\u00f3n del navegador del usuario. Esta vulnerabilidad podr\u00eda aprovecharse para robar cookies, lo que podr\u00eda llevar a la apropiaci\u00f3n de cuentas." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-51xx/CVE-2024-5192.json b/CVE-2024/CVE-2024-51xx/CVE-2024-5192.json index da4c6666c11..bd6bd0af80f 100644 --- a/CVE-2024/CVE-2024-51xx/CVE-2024-5192.json +++ b/CVE-2024/CVE-2024-51xx/CVE-2024-5192.json @@ -2,13 +2,17 @@ "id": "CVE-2024-5192", "sourceIdentifier": "security@wordfence.com", "published": "2024-06-29T05:15:02.633", - "lastModified": "2024-06-29T05:15:02.633", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Funnel Builder for WordPress by FunnelKit \u2013 Customize WooCommerce Checkout Pages, Create Sales Funnels, Order Bumps & One Click Upsells plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018mimes\u2019 parameter in all versions up to, and including, 3.3.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento Funnel Builder for WordPress by FunnelKit \u2013 Customize WooCommerce Checkout Pages, Create Sales Funnels, Order Bumps & One Click Upsells para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del par\u00e1metro 'mimes' en todas las versiones hasta la 3.3.1 incluida debido a una sanitizaci\u00f3n insuficiente de los insumos y a fugas de productos. Esto hace posible que atacantes autenticados, con acceso de nivel de autor y superior, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-55xx/CVE-2024-5598.json b/CVE-2024/CVE-2024-55xx/CVE-2024-5598.json index 60b8d03eae7..07060eeac45 100644 --- a/CVE-2024/CVE-2024-55xx/CVE-2024-5598.json +++ b/CVE-2024/CVE-2024-55xx/CVE-2024-5598.json @@ -2,13 +2,17 @@ "id": "CVE-2024-5598", "sourceIdentifier": "security@wordfence.com", "published": "2024-06-29T05:15:02.960", - "lastModified": "2024-06-29T05:15:02.960", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Advanced File Manager plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.2.4 via the 'fma_local_file_system' function. This makes it possible for unauthenticated attackers to extract sensitive data including backups or other sensitive information if the files have been moved to the built-in Trash folder." + }, + { + "lang": "es", + "value": "El complemento Advanced File Manager para WordPress es vulnerable a la exposici\u00f3n de informaci\u00f3n confidencial en todas las versiones hasta la 5.2.4 incluida a trav\u00e9s de la funci\u00f3n 'fma_local_file_system'. Esto hace posible que atacantes no autenticados extraigan datos confidenciales, incluidas copias de seguridad u otra informaci\u00f3n confidencial, si los archivos se han movido a la carpeta Papelera integrada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-56xx/CVE-2024-5666.json b/CVE-2024/CVE-2024-56xx/CVE-2024-5666.json index 7301cadd87d..5a398e24a44 100644 --- a/CVE-2024/CVE-2024-56xx/CVE-2024-5666.json +++ b/CVE-2024/CVE-2024-56xx/CVE-2024-5666.json @@ -2,13 +2,17 @@ "id": "CVE-2024-5666", "sourceIdentifier": "security@wordfence.com", "published": "2024-06-29T07:15:02.657", - "lastModified": "2024-06-29T07:15:02.657", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Extensions for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018url\u2019 parameter within the EE Button widget in all versions up to, and including, 2.0.30 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento Extensiones para Elementor para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del par\u00e1metro 'url' dentro del widget EE Button en todas las versiones hasta la 2.0.30 incluida debido a una sanitizaci\u00f3n de entrada y un escape de salida insuficientes. Esto hace posible que atacantes autenticados, con acceso de nivel de Colaborador y superior, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-57xx/CVE-2024-5712.json b/CVE-2024/CVE-2024-57xx/CVE-2024-5712.json index 2295edfb296..7a26714b1d7 100644 --- a/CVE-2024/CVE-2024-57xx/CVE-2024-5712.json +++ b/CVE-2024/CVE-2024-57xx/CVE-2024-5712.json @@ -2,13 +2,17 @@ "id": "CVE-2024-5712", "sourceIdentifier": "security@huntr.dev", "published": "2024-06-28T20:15:02.937", - "lastModified": "2024-06-28T20:15:02.937", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cross-Site Request Forgery (CSRF) in stitionai/devika" + }, + { + "lang": "es", + "value": "Cross-Site Request Forgery (CSRF) en stitionai/devika" } ], "metrics": { diff --git a/CVE-2024/CVE-2024-57xx/CVE-2024-5790.json b/CVE-2024/CVE-2024-57xx/CVE-2024-5790.json index 036088b7524..c7c6d7fcd62 100644 --- a/CVE-2024/CVE-2024-57xx/CVE-2024-5790.json +++ b/CVE-2024/CVE-2024-57xx/CVE-2024-5790.json @@ -2,13 +2,17 @@ "id": "CVE-2024-5790", "sourceIdentifier": "security@wordfence.com", "published": "2024-06-29T07:15:03.130", - "lastModified": "2024-06-29T07:15:03.130", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018url\u2019 attribute within the plugin's Gradient Heading widget in all versions up to, and including, 3.11.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento Happy Addons para Elementor para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del atributo 'url' dentro del widget de encabezado de degradado del complemento en todas las versiones hasta la 3.11.1 incluida debido a una sanitizaci\u00f3n de entrada y un escape de salida insuficientes. Esto hace posible que atacantes autenticados, con acceso de nivel de Colaborador y superior, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-58xx/CVE-2024-5819.json b/CVE-2024/CVE-2024-58xx/CVE-2024-5819.json index 1f413b282ed..653862571d7 100644 --- a/CVE-2024/CVE-2024-58xx/CVE-2024-5819.json +++ b/CVE-2024/CVE-2024-58xx/CVE-2024-5819.json @@ -2,13 +2,17 @@ "id": "CVE-2024-5819", "sourceIdentifier": "security@wordfence.com", "published": "2024-06-29T10:15:02.287", - "lastModified": "2024-06-29T10:15:02.287", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Gutenberg Blocks with AI by Kadence WP \u2013 Page Builder Features plugin for WordPress is vulnerable to DOM-based Stored Cross-Site Scripting via HTML data attributes in all versions up to, and including, 3.2.45 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento Gutenberg Blocks with AI de Kadence WP \u2013 Page Builder Features para WordPress es vulnerable a Cross-Site Scripting Almacenado basadas en DOM a trav\u00e9s de atributos de datos HTML en todas las versiones hasta la 3.2.45 incluida debido a una sanitizaci\u00f3n de entrada y un escape de salida insuficientes. en los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-58xx/CVE-2024-5827.json b/CVE-2024/CVE-2024-58xx/CVE-2024-5827.json index 6d414fc8a6d..2e335c24d79 100644 --- a/CVE-2024/CVE-2024-58xx/CVE-2024-5827.json +++ b/CVE-2024/CVE-2024-58xx/CVE-2024-5827.json @@ -2,13 +2,17 @@ "id": "CVE-2024-5827", "sourceIdentifier": "security@huntr.dev", "published": "2024-06-28T20:15:03.217", - "lastModified": "2024-06-28T20:15:03.217", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Vanna v0.3.4 is vulnerable to SQL injection in its DuckDB integration exposed to its Flask Web APIs. Attackers can inject malicious SQL training data and generate corresponding queries to write arbitrary files on the victim's file system, such as backdoor.php with contents ``. This can lead to command execution or the creation of backdoors." + }, + { + "lang": "es", + "value": "Vanna v0.3.4 es vulnerable a la inyecci\u00f3n SQL en su integraci\u00f3n DuckDB expuesta a sus API web Flask. Los atacantes pueden inyectar datos de entrenamiento de SQL maliciosos y generar las consultas correspondientes para escribir archivos arbitrarios en el sistema de archivos de la v\u00edctima, como backdoor.php con contenido ``. Esto puede llevar a la ejecuci\u00f3n de comandos o la creaci\u00f3n de puertas traseras." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-58xx/CVE-2024-5889.json b/CVE-2024/CVE-2024-58xx/CVE-2024-5889.json index 7f7fcde0b42..be994424ea5 100644 --- a/CVE-2024/CVE-2024-58xx/CVE-2024-5889.json +++ b/CVE-2024/CVE-2024-58xx/CVE-2024-5889.json @@ -2,13 +2,17 @@ "id": "CVE-2024-5889", "sourceIdentifier": "security@wordfence.com", "published": "2024-06-29T05:15:03.163", - "lastModified": "2024-06-29T05:15:03.163", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Events Manager \u2013 Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the \u2018country\u2019 parameter in all versions up to, and including, 6.4.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento Events Manager \u2013 Calendar, Bookings, Tickets, and more! para WordPress es vulnerable a Cross-Site Scripting Reflejado a trav\u00e9s del par\u00e1metro 'pa\u00eds' en todas las versiones hasta la 6.4.8 incluida debido a una sanitizaci\u00f3n de entrada y un escape de salida insuficientes. Esto hace posible que atacantes no autenticados inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-59xx/CVE-2024-5926.json b/CVE-2024/CVE-2024-59xx/CVE-2024-5926.json index 78ebee7f73f..c1702e31af6 100644 --- a/CVE-2024/CVE-2024-59xx/CVE-2024-5926.json +++ b/CVE-2024/CVE-2024-59xx/CVE-2024-5926.json @@ -2,13 +2,17 @@ "id": "CVE-2024-5926", "sourceIdentifier": "security@huntr.dev", "published": "2024-06-30T01:15:09.707", - "lastModified": "2024-06-30T01:15:09.707", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Path Traversal: '\\..\\filename' in GitHub repository stitionai/devika prior to -." + }, + { + "lang": "es", + "value": "Path Traversal: '\\..\\filename' en el repositorio de GitHub stitionai/devika antes de -." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-59xx/CVE-2024-5942.json b/CVE-2024/CVE-2024-59xx/CVE-2024-5942.json index be79520078c..268cb2e6493 100644 --- a/CVE-2024/CVE-2024-59xx/CVE-2024-5942.json +++ b/CVE-2024/CVE-2024-59xx/CVE-2024-5942.json @@ -2,13 +2,17 @@ "id": "CVE-2024-5942", "sourceIdentifier": "security@wordfence.com", "published": "2024-06-29T05:15:03.360", - "lastModified": "2024-06-29T05:15:03.360", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Page and Post Clone plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6.0 via the 'content_clone' function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Author-level access and above, to clone and read private posts." + }, + { + "lang": "es", + "value": "El complemento Page and Post Clone para WordPress es vulnerable a Insecure Direct Object Reference en todas las versiones hasta la 6.0 incluida a trav\u00e9s de la funci\u00f3n 'content_clone' debido a la falta de validaci\u00f3n en una clave controlada por el usuario. Esto hace posible que atacantes autenticados, con acceso de nivel de autor y superior, clonen y lean publicaciones privadas." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-61xx/CVE-2024-6130.json b/CVE-2024/CVE-2024-61xx/CVE-2024-6130.json index ef707de344d..60e33ebcd67 100644 --- a/CVE-2024/CVE-2024-61xx/CVE-2024-6130.json +++ b/CVE-2024/CVE-2024-61xx/CVE-2024-6130.json @@ -2,13 +2,17 @@ "id": "CVE-2024-6130", "sourceIdentifier": "contact@wpscan.com", "published": "2024-07-01T06:15:23.957", - "lastModified": "2024-07-01T06:15:23.957", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Form Maker by 10Web WordPress plugin before 1.15.26 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" + }, + { + "lang": "es", + "value": "El complemento Form Maker by 10Web WordPress anterior a 1.15.26 no sanitiza ni escapa a algunas de sus configuraciones, lo que podr\u00eda permitir a usuarios con privilegios elevados, como el administrador, realizar ataques de Cross-Site Scripting Almacenado incluso cuando la capacidad unfiltered_html no est\u00e1 permitida (por ejemplo, en una configuraci\u00f3n multisitio) " } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-62xx/CVE-2024-6265.json b/CVE-2024/CVE-2024-62xx/CVE-2024-6265.json index 74846a63b52..42070345424 100644 --- a/CVE-2024/CVE-2024-62xx/CVE-2024-6265.json +++ b/CVE-2024/CVE-2024-62xx/CVE-2024-6265.json @@ -2,13 +2,17 @@ "id": "CVE-2024-6265", "sourceIdentifier": "security@wordfence.com", "published": "2024-06-29T05:15:03.560", - "lastModified": "2024-06-29T05:15:03.560", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The UsersWP \u2013 Front-end login form, User Registration, User Profile & Members Directory plugin for WordPress plugin for WordPress is vulnerable to time-based SQL Injection via the \u2018uwp_sort_by\u2019 parameter in all versions up to, and including, 1.2.10 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database." + }, + { + "lang": "es", + "value": "El complemento UsersWP \u2013 Front-end login form, User Registration, User Profile & Members Directory para WordPress es vulnerable a la inyecci\u00f3n SQL basada en el tiempo a trav\u00e9s del par\u00e1metro 'uwp_sort_by' en todas las versiones hasta la 1.2.10 incluida debido a un escape insuficiente en el par\u00e1metro proporcionado por el usuario y a la falta de preparaci\u00f3n suficiente en la consulta SQL existente. Esto hace posible que atacantes no autenticados agreguen consultas SQL adicionales a consultas ya existentes que pueden usarse para extraer informaci\u00f3n confidencial de la base de datos." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-63xx/CVE-2024-6363.json b/CVE-2024/CVE-2024-63xx/CVE-2024-6363.json index 42707b4a8c4..565078a8e62 100644 --- a/CVE-2024/CVE-2024-63xx/CVE-2024-6363.json +++ b/CVE-2024/CVE-2024-63xx/CVE-2024-6363.json @@ -2,13 +2,17 @@ "id": "CVE-2024-6363", "sourceIdentifier": "security@wordfence.com", "published": "2024-06-29T07:15:03.357", - "lastModified": "2024-06-29T07:15:03.357", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Stock Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's stock_ticker shortcode in all versions up to, and including, 3.24.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento Stock Ticker para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del c\u00f3digo corto stock_ticker del complemento en todas las versiones hasta la 3.24.4 incluida debido a una sanitizaci\u00f3n de entrada insuficiente y a un escape de salida en los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-63xx/CVE-2024-6387.json b/CVE-2024/CVE-2024-63xx/CVE-2024-6387.json new file mode 100644 index 00000000000..a6b5bdafabe --- /dev/null +++ b/CVE-2024/CVE-2024-63xx/CVE-2024-6387.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-6387", + "sourceIdentifier": "secalert@redhat.com", + "published": "2024-07-01T13:15:06.467", + "lastModified": "2024-07-01T13:15:06.467", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A signal handler race condition was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog()." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "secalert@redhat.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-364" + } + ] + } + ], + "references": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2024-6387", + "source": "secalert@redhat.com" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294604", + "source": "secalert@redhat.com" + }, + { + "url": "https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt", + "source": "secalert@redhat.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-64xx/CVE-2024-6402.json b/CVE-2024/CVE-2024-64xx/CVE-2024-6402.json index 96ec4e24320..48491a080ec 100644 --- a/CVE-2024/CVE-2024-64xx/CVE-2024-6402.json +++ b/CVE-2024/CVE-2024-64xx/CVE-2024-6402.json @@ -2,13 +2,17 @@ "id": "CVE-2024-6402", "sourceIdentifier": "cna@vuldb.com", "published": "2024-06-28T17:15:03.810", - "lastModified": "2024-06-28T17:15:03.810", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability classified as critical was found in Tenda A301 15.13.08.12. Affected by this vulnerability is the function fromSetWirelessRepeat of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-269947. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en Tenda A301 15.13.08.12 y clasificada como cr\u00edtica. La funci\u00f3n fromSetWirelessRepeat del archivo /goform/SetOnlineDevName es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento devName provoca un desbordamiento del b\u00fafer basado en pila. El ataque se puede lanzar de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-269947. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-64xx/CVE-2024-6403.json b/CVE-2024/CVE-2024-64xx/CVE-2024-6403.json index ef312fc968b..3e5cbf54964 100644 --- a/CVE-2024/CVE-2024-64xx/CVE-2024-6403.json +++ b/CVE-2024/CVE-2024-64xx/CVE-2024-6403.json @@ -2,13 +2,17 @@ "id": "CVE-2024-6403", "sourceIdentifier": "cna@vuldb.com", "published": "2024-06-28T17:15:04.140", - "lastModified": "2024-06-28T17:15:04.140", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as critical, has been found in Tenda A301 15.13.08.12. Affected by this issue is the function formWifiBasicSet of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-269948. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en Tenda A301 15.13.08.12 y clasificada como cr\u00edtica. La funci\u00f3n formWifiBasicSet del archivo /goform/SetOnlineDevName es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento devName provoca un desbordamiento del b\u00fafer basado en pila. El ataque puede lanzarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-269948. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-64xx/CVE-2024-6405.json b/CVE-2024/CVE-2024-64xx/CVE-2024-6405.json index e9dbd0bb793..b5e2fa9106e 100644 --- a/CVE-2024/CVE-2024-64xx/CVE-2024-6405.json +++ b/CVE-2024/CVE-2024-64xx/CVE-2024-6405.json @@ -2,13 +2,17 @@ "id": "CVE-2024-6405", "sourceIdentifier": "security@wordfence.com", "published": "2024-06-29T02:15:02.223", - "lastModified": "2024-06-29T02:15:02.223", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Floating Social Buttons plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5. This is due to missing or incorrect nonce validation on the floating_social_buttons_option() function. This makes it possible for unauthenticated attackers to update the plugins settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento Floating Social Buttons para WordPress es vulnerable a la Cross-Site Request Forgery en todas las versiones hasta la 1.5 incluida. Esto se debe a una validaci\u00f3n nonce faltante o incorrecta en la funci\u00f3n floating_social_buttons_option(). Esto hace posible que atacantes no autenticados actualicen la configuraci\u00f3n de los complementos e inyecten scripts web maliciosos a trav\u00e9s de una solicitud falsificada, siempre que puedan enga\u00f1ar al administrador del sitio para que realice una acci\u00f3n como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-64xx/CVE-2024-6414.json b/CVE-2024/CVE-2024-64xx/CVE-2024-6414.json index 2d45c6a99cd..8ca5497cc34 100644 --- a/CVE-2024/CVE-2024-64xx/CVE-2024-6414.json +++ b/CVE-2024/CVE-2024-64xx/CVE-2024-6414.json @@ -2,13 +2,17 @@ "id": "CVE-2024-6414", "sourceIdentifier": "cna@vuldb.com", "published": "2024-06-30T03:15:02.223", - "lastModified": "2024-06-30T03:15:02.223", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability classified as problematic has been found in Parsec Automation TrakSYS 11.x.x. Affected is an unknown function of the file TS/export/contentpage of the component Export Page. The manipulation of the argument ID leads to direct request. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-270000. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Una vulnerabilidad clasificada como problem\u00e1tica ha sido encontrada en Parsec Automation TrakSYS 11.xx. Una funci\u00f3n desconocida del archivo TS/export/contentpage del componente Export Page es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento ID conduce a una solicitud directa. Es posible lanzar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-270000. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-64xx/CVE-2024-6415.json b/CVE-2024/CVE-2024-64xx/CVE-2024-6415.json index dc5603ba50e..adf27a46852 100644 --- a/CVE-2024/CVE-2024-64xx/CVE-2024-6415.json +++ b/CVE-2024/CVE-2024-64xx/CVE-2024-6415.json @@ -2,13 +2,17 @@ "id": "CVE-2024-6415", "sourceIdentifier": "cna@vuldb.com", "published": "2024-06-30T04:15:02.250", - "lastModified": "2024-06-30T04:15:02.250", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability classified as problematic was found in Ingenico Estate Manager 2023. Affected by this vulnerability is an unknown functionality of the file /emgui/rest/preferences/PREF_HOME_PAGE/sponsor/3/ of the component New Widget Handler. The manipulation of the argument URL leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-270001 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en Ingenico Estate Manager 2023 y clasificada como problem\u00e1tica. Una funci\u00f3n desconocida del archivo /emgui/rest/preferences/PREF_HOME_PAGE/sponsor/3/ del componente New Widget Handler es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento URL conduce a cross site scripting. El ataque se puede lanzar de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. A esta vulnerabilidad se le asign\u00f3 el identificador VDB-270001. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-64xx/CVE-2024-6416.json b/CVE-2024/CVE-2024-64xx/CVE-2024-6416.json index ef68023e43f..6ee0f34eb13 100644 --- a/CVE-2024/CVE-2024-64xx/CVE-2024-6416.json +++ b/CVE-2024/CVE-2024-64xx/CVE-2024-6416.json @@ -2,13 +2,17 @@ "id": "CVE-2024-6416", "sourceIdentifier": "cna@vuldb.com", "published": "2024-06-30T22:15:02.113", - "lastModified": "2024-06-30T22:15:02.113", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in SeaCMS 12.9. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /js/player/dmplayer/dmku/?ac=edit. The manipulation of the argument cid with the input (select(0)from(select(sleep(10)))v) leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-270007." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en SeaCMS 12.9. Ha sido declarada cr\u00edtica. Una funcionalidad desconocida del archivo /js/player/dmplayer/dmku/?ac=edit es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento cid con la entrada (select(0)from(select(sleep(10)))v) conduce a la inyecci\u00f3n de SQL. El ataque se puede lanzar de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-270007." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-64xx/CVE-2024-6417.json b/CVE-2024/CVE-2024-64xx/CVE-2024-6417.json index b5ac7a75d7b..aaa3ae1edd6 100644 --- a/CVE-2024/CVE-2024-64xx/CVE-2024-6417.json +++ b/CVE-2024/CVE-2024-64xx/CVE-2024-6417.json @@ -2,13 +2,17 @@ "id": "CVE-2024-6417", "sourceIdentifier": "cna@vuldb.com", "published": "2024-06-30T23:15:02.680", - "lastModified": "2024-06-30T23:15:02.680", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/ajax.php?action=delete_user. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-270008." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en SourceCodester Simple Online Bidding System 1.0. Ha sido calificada como cr\u00edtica. Una funci\u00f3n desconocida del archivo /admin/ajax.php?action=delete_user es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento id conduce a la inyecci\u00f3n de SQL. El ataque puede lanzarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-270008." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-64xx/CVE-2024-6418.json b/CVE-2024/CVE-2024-64xx/CVE-2024-6418.json index 2e3506c991a..739dd302aa5 100644 --- a/CVE-2024/CVE-2024-64xx/CVE-2024-6418.json +++ b/CVE-2024/CVE-2024-64xx/CVE-2024-6418.json @@ -2,13 +2,17 @@ "id": "CVE-2024-6418", "sourceIdentifier": "cna@vuldb.com", "published": "2024-06-30T23:15:02.953", - "lastModified": "2024-06-30T23:15:02.953", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability classified as critical has been found in SourceCodester Medicine Tracker System 1.0. This affects an unknown part of the file /classes/Users.php?f=register_user. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-270009 was assigned to this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad ha sido encontrada en SourceCodester Medicine Tracker System 1.0 y clasificada como cr\u00edtica. Esto afecta a una parte desconocida del archivo /classes/Users.php?f=register_user. La manipulaci\u00f3n del argumento nombre de usuario conduce a la inyecci\u00f3n de SQL. Es posible iniciar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. A esta vulnerabilidad se le asign\u00f3 el identificador VDB-270009." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-64xx/CVE-2024-6419.json b/CVE-2024/CVE-2024-64xx/CVE-2024-6419.json index 714473ecd9a..74057d08bea 100644 --- a/CVE-2024/CVE-2024-64xx/CVE-2024-6419.json +++ b/CVE-2024/CVE-2024-64xx/CVE-2024-6419.json @@ -2,13 +2,17 @@ "id": "CVE-2024-6419", "sourceIdentifier": "cna@vuldb.com", "published": "2024-07-01T00:15:01.950", - "lastModified": "2024-07-01T00:15:01.950", - "vulnStatus": "Received", + "lastModified": "2024-07-01T12:37:24.220", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability classified as critical was found in SourceCodester Medicine Tracker System 1.0. This vulnerability affects unknown code of the file /classes/Master.php?f=save_medicine. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-270010 is the identifier assigned to this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en SourceCodester Medicine Tracker System 1.0 y clasificada como cr\u00edtica. Esta vulnerabilidad afecta a c\u00f3digo desconocido del archivo /classes/Master.php?f=save_medicine. La manipulaci\u00f3n del argumento id conduce a la inyecci\u00f3n de SQL. El ataque se puede iniciar de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. VDB-270010 es el identificador asignado a esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-64xx/CVE-2024-6424.json b/CVE-2024/CVE-2024-64xx/CVE-2024-6424.json new file mode 100644 index 00000000000..2ee594ae189 --- /dev/null +++ b/CVE-2024/CVE-2024-64xx/CVE-2024-6424.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-6424", + "sourceIdentifier": "cve-coordination@incibe.es", + "published": "2024-07-01T13:15:06.690", + "lastModified": "2024-07-01T13:15:06.690", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "External server-side request vulnerability in MESbook 20221021.03 version, which could allow a remote, unauthenticated attacker to exploit the endpoint \"/api/Proxy/Post?userName=&password=&uri=&Password=&ConfirmPassword=\"." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 9.1, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "cve-coordination@incibe.es", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-684" + } + ] + } + ], + "references": [ + { + "url": "https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-mesbook", + "source": "cve-coordination@incibe.es" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 2dcbbdcaf2c..55c4c9cb85c 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-07-01T12:03:01.288024+00:00 +2024-07-01T14:02:32.990499+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-07-01T11:15:03.910000+00:00 +2024-07-01T13:15:06.927000+00:00 ``` ### Last Data Feed Release @@ -33,24 +33,69 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -255534 +255560 ``` ### CVEs added in the last Commit -Recently added CVEs: `0` +Recently added CVEs: `26` +- [CVE-2024-38990](CVE-2024/CVE-2024-389xx/CVE-2024-38990.json) (`2024-07-01T13:15:04.807`) +- [CVE-2024-38991](CVE-2024/CVE-2024-389xx/CVE-2024-38991.json) (`2024-07-01T13:15:04.863`) +- [CVE-2024-38992](CVE-2024/CVE-2024-389xx/CVE-2024-38992.json) (`2024-07-01T13:15:04.930`) +- [CVE-2024-38993](CVE-2024/CVE-2024-389xx/CVE-2024-38993.json) (`2024-07-01T13:15:04.987`) +- [CVE-2024-38994](CVE-2024/CVE-2024-389xx/CVE-2024-38994.json) (`2024-07-01T13:15:05.047`) +- [CVE-2024-38996](CVE-2024/CVE-2024-389xx/CVE-2024-38996.json) (`2024-07-01T13:15:05.103`) +- [CVE-2024-38997](CVE-2024/CVE-2024-389xx/CVE-2024-38997.json) (`2024-07-01T13:15:05.160`) +- [CVE-2024-38998](CVE-2024/CVE-2024-389xx/CVE-2024-38998.json) (`2024-07-01T13:15:05.223`) +- [CVE-2024-38999](CVE-2024/CVE-2024-389xx/CVE-2024-38999.json) (`2024-07-01T13:15:05.280`) +- [CVE-2024-39000](CVE-2024/CVE-2024-390xx/CVE-2024-39000.json) (`2024-07-01T13:15:05.340`) +- [CVE-2024-39001](CVE-2024/CVE-2024-390xx/CVE-2024-39001.json) (`2024-07-01T13:15:05.397`) +- [CVE-2024-39002](CVE-2024/CVE-2024-390xx/CVE-2024-39002.json) (`2024-07-01T13:15:05.450`) +- [CVE-2024-39003](CVE-2024/CVE-2024-390xx/CVE-2024-39003.json) (`2024-07-01T13:15:05.513`) +- [CVE-2024-39008](CVE-2024/CVE-2024-390xx/CVE-2024-39008.json) (`2024-07-01T13:15:05.590`) +- [CVE-2024-39013](CVE-2024/CVE-2024-390xx/CVE-2024-39013.json) (`2024-07-01T13:15:05.650`) +- [CVE-2024-39014](CVE-2024/CVE-2024-390xx/CVE-2024-39014.json) (`2024-07-01T13:15:05.703`) +- [CVE-2024-39015](CVE-2024/CVE-2024-390xx/CVE-2024-39015.json) (`2024-07-01T13:15:05.767`) +- [CVE-2024-39016](CVE-2024/CVE-2024-390xx/CVE-2024-39016.json) (`2024-07-01T13:15:05.823`) +- [CVE-2024-39017](CVE-2024/CVE-2024-390xx/CVE-2024-39017.json) (`2024-07-01T13:15:05.893`) +- [CVE-2024-39018](CVE-2024/CVE-2024-390xx/CVE-2024-39018.json) (`2024-07-01T13:15:05.950`) +- [CVE-2024-39853](CVE-2024/CVE-2024-398xx/CVE-2024-39853.json) (`2024-07-01T13:15:06.013`) +- [CVE-2024-4007](CVE-2024/CVE-2024-40xx/CVE-2024-4007.json) (`2024-07-01T13:15:06.077`) +- [CVE-2024-6387](CVE-2024/CVE-2024-63xx/CVE-2024-6387.json) (`2024-07-01T13:15:06.467`) +- [CVE-2024-6424](CVE-2024/CVE-2024-64xx/CVE-2024-6424.json) (`2024-07-01T13:15:06.690`) +- [CVE-2024-6425](CVE-2024/CVE-2024-64xx/CVE-2024-6425.json) (`2024-07-01T13:15:06.927`) ### CVEs modified in the last Commit -Recently modified CVEs: `5` +Recently modified CVEs: `94` -- [CVE-2002-0640](CVE-2002/CVE-2002-06xx/CVE-2002-0640.json) (`2024-07-01T11:15:02.953`) -- [CVE-2003-0693](CVE-2003/CVE-2003-06xx/CVE-2003-0693.json) (`2024-07-01T11:15:03.240`) -- [CVE-2006-5051](CVE-2006/CVE-2006-50xx/CVE-2006-5051.json) (`2024-07-01T11:15:03.427`) -- [CVE-2008-4109](CVE-2008/CVE-2008-41xx/CVE-2008-4109.json) (`2024-07-01T11:15:03.910`) -- [CVE-2024-5710](CVE-2024/CVE-2024-57xx/CVE-2024-5710.json) (`2024-07-01T10:15:30.183`) +- [CVE-2024-3995](CVE-2024/CVE-2024-39xx/CVE-2024-3995.json) (`2024-07-01T12:37:24.220`) +- [CVE-2024-4934](CVE-2024/CVE-2024-49xx/CVE-2024-4934.json) (`2024-07-01T12:37:24.220`) +- [CVE-2024-5062](CVE-2024/CVE-2024-50xx/CVE-2024-5062.json) (`2024-07-01T12:37:24.220`) +- [CVE-2024-5192](CVE-2024/CVE-2024-51xx/CVE-2024-5192.json) (`2024-07-01T12:37:24.220`) +- [CVE-2024-5598](CVE-2024/CVE-2024-55xx/CVE-2024-5598.json) (`2024-07-01T12:37:24.220`) +- [CVE-2024-5666](CVE-2024/CVE-2024-56xx/CVE-2024-5666.json) (`2024-07-01T12:37:24.220`) +- [CVE-2024-5712](CVE-2024/CVE-2024-57xx/CVE-2024-5712.json) (`2024-07-01T12:37:24.220`) +- [CVE-2024-5790](CVE-2024/CVE-2024-57xx/CVE-2024-5790.json) (`2024-07-01T12:37:24.220`) +- [CVE-2024-5819](CVE-2024/CVE-2024-58xx/CVE-2024-5819.json) (`2024-07-01T12:37:24.220`) +- [CVE-2024-5827](CVE-2024/CVE-2024-58xx/CVE-2024-5827.json) (`2024-07-01T12:37:24.220`) +- [CVE-2024-5889](CVE-2024/CVE-2024-58xx/CVE-2024-5889.json) (`2024-07-01T12:37:24.220`) +- [CVE-2024-5926](CVE-2024/CVE-2024-59xx/CVE-2024-5926.json) (`2024-07-01T12:37:24.220`) +- [CVE-2024-5942](CVE-2024/CVE-2024-59xx/CVE-2024-5942.json) (`2024-07-01T12:37:24.220`) +- [CVE-2024-6130](CVE-2024/CVE-2024-61xx/CVE-2024-6130.json) (`2024-07-01T12:37:24.220`) +- [CVE-2024-6265](CVE-2024/CVE-2024-62xx/CVE-2024-6265.json) (`2024-07-01T12:37:24.220`) +- [CVE-2024-6363](CVE-2024/CVE-2024-63xx/CVE-2024-6363.json) (`2024-07-01T12:37:24.220`) +- [CVE-2024-6402](CVE-2024/CVE-2024-64xx/CVE-2024-6402.json) (`2024-07-01T12:37:24.220`) +- [CVE-2024-6403](CVE-2024/CVE-2024-64xx/CVE-2024-6403.json) (`2024-07-01T12:37:24.220`) +- [CVE-2024-6405](CVE-2024/CVE-2024-64xx/CVE-2024-6405.json) (`2024-07-01T12:37:24.220`) +- [CVE-2024-6414](CVE-2024/CVE-2024-64xx/CVE-2024-6414.json) (`2024-07-01T12:37:24.220`) +- [CVE-2024-6415](CVE-2024/CVE-2024-64xx/CVE-2024-6415.json) (`2024-07-01T12:37:24.220`) +- [CVE-2024-6416](CVE-2024/CVE-2024-64xx/CVE-2024-6416.json) (`2024-07-01T12:37:24.220`) +- [CVE-2024-6417](CVE-2024/CVE-2024-64xx/CVE-2024-6417.json) (`2024-07-01T12:37:24.220`) +- [CVE-2024-6418](CVE-2024/CVE-2024-64xx/CVE-2024-6418.json) (`2024-07-01T12:37:24.220`) +- [CVE-2024-6419](CVE-2024/CVE-2024-64xx/CVE-2024-6419.json) (`2024-07-01T12:37:24.220`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 90334387db3..7b541bff7e6 100644 --- a/_state.csv +++ b/_state.csv @@ -5000,7 +5000,7 @@ CVE-2002-0635,0,0,eca13b9ea1ef916fcfc5ab18a62ff492ae6f21464cb9e3652b51aa4f51b443 CVE-2002-0637,0,0,ff1bff29b8f35b4bb25b80b7e16f7e3c06a85bca55f35cafb62d6849cff96a9e,2008-09-05T20:28:32.537000 CVE-2002-0638,0,0,5f8dd2e2d14b04d5602cc9924baeb2f91a034101a3e403834b373cec17530d18,2016-10-18T02:20:54.640000 CVE-2002-0639,0,0,bdc2c01a750475c37481ca37bc8f44af4e4f6ddf8515e7bb83c2b8ff601f7e92,2024-02-08T18:37:46.120000 -CVE-2002-0640,0,1,8622fd285ec17763eba1ae1fe010bd08d4fbb0d7081dbc11cf7f5ae511a7a208,2024-07-01T11:15:02.953000 +CVE-2002-0640,0,0,8622fd285ec17763eba1ae1fe010bd08d4fbb0d7081dbc11cf7f5ae511a7a208,2024-07-01T11:15:02.953000 CVE-2002-0641,0,0,fd60a1e69d5c85eb103d18a7c249a0f8e21f4fdb62f653806c6135e217abb9c8,2018-10-12T21:31:33.677000 CVE-2002-0642,0,0,1ab33da64d1669d8f02cb99d19013b27afecd2c8eddef5069d18b16dc3897399,2018-10-12T21:31:34.283000 CVE-2002-0643,0,0,6be26874dcd558c3559b703ff23f73c2cdf4b8814cc4d0b5ff973098d872a66b,2018-10-12T21:31:34.817000 @@ -7427,7 +7427,7 @@ CVE-2003-0689,0,0,431c3a4fe54f04dd2ab2067404c3192c6a00091b76eaa0cd358bfbe691b5ff CVE-2003-0690,0,0,7bb15b3d0f71fff63e01f2740d24a37f61f622f672f644190099b328351a9771,2017-10-11T01:29:12.950000 CVE-2003-0691,0,0,2fa37907298da86785f689111f3f18927fe4e568efdd62042b57eb91f88a0a95,2023-11-07T01:56:21.030000 CVE-2003-0692,0,0,f4df87cf6b8bec9a63fbcf847d8f1fea15656beca206d8aa3b764e575f8fa14c,2017-10-11T01:29:13.010000 -CVE-2003-0693,0,1,f9b2fd392ade3c36a54a6c6c1167e2179fa2e6dbdb7f4bed73e84130c1489658,2024-07-01T11:15:03.240000 +CVE-2003-0693,0,0,f9b2fd392ade3c36a54a6c6c1167e2179fa2e6dbdb7f4bed73e84130c1489658,2024-07-01T11:15:03.240000 CVE-2003-0694,0,0,2e273c1023854574186700387d86384141885a728ca778c10b85d5312da46d59,2018-10-30T16:26:22.763000 CVE-2003-0695,0,0,2129c041e9b61eab1521e092dfd389d84a5eefe0af8ea488eb719c8cdd0c4b35,2018-05-03T01:29:22.490000 CVE-2003-0696,0,0,007ebac5eadc9de3f950e36062d62f8ed935837a6ceee2d5e14157fcc13dc167,2017-07-11T01:29:35.213000 @@ -20755,7 +20755,7 @@ CVE-2006-5047,0,0,53e82c53597e9ebc5b3433e7265a5eebdd715b62c8e70232e8c0c54c7956c6 CVE-2006-5048,0,0,8b321d36250aca3f2e40f2c6e084d30b002b0173a3529f4db13dd048dac1a543,2023-11-07T01:59:26.660000 CVE-2006-5049,0,0,3057a76e663bafee965aa929a8b4ea5496e0623a01c07dc2b263f3e0c3b693ca,2023-11-07T01:59:26.727000 CVE-2006-5050,0,0,a1681ede6932d11257c7fc9c6e7fadc0b0108e08a99b052966624fac52065d05,2018-10-17T21:40:54.733000 -CVE-2006-5051,0,1,7fdfbc911ffb9c071a539a84057982afed994c6c432114f4f3757bc9817d0868,2024-07-01T11:15:03.427000 +CVE-2006-5051,0,0,7fdfbc911ffb9c071a539a84057982afed994c6c432114f4f3757bc9817d0868,2024-07-01T11:15:03.427000 CVE-2006-5052,0,0,8bdb463edadb768fc272f7b67255081509a390c1914b563fd4c30f1196c8f25a,2018-10-17T21:40:55.013000 CVE-2006-5053,0,0,4dc04013c804969d26e4cafa5fb1cdcf0a3fcd2d84f1784cbc9f0cd613e0ce4c,2017-10-19T01:29:28.517000 CVE-2006-5054,0,0,82714158502c9c062e4cf0fa58e4f0225b1d48374751e5fda2d2d479e2d4300e,2017-10-19T01:29:28.580000 @@ -33534,7 +33534,7 @@ CVE-2008-4105,0,0,9eda152ed8e48d1aeac332c71961a3d0720a97d71e2a0f85e7ae5fadbf37e3 CVE-2008-4106,0,0,a911665918cac8c1c009503b8635cb8600b6ac1d164646028064ca8cb50c33ef,2018-10-11T20:50:50.597000 CVE-2008-4107,0,0,f68c29e7fd24f17b4987dce37d65eb1a88bd28e766607fcd125e00d5d4fc2f40,2018-10-30T16:26:21.043000 CVE-2008-4108,0,0,16c9c120ec7c3f13a6e5b9e5affd98c76ed89ef38eec2df9960b7790ae494b36,2017-08-08T01:32:25.577000 -CVE-2008-4109,0,1,d009bed5d3b13e043531bb13c2eeed93a6461857e0b31720e1cf5deec041e609,2024-07-01T11:15:03.910000 +CVE-2008-4109,0,0,d009bed5d3b13e043531bb13c2eeed93a6461857e0b31720e1cf5deec041e609,2024-07-01T11:15:03.910000 CVE-2008-4110,0,0,ef7f94cb7603f13a332005100aa768607f989cd79f2d776b85d5762c9e798f0b,2018-10-11T20:50:54.690000 CVE-2008-4111,0,0,48a95530474e98baa0f6fab911a1ff69ab482940cdac4be525fcd913afdbd73f,2017-08-08T01:32:25.797000 CVE-2008-4112,0,0,b128532de5944311adc9a6d06dc035462e7598f66eea1ea24f8fc5498e2bbea0,2023-11-07T02:02:40.350000 @@ -138378,7 +138378,7 @@ CVE-2019-2519,0,0,80cb8a26de2a58d99b181963daed12ecd759858d5d5f05a1d765a0af10d1fc CVE-2019-2520,0,0,ae5d364f342d6d6e11cbfa1103b72fc4c48c965eceb925e0681dc4c71b896617,2020-08-24T17:37:01.140000 CVE-2019-2521,0,0,895d3d1e42e6880cb82a0d4fefb4c7b7e8f06c7c8e9ae8e0a5e83fb55980297e,2020-08-24T17:37:01.140000 CVE-2019-25210,0,0,07b454351a500643bf67356f1cc70d93fb3da2fec2ffde208a9e57da5b4a69e4,2024-05-17T01:36:44.030000 -CVE-2019-25211,0,0,7faa9ace682b62f55b38d3d9c62728bf9c786e1192ec8006087a6c282933af19,2024-06-29T00:15:02.107000 +CVE-2019-25211,0,1,3551f053251482d7c4eea3a2f2f95512b0513afe16a4257463cbed7289ad3bb9,2024-07-01T12:37:24.220000 CVE-2019-2522,0,0,ae55dddc2cf216d0836c321fa3f09f9eb54cf6815873c5427c0842a495c7f153,2020-08-24T17:37:01.140000 CVE-2019-2523,0,0,2420d5fa367bd9afc8efca036c098c95836d2845178df0523b9e6ef463059e04,2020-08-24T17:37:01.140000 CVE-2019-2524,0,0,23ed838788d5538a8e4757f53d25252723d39ac2a7a29dd85ea00493a946f02f,2020-08-24T17:37:01.140000 @@ -195990,7 +195990,7 @@ CVE-2022-27537,0,0,921b0370a064e6c66676a61cfdeff07d6c6d04bc3ca7b839174740829af03 CVE-2022-27538,0,0,249f5be3e9b39d633c92919b84d02015816e4423af4cf975b765430fb91f4716,2023-02-16T21:59:04.027000 CVE-2022-27539,0,0,89576ebdaff45cf10436f65488ea1060d8fb4295ef4f82967a948869364f6de5,2023-06-28T20:09:40.707000 CVE-2022-2754,0,0,0e0f4008598b3866746bf3e5aee56da4f49a23b3179bb6bece9688299f3820ba,2022-09-21T06:28:06.090000 -CVE-2022-27540,0,0,cedc6cd1689de55dc7b55a29a3742a799cc2ea6d153c07f501738387281ef17c,2024-06-28T19:15:03.407000 +CVE-2022-27540,0,1,c7a2e01f21c744aaf1fad5f226c4a727dc6c9cfe76c05321ee737be76079a8ba,2024-07-01T12:37:24.220000 CVE-2022-27541,0,0,3d6efa17e2a474be5e41adb6775036d0f158523f32ce57cf62154797f223ac18,2023-06-28T20:09:53.083000 CVE-2022-27544,0,0,d75315ba5cd3d9cb8adf29633c1c9b54c0678137a0441bdb7e80df2b22b24cc2,2022-07-27T22:40:03.920000 CVE-2022-27545,0,0,5d57f98791760f09bf7d908f75eebe296b09ecdad39ee494394f84d6a8533530,2022-07-27T22:36:45.790000 @@ -204687,7 +204687,7 @@ CVE-2022-38379,0,0,428787175c578693384b489df4a2b8cdcc2b9e56c491740ff8a1b7056571e CVE-2022-3838,0,0,2b3493d4948c4c37348af61a59172e3d9b6c97f426da6305df38912f30462d5d,2023-11-07T03:51:51.887000 CVE-2022-38380,0,0,06ba2fa35bb59291f3e6426e3c13f4d3c429bc0f04be5a9a0642274f0b5c8f9f,2022-11-04T14:56:46.817000 CVE-2022-38381,0,0,1d071d4638d13bbbb0953ae145422e2ec1a438ce32282da9c0c76f050bcf608e,2022-11-04T15:03:40.800000 -CVE-2022-38383,0,0,c1c998ac10852c121d82ad927817d3ebc971240b5a753ffa32a13e3cb60bcf66,2024-06-28T19:15:03.670000 +CVE-2022-38383,0,1,66c59fde59945d36ff421371770e95940efed64b5627cf4175fea8d83ae78894,2024-07-01T12:37:24.220000 CVE-2022-38385,0,0,02825fa13fca67fac2aa42ed4b88196b1389bea3a91c3e48d00af87ff80503ba,2023-11-07T03:50:07.243000 CVE-2022-38386,0,0,fd45c5dc183497347e3c318f666af4cbc914b98867e985d61a2eca4d45bb15b8,2024-05-01T19:50:25.633000 CVE-2022-38387,0,0,f1f9aa2a7c26b06061e2968005bc33433dbf65c68010969746df05d3f98275ee,2023-11-07T03:50:07.340000 @@ -226041,7 +226041,7 @@ CVE-2023-35018,0,0,0740e92751ade7cc18b1f554af4cf823e2aafc087f99c1bc0b052d47163f3 CVE-2023-35019,0,0,7a1aebfa7c1d8452ead17bc55aa79dfd7cccc82a067d10ba856bbab6cefd4f37,2023-08-04T17:23:56.413000 CVE-2023-3502,0,0,302fb1d5bd5743d734a07b72e0538f873a2636c89266e46579bdeab79529bbc5,2024-05-17T02:27:32.370000 CVE-2023-35020,0,0,a56e5414c215dac3cc405b9d4361a2fe76232d53870262091227d01b8aabefa2,2024-01-24T21:38:11.280000 -CVE-2023-35022,0,0,0541bac70f1933849cb82e440357fcc3491321ee0a3272bfa43196741e36d0ff,2024-06-30T16:15:02.600000 +CVE-2023-35022,0,1,ac694e9c8ffd8fb7368eea470158e18ea431a24bfa5487ba39c286c0c02b290c,2024-07-01T12:37:24.220000 CVE-2023-35024,0,0,1ecf47a0b86bc02884af00b7eabcb558d32c4df794f8d7331a088e35c2b97fda,2023-10-18T21:04:02.917000 CVE-2023-35029,0,0,65adbe0e4dac0fa608e92fc04d22ecaf7d4b82b325012924bbebcbbc80cbf1c0,2023-06-22T16:51:23.137000 CVE-2023-3503,0,0,c6abbd30c8521c47d1ae7cf0398b364788b08345eeb291320098a60d82c9fd2c,2024-05-17T02:27:32.480000 @@ -229917,7 +229917,7 @@ CVE-2023-40165,0,0,ab4e5756d11c5c99a14c74b5f2435b3a7ec37a8508fd8d1103ed13f8c2d14 CVE-2023-40166,0,0,e65129dbfd3b7538a0e791950fa4e4949f5750f316e418a4f293a1ace762d2e1,2023-08-31T16:33:53.880000 CVE-2023-40167,0,0,844221061890a9ee782732b03205b8ad71f2deb86a58157baa3044abcbbc84e9,2023-10-13T01:59:32.977000 CVE-2023-40168,0,0,70a509d5b6e44ab39f20bb6f74d7222f2250c3522969cca155350fac49518d8d,2023-08-24T15:04:49.430000 -CVE-2023-4017,0,0,ab08b2973994c6bf2cd68ff9ecbe8bed734ce4a5ad4e4382cc501eea7902fd1b,2024-06-29T12:15:09.863000 +CVE-2023-4017,0,1,4e6059facf3e43de1d91594e07e57878b93838ccce97903c7d9e34ea7c8c89f8,2024-07-01T12:37:24.220000 CVE-2023-40170,0,0,67e9723fa3a370c77f30ddb3e0da340f391c6067a62d196310c2bd52b2255239,2023-09-15T22:15:14.333000 CVE-2023-40171,0,0,71a7846ed38ba22c187618c817ebcfbd338daee7a019f556400a1c9e3f3a5897,2023-08-24T15:11:33.620000 CVE-2023-40172,0,0,faffa6093066f944ecdc507879750b0d605e40ed8b67b25cd587316c3781dacc,2023-08-23T19:55:36.697000 @@ -237352,9 +237352,9 @@ CVE-2023-50948,0,0,3c02519a72037dff711d5ee48432aa7f2b5638da69466874289b5ec8a9701 CVE-2023-50949,0,0,05099c94caa797bc55ec09b8ff46351e2b7dda33262efba30ca113b16d3acf90,2024-04-12T12:44:04.930000 CVE-2023-50950,0,0,dfea2c60bf930725232ee8dec76ee1dc7db647db5a23e4d3c95d00ce14c241f2,2024-01-24T19:42:29.450000 CVE-2023-50951,0,0,ac9a2ba6b69cc6219b314f88f75f8d16d80977a7838c8861bc4cc4a5a90b32d2,2024-02-20T19:50:53.960000 -CVE-2023-50952,0,0,214157c0c9dc9e309d6f0a4359b410b3ce0dadd6acd5fd4462de91fe9605c594,2024-06-30T18:15:02.733000 -CVE-2023-50953,0,0,6f1dd2b712dca3790293e891ea7b3c19d9bc58239f13f04e90aad630ba8c903b,2024-06-30T18:15:02.970000 -CVE-2023-50954,0,0,cd28b9f2a6eb84f79dffe7b3ed168d5a7dc92dd5eba345b0866635e9f903a3aa,2024-06-30T17:15:02.470000 +CVE-2023-50952,0,1,6fb8a6f06e6ea79274476d98fa8b7f4c7c8fe5f78cbf74526726a3c4f21b950e,2024-07-01T12:37:24.220000 +CVE-2023-50953,0,1,6a7df3afd53a32e2774a66668eb39cee23e7c8d11420bbc120edbae979b6e96a,2024-07-01T12:37:24.220000 +CVE-2023-50954,0,1,03e5c9c632759f06d0045591a0608fa87031762cf88a1b42fbb995d9ab529ae8,2024-07-01T12:37:24.220000 CVE-2023-50955,0,0,2dac25424bb634048955c93e845cd595a5737c34f7a73119031e8a018fd0e20a,2024-02-22T19:07:27.197000 CVE-2023-50957,0,0,a38d290def706a6975d8b2902c3d1f58a6074172158e1685b40a6a512f9caf13,2024-02-15T04:37:53.297000 CVE-2023-50959,0,0,568717d1c5e9b7aee1be9083e54c56d344f91074f581c8ef3e925eba18620c0a,2024-04-02T17:56:18.897000 @@ -237362,7 +237362,7 @@ CVE-2023-5096,0,0,1b0896fcd5a16a2bfc5ce288684748ddee835572b804e4af539b42517b79d3 CVE-2023-50961,0,0,d711d4a9d8ad627716324633a649c2a8b70ff648c86857e4b94f3b50216da091,2024-03-27T15:49:51.300000 CVE-2023-50962,0,0,365daa63183eee3bc8e35da897e2163d0fc458ef66adb39b8eb249f4c8a968ff,2024-02-12T14:31:36.920000 CVE-2023-50963,0,0,f8ab53d3916fdeb747721dbad810b91a4d8cca1f3447b9dedd0b7a0a236caf08,2024-01-24T21:22:22.293000 -CVE-2023-50964,0,0,8e9c38aa40e1bbdd98bdb4dea21478d59ddc547ce681076c9051314b28c5c9af,2024-06-30T19:15:02.007000 +CVE-2023-50964,0,1,05618bc7480072746dd363727665cfce41d13577a3279532051009bea9dc475a,2024-07-01T12:37:24.220000 CVE-2023-50965,0,0,7d1de52a11bce456c4c16ef773b97b5e53898c75617739b3525f486b2a63242b,2023-12-20T20:02:23.497000 CVE-2023-50966,0,0,a6b32088d0a5d6ef9a7d587370f326ae2061a7a42b121ce18c85e023136aaec3,2024-03-19T16:33:58.680000 CVE-2023-50967,0,0,bb1533384c54817eac919409a9c4a4f7b98f5730662b59bf4ce17ad616d7daee,2024-04-19T23:15:09.330000 @@ -240680,7 +240680,7 @@ CVE-2024-0099,0,0,922026d11edb09689a5419f4b6981b91f643282898008757d63b84ab582e71 CVE-2024-0100,0,0,bbf51d2ce3c3a951e3f6f4fb5d57dd8d1c73fdd75ab0ade8734c57fcf29d357b,2024-05-14T16:13:02.773000 CVE-2024-0103,0,0,c0f8f807fdf8426bc2106e7af79b6cd7b7308e8ea4f1780be6db3fdc6d1d8cf2,2024-06-17T12:43:31.090000 CVE-2024-0151,0,0,aafc841cfb528b9ef4d150e11c8565679b9331c9ad5bf3569e38f74d72962c86,2024-04-25T08:15:07.420000 -CVE-2024-0153,0,0,db5fbf5069a0373aa6dd151d1dc24f802b05515be80a72e6da9193fc3259f404,2024-07-01T09:15:06.343000 +CVE-2024-0153,0,1,687da5d226530ac38f394cd9b952906c5e53ebec74b3ccf6df4062258fc2674f,2024-07-01T12:37:24.220000 CVE-2024-0154,0,0,fee6d0edd38400fe9a2f331d67a355be9bc81701717352554939ef10dafbbf73,2024-03-13T18:15:58.530000 CVE-2024-0155,0,0,56d3003aea28bbff1e776f33de697fc847d720d7a8270931f6c22f264f5611eb,2024-03-04T13:58:23.447000 CVE-2024-0156,0,0,47a5ee4f12284e0f109441891942aa0eb589b2387e172b6366b6741bcabc51b4,2024-03-04T13:58:23.447000 @@ -242445,13 +242445,13 @@ CVE-2024-20072,0,0,c200ff4baf6255d64deb0271583c6f0f747c9ccdf27a663d7a798dfcb83f3 CVE-2024-20073,0,0,a0b25eb428467d36e6c8d6b6d33dfc4191a095e61c25b5d42e8224294b10245c,2024-06-03T14:46:24.250000 CVE-2024-20074,0,0,ae8ea4f1aeb95c2db6d96bbffc4725f4aeeca344255405cba91589fc79862e12,2024-06-03T14:46:24.250000 CVE-2024-20075,0,0,c25b515a91dbc89ebe595fac548aad128c5354b0efe2add6f43a7dd87e7c74de,2024-06-03T14:46:24.250000 -CVE-2024-20076,0,0,5b8e128bd64dffe75210d9a0b1bc6cdbc08ff0769e5c234fe829408adddec05e,2024-07-01T05:15:03.957000 -CVE-2024-20077,0,0,66a7c2729e76a45ec5e0f137aaede7f64c1ece3055e82f3815294e1c922f8222,2024-07-01T05:15:04.133000 -CVE-2024-20078,0,0,615d8853961ee7e2655c265f9bad9728786d5b6e686e7be58f6c7132bfd7d7e0,2024-07-01T05:15:04.227000 -CVE-2024-20079,0,0,342b9b2a5d769ac895bbd0f3a2b5892e188f70cf0959891c16c1d39545d2a2ca,2024-07-01T05:15:04.333000 +CVE-2024-20076,0,1,7a7cdd6b11d797bc1065c2a69cb9c58eccd1fe55a553f474fcbfe7ead824177f,2024-07-01T12:37:24.220000 +CVE-2024-20077,0,1,078df06cdcdb9fbee70d10a06d71a0c738e3f06468faa637c9b71b99bd9250ed,2024-07-01T12:37:24.220000 +CVE-2024-20078,0,1,f7d8ca3412c1bf1826924b855782cd80652b405b3608aec4d57b9c0cf2c70fb9,2024-07-01T12:37:24.220000 +CVE-2024-20079,0,1,2b8a0e5983dc5248cc97f95dd3191ef3fe114b43595192c541ca56a9b4ab2524,2024-07-01T12:37:24.220000 CVE-2024-2008,0,0,89351e3b3909d90b71f2b464baa5c1531110f0fc183853e9b068b202a6597011,2024-04-04T12:48:41.700000 -CVE-2024-20080,0,0,9c982d25c24ac58d824e3c49f320d7b0009896b9ce3a6416a68ab1ed4e8a6645,2024-07-01T05:15:04.430000 -CVE-2024-20081,0,0,cc6a1119d36737ed31cf2c18c5e1c454229879a5d20f8de1b66d494e5f3d69f5,2024-07-01T05:15:04.520000 +CVE-2024-20080,0,1,9f77e554af3bbd3c0972041ad77ad07151acaabcf84a676d09d66327102a89a6,2024-07-01T12:37:24.220000 +CVE-2024-20081,0,1,c71489cf0f2bedca59bdc5569ddfc23bc345fff8731fd4100ad31f358075b686,2024-07-01T12:37:24.220000 CVE-2024-2009,0,0,71459ca320e3ba6a6c331932225f22d43a50dc1f7bd5a77e40fa738dd949aeca,2024-05-17T02:37:59.337000 CVE-2024-2011,0,0,845fb303b632df2a82ac2c4f8385a50b893aa8c309406d3fe328481c0cd09158,2024-06-13T18:36:45.417000 CVE-2024-2012,0,0,878efb3776c708b50cfb853377bc9e21e4d99f3747b5a678478141addae0900a,2024-06-13T18:36:45.417000 @@ -244742,7 +244742,7 @@ CVE-2024-23856,0,0,7a070de7fdd5d74cea0874cc007ef2bf0f323d01fd662c9716c69691cbccd CVE-2024-23857,0,0,7eaf19807291540ffb4ed0aaeba2203c48dbce97eb1c38b6829b99f69bea7f4d,2024-02-15T10:15:09.737000 CVE-2024-23858,0,0,179fd096cc74dd5cbbf876bea6a8488b0885e1edc4fe71fbcee8079358c39150,2024-02-15T10:15:09.977000 CVE-2024-23859,0,0,63d22f89061de591ebb6f50f4326d532f8fce7994f1fbe1f5617c0b66052cbc5,2024-02-15T10:15:10.320000 -CVE-2024-2386,0,0,c1197c4c049f0c6abe569dfc67e50b5762d8e7ad3d6f178da7765562b737bfdf,2024-06-29T13:15:10.740000 +CVE-2024-2386,0,1,e910438a3934865bd71dc7371b084d92c8554eaa6c70bbb2ec087830c15b9721,2024-07-01T12:37:24.220000 CVE-2024-23860,0,0,6632cbbf88be694b99a54a9686f448c6c76767ee921ebba92af7b1d8dcf41923,2024-02-15T10:15:10.567000 CVE-2024-23861,0,0,1e0a03b0e05ef6048d2c622678e2eb6612c0b797636e9b5ad09792d3e7721feb,2024-02-15T10:15:10.917000 CVE-2024-23862,0,0,857cda3f242d87fabecd43e75af37484c6e5f8b7cb4875ca14d61eda019d5ca8,2024-02-15T10:15:11.193000 @@ -245397,16 +245397,16 @@ CVE-2024-25027,0,0,506fa0f038304c2bb065c6aafbb038363984a8c8037945872a1b74013246a CVE-2024-25029,0,0,d48a17c1d5ef1bfa6fbe7d5b73144f127d39825001bfd50aa27289e6a7875699,2024-04-08T18:48:40.217000 CVE-2024-2503,0,0,5456a0b13b40102166dfd1cda8940dfe9ff4664673bbe7b6a7953c477d674561,2024-05-02T18:00:37.360000 CVE-2024-25030,0,0,6e16b2526be8abef4237aa975d66d5ed678d7c0d907efb0dcc09108160949092,2024-06-10T18:15:27.247000 -CVE-2024-25031,0,0,74d4b64ee1da64f105f4efcf26d56f6faed2bd7aff675125b333358ead91a67f,2024-06-28T19:15:04.433000 +CVE-2024-25031,0,1,469453639d4aa429d76da5acfd1e1972c3ace1bf2c3c85b252deeb41e11b70a1,2024-07-01T12:37:24.220000 CVE-2024-2504,0,0,b952b345d554f248180cfc37dd33de3d29aef92bb40f82f2454b4ee2e2c1523d,2024-04-10T13:23:38.787000 -CVE-2024-25041,0,0,5a413bb62afa52adbe807d1ec953bb1e96ff170ea3c46f31f6b7a49a8bf717c0,2024-06-28T19:15:04.653000 +CVE-2024-25041,0,1,7928ae57a8bc2dc3a8c04d59e5aa30b1327837d78f88e428ea9c9bbae0acf7f7,2024-07-01T12:37:24.220000 CVE-2024-25046,0,0,4397b23573a65e79c16052f58f281291388123ce903b9df7b4059c81aac5ce1a,2024-06-10T18:15:27.350000 CVE-2024-25047,0,0,64419cf1d56aa51442fec48f489740b8b22b015f011042cff3e462c703444ca0,2024-06-21T19:15:30.053000 CVE-2024-25048,0,0,610a65aa068817d20a042aeecc25c887034723f165ecc379125f80c2bf8a57aa,2024-04-29T12:42:03.667000 CVE-2024-2505,0,0,f9efd81999a67e571786699340d45ecbc4af4577ba4f92360cdbb165e79506a4,2024-04-29T12:42:03.667000 CVE-2024-25050,0,0,2895a503880459770c96f9ab5f8cf4bc71edd50703fee0b5f0e32007918ee69d,2024-04-29T12:42:03.667000 CVE-2024-25052,0,0,a1c8165788344cec6c26b0ce1cd1c907b8a407a30045684a7d709a32eba309a1,2024-06-13T18:35:19.777000 -CVE-2024-25053,0,0,06ec762340c6c133eba6acfc5b173273394a5c2155116bdf48e507091c58dc5f,2024-06-28T19:15:04.933000 +CVE-2024-25053,0,1,a7c1d494e85c793a8b85597c57f93ed8af694871477cfb34ba8468c39dbbe4ad,2024-07-01T12:37:24.220000 CVE-2024-2506,0,0,e15f8d6bb21612e515765b00c070f0acb363bd444917e661aa5401c0b47082de,2024-06-03T14:46:24.250000 CVE-2024-25062,0,0,9596ed5cf07a8bc8469d4afc28fc727a431af7cff3b6b8e84435c301d9955756,2024-02-13T00:40:40.503000 CVE-2024-25063,0,0,ada8a3e76748f7f6ba8d6378c081423ac8f962f095964d00e876ad6b7009736e,2024-03-04T22:45:02.117000 @@ -245946,7 +245946,7 @@ CVE-2024-2594,0,0,bde31fdaab09a079b8da0d26da3ff2fd7469b156a031f2e67457f19c614e87 CVE-2024-25940,0,0,0f284eb6797ffd015c122aeeb19f68755aac0aac9d9f404601b2b09d1a1b9b82,2024-04-19T07:15:09.657000 CVE-2024-25941,0,0,0620596476a272ab01a4a766ab6af38a519cd30d123423fbbdbdd109f3a89b18,2024-06-10T19:15:53.077000 CVE-2024-25942,0,0,f61fbc9a4d226989af6c7dbccbce6eac1bf08e9ecba7753f027f3c66eedf16fc,2024-03-19T13:26:46 -CVE-2024-25943,0,0,2cd2494a6189013ae5084d872f402f2e24aa3e3aea211462934a745d4c23a01d,2024-06-29T13:15:10.403000 +CVE-2024-25943,0,1,d506e8c730696f4b2f3434da5ff1d66664f3a0f52ba266f85b5b04d36f260146,2024-07-01T12:37:24.220000 CVE-2024-25944,0,0,0c942868260e254f0ec88d12c198d84ea5267c121ead95446b5b00550e047e17,2024-04-01T01:12:59.077000 CVE-2024-25946,0,0,6f496894c0996dd20db51bddadbb7b8f4613518a0a22790fcd21a192873f3411,2024-03-28T20:53:20.813000 CVE-2024-25949,0,0,28dd1d310f71410ca26db9f24ad82830e2205559dd220b22f64be17580b64f1f,2024-06-13T18:36:09.010000 @@ -247322,8 +247322,8 @@ CVE-2024-27623,0,0,2fddee8e74e15c6e7895f22777fd9ac33928389d1ff6851e7ceeb0e05ed9e CVE-2024-27625,0,0,d6b6da55ca3f292d09b4a714bcb504e227f68a5bde518c62e1054c68c65c7b4c,2024-03-05T14:27:46.090000 CVE-2024-27626,0,0,03b059cdacd9bd4fdf434fcdc21be78daba5dd8b1b09db34c5aaed65f0885289,2024-03-21T12:58:51.093000 CVE-2024-27627,0,0,6b314556f3fa2e7fb50707266f0d07d8792d06426c2d3b5f17382297ce1180be,2024-03-05T14:27:46.090000 -CVE-2024-27628,0,0,5868b13025c0b9467e14a48a597be26b59a3ced064504cffcce6cf4853cc6e5e,2024-06-28T19:15:05.180000 -CVE-2024-27629,0,0,b89cced6c7c15b4af40db8cbf7cae42bb61dcf6e3be6ba58c089ba52d2a106f4,2024-06-28T19:15:05.243000 +CVE-2024-27628,0,1,faa71788c87c317049fdc79ef56c77e632eee6d27397d0a91223336e9c422e45,2024-07-01T12:37:24.220000 +CVE-2024-27629,0,1,2c51e5cbb6b2fd63f16d57c9e8c157423f6e13b1cbb9ef7712517b8bec763776,2024-07-01T12:37:24.220000 CVE-2024-2763,0,0,915a4db607b8067b26a412109e7e5ccfc1290182e3b3b563c2eda7d6ee1f9e77,2024-05-17T02:38:28.787000 CVE-2024-27630,0,0,c166a75eb868b94e3d44b8631307a3b16a1a3175bacac14103c1a38615b66cc2,2024-04-11T06:15:06.270000 CVE-2024-27631,0,0,d8dcd2de2ab076578039d2fc8d07b397b3cb994ac2e3f6cf562a97f0cf407dc3,2024-04-11T06:15:06.560000 @@ -247990,10 +247990,10 @@ CVE-2024-28784,0,0,c979b0334a0081e1847a4bc955e67dbbc0397aed136c4d3aa1b489c4f3f26 CVE-2024-28787,0,0,466884053e2fb97771b0b18e87658d91d7f6894823937327962bdc9b1ecfdc33,2024-04-04T19:24:50.670000 CVE-2024-2879,0,0,b3cb63a21efa9503ae3e8fbd2c3fbecce8466a6f50871d6397f8e38479a77e62,2024-04-08T22:49:41.533000 CVE-2024-28793,0,0,0971b91b249c500bf4e72fc37951e1fea5132a60c7834326b93f07f92baebfb6,2024-06-10T18:15:29.983000 -CVE-2024-28794,0,0,fea3931f90b9f84cf4c733c8b13103f1c0ea3743e99a2912dcf009b5c0fcff09,2024-06-30T19:15:02.233000 -CVE-2024-28795,0,0,cdcc3ce008679975bf496c8bd14b637e1ba080c5295dbaca41aef374af5c9d06,2024-06-30T16:15:02.987000 -CVE-2024-28797,0,0,cb656ca0fb48c752719361d8d555f4dcc2a45188759fd6cb1344b5a0a55b05dd,2024-06-30T18:15:03.480000 -CVE-2024-28798,0,0,3ed41b05d7d28d830091bb6df2fa27e3e32bb2a125c831d0251b397ac1a3e5a2,2024-06-30T17:15:02.720000 +CVE-2024-28794,0,1,5c23b350c07f05077487199b0f30cf4c260d9bb180f15dcf8074d12405596155,2024-07-01T12:37:24.220000 +CVE-2024-28795,0,1,85ca001fb3cb03d4dd36866bdc97c8f8215d3ca21adf9037272467b426417389,2024-07-01T12:37:24.220000 +CVE-2024-28797,0,1,547032bd87708ea3c38ed72ff1608579c72d8cb562887365c52f23dade3c5df7,2024-07-01T12:37:24.220000 +CVE-2024-28798,0,1,7079cdbb6247bdbcdcfdd1fc5533ad2b96e5540fb8c26b99397b46bd1e921d4c,2024-07-01T12:37:24.220000 CVE-2024-28815,0,0,e7bdcd0ac6977f9c059dbb312ad54d9a388fdc8f6a137aa4ed5f32fc20fa20fd,2024-04-30T07:15:48.897000 CVE-2024-28816,0,0,4b9f923b99f4095b32672af0003c81bae1f3b3136774827600fae7accfedcfe3,2024-03-11T12:47:42.653000 CVE-2024-28818,0,0,d36b119687f46041625483716221e120ac5cbacfed027a7a801d492a6a4c86c8,2024-06-27T16:43:48.633000 @@ -248168,10 +248168,10 @@ CVE-2024-29034,0,0,abbcb2dba15b8f4921d05a8db211631f1cd87e65f2de49321a196077424f0 CVE-2024-29035,0,0,21701c3dd0407a32f3860c33eba458ab5265ec3a8caf169794b15ed3942b0b5e,2024-04-17T15:31:50.160000 CVE-2024-29036,0,0,f20370765a1c49d0a0bad775fe00268f4f8d50d24ef66d07a4f7dc0500570ad3,2024-03-21T12:58:51.093000 CVE-2024-29037,0,0,d14590394517ae3abb6cee2c5008c5f9a159ea7cb5e3f1665632e06ebb11aadc,2024-03-21T12:58:51.093000 -CVE-2024-29038,0,0,90feafbd1bfe090ed33babd8a4121b4be7dd44fa917996a4b0da2a43320d3b6e,2024-06-28T14:15:03.033000 -CVE-2024-29039,0,0,8d9a8889022d53c66ada4a050becf7a22a8cedc9b6370894a110356851fc5591,2024-06-28T16:15:03.777000 +CVE-2024-29038,0,1,05c9a5e0e88713c6ed7f7b51747c9e0457a8b16cb11c423d76ebba30109cceaf,2024-07-01T12:37:24.220000 +CVE-2024-29039,0,1,ddb2af3d6258726aacc9170d1bb5e873b3c8db301d5b1bc2db262d122d79ce98,2024-07-01T12:37:24.220000 CVE-2024-2904,0,0,ad94cde058aa186716aa9a9e0abda85712b8f6121542c812afe32aed48147ca1,2024-03-26T12:55:05.010000 -CVE-2024-29040,0,0,ce7bdbf0469fb3a819529bb8ddf3bca149f1867f2f198e6a0e1aa38d5429d0e0,2024-06-28T21:15:02.773000 +CVE-2024-29040,0,1,6dc4c74085741fe48e095b8ec200d71224a358b6b607ecd146b4e9609c29a4ab,2024-07-01T12:37:24.220000 CVE-2024-29041,0,0,062cd423858e5d93d3fcaca6dd38a28eee29d2cae2776de71c0c9845b66bbfc2,2024-03-26T12:55:05.010000 CVE-2024-29042,0,0,1acd40f3f2614341c5d235ab7d1243ecc16ed46461e3f61d34bea944cf83e729,2024-03-22T19:02:10.300000 CVE-2024-29043,0,0,a6b5a5b270ee9b198f94a0f09e59dfb944c5cad6bfa0e71af6c157ac0edbbe91,2024-04-10T13:24:00.070000 @@ -249612,14 +249612,14 @@ CVE-2024-31216,0,0,d81eedaba41c66ff5403344865ad7320029e4218bc907b5fcd390407a8729 CVE-2024-31217,0,0,5f9cfb0e61249f70dadebe14e4e4386911d46ac33fe3ecd5dce212e07cce5f8c,2024-06-13T18:36:09.010000 CVE-2024-31218,0,0,7bde3095db5888b85ce9669e8bb2502e2c0767a6efc1fdc83c6973eaeb264970,2024-04-08T18:49:25.863000 CVE-2024-31219,0,0,d2d2811e70f71b6e8f1f63a3f7bda6856d7eb5bcd23ce2727f866e79d3b49966,2024-04-15T19:12:25.887000 -CVE-2024-3122,0,0,d4ac9312457aedc27f8f39526636e907b8d8d84cee5307c39123bdeeae38adf1,2024-07-01T05:15:04.693000 +CVE-2024-3122,0,1,f499bd3334132166b1136e99d883b62905d0bf4a53683e18fa1a73b357bee121,2024-07-01T12:37:24.220000 CVE-2024-31220,0,0,5364fec01a2c522837b9bb1f12dd2e109f09573a57ee59445d858fa07dd681f7,2024-04-08T18:49:25.863000 CVE-2024-31221,0,0,093d7a2a638171e5d3f8cc3b06e5a6b3ca8a7674a42c7ed40ef62927f76d1926,2024-04-08T18:48:40.217000 CVE-2024-31224,0,0,2f84ceb3d774709c2492171042eddaeb6b6b98a31b06a1f67434414d962c7206,2024-04-08T18:48:40.217000 CVE-2024-31225,0,0,775bf5be18a8afccd8a3d22e12b068c166a2b602aedd7e1dec0c49e92715b97b,2024-06-10T18:15:31.123000 CVE-2024-31226,0,0,c551125ecb7e722e7d385d0ba4ae8e898eaf339efee9a69cd1ef9cc05b64e374,2024-05-17T18:36:31.297000 CVE-2024-31229,0,0,7de33a876b6efca66be6426e83eb27e50104659e2ffe406707b9d46bf22d8ac4,2024-04-18T13:04:28.900000 -CVE-2024-3123,0,0,077664528b24c8d413960b71aeca517636d59c90ab460b8f7fc14f3af3fbf5c4,2024-07-01T05:15:04.973000 +CVE-2024-3123,0,1,7969034960d8468f2e42c9820543aa0d78630ff8823b9e15099413e2773c7cfb,2024-07-01T12:37:24.220000 CVE-2024-31230,0,0,52cfa4cc0c105e0f4a014468a390d1fae46fb176c8f9a3fd8a419c5888fe92a6,2024-04-10T19:49:51.183000 CVE-2024-31231,0,0,7a90a67619902f8027cbac8e85a666345818bb13d73948331e7d74a3cfb3017b,2024-05-17T18:36:05.263000 CVE-2024-31232,0,0,cad67a9aeb5c3124c1be880038f56dec45c67ef781e0ef4774805dcd0727d613,2024-05-17T18:36:05.263000 @@ -250027,16 +250027,16 @@ CVE-2024-31890,0,0,eda850bb7869648d895763435641ab97f0cfe4aeba8f677c829b9f47f4e39 CVE-2024-31893,0,0,12d01c628fd750c0cbf441575efefbf394d1654280d687a3cb134821594970b6,2024-05-24T01:15:30.977000 CVE-2024-31894,0,0,5d58af989adc88e1f21decb4e4b73370061e14ed54479d7579f2f2b5b7332e1e,2024-05-24T01:15:30.977000 CVE-2024-31895,0,0,38db7df97417d61bcac3e1b48b52fd0d409c4088497b5231955dcf460bac575b,2024-05-24T01:15:30.977000 -CVE-2024-31898,0,0,33566edd39449d6937cfe890ae696f9e487e7e051ba641cc870b458befd5ee22,2024-06-30T18:15:03.693000 +CVE-2024-31898,0,1,fe11d56c38d536e9464d27f478b4e4ead8cc2f4ae21f96cd1641416bd47ac1cc,2024-07-01T12:37:24.220000 CVE-2024-3190,0,0,c17e9142af04bd9f9561cc561aacffdced5eb94e572636fb91c22838cccaf428,2024-05-30T13:15:41.297000 -CVE-2024-31902,0,0,1157e96c42fe5e1f6cd50b8a219a0e329afeecd891787c4e2cd01170b9e9df82,2024-06-30T17:15:02.923000 +CVE-2024-31902,0,1,691e6ecfd39ef5647a37266bd43ffa72513315c6d9b9212e3f86fe6033112d46,2024-07-01T12:37:24.220000 CVE-2024-31904,0,0,f581f8d898f5db4b0367557c06fa4b666380cc23610e816c03e35138e889ca3c,2024-05-24T01:15:30.977000 CVE-2024-31907,0,0,74fc5f408c523c3e380d6171f8d45977925714d441f8877405f43a83b33e5a79,2024-05-31T19:14:47.793000 CVE-2024-31908,0,0,4b6f6f2b5b77469838acbfd64e3ebfdfd371146b18e2852e2c5d6403c944f986,2024-05-31T19:14:47.793000 CVE-2024-3191,0,0,8cf962bd9b56831bd79ade84a34de9b023bb925809cd58e4b9fc80c44fe6835a,2024-05-17T02:39:45.973000 -CVE-2024-31912,0,0,c82427d2ceb27165471af1da5488b4094ed5364160d49e6e382635d827f0d592,2024-06-28T18:15:03.673000 +CVE-2024-31912,0,1,aa5d92155d9377e0899275b7b0915f442f67adec5eede7394462364595dad2c3,2024-07-01T12:37:24.220000 CVE-2024-31916,0,0,94e61806cd426947094e5a291fb007ed965faafbc808f6c8a1747542f47fbfa2,2024-06-27T19:25:12.067000 -CVE-2024-31919,0,0,8e81967f7d7c3a0ae17b9430542e7f481cee250b578bbcc807536fe3a44fd946,2024-06-28T18:15:03.940000 +CVE-2024-31919,0,1,e1a4bcababa8183e9c4ef14f216a1b44c4b8ca5fab574febb55bdd32f858ecdc,2024-07-01T12:37:24.220000 CVE-2024-3192,0,0,4debefdd9bd6bc1b3acbeb91a28d7567aa83fcce418dfeae513fcc01b4da6f91,2024-06-04T19:20:17.017000 CVE-2024-31920,0,0,3c0045dbbecad7d78d5b9eb044589c2fc290e421e2d5accb9391890092efc90f,2024-04-15T13:15:31.997000 CVE-2024-31921,0,0,732b3dfcff7f3c38928ece374bd7708cd93eb00a4dc0a7d5ac8e2f115b9d7217,2024-04-15T13:15:31.997000 @@ -251759,7 +251759,7 @@ CVE-2024-34698,0,0,10e59d69dc4df1155204551f8483405755bab4be109bdea52b3a75e369d53 CVE-2024-34699,0,0,25f405235bcdebbbdbdc15ae858e3622caf3e07dac211b82cab5ea59f42ec719,2024-05-14T16:12:23.490000 CVE-2024-3470,0,0,736c8b21abac392de8987478bb4430873353b2c43829321b68bed57cd49a65ed,2024-04-19T16:19:49.043000 CVE-2024-34701,0,0,5a8c02ffa2fcadb317d10fc6ec8b451b4dcf3f6eab6c63ebf616f401a02dac46,2024-05-14T16:12:23.490000 -CVE-2024-34703,0,0,5ad2e6f5e34e2f6fd45700d7306c9c5e8b06f592b7ba43c13c397477c4dda22d,2024-06-30T21:15:02.053000 +CVE-2024-34703,0,1,50ae767dd64caa4e000da1f40c8cdbe5042bb6b22c8a9fc5a9800ebff102bcb2,2024-07-01T12:37:24.220000 CVE-2024-34704,0,0,48d6359679289248ce803dfb7b75c17011aaace7b08a8c9d1fc68e47f081bf3e,2024-05-14T16:12:23.490000 CVE-2024-34706,0,0,4726580e4aef314a5fbec04fe3b48a640bc06fa468e915ceb8e4adce9150430f,2024-05-14T16:12:23.490000 CVE-2024-34707,0,0,4ed4d85a391d834d7fb079efda0834353a1979685e57868a3cb454f56a7390b7,2024-05-14T16:12:23.490000 @@ -251950,18 +251950,18 @@ CVE-2024-35102,0,0,781492c1bcdcbb91cc24f5b5ff3eacf4542faa6544199a3dcb435c0e7da31 CVE-2024-35108,0,0,3d160490977cee5bde1d3bbae750736ca9206a5392ad0c8f4f20b1d705d7e1b9,2024-05-15T16:40:19.330000 CVE-2024-35109,0,0,1723de5edad4801c113dd0d41cbe0df6c36d556c862ef08d4faf7caa71ed9098,2024-05-15T16:40:19.330000 CVE-2024-35110,0,0,07f2b4eefabbfedf17e2731cca374c4a367989ecaeb945f63f5af7217d209b46,2024-05-17T18:36:05.263000 -CVE-2024-35116,0,0,9c697630b0a101a448d7a42c518febe23846d0493633384b46dd2fdc78a4bba9,2024-06-28T19:15:05.677000 -CVE-2024-35119,0,0,827e197f7acd05a8eda8067dd48d9b971ee81a4cb317e57285911965a3b60a80,2024-06-30T17:15:03.153000 +CVE-2024-35116,0,1,91a0109df1140cd09bc7ea5c08abbe7ae8c48f4ffa4198fd96c193164e9e1703,2024-07-01T12:37:24.220000 +CVE-2024-35119,0,1,f8609143b8a4a7a1f03935eb12f8fbcc6d72c76259e212fc26bb3132c6f940ad,2024-07-01T12:37:24.220000 CVE-2024-3512,0,0,7186c9ec3829c2082fd68b5fc8e23caed587fdf0f4e68c2974db5f41b90fb514,2024-04-25T13:15:51.663000 -CVE-2024-35137,0,0,fb0803e6012b4fe1c1e7923f12a0d146f47015ec3e4dc4d2e243d7f2271e8cf4,2024-06-28T16:15:04.150000 -CVE-2024-35139,0,0,9c4c3ff1414df1d8f7ba3e1b2fb542029621fea941b65b290ccd71ad73b74b67,2024-06-28T16:15:04.380000 +CVE-2024-35137,0,1,cfa826c0337668659733864f64c3760d46d614c0438a7a4db6c05f7406c4eeb5,2024-07-01T12:37:24.220000 +CVE-2024-35139,0,1,703f975506f06b114406c8e7efad895fe907f2ada95557d6f69e2711957e3dfc,2024-07-01T12:37:24.220000 CVE-2024-3514,0,0,fd39bbcd0f0890f4d85c4ccfb46694b71dc6efa7f8c56852e1f4fd99d58e20d2,2024-04-24T17:15:47.423000 CVE-2024-35140,0,0,45c3bb60ea04b1120d4f838be7226beea8411238e0d1eeb8dfdc4424ca0b5ad7,2024-05-31T19:14:47.793000 CVE-2024-35142,0,0,2e771ea16b161d7fa34214dfdb10478412ee26ce44f8ad533bb2991294386c64,2024-05-31T19:14:47.793000 CVE-2024-3515,0,0,5591c01553945d08e143bb397e7b7011721b53594a14b5bacff6fedc69b36f26,2024-04-19T23:15:11.963000 CVE-2024-35153,0,0,86727db419cb843920e5cd4c7a87cf5b7fde13fc70ca82a13eb4d069ddb821d5,2024-06-27T19:25:12.067000 -CVE-2024-35155,0,0,21d51eda032f947f3d941504599b038bfa8bcd017ad3e42e479608f379844347,2024-06-28T18:15:04.170000 -CVE-2024-35156,0,0,7707c5329574a7af39e9feecb35295727af022c4198905f408045e68b58a1781,2024-06-28T19:15:05.917000 +CVE-2024-35155,0,1,c326cd4166d9cbfa34efa54fd988e1d407d8925369f9983f14750e709112308a,2024-07-01T12:37:24.220000 +CVE-2024-35156,0,1,e6fb36f1f810f4a246d710cbf82055f27ccde015fb0476ace50a7457c7ac5ea7,2024-07-01T12:37:24.220000 CVE-2024-3516,0,0,c67f1b1a12bf3a4087d8b779d182fd3cd73d7fc172668a9a1561ab7e0601a8e1,2024-04-19T23:15:12.003000 CVE-2024-35162,0,0,096de883de595ba1679c139890301da91a94c85a87a466687ddcd8baf8fe1502,2024-05-22T12:46:53.887000 CVE-2024-35165,0,0,caf63944f08ce101dd14e275b41e5ef9dcf2b386ad9b4bb6b8d83ed28c45d5eb,2024-05-14T16:11:39.510000 @@ -253310,8 +253310,8 @@ CVE-2024-37367,0,0,aac603db5bb919680e2cd819ce6cb6ca25ea592fb28f92a3759e9a2fd18ea CVE-2024-37368,0,0,956c028a8638d3a3e19949beb7545c84f68f21d91e6b291904004a55453a08ce,2024-06-17T12:42:04.623000 CVE-2024-37369,0,0,7108a286445619350057461b39fedff0137563337148ca5c14290fc641ad2c5e,2024-06-17T12:42:04.623000 CVE-2024-3737,0,0,e288f29127240d626de190f33aa5cc85cc615dc26f102a0c00221aa9708716e3,2024-05-17T02:40:05.887000 -CVE-2024-37370,0,0,ce3df97684649f50d0b84bdea4d2c177dbc0ff9a20f97ae77c3c51e97a0a7a75,2024-06-28T22:15:02.293000 -CVE-2024-37371,0,0,e6c2a635c6a276d413a3d3b599a52d50e618a1e4c1214568d4722d16c719b4cd,2024-06-28T23:15:11.603000 +CVE-2024-37370,0,1,8a7076b3e8e134b661d21db6f90c7a50b93b1e481cf692861b0a2c3450767bad,2024-07-01T12:37:24.220000 +CVE-2024-37371,0,1,70d55bf05c2eee0a9f3b94ddc604e302a9c39f7d842ab9266b20a4c2d600c9ba,2024-07-01T12:37:24.220000 CVE-2024-3738,0,0,0968d9618a10c036b25eaa390531466819e491a5c992bcf4c715af4b591b9121,2024-05-17T02:40:05.977000 CVE-2024-37383,0,0,c0362d3d95fe11bdc30f3c36377b27485de734d675fe1b90f60703cfe5051656,2024-06-17T15:15:51.517000 CVE-2024-37384,0,0,2bdb7db18773042dbfcf7b4442179738e059134c1a70f1a6d09b92e8cfe2872e,2024-06-17T15:15:51.640000 @@ -253463,7 +253463,7 @@ CVE-2024-37899,0,0,d1ca9681182b91f088e5f797405e7825c7152f645c96ca832bd3fa971ed68 CVE-2024-3790,0,0,ea62135e66a6e7a74daddc8d443b8b9750f000d596c0e5f30e202f53e21ec40b,2024-05-14T16:11:39.510000 CVE-2024-37902,0,0,64cca10e7e3ace20e9d59c9293b434dbb2c9acda55554e640303530aeeaef0aa,2024-06-20T12:44:22.977000 CVE-2024-37904,0,0,7359ae18b288eca288056e2ff119b59a0b9c9bbf3f0e5a23aea1f27fd550dd3f,2024-06-20T12:44:01.637000 -CVE-2024-37905,0,0,e0f373fa56d13d3241a2c183c5590e954e7029b158c815b4fbaa801697e278cf,2024-06-28T18:15:04.400000 +CVE-2024-37905,0,1,76667799c8b41a4c84b1440977b5297bf4074f7f71d64c5e6ed0abc93aad04a6,2024-07-01T12:37:24.220000 CVE-2024-3791,0,0,9bc6cec70e672f5f7f9ccdb1c0603c19b269c41965293930113b85d0de980142,2024-05-14T16:11:39.510000 CVE-2024-3792,0,0,cf023b5179bed164faad65630e21cc1d1811b19d16667a2b08c63260eab0a5be,2024-05-14T16:11:39.510000 CVE-2024-3793,0,0,ee3137e362c58246aa5051457614bdcb92cca84e4e50c79d141ea28f09937fab,2024-05-14T16:11:39.510000 @@ -253524,7 +253524,7 @@ CVE-2024-38312,0,0,a025bc282a0932c71cb95ccc5342a2a383a8f77cb388790ae2ac3d82d89cf CVE-2024-38313,0,0,1c234fe7a87659718d48f2a88e14944f64c41ea923fa0d6325e8d4b1e192fda1,2024-06-17T12:43:31.090000 CVE-2024-38319,0,0,b424d3c1ce5233c9ed183de13fbb6b30d800a84b86175662e040e79a80011cf5,2024-06-24T12:57:36.513000 CVE-2024-3832,0,0,1075b96952121645fbb81b228e0c3813e39db7e21c4c9aa1fc24c30b61618c13,2024-04-23T18:15:15.187000 -CVE-2024-38322,0,0,39a9a807a62122f1ca926ece4ae6d6265aa06ef8676feaa29bcda90958484835,2024-06-28T19:15:06.317000 +CVE-2024-38322,0,1,2ad94da74065acba3b226c62072e2f5047b092e831ca2ac4223b96f7198e87ca,2024-07-01T12:37:24.220000 CVE-2024-38329,0,0,6a4543a55a7780ada6e17c79a82dd0a8355d271b676150df85f00b992a580a6b,2024-06-20T12:44:01.637000 CVE-2024-3833,0,0,ba630503495cf2aaf1fce7ce704a30930ed35eb1665a53e19102e8c18f607a36,2024-05-03T03:16:28.940000 CVE-2024-3834,0,0,a6e69ceb5a64ba9dfba23cdfa4c02e2549bf746772815229f9a627159689f77e,2024-05-03T04:15:09.043000 @@ -253541,9 +253541,9 @@ CVE-2024-38361,0,0,a76df29cb5f27115adee4ca4e20976361dfcfc6eae95b97031ba2314a1f45 CVE-2024-38364,0,0,af41b56a7f2f7758c06f324097079d559fb0340d3186315d52e465f177fe03d2,2024-06-26T12:44:29.693000 CVE-2024-38369,0,0,fdff0768878da5d618998a51bbfecfa3dac560d76fa8e5e20682482a3b336371,2024-06-26T14:47:05.077000 CVE-2024-3837,0,0,5046b04f6fff161407832d91f839d6c01f3dcf30bcf75f620bfd7221b5de1c27,2024-05-03T03:16:29.010000 -CVE-2024-38371,0,0,f4ba8e38b7287702fd9d699c660a9a4cae684b6b720cbc234c8cdd6632b0a4ac,2024-06-28T18:15:04.647000 +CVE-2024-38371,0,1,89525bd0cac36f8169b7c7660aac33ce1fe77dbe859f180f5d0a019c34cd3913,2024-07-01T12:37:24.220000 CVE-2024-38373,0,0,44bd01362bd05dfdecb2d241c2e4e4fe52c2264760c405bf6f3f48fb0d969aff,2024-06-26T15:02:05.100000 -CVE-2024-38374,0,0,2e357359ed4813db305fc60bd73f5e419939c79ae1a57c0e5696de268fe94dbb,2024-06-28T18:15:04.853000 +CVE-2024-38374,0,1,b039c6889e3b25105130cda3cb4d6252830c58349362eac54e70e39939e4b1b2,2024-07-01T12:37:24.220000 CVE-2024-38375,0,0,ded65bab8580f207fa6313539998812618b08a20bbdd5d51ce7200bdf863d856,2024-06-27T12:47:19.847000 CVE-2024-38379,0,0,d0af2d7e81a6285c1c7099c958a4a50ce3d2f639bd068091599f2b1327853e0b,2024-06-24T12:57:36.513000 CVE-2024-3838,0,0,bd55ca068ebe4472845bce1f3d037932d27279da54b129864c942318cbf6c399,2024-04-23T18:15:15.410000 @@ -253586,7 +253586,7 @@ CVE-2024-38469,0,0,61f8d4e00b8eb0d7cc440bb61aa54e448e7d0cf937bc39055bad05a42163d CVE-2024-3847,0,0,a2146e655749d60cf9631f855db42a3d44cf07cd9a542fd1035e46bb9a6304c5,2024-05-03T03:16:29.293000 CVE-2024-38470,0,0,4c268a4f5b43704204ee0794f0d14b8ed1a9214a7b71a5011526bcfa496d0f17,2024-06-20T12:44:22.977000 CVE-2024-3848,0,0,cff2d1cd97f0b1f2183f9bb4edcf4fc45d9e2b8ab251b9953f6af6105249c0ec,2024-05-16T13:03:05.353000 -CVE-2024-38480,0,0,55fcc25081b437280f5b2899ccd6e294eb175aab5d45713b9d34b1ebb9fe75bb,2024-07-01T05:15:04.613000 +CVE-2024-38480,0,1,04c4f9e75ecb94da8a57533882d0899c4c9616c45f6d4f0fa40fb0af2c036f64,2024-07-01T12:37:24.220000 CVE-2024-3849,0,0,d4181d6192aab2f4a2b324451fbda7660fbd9621eb95f5f54a642a6a3d1e7d46,2024-05-02T18:00:37.360000 CVE-2024-3850,0,0,bbe49076d39470df53cdf5186eea91a2b4a40256492f588a1ab86bd1ba5244b0,2024-06-12T18:12:56.413000 CVE-2024-38504,0,0,1e5426a2fc921f282b30067463f89deeb7f3dcc78ec818fa823270612233ac4d,2024-06-20T12:44:01.637000 @@ -253594,23 +253594,23 @@ CVE-2024-38505,0,0,be5aaa1dcdfd8c2aa334d5f57235bcc4cc51742ebd9414669481e2364aff4 CVE-2024-38506,0,0,f0cad7be1bf66b2843860132c4a1c6f7d61e84c638e965683ddee0cfb22e3838,2024-06-20T12:44:01.637000 CVE-2024-38507,0,0,a0f746b2efdaa14b7b3a19b053b62c389c989bd3db7005a96c00e53930c09585,2024-06-20T12:44:01.637000 CVE-2024-3851,0,0,16bcb9f87255ebcf1aad2856af6894b1b0c36049b98621e173e693ad3a900330,2024-05-16T13:03:05.353000 -CVE-2024-38514,0,0,76b2c281bb5bb26ecc81e040a689d17ccc440716c605204cc72f69bc19b71217,2024-06-28T19:15:06.530000 +CVE-2024-38514,0,1,20901c301d0b800903255c5b44f5dc35cf1b46988f760c885c8c2631fef64104,2024-07-01T12:37:24.220000 CVE-2024-38515,0,0,a4e93bf008d994404518fb6f8f4cb2097325f0beeca2a32bbb087976322bd094,2024-06-27T13:16:00.717000 CVE-2024-38516,0,0,1e8a930f3bd7a4d706b02f40cc5af32d0943db58e97c615d4b2fd82bf154a7f3,2024-06-26T12:44:29.693000 -CVE-2024-38518,0,0,9d896b4c49fa8d3512f2ba9bee7108c9b7ab50d72eb6fb94274c5d5e0c284223,2024-06-28T21:15:03.180000 +CVE-2024-38518,0,1,aa2f02f8ed86bcfd7fc6b425ddf1679e310303c5dfcfa85d7522473c60b19adb,2024-07-01T12:37:24.220000 CVE-2024-3852,0,0,3038e46972183e994310b2b410f139aaace8bd74e7e7e979d336a57b5feba459,2024-04-22T10:15:07.430000 CVE-2024-38520,0,0,41960473f376d2053670358f1b74b11612e5d6f0cfeae75c4ae0b80f5904ac0a,2024-06-27T12:47:19.847000 -CVE-2024-38521,0,0,3873cfcff987f00b021548bdf44cb8223c3603c06a2297f1aefcef27628b0dad,2024-06-28T16:15:04.577000 -CVE-2024-38522,0,0,f5d6f91943e429a1108a35bfac86c8284252e931772d930d6edaaac3e4ca39b1,2024-06-28T17:15:03.527000 +CVE-2024-38521,0,1,2311d8af284d8ecd997452bb188fd1cef58d4fe05ff15f59ded69f45525ae8c7,2024-07-01T12:37:24.220000 +CVE-2024-38522,0,1,ab564dc444a369fc5518b1b865033967f292e4b44f2517e37c5c794af744484c,2024-07-01T12:37:24.220000 CVE-2024-38523,0,0,ac61dc2188539e4a5eb60d89d7d71145cb5cdc9b9c189d4c888f2c0f8ba6ad05,2024-06-28T10:27:00.920000 -CVE-2024-38525,0,0,4a0b774ca8d71e07d36ef5681a443245ba9893ca88ae5049debd9a57319da63b,2024-06-28T22:15:02.567000 +CVE-2024-38525,0,1,c6d09ec2ec4a195ad79165c044ef499ca4961803c76ab9f8203674d54bb83420,2024-07-01T12:37:24.220000 CVE-2024-38526,0,0,e120e388df8ce9f77a5f20e08030a40910a306bc162600677388d663f60ddcef,2024-06-26T12:44:29.693000 CVE-2024-38527,0,0,9d30e9caf22ebe74cba027d0e20fbdb3b1d3bd82d6438824209935ed0cb0babb,2024-06-27T12:47:19.847000 -CVE-2024-38528,0,0,71c874dbdb4a9dfaead9af960b9318854c08dafacf95effb35bd6f7f37907ec2,2024-06-28T20:15:02.533000 +CVE-2024-38528,0,1,abe62c0b36f96b72c42ae3a20756e7dee4cdc68dd98be36932d675c96e479202,2024-07-01T12:37:24.220000 CVE-2024-3853,0,0,da9bcb4a065926b49732a0dd79b2f07a12fd9777c9341906bc363e07df8725cf,2024-04-17T12:48:31.863000 -CVE-2024-38531,0,0,7e51a1a94b7e3f1dbfb713a6218bd2868a7c0a3d24f5ee13ff5b4ef9ee0ab0b8,2024-06-28T14:15:03.293000 -CVE-2024-38532,0,0,ec0f8c7e1f9f23f24772b9bfcf352f62e723cc6b0bc8212cb5e349137fe3853e,2024-06-28T22:15:03.157000 -CVE-2024-38533,0,0,3e937b60a48325d111260aee8704f527b402d469102e43b84f06655442f7ed72,2024-06-28T22:15:03.720000 +CVE-2024-38531,0,1,b56de69adb9e29b508ff804eef5c2919280b3646aaf65838ea0969fdce8b1636,2024-07-01T12:37:24.220000 +CVE-2024-38532,0,1,3a3b54122bd6780d32b0357101fa3b70c56bf5cfbd9b29132bcf407b07a6cf4a,2024-07-01T12:37:24.220000 +CVE-2024-38533,0,1,bc3eb3ef979bf5295d109db19e6d12afcecc2e011ea06aeec96e0b38c48ef42a,2024-07-01T12:37:24.220000 CVE-2024-38538,0,0,fd8d0c414421b9d83404be9e58919f8d1c04c080d100c149e46c3a374cade8e2,2024-06-20T12:44:01.637000 CVE-2024-38539,0,0,bb07b10cb8e27f63a4ad4d8d9f4efc546da28e9a77992ff13895f8e8066ae4a7,2024-06-20T12:44:01.637000 CVE-2024-3854,0,0,1fc25728bc86cd277ba270d144040c69a89e438f315d3ebf85291cac5fb28ebb,2024-04-22T10:15:07.470000 @@ -253771,7 +253771,28 @@ CVE-2024-38950,0,0,fa51116204c8dd85f77aaa29c376757e8a69dd65423c416717d298ef0c999 CVE-2024-38951,0,0,2fe865287281e18bfc8391e5fdd7f9b2e7ca4d1df39a0017b43b5090b5aae2cc,2024-06-25T18:50:42.040000 CVE-2024-38952,0,0,7a7903cf5c57a02ae11664bc1f5ff958307bfbaee7b207c7b69a2ab43d958a10,2024-06-25T18:50:42.040000 CVE-2024-3897,0,0,2e6547d98bffe49274878683fd846b0dea4d063f5cc123163d759ecec392b068,2024-05-02T18:00:37.360000 +CVE-2024-38987,1,1,ed58d31c516be72d666726b08edbac80706bab687fc25a13e50121a9ae969b73,2024-07-01T13:15:04.717000 +CVE-2024-38990,1,1,f23de5039421dfb7ce2bb09ac68360cc581a98701f750121cff63fa52613d8d2,2024-07-01T13:15:04.807000 +CVE-2024-38991,1,1,a94a96142e09f3725c5f33e89e688fe6584ed030410b6ecf0d70d1e8c4518c2e,2024-07-01T13:15:04.863000 +CVE-2024-38992,1,1,e35d94cefd99f2cf0fcdc61c724f05a8623da7edcb9abb1e81769daa2818cfe8,2024-07-01T13:15:04.930000 +CVE-2024-38993,1,1,71a4d0af421ed5a829d6616d580d813af4c9db0671d1f92861bdabac78700dfc,2024-07-01T13:15:04.987000 +CVE-2024-38994,1,1,fc4ead1b214157ecf2fc185633c9fea55f43dc8acf0ead5fb3b0505cfa18364f,2024-07-01T13:15:05.047000 +CVE-2024-38996,1,1,9a18ced6674a21c6041303b26bfad9b9471a01ea23907adedc220f78a054f0e2,2024-07-01T13:15:05.103000 +CVE-2024-38997,1,1,75d30105ccc08685530318a2915f6bf79cfc35d01fb4e3b7e46279e5a10429b9,2024-07-01T13:15:05.160000 +CVE-2024-38998,1,1,348e2d3a2591692bdd188f4d13094f55e5530c1224de259338b9d8cd8f3e8039,2024-07-01T13:15:05.223000 +CVE-2024-38999,1,1,d13a04f1e9c136983594f08878c950c7e826267a802a2baa0a7f916ec9d8f52c,2024-07-01T13:15:05.280000 CVE-2024-3900,0,0,5bafaa90d65e26f460054cb65a089d31ecb0030e0f85c3f0ee595a0cce123691,2024-04-17T20:08:21.887000 +CVE-2024-39000,1,1,9915c57c9b03ed36f96252e6eabf3df389c3ccbe49eb69c8b76b58648064ef25,2024-07-01T13:15:05.340000 +CVE-2024-39001,1,1,63a3f5fdb9fc7d9bb0fef035bfad14164d6c65d69e570075e68f892948c30689,2024-07-01T13:15:05.397000 +CVE-2024-39002,1,1,9a8a8f91eca87b13d5cefd59a79f4a4ccfcb549905f50055a483eff1c802d9ff,2024-07-01T13:15:05.450000 +CVE-2024-39003,1,1,4ffe2c187b3f6a781815d031b24637c7b3efd680fac3f07a9c03441ea87485ad,2024-07-01T13:15:05.513000 +CVE-2024-39008,1,1,23e22db6f3a0de2eae82efcc8d107b63fee2fff89cda5088f26043a3438068a9,2024-07-01T13:15:05.590000 +CVE-2024-39013,1,1,0cb2f9055742ad2f49ec66b379ee9a7e82cb7d0c30cf91f544e495584be1927d,2024-07-01T13:15:05.650000 +CVE-2024-39014,1,1,1d174bb9bc614bea9ce88f1a35d678a4532ab18fce9fa04ca8199c6774603c02,2024-07-01T13:15:05.703000 +CVE-2024-39015,1,1,42b52c28ed72916c8ecf40f6f0649bde0c6f2421728d4ea7e3cee2106f090d4e,2024-07-01T13:15:05.767000 +CVE-2024-39016,1,1,f10ea2eefb6c18f61cd0372309413105fee75790d1ea27b0942e6cd3bff062bc,2024-07-01T13:15:05.823000 +CVE-2024-39017,1,1,6c025a442e9cecaae66309088c1ab8ad1dbef1c26cffe152b4ad64cda04740b8,2024-07-01T13:15:05.893000 +CVE-2024-39018,1,1,0467f48d8b8fd53dc6e05a8419b68bed85b12c5dce888b6c5a06d932f0debf8b,2024-07-01T13:15:05.950000 CVE-2024-3903,0,0,b17bb4ec6e0e391a38b8cd510c422de68900922cf0bf4c2e4e48aa68680d6339,2024-05-14T16:11:39.510000 CVE-2024-3905,0,0,a951c486be8869bf12976255205bd7b845c8a04b7efadd3f2b0fe1349880c5bb,2024-06-04T19:20:26.357000 CVE-2024-3906,0,0,2118bc9913869ee4f34c8416c221c77b744d5529f8376fd726e306c6d571b72a,2024-06-04T19:20:26.463000 @@ -253821,8 +253842,8 @@ CVE-2024-39293,0,0,ba4d7546a3208d93eda31b60f338bfefc59f223d8a82bb5367fc84df5351b CVE-2024-39296,0,0,e260e24d75f61f9e507cbecbe3ae9f7cc9539275110e5bb8afeebe70ced8da66,2024-06-25T18:50:42.040000 CVE-2024-39298,0,0,62f081e1204433b72614003aee17d6ba0c526eacd01605580713226a64a6e578,2024-06-25T18:50:42.040000 CVE-2024-39301,0,0,557c328019f730a5c8c669db41be6ae8d457cdc115700b93300b3651fff5aa25,2024-06-25T18:50:42.040000 -CVE-2024-39302,0,0,a67ee0daeb2bfe3b335e459cc13d758a9070a1fedac90873529183293c9bddb7,2024-06-28T21:15:03.437000 -CVE-2024-39307,0,0,05e9bf14558e867bd628ea69c84a9164178632e38f111da57b0b92f168ed1cc0,2024-06-28T21:15:03.713000 +CVE-2024-39302,0,1,946c3f23cfe199dda1010c0ea47b1d5e32454ef20b5307dfd8e2dc92485c1baa,2024-07-01T12:37:24.220000 +CVE-2024-39307,0,1,c6ba32c8ba3cfcd15570f781df2bcad3fc5cb61b722485741dcbdce4f9e733a2,2024-07-01T12:37:24.220000 CVE-2024-3931,0,0,ff26b5a8728d6a7f3e1f8095f9d431d98f0c624577950ceaf4dc1cf9ad688034,2024-06-06T20:15:13.933000 CVE-2024-3932,0,0,371291a71f9c99e371f96e7d7b61e3e11967567047c07fae80310c4772d1c0c7,2024-06-06T20:15:14.030000 CVE-2024-3933,0,0,1d08d4e317596700be65ef5300f76b449794bb2d8b1542a98c34b9cd74fea015,2024-05-28T12:39:28.377000 @@ -253847,11 +253868,11 @@ CVE-2024-3939,0,0,8db4cbfcc78e197894431199cdad6af4ac1ac13ee2f1028e231ba1f9079317 CVE-2024-3940,0,0,52f7bf6d70193ddf6b45db8d32585f84af1f44b7487d20897766e34b437b8581,2024-05-14T16:11:39.510000 CVE-2024-3941,0,0,3315566f834adaa65bc779c72609390662785ebcc4aac50a6cb30731cb96d90c,2024-05-14T16:11:39.510000 CVE-2024-3942,0,0,e822d69f7c80cdc7914f6c6d228f749a2878411b19bb34f624a4ef0b72687edf,2024-05-02T18:00:37.360000 -CVE-2024-39427,0,0,97ebd32b94b990e6a96aade54601ab1fede76695773d47c643ab956eb9e6420b,2024-07-01T09:15:06.493000 -CVE-2024-39428,0,0,fdca9ac58fdcb5c4a018626e1f08f6383edc562d9c099912b8be86e42a849c58,2024-07-01T09:15:06.720000 -CVE-2024-39429,0,0,19c7465af4b4d1acbd63407a3f742cf0809d20c02be61deb95b849cbb7c38fd2,2024-07-01T09:15:06.893000 +CVE-2024-39427,0,1,78160e98483fcc3aec226f5c047b3b1c0e863dcf72104b16f54bef5ce01d8702,2024-07-01T12:37:24.220000 +CVE-2024-39428,0,1,c278d22063c70f7bf9c06407a2b45919d470d1d910aa9da6476a8683a3973a23,2024-07-01T12:37:24.220000 +CVE-2024-39429,0,1,c0f0ea0961d667a14523724c8241b9d1f206aa304e922487a3184313c2bdef41,2024-07-01T12:37:24.220000 CVE-2024-3943,0,0,e07ef944084da93a178b1d893c19c63f640132688c11e19da99f30e04e5e47e2,2024-05-30T13:15:41.297000 -CVE-2024-39430,0,0,284310b6f1d6a2b38d75f5dde401069ef17e08698c98ddf6f5ba6c3cab3d25a0,2024-07-01T09:15:07.070000 +CVE-2024-39430,0,1,64e823bdb7084987f6e4f2dcc4ad0f20791cdd196a0003b3469db98557837678,2024-07-01T12:37:24.220000 CVE-2024-3945,0,0,87d1ab8fe16ba408f307c5379ed22b3c751c5d4b07b1a3f5bec08826673ff46f,2024-05-30T13:15:41.297000 CVE-2024-39458,0,0,fddd464380a09267e09b57b66272561b89c59455a10d641fa61f771d4f530d41,2024-06-27T12:47:19.847000 CVE-2024-39459,0,0,d1d8498393c450e178fa7bc147e75f870b75d424b183c32cba625d84c2757e63,2024-06-27T12:47:19.847000 @@ -253895,12 +253916,13 @@ CVE-2024-3974,0,0,30b94b89b01dd2c6057362330f67dc78937f3f3edffa0c5a57e7602f711f91 CVE-2024-3977,0,0,e9f44416847592725fc2cd47ffed9c743bca75989a5c2d940c73903d22d68b79,2024-06-17T12:42:04.623000 CVE-2024-3978,0,0,338ec55d360d0ecf1dfe595690a2d37e24aa4129fa5a75aae324bfa31cd2fe9a,2024-06-17T12:42:04.623000 CVE-2024-3979,0,0,4ac2126fe63098861061c1ed3772b0712449f42e64a5481492de94fd61a5b947,2024-06-06T20:15:14.127000 -CVE-2024-39828,0,0,31eb2167fecbbda5642dedf4e55fff8a0662863869bac939f242b14fecd9254f,2024-06-30T02:15:02.267000 +CVE-2024-39828,0,1,a076e079a0d15f60c3c4a55d02ae6ed731ea38682b9215046585ce79ae4cfb80,2024-07-01T12:37:24.220000 CVE-2024-3984,0,0,bee410e9bf0342c5ecf3886d76050e2314329db97e17f53f9285ff32a0d9ee8f,2024-06-20T12:44:01.637000 -CVE-2024-39840,0,0,047d979b2fcf1a9830727be1cf5cfab778c9f98b8c6748424d91100231c8b67f,2024-06-29T17:15:09.857000 -CVE-2024-39846,0,0,cffd1230dd7435c26d95c325c5366a1ccd985a2f9e414d529e3af68882ee9e83,2024-06-29T21:15:09.917000 -CVE-2024-39848,0,0,d00d442470171a68bda75b289a451bacb05783733e28ecd737bafa2ba95d8e71,2024-06-29T22:15:02.263000 +CVE-2024-39840,0,1,cf0cef2e05329a1216f74981ebbc4dbc7d10ee8168b70073e5c435ffc0748588,2024-07-01T12:37:24.220000 +CVE-2024-39846,0,1,cc3d14fb15e20c985bb7fdeb359e7a12ea1918f79b7c4c3ac03373ad528c69cf,2024-07-01T12:37:24.220000 +CVE-2024-39848,0,1,a406e2b5eebf34f795b980d155db1a7147865fe617aee30717a15aea5ad0bfcf,2024-07-01T12:37:24.220000 CVE-2024-3985,0,0,73586f1cedc99952324792e19f078c055584e6e606f6222ac3907090ad395ced,2024-05-02T18:00:37.360000 +CVE-2024-39853,1,1,614ce4e6b1998c31f6250e746f1f7b62bc498fd80a6e4b9b7e2f8f5f2605f133,2024-07-01T13:15:06.013000 CVE-2024-3987,0,0,05499205f937534ee026fd5a41dcafd44deae059117eea743b5e3e3c53eaee01,2024-06-07T14:56:05.647000 CVE-2024-3988,0,0,ed49ad0e503298ba2fe40c90a665a86dcb918b5087ac61c1edfd746c2ca95d24,2024-04-25T13:18:13.537000 CVE-2024-3989,0,0,41a6b1dcae0354fb8cba40366dc7ed1eeb84d6a6a33689c35123198fe63c8f01,2024-05-14T16:11:39.510000 @@ -253909,13 +253931,14 @@ CVE-2024-3991,0,0,f4b27e31b2ebe06401478accd9d85264142bf207d27ef139c240399354705c CVE-2024-3992,0,0,ff644523dcb07d662c2bf53b9e125872cf5c9b9df16e03b5f8dec25363b303ae,2024-06-17T12:42:04.623000 CVE-2024-3993,0,0,60132f24d182886d3025f810ce7decb14e0293094944605569519b576c903995,2024-06-17T12:42:04.623000 CVE-2024-3994,0,0,292539249e741e7003c555a5d4fa2182b15a01b393fb04fa15e675750c01906e,2024-04-25T13:18:02.660000 -CVE-2024-3995,0,0,7712be25a66ac51fb10fd8e58921591bc8026149ec1b9e4ae1ed2d5387a5d6b9,2024-06-28T20:15:02.820000 +CVE-2024-3995,0,1,6d3e6f6cd4c72294e5e7c28c1ac75c89fb114da3e88fc3375d7179257e92fe77,2024-07-01T12:37:24.220000 CVE-2024-3997,0,0,507ae8762d75f9d68eda75aa3a6fbbaf1b3579404dfa0ecd9f2978d2aa87a55f,2024-05-24T01:15:30.977000 CVE-2024-4000,0,0,63e68b686bb1abbdcd2ddeab613f2e83d1883c904c164f21a1076ada49583fc9,2024-05-02T18:00:37.360000 CVE-2024-4001,0,0,01ff67c0d3df1be38408b913fb09a0fa8e839c64a815c3de41b48a61aa2ae8cb,2024-06-11T17:27:53.637000 CVE-2024-4003,0,0,9b9be828f15a04db891b79e7c6ebf75d000360176e249e61f2acbb014741196d,2024-05-02T18:00:37.360000 CVE-2024-4005,0,0,db2b7e4cfe0f4bbe30f1cbadd95b4d8d4dea02eb8785d8f487b316678c44068d,2024-06-17T12:42:04.623000 CVE-2024-4006,0,0,cea97555ee62217aaca46943155964ba917aa17a210befae3806ab46c6606005,2024-04-25T17:25:05.903000 +CVE-2024-4007,1,1,ea11516500722210b6c05a007ec9e1eaa6b7db62a0d30554fbe50b2ecd3bc5b7,2024-07-01T13:15:06.077000 CVE-2024-4008,0,0,d029b79ac31ad712a3b682c30b4ebfe0bc85fbedb677b90d81d7c6af81a5600e,2024-06-18T17:00:01.570000 CVE-2024-4009,0,0,82f6778b19e61d18cb6bad03fb43730c90019cd4ed3dad3648b480d1adbe3427,2024-06-18T17:01:19.897000 CVE-2024-4010,0,0,b0efc140530d7080bd135b9c9b54b60a51a2a7dd68cfd5652cea86eef30822c4,2024-05-15T16:40:19.330000 @@ -254676,7 +254699,7 @@ CVE-2024-4930,0,0,6ff76d7aaffb879ad1ba04c82aee4d6862810bf82c41e96981364c74ee8131 CVE-2024-4931,0,0,83efd803f055d34e0373b998807732a66d1be28ff93405fe1ae45ba9ee6af2a3,2024-06-04T19:20:54.543000 CVE-2024-4932,0,0,2da4bffdf4d6e38ae009aae9065c7b2f8049c53fc8beaf73dfbb4354175c5b68,2024-05-17T02:40:43.357000 CVE-2024-4933,0,0,9fe90c4f8856bf6bdad48e78d639ea10366bef215c1d0d507cc52649860ab1b1,2024-06-04T19:20:54.643000 -CVE-2024-4934,0,0,6199c6082df89b8cd0bd1353d23a00d0f49be5cb7c793c5bf2645e1b9c18a302,2024-07-01T06:15:23.847000 +CVE-2024-4934,0,1,f52144af553eb515dced795070f99e99d77931d910da0436f916f26c1830041a,2024-07-01T12:37:24.220000 CVE-2024-4936,0,0,a731ea39a2abdd8ed5ffb7274944b4c3b5578233bd6509536eab3c4454adaafe,2024-06-17T12:42:04.623000 CVE-2024-4939,0,0,6859feec38f69c636602db339fa7ab03b302bd67a24dc957bb8f045d97aede0c,2024-06-11T17:08:33.350000 CVE-2024-4940,0,0,cb78cb49a43bd348a99dcd2f7e1d39ee831dc08e65c1988e89651f8662313063,2024-06-24T12:57:36.513000 @@ -254766,7 +254789,7 @@ CVE-2024-5056,0,0,5222bc315bf81dabb7f1134f85e7a3f8505dd3db79a8b19065f69d6579b775 CVE-2024-5058,0,0,637bd6f1f70bb3cfae7399c322e9c60e1da8c71180964fd405021291b54a0ed9,2024-06-24T19:18:35.517000 CVE-2024-5059,0,0,76adb31a0d874845cc73a32032185732178d0aa5e8e38a32237d0afd9c50a472,2024-06-24T18:49:29.467000 CVE-2024-5060,0,0,908e82bd4ef2431179c104b39273fb8e5e968812815f848a9881f7577e0ff35b,2024-05-24T13:03:05.093000 -CVE-2024-5062,0,0,02205ab45facb8770e9ed7f7b71a2c1f4ce998b339e185923c3c09d1c3e2cf16,2024-06-30T16:15:03.217000 +CVE-2024-5062,0,1,c4bfd24b428765fb9ddf19e7205629f5a96898980bd431291729b4911f485626,2024-07-01T12:37:24.220000 CVE-2024-5063,0,0,4f3b2bf7eda673978295341e9126ac2adcd5414f29702cc0cdbc012db466ad60,2024-06-04T19:20:57.760000 CVE-2024-5064,0,0,8095cec9a36e031c818592c3e6e560630244970853fe1a2d62ef41815d0461b5,2024-06-04T19:20:57.870000 CVE-2024-5065,0,0,854da1df0c358fed714b464bc000dc33fba39a0799286dd037bd479cf98e0180,2024-06-04T19:20:57.977000 @@ -254869,7 +254892,7 @@ CVE-2024-5188,0,0,f341cd733a67fef7a36812a8f7aa63c3db307a7b91bf1e7665add6435f1983 CVE-2024-5189,0,0,cd3bb13050c91870eb5838446a9e82835db405d95874bd44f6318a59b19e235d,2024-06-13T18:36:45.417000 CVE-2024-5190,0,0,e11755e15485ad7d65ed59ac9abe5cac7f4b4c3e2591d1a6c69b4386ed9dea65,2024-05-22T03:15:08.273000 CVE-2024-5191,0,0,db26f7ce160c714e95bc5c218e0073766ff2ed099b5e6969334cbfc827ce4bc3,2024-06-24T19:25:23.943000 -CVE-2024-5192,0,0,3c230b3cf3fe47e3d1f4926ac3672564b60cfa39d9ae8d2b56d3ca83ded8367e,2024-06-29T05:15:02.633000 +CVE-2024-5192,0,1,94ac7fbc597a0df9997971e94cdeab1dfd0f73279acaa9016d8372a4009213da,2024-07-01T12:37:24.220000 CVE-2024-5193,0,0,4619a3332fd1de828c7e949279cabe4a2b063d71a4e227126d8bf6d303fb6eb4,2024-06-04T19:21:01.867000 CVE-2024-5194,0,0,2277a7390d0159b3dc2e5dfd100175220ffc5f5725f8c88a7a9344e62a79d516,2024-06-04T19:21:01.977000 CVE-2024-5195,0,0,f6d192ea152622e2514b6c95ac0c9e8770ec516eb328b6bc7a2579d1133e54f5,2024-06-04T19:21:02.077000 @@ -255153,7 +255176,7 @@ CVE-2024-5589,0,0,dc63c38434ce5bb089af0d0f8aa09f6a46f1fae34dd45c15f4542741dea047 CVE-2024-5590,0,0,ca60332ff9933405c7b9b37e93d2404b53274b9ec741b4065c0c1eadbd60da94,2024-06-03T14:46:24.250000 CVE-2024-5596,0,0,c69cbcadf0a7f1e5940d842c2c9e90907cbda728581a745e7acd494576e03c9c,2024-06-24T12:57:36.513000 CVE-2024-5597,0,0,652827ff26b80eabae5b3eddf519a61b0da7de181ce61fd257911ec48c45cdb0,2024-06-12T18:10:47.080000 -CVE-2024-5598,0,0,e13a2fe84ae10d8311262597dd4e191e606f9d3516d698c1f81e020875524ff5,2024-06-29T05:15:02.960000 +CVE-2024-5598,0,1,dea97cf43130ffc7ec8c1e0439cc4a1d595d430c970e2a6bb452f71273924c1c,2024-07-01T12:37:24.220000 CVE-2024-5599,0,0,e4d8d3217ca804a33354b51b54e1f3f41ce0e1fc1f554dedfe90ad1a46a87370,2024-06-11T18:24:39.057000 CVE-2024-5601,0,0,e22064ef868b7763ab6a035a66dc94fbf47f776f059b7b471d5873c49e582f7a,2024-06-28T13:25:40.677000 CVE-2024-5605,0,0,4bb70fac398eb5e1fc6a3b8761dcfee9993510711b196c5d9f90dc1e34c785a3,2024-06-20T12:43:25.663000 @@ -255186,7 +255209,7 @@ CVE-2024-5661,0,0,e5f9f024a347e2b9638122ecde70323a03d416b3bde93f8e4f604cfeef08f4 CVE-2024-5662,0,0,c30bff5b2d503274ccfb42c77a6a2f90af33779b4134c5919fad644e092eec26,2024-06-28T10:27:00.920000 CVE-2024-5663,0,0,e65ed9bd668d6456ce5b39954ddd0ae3860f1cde2bd069c4d43e4b5601627808,2024-06-10T02:52:08.267000 CVE-2024-5665,0,0,cf98b8118d31a45b868938fcf4b0239a4be77d7cb3995f06e552251067a9cecd,2024-06-11T17:47:45.033000 -CVE-2024-5666,0,0,216f6c3c676318b1a01a4cbe684273cb5693f89e561491e3438b8a8902cec499,2024-06-29T07:15:02.657000 +CVE-2024-5666,0,1,c2cb648af5be31cc7b97e094a0871dd39fea80d2d3a0f373e615f5ae502553a5,2024-07-01T12:37:24.220000 CVE-2024-5671,0,0,b302da9933b51baa02aebe638443397fc8a4c366af898c1301a8da6525832546,2024-06-17T12:42:04.623000 CVE-2024-5673,0,0,f6db27a8b7c99bb0a58922425d96edcb461eeb527f78adfd8d9aed9c99330140,2024-06-11T18:17:10.037000 CVE-2024-5674,0,0,69b0f5cdcc6414c1b3093ac76e322fc42e17eb869b8f1b328084f458395232cf,2024-06-13T18:36:09.010000 @@ -255212,8 +255235,8 @@ CVE-2024-5699,0,0,d1e1ab6a164c3c763187b9b9eaa5ede2a373113d6efcf901de284e7d644c77 CVE-2024-5700,0,0,bf41828814d49bd1ca21d234dd56d9b9baae6eae1faa482eef0b223ac08cdef3,2024-06-19T10:15:11.510000 CVE-2024-5701,0,0,c0b77ae9f34889006ada566ff239d80e91c1e1e51e6239a509f45a6d387ce8ce,2024-06-11T13:54:12.057000 CVE-2024-5702,0,0,050114b692a9d22e1a3779ff238583d9efc9d6e8072ff7c077a659f94eb85b8c,2024-06-19T10:15:11.583000 -CVE-2024-5710,0,1,bbba5caf4cb4f465fb2a1f44424b7af778bd56d5f1b17eb3b38248b8a0397322,2024-07-01T10:15:30.183000 -CVE-2024-5712,0,0,db01453dc12ba0369f25d264b6d37430ad1795b35ad15f1bdc4e8f539a5553dc,2024-06-28T20:15:02.937000 +CVE-2024-5710,0,0,bbba5caf4cb4f465fb2a1f44424b7af778bd56d5f1b17eb3b38248b8a0397322,2024-07-01T10:15:30.183000 +CVE-2024-5712,0,1,782e6f09ec4801a2090922da0634157b6b0760d6d2ff619b99db06cdc44198b4,2024-07-01T12:37:24.220000 CVE-2024-5714,0,0,d09606fe85d7a014a058870c51f9ff79e6af54534c316b686a2562e2d0e92e3e,2024-06-27T19:25:12.067000 CVE-2024-5724,0,0,03384c71395c84af225b0ffa60ba9818c028df2b73c4ae064cd0a263a53e8317,2024-06-20T12:44:01.637000 CVE-2024-5727,0,0,1fbc88a30e9a1b5b66ae83f1b3e85e2a5fb8114d9d41f9dac322c2902c1d92bd,2024-06-28T10:27:00.920000 @@ -255260,7 +255283,7 @@ CVE-2024-5785,0,0,b8e4d96c063df13aad53416cef79463db3c390621a0b569b6ab0f4db2568be CVE-2024-5786,0,0,ed5396800d42f59a8cc5d452fd1faa0265b1965bb10ec68fd437a404a4a909e1,2024-06-10T18:06:22.600000 CVE-2024-5787,0,0,a3d405a0f4e66faab3a863affeada58e47a227c5d73cf2b53ea525af4385d342,2024-06-13T18:36:09.010000 CVE-2024-5788,0,0,b8c011e09345f8c438c15d748dc7ecb5f2eb62164ea0c1da7169d985a2f9f593,2024-06-28T10:27:00.920000 -CVE-2024-5790,0,0,9c5672e7c8447f1c23a1162576a1988a6667325985072690c0490fecebaca8d3,2024-06-29T07:15:03.130000 +CVE-2024-5790,0,1,f8b87ca5470f9146716524e5e38538dc26468d2ae797b52818768e7113cbca8a,2024-07-01T12:37:24.220000 CVE-2024-5791,0,0,424014ca254e257c8c57009775e061d0dd2abf87fc81691a50ea6d1a360bb310,2024-06-24T20:00:46.390000 CVE-2024-5796,0,0,ee9ea77d6816c67e871ce0ce39c4d235af8efb4db7bec50166a494d6f8b7e47e,2024-06-28T10:27:00.920000 CVE-2024-5798,0,0,f6c60b5ac812e7711b355fdc9c4ea7ca1c381d5fa9189e95b5ac079c15b31d9c,2024-06-13T18:36:09.010000 @@ -255268,13 +255291,13 @@ CVE-2024-5805,0,0,d5f814a63108fa76cde55a23a7ee4c9d4c1228e8f74ac6f24226e1e9997c15 CVE-2024-5806,0,0,05eca3ac8c1d3a60beb467559e1d11b02293b85393edfc15424ba5e922097af5,2024-06-26T00:15:11.293000 CVE-2024-5812,0,0,b231b6b4b2edc3b100956cc90803ec880aa99de51e5a0f50bc4b9e381c5722ed,2024-06-13T18:36:45.417000 CVE-2024-5813,0,0,d695683c807a1777a11ef158e495934f31ab7056ebdb25d58f5f11112f2d1965,2024-06-13T18:36:45.417000 -CVE-2024-5819,0,0,e3281694be9ef72aa48d45323b37d616d4af1a9c82965591ca687661159a772f,2024-06-29T10:15:02.287000 +CVE-2024-5819,0,1,ff5f9599a99761c75338a6f351d5018b6b4257daf87dc238a533c6ea2133dd27,2024-07-01T12:37:24.220000 CVE-2024-5820,0,0,40e5523c17b003adbda0efbab055fe88c8ffe6387f321010b47ba3ba7dc113ac,2024-06-27T19:25:12.067000 CVE-2024-5822,0,0,56a6bfde1d559870c5646a0b76a29e939be7faac2a950947fe32abc1f4907e47,2024-06-27T19:25:12.067000 CVE-2024-5824,0,0,71b3b99a3563d3bd6941378b1fc516ea3658f7355f6e899285275a2e97c693cb,2024-06-27T19:25:12.067000 CVE-2024-5825,0,0,800930249192b4fb36871d2a50a6622621c6dfa5eae6376e2c2995741b4630b2,2024-06-11T10:15:13.960000 CVE-2024-5826,0,0,e0d3dade8a07433249d59b1aea8b4c0765b07d04d2f9cc584b2c1dc787708da4,2024-06-27T19:25:12.067000 -CVE-2024-5827,0,0,dfcbbbd48b1d04c7eea53d29e37320c761766f835af48d239d6e3f30c9417c60,2024-06-28T20:15:03.217000 +CVE-2024-5827,0,1,2115c4e97523e0aa0a8beec64c71961c8ec1201ab92e9e9dd09f28cef85192d3,2024-07-01T12:37:24.220000 CVE-2024-5829,0,0,ece2333b3f7675cb0340d51c6d538163a9e25ac5d3d71e718ed0157d499370ee,2024-06-11T14:15:13.150000 CVE-2024-5830,0,0,5f4bf808197d5a7b772747b643a0383fdea3711f7dd7ea33605632692edfb8a3,2024-06-20T16:06:51.777000 CVE-2024-5831,0,0,c35637e034efcc83b783b4655f443c13f97dc7117fc74da74daea6635b01f1bf,2024-06-20T16:07:02.127000 @@ -255307,7 +255330,7 @@ CVE-2024-5871,0,0,83e6d3ea3d7363cdcbcb485d9161ada2b3d6bba887290fa58ab89820983d40 CVE-2024-5873,0,0,4affe4b1f71505ca05298a33c7e23c3ae147869580237755bed2d180fbea1b8e,2024-06-12T08:15:51.550000 CVE-2024-5885,0,0,3a664b64c018213b23c270dac1c0f4e2c55b9d60dc4c41c7b81af3f039474644,2024-06-27T19:25:12.067000 CVE-2024-5886,0,0,0c13c4ee009af0d9946120b2238809bd0a7459b4e90701a2a72b91121b1d711b,2024-06-20T11:15:56.580000 -CVE-2024-5889,0,0,7e47d1cc1487a1c728e02e89ddc97c090aaa466e38de6f396d9fcc1fa4a41e2e,2024-06-29T05:15:03.163000 +CVE-2024-5889,0,1,ebd4b75d771d00f2396bbc91f1ca197e49e2f67600230e37c6f00ba36324b089,2024-07-01T12:37:24.220000 CVE-2024-5891,0,0,da4ba5748ecb097f5befd86d4787f2c76143132bf594110b21f16b774e08e15d,2024-06-13T18:36:09.010000 CVE-2024-5892,0,0,890747e3858b777381fac245c58cda030faeadae1530ec4012d9670fde261a4e,2024-06-13T18:36:09.013000 CVE-2024-5893,0,0,8bbdd4fceee6f55f46acaf4e2e772cd5b071a8548251271838818c6acd356beb,2024-06-13T18:36:09.010000 @@ -255325,13 +255348,13 @@ CVE-2024-5909,0,0,135cc10869213a459dd71b8b5da7a5af9b37ed5f304a5a3bf425c78b00034c CVE-2024-5922,0,0,e29cc1185c6dbfaaa56af47c566fc115571f883f702dae9a40d1739b93329831,2024-06-28T10:27:00.920000 CVE-2024-5924,0,0,c5c85908e1bc3136c78f0f5690507eea3ba6b330ba27c618aeeb0cde0122c6a0,2024-06-17T12:43:31.090000 CVE-2024-5925,0,0,9927dea575613975cb1f3595ae91835696c41f49e37b56a7c3c9724b111ba81c,2024-06-28T10:27:00.920000 -CVE-2024-5926,0,0,962dcbda02948f4d372ded20bb5fdd51640fe08c3283d35a6c23d3a85b5c90c8,2024-06-30T01:15:09.707000 +CVE-2024-5926,0,1,5989118d1e74694dc8d29d11155e46063f80693ec0514642081f5dd4d07f562d,2024-07-01T12:37:24.220000 CVE-2024-5927,0,0,19c3cc8f6784d442d3026759cebf43551fd4d736175a291c91056bccb3b59092,2024-06-13T11:15:48.917000 CVE-2024-5933,0,0,43c62c8c7b78a3986e6c8a8e384c2c83973a07919e7ff71c58e74be82b63ae22,2024-06-27T19:25:12.067000 CVE-2024-5934,0,0,688a30e1a6237b69634d3ab7eb078a5b0fdbb09f93730eb6244fa568165f0ccc,2024-06-14T16:15:14.647000 CVE-2024-5935,0,0,21662e5830e79e4b40d11ee8d4ca61a28a55ce393198f32f5a0fb22a492448a1,2024-06-27T19:25:12.067000 CVE-2024-5936,0,0,dab5c088e03544c88b5524610f0cab10458f16230a50e10902868220b9e1d9db,2024-06-27T19:25:12.067000 -CVE-2024-5942,0,0,6c80720c7f6bd9221067ffb9049ae40638208143a0c09422dec3a112025682dc,2024-06-29T05:15:03.360000 +CVE-2024-5942,0,1,91637ecc81e7589bc0eaad02ef323d1d25bb9ad71b90d21943c07b937e076993,2024-07-01T12:37:24.220000 CVE-2024-5945,0,0,16d17edcf79dde7bc004547e40419569c5bdcb3c9d1fafd4da124c600699d701,2024-06-24T19:24:00.433000 CVE-2024-5947,0,0,7906fe5496c2633ac624599b4fcbe00d50eb988a8b518b82e602f8ca90719dc3,2024-06-17T12:43:31.090000 CVE-2024-5948,0,0,b50c023e3e038877d6c3f637d61b3c39fec4c81c008590663dc7a0096fec685c,2024-06-17T12:43:31.090000 @@ -255423,7 +255446,7 @@ CVE-2024-6125,0,0,85b92914638eb24a081146fd823c584c2333b183768ef26d618955e8364631 CVE-2024-6127,0,0,8f3f3591469382ebb006087ec5b5be799ca274948ebd71b090f997c1ae2c89a9,2024-06-28T10:27:00.920000 CVE-2024-6128,0,0,cd2531d89b3a76f4be34b5ead44f5b65458326ae9dfb5c97dcd0243e237eb5b3,2024-06-21T16:15:12.570000 CVE-2024-6129,0,0,dfa20fd20a0a3099fcdc2f66c56de27040819ee45bd7efe66cb95f894b77d645,2024-06-20T12:44:01.637000 -CVE-2024-6130,0,0,4dec67f3f43a5f70bce86d325489d8791714dd8bdb534ec2e2d88fdd2f96eaf4,2024-07-01T06:15:23.957000 +CVE-2024-6130,0,1,f4b647f0047f578fe057faac21db7670b7977afa1d31bb2fa4fd50dc12004c54,2024-07-01T12:37:24.220000 CVE-2024-6132,0,0,c816ab5ddbf096dbfac6131f33b5d3d3e264dd5fbb695e6c347719e5920b43ca,2024-06-20T12:44:01.637000 CVE-2024-6139,0,0,5267393f199f3e6d04675c179e30c182dfe9af96089cf21d4ca0eef7a0895473,2024-06-27T19:25:12.067000 CVE-2024-6142,0,0,23f480e47c156f1dad9ad13e0d7590969d38d5491fbe00b3021017412ace7767,2024-06-20T12:44:01.637000 @@ -255475,7 +255498,7 @@ CVE-2024-6252,0,0,468e259f2025efbae92579ad89a45c9f2c8b2e33c6f209272de57a1e66debc CVE-2024-6253,0,0,a6e4514e5a27665a5cb6260b36ae56e5c2da14fd9a2d1da643a44ff2f3f2cb21,2024-06-25T18:15:12 CVE-2024-6257,0,0,2981da6c17c705bcf0d80e44b1fa14b0c6655b2077fb275b971c6bc5c7c2b720,2024-06-25T18:50:42.040000 CVE-2024-6262,0,0,f703f7a7fbd3e1fe9efa1e5946752e209a081bf36124182aca731e3f05a363a4,2024-06-27T12:47:19.847000 -CVE-2024-6265,0,0,96348ec2c6d9dc31030876ca82de9102405c4d596533b9d110ab32d0dabb7540,2024-06-29T05:15:03.560000 +CVE-2024-6265,0,1,dd53419ac5d71f3843314be14fea17b7338fd9f39ae5539064d4c12df7d66cd7,2024-07-01T12:37:24.220000 CVE-2024-6266,0,0,f14331da5cd861226d53e015f2a1f08c9e1d5e7f7b1b843a3feb7cb151cc145a,2024-06-24T12:57:36.513000 CVE-2024-6267,0,0,d0d81696a0fe56042eb20b9f0c7d606c3ec4ab44f43adaf7633e08749cae8d6a,2024-06-24T15:15:12.093000 CVE-2024-6268,0,0,f6b5ab227c5a0cba5e0d9764b3a65d1dea83e5d9d7e49ede9770a3daceae2872,2024-06-26T20:15:16.893000 @@ -255514,7 +255537,7 @@ CVE-2024-6344,0,0,f8fe072181ab91a453822e0b523eb31f74817bc4efb68c7d2134a2d41a8e35 CVE-2024-6349,0,0,f01d61e3475192c945ec3639c2eda3b231a23d2f279c2f15b4719385fb2bd065,2024-06-26T15:15:20.690000 CVE-2024-6354,0,0,b70a2915a44ee7e7e6c00925c9a92ab9e6b070beaff28ea6d89d1a4dcb2a10e6,2024-06-27T12:47:19.847000 CVE-2024-6355,0,0,ae01fd3dff3a0136dc0dcda0f0c62bd72a4c84afe63740fbe5ae0aaceef04f3e,2024-06-27T14:15:16.753000 -CVE-2024-6363,0,0,e30e8346126e4db25622d7bfa0069b0e508a00cde2d6a89673dad355bdfc62a0,2024-06-29T07:15:03.357000 +CVE-2024-6363,0,1,821afe251d4d71225fc87e03c6904bf5a4c1b246a1e7e806532ba337c88c686a,2024-07-01T12:37:24.220000 CVE-2024-6367,0,0,7207995286cd77894417e443ceec13186f4617a3d835dc70f545e6022e4f6dc9,2024-06-27T12:47:19.847000 CVE-2024-6368,0,0,15233ad7ff1f989e7bdf86db89d9527b042f90cc8844e61c0b9d2d12d522b414,2024-06-27T18:15:21.083000 CVE-2024-6369,0,0,c793378edfea0b2a8c32a50d08899943167a983433e0948af5044c43e0a7ad33,2024-06-27T12:47:19.847000 @@ -255523,13 +255546,16 @@ CVE-2024-6371,0,0,4c649bc248258025ed325d77948a1f8525c46141bb22c90a65b416ad94095e CVE-2024-6372,0,0,ec8243842e1fb3e0d20056a877723ac3e2b0533a4741cd15fbbcbf6a553aa1c3,2024-06-27T17:11:52.390000 CVE-2024-6373,0,0,ffc7549884eeecbe338ce0f17f670d62abf2209962cbc27b0291f9ddbed7c163,2024-06-27T18:15:22.280000 CVE-2024-6374,0,0,951e3f10ed1a8de2c137bcf7721b529de76cab1c6430f8094753092eaf9ecd40,2024-06-27T17:11:52.390000 +CVE-2024-6387,1,1,def0cd53bff2180f22c8386406858a074b5d800b54f09a90a201f896b646bc47,2024-07-01T13:15:06.467000 CVE-2024-6388,0,0,e641c9d869769d4291da87145b48d15b4f200c046d6b100142bc686375a84738,2024-06-27T17:11:52.390000 -CVE-2024-6402,0,0,4ab71895b3368bd1544211088d3abf700d4f701c214f7ecf3c60b7d176fc2603,2024-06-28T17:15:03.810000 -CVE-2024-6403,0,0,429dfb36ed402b9131ff77942437fb1a517bdb7d9c4bc0d98800d5561627779c,2024-06-28T17:15:04.140000 -CVE-2024-6405,0,0,038b14279ce0315b7a8980b7821f46591d9e467d7f65f841d288ca599d5003a6,2024-06-29T02:15:02.223000 -CVE-2024-6414,0,0,70b26d50e267b67a07d9bb4b9f1c84966b1a8bfb20d759370cc1a093ba5f1259,2024-06-30T03:15:02.223000 -CVE-2024-6415,0,0,62e9973ee32aafad192ff857247035567ab1ac1ef13febe846fa28737426c3a2,2024-06-30T04:15:02.250000 -CVE-2024-6416,0,0,42460422645508deba815384c205b5e704c0f5f916fb0a7b2efed93e1162e2e4,2024-06-30T22:15:02.113000 -CVE-2024-6417,0,0,32851c719cd1c65444d9f0687cd37e02fd9715c54484a0e16c9a397be6861748,2024-06-30T23:15:02.680000 -CVE-2024-6418,0,0,e6fe9ac34c4b22aecb612ef18a1b6ee75745c96c699586b14f82bdf1bd364999,2024-06-30T23:15:02.953000 -CVE-2024-6419,0,0,92807316841d932714223cfcd15bad518a4419bb5a5d3d4cee6d072592967cd4,2024-07-01T00:15:01.950000 +CVE-2024-6402,0,1,795485c4534407e246daec51c1daaa33b95f6651688fed743a8fb9054cdaedba,2024-07-01T12:37:24.220000 +CVE-2024-6403,0,1,e44b9cfa8d9ae367e624a8cdf179ef52ea1e98c2115d7a956299d17747a6a56b,2024-07-01T12:37:24.220000 +CVE-2024-6405,0,1,fdb62e3d2213e21f6cf3d269e158ee31cc07c01f1a5a460b466ccce5203f82ee,2024-07-01T12:37:24.220000 +CVE-2024-6414,0,1,ae0d661be5f3239fdfe6f0d08030fef27c03212dc1e12675bcf532fd90369002,2024-07-01T12:37:24.220000 +CVE-2024-6415,0,1,2d930efbf55d72578aa6f6117194938fd91dbe48efc49659be82131c011d6129,2024-07-01T12:37:24.220000 +CVE-2024-6416,0,1,1d3038bca30e2041aec4c6f6e9ac2c7cb38b0b032dbc11dcdc7f3d31ad18d01f,2024-07-01T12:37:24.220000 +CVE-2024-6417,0,1,29f9a4ce41522fa0140910babecf0fc99e85f4d49ac0eb1b6a99dc830b0f22e3,2024-07-01T12:37:24.220000 +CVE-2024-6418,0,1,b63bb78bc20fc7c9074df0590cf44ede2aa2ea9145f7e2ea976342cbbc9ede3c,2024-07-01T12:37:24.220000 +CVE-2024-6419,0,1,e1f22570d75c49fa5726171947ce4e56ea60b543707fecfaebe18f84b2ff48d5,2024-07-01T12:37:24.220000 +CVE-2024-6424,1,1,2322218d8ccd442e034bc04efb06decf5dba85d2673806f1b6db6fb6b6b4910d,2024-07-01T13:15:06.690000 +CVE-2024-6425,1,1,df671561299025e9d439ba96a2d660e26f555163397ba92a938dc0f695e82466,2024-07-01T13:15:06.927000