From 88fca70043d070a11286a661c3ceaebca8a605d4 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Mon, 18 Nov 2024 19:03:31 +0000 Subject: [PATCH] Auto-Update: 2024-11-18T19:00:29.543584+00:00 --- CVE-2015/CVE-2015-201xx/CVE-2015-20111.json | 45 +- CVE-2017/CVE-2017-133xx/CVE-2017-13309.json | 8 +- CVE-2017/CVE-2017-133xx/CVE-2017-13310.json | 8 +- CVE-2017/CVE-2017-133xx/CVE-2017-13311.json | 8 +- CVE-2017/CVE-2017-133xx/CVE-2017-13312.json | 8 +- CVE-2017/CVE-2017-133xx/CVE-2017-13313.json | 8 +- CVE-2017/CVE-2017-133xx/CVE-2017-13314.json | 8 +- CVE-2019/CVE-2019-252xx/CVE-2019-25220.json | 45 +- CVE-2020/CVE-2020-257xx/CVE-2020-25720.json | 8 +- CVE-2020/CVE-2020-260xx/CVE-2020-26062.json | 8 +- CVE-2020/CVE-2020-260xx/CVE-2020-26063.json | 8 +- CVE-2020/CVE-2020-260xx/CVE-2020-26066.json | 56 ++ CVE-2020/CVE-2020-260xx/CVE-2020-26067.json | 56 ++ CVE-2020/CVE-2020-260xx/CVE-2020-26071.json | 8 +- CVE-2020/CVE-2020-260xx/CVE-2020-26073.json | 8 +- CVE-2020/CVE-2020-260xx/CVE-2020-26074.json | 8 +- CVE-2020/CVE-2020-271xx/CVE-2020-27124.json | 8 +- CVE-2020/CVE-2020-34xx/CVE-2020-3420.json | 8 +- CVE-2020/CVE-2020-34xx/CVE-2020-3431.json | 8 +- CVE-2020/CVE-2020-35xx/CVE-2020-3525.json | 30 +- CVE-2020/CVE-2020-35xx/CVE-2020-3532.json | 8 +- CVE-2020/CVE-2020-35xx/CVE-2020-3538.json | 8 +- CVE-2020/CVE-2020-35xx/CVE-2020-3539.json | 8 +- CVE-2020/CVE-2020-35xx/CVE-2020-3548.json | 8 +- CVE-2021/CVE-2021-11xx/CVE-2021-1132.json | 8 +- CVE-2021/CVE-2021-12xx/CVE-2021-1232.json | 8 +- CVE-2021/CVE-2021-12xx/CVE-2021-1234.json | 8 +- CVE-2021/CVE-2021-12xx/CVE-2021-1285.json | 8 +- CVE-2021/CVE-2021-13xx/CVE-2021-1379.json | 8 +- CVE-2021/CVE-2021-14xx/CVE-2021-1410.json | 8 +- CVE-2021/CVE-2021-14xx/CVE-2021-1424.json | 8 +- CVE-2021/CVE-2021-14xx/CVE-2021-1425.json | 8 +- CVE-2021/CVE-2021-14xx/CVE-2021-1440.json | 8 +- CVE-2021/CVE-2021-14xx/CVE-2021-1444.json | 8 +- CVE-2021/CVE-2021-14xx/CVE-2021-1461.json | 8 +- CVE-2021/CVE-2021-14xx/CVE-2021-1462.json | 8 +- CVE-2021/CVE-2021-14xx/CVE-2021-1464.json | 8 +- CVE-2021/CVE-2021-14xx/CVE-2021-1465.json | 8 +- CVE-2021/CVE-2021-14xx/CVE-2021-1466.json | 8 +- CVE-2021/CVE-2021-14xx/CVE-2021-1470.json | 8 +- CVE-2021/CVE-2021-14xx/CVE-2021-1481.json | 8 +- CVE-2021/CVE-2021-14xx/CVE-2021-1482.json | 8 +- CVE-2021/CVE-2021-14xx/CVE-2021-1483.json | 8 +- CVE-2021/CVE-2021-14xx/CVE-2021-1484.json | 8 +- CVE-2021/CVE-2021-14xx/CVE-2021-1491.json | 8 +- CVE-2021/CVE-2021-14xx/CVE-2021-1494.json | 8 +- CVE-2021/CVE-2021-347xx/CVE-2021-34750.json | 8 +- CVE-2021/CVE-2021-347xx/CVE-2021-34751.json | 8 +- CVE-2021/CVE-2021-347xx/CVE-2021-34752.json | 8 +- CVE-2021/CVE-2021-347xx/CVE-2021-34753.json | 8 +- CVE-2022/CVE-2022-206xx/CVE-2022-20626.json | 8 +- CVE-2022/CVE-2022-206xx/CVE-2022-20631.json | 8 +- CVE-2022/CVE-2022-206xx/CVE-2022-20632.json | 8 +- CVE-2022/CVE-2022-206xx/CVE-2022-20633.json | 8 +- CVE-2022/CVE-2022-206xx/CVE-2022-20634.json | 8 +- CVE-2022/CVE-2022-206xx/CVE-2022-20648.json | 8 +- CVE-2022/CVE-2022-206xx/CVE-2022-20649.json | 8 +- CVE-2022/CVE-2022-206xx/CVE-2022-20652.json | 8 +- CVE-2022/CVE-2022-206xx/CVE-2022-20654.json | 8 +- CVE-2022/CVE-2022-206xx/CVE-2022-20655.json | 8 +- CVE-2022/CVE-2022-206xx/CVE-2022-20656.json | 8 +- CVE-2022/CVE-2022-206xx/CVE-2022-20657.json | 8 +- CVE-2022/CVE-2022-206xx/CVE-2022-20663.json | 8 +- CVE-2022/CVE-2022-206xx/CVE-2022-20685.json | 8 +- CVE-2022/CVE-2022-207xx/CVE-2022-20766.json | 8 +- CVE-2022/CVE-2022-207xx/CVE-2022-20793.json | 8 +- CVE-2022/CVE-2022-208xx/CVE-2022-20814.json | 8 +- CVE-2022/CVE-2022-208xx/CVE-2022-20845.json | 8 +- CVE-2022/CVE-2022-208xx/CVE-2022-20846.json | 8 +- CVE-2022/CVE-2022-208xx/CVE-2022-20849.json | 8 +- CVE-2022/CVE-2022-208xx/CVE-2022-20853.json | 8 +- CVE-2022/CVE-2022-208xx/CVE-2022-20871.json | 8 +- CVE-2022/CVE-2022-209xx/CVE-2022-20931.json | 8 +- CVE-2022/CVE-2022-209xx/CVE-2022-20939.json | 8 +- CVE-2022/CVE-2022-209xx/CVE-2022-20948.json | 8 +- CVE-2022/CVE-2022-264xx/CVE-2022-26494.json | 19 +- CVE-2023/CVE-2023-06xx/CVE-2023-0657.json | 8 +- CVE-2023/CVE-2023-14xx/CVE-2023-1419.json | 8 +- CVE-2023/CVE-2023-200xx/CVE-2023-20004.json | 8 +- CVE-2023/CVE-2023-200xx/CVE-2023-20036.json | 8 +- CVE-2023/CVE-2023-200xx/CVE-2023-20039.json | 8 +- CVE-2023/CVE-2023-200xx/CVE-2023-20060.json | 8 +- CVE-2023/CVE-2023-200xx/CVE-2023-20090.json | 8 +- CVE-2023/CVE-2023-200xx/CVE-2023-20091.json | 8 +- CVE-2023/CVE-2023-200xx/CVE-2023-20092.json | 8 +- CVE-2023/CVE-2023-200xx/CVE-2023-20093.json | 8 +- CVE-2023/CVE-2023-200xx/CVE-2023-20094.json | 8 +- CVE-2023/CVE-2023-201xx/CVE-2023-20125.json | 8 +- CVE-2023/CVE-2023-201xx/CVE-2023-20154.json | 8 +- CVE-2023/CVE-2023-391xx/CVE-2023-39176.json | 8 +- CVE-2023/CVE-2023-391xx/CVE-2023-39179.json | 8 +- CVE-2023/CVE-2023-391xx/CVE-2023-39180.json | 4 +- CVE-2023/CVE-2023-430xx/CVE-2023-43091.json | 8 +- CVE-2023/CVE-2023-46xx/CVE-2023-4639.json | 8 +- CVE-2023/CVE-2023-499xx/CVE-2023-49952.json | 25 + CVE-2023/CVE-2023-61xx/CVE-2023-6110.json | 8 +- CVE-2024/CVE-2024-00xx/CVE-2024-0012.json | 8 +- CVE-2024/CVE-2024-07xx/CVE-2024-0793.json | 8 +- CVE-2024/CVE-2024-100xx/CVE-2024-10015.json | 8 +- CVE-2024/CVE-2024-100xx/CVE-2024-10017.json | 8 +- CVE-2024/CVE-2024-101xx/CVE-2024-10147.json | 8 +- CVE-2024/CVE-2024-102xx/CVE-2024-10262.json | 8 +- CVE-2024/CVE-2024-103xx/CVE-2024-10390.json | 60 ++ CVE-2024/CVE-2024-105xx/CVE-2024-10533.json | 8 +- CVE-2024/CVE-2024-105xx/CVE-2024-10592.json | 8 +- CVE-2024/CVE-2024-106xx/CVE-2024-10614.json | 8 +- CVE-2024/CVE-2024-106xx/CVE-2024-10645.json | 8 +- CVE-2024/CVE-2024-107xx/CVE-2024-10728.json | 8 +- CVE-2024/CVE-2024-107xx/CVE-2024-10786.json | 8 +- CVE-2024/CVE-2024-107xx/CVE-2024-10795.json | 8 +- CVE-2024/CVE-2024-108xx/CVE-2024-10861.json | 8 +- CVE-2024/CVE-2024-108xx/CVE-2024-10875.json | 8 +- CVE-2024/CVE-2024-108xx/CVE-2024-10883.json | 8 +- CVE-2024/CVE-2024-108xx/CVE-2024-10884.json | 8 +- CVE-2024/CVE-2024-109xx/CVE-2024-10934.json | 8 +- CVE-2024/CVE-2024-109xx/CVE-2024-10990.json | 83 +- CVE-2024/CVE-2024-109xx/CVE-2024-10991.json | 78 +- CVE-2024/CVE-2024-109xx/CVE-2024-10993.json | 78 +- CVE-2024/CVE-2024-109xx/CVE-2024-10994.json | 76 +- CVE-2024/CVE-2024-110xx/CVE-2024-11017.json | 40 +- CVE-2024/CVE-2024-110xx/CVE-2024-11018.json | 40 +- CVE-2024/CVE-2024-110xx/CVE-2024-11019.json | 40 +- CVE-2024/CVE-2024-110xx/CVE-2024-11020.json | 40 +- CVE-2024/CVE-2024-110xx/CVE-2024-11021.json | 40 +- CVE-2024/CVE-2024-110xx/CVE-2024-11023.json | 8 +- CVE-2024/CVE-2024-110xx/CVE-2024-11073.json | 86 +- CVE-2024/CVE-2024-110xx/CVE-2024-11085.json | 8 +- CVE-2024/CVE-2024-110xx/CVE-2024-11092.json | 8 +- CVE-2024/CVE-2024-110xx/CVE-2024-11094.json | 8 +- CVE-2024/CVE-2024-111xx/CVE-2024-11100.json | 79 +- CVE-2024/CVE-2024-111xx/CVE-2024-11101.json | 77 +- CVE-2024/CVE-2024-111xx/CVE-2024-11118.json | 8 +- CVE-2024/CVE-2024-112xx/CVE-2024-11217.json | 8 +- CVE-2024/CVE-2024-112xx/CVE-2024-11241.json | 8 +- CVE-2024/CVE-2024-112xx/CVE-2024-11242.json | 8 +- CVE-2024/CVE-2024-112xx/CVE-2024-11243.json | 8 +- CVE-2024/CVE-2024-112xx/CVE-2024-11244.json | 8 +- CVE-2024/CVE-2024-112xx/CVE-2024-11245.json | 8 +- CVE-2024/CVE-2024-112xx/CVE-2024-11246.json | 8 +- CVE-2024/CVE-2024-112xx/CVE-2024-11247.json | 8 +- CVE-2024/CVE-2024-112xx/CVE-2024-11248.json | 8 +- CVE-2024/CVE-2024-112xx/CVE-2024-11250.json | 8 +- CVE-2024/CVE-2024-112xx/CVE-2024-11251.json | 8 +- CVE-2024/CVE-2024-112xx/CVE-2024-11256.json | 8 +- CVE-2024/CVE-2024-112xx/CVE-2024-11257.json | 8 +- CVE-2024/CVE-2024-112xx/CVE-2024-11258.json | 8 +- CVE-2024/CVE-2024-112xx/CVE-2024-11259.json | 8 +- CVE-2024/CVE-2024-112xx/CVE-2024-11261.json | 8 +- CVE-2024/CVE-2024-112xx/CVE-2024-11262.json | 8 +- CVE-2024/CVE-2024-112xx/CVE-2024-11263.json | 8 +- CVE-2024/CVE-2024-113xx/CVE-2024-11303.json | 8 +- CVE-2024/CVE-2024-113xx/CVE-2024-11304.json | 8 +- CVE-2024/CVE-2024-113xx/CVE-2024-11305.json | 8 +- CVE-2024/CVE-2024-113xx/CVE-2024-11306.json | 8 +- CVE-2024/CVE-2024-113xx/CVE-2024-11308.json | 8 +- CVE-2024/CVE-2024-113xx/CVE-2024-11309.json | 8 +- CVE-2024/CVE-2024-113xx/CVE-2024-11310.json | 8 +- CVE-2024/CVE-2024-113xx/CVE-2024-11311.json | 8 +- CVE-2024/CVE-2024-113xx/CVE-2024-11312.json | 8 +- CVE-2024/CVE-2024-113xx/CVE-2024-11313.json | 8 +- CVE-2024/CVE-2024-113xx/CVE-2024-11314.json | 8 +- CVE-2024/CVE-2024-113xx/CVE-2024-11315.json | 8 +- CVE-2024/CVE-2024-113xx/CVE-2024-11318.json | 8 +- CVE-2024/CVE-2024-113xx/CVE-2024-11319.json | 8 +- CVE-2024/CVE-2024-203xx/CVE-2024-20373.json | 8 +- CVE-2024/CVE-2024-220xx/CVE-2024-22067.json | 8 +- CVE-2024/CVE-2024-231xx/CVE-2024-23169.json | 8 +- CVE-2024/CVE-2024-244xx/CVE-2024-24425.json | 8 +- CVE-2024/CVE-2024-244xx/CVE-2024-24426.json | 8 +- CVE-2024/CVE-2024-244xx/CVE-2024-24431.json | 8 +- CVE-2024/CVE-2024-244xx/CVE-2024-24446.json | 8 +- CVE-2024/CVE-2024-244xx/CVE-2024-24447.json | 8 +- CVE-2024/CVE-2024-244xx/CVE-2024-24449.json | 8 +- CVE-2024/CVE-2024-244xx/CVE-2024-24450.json | 8 +- CVE-2024/CVE-2024-244xx/CVE-2024-24452.json | 8 +- CVE-2024/CVE-2024-244xx/CVE-2024-24453.json | 8 +- CVE-2024/CVE-2024-244xx/CVE-2024-24454.json | 8 +- CVE-2024/CVE-2024-244xx/CVE-2024-24455.json | 8 +- CVE-2024/CVE-2024-244xx/CVE-2024-24457.json | 8 +- CVE-2024/CVE-2024-244xx/CVE-2024-24458.json | 8 +- CVE-2024/CVE-2024-244xx/CVE-2024-24459.json | 8 +- CVE-2024/CVE-2024-280xx/CVE-2024-28058.json | 8 +- CVE-2024/CVE-2024-33xx/CVE-2024-3334.json | 8 +- CVE-2024/CVE-2024-33xx/CVE-2024-3370.json | 8 +- CVE-2024/CVE-2024-371xx/CVE-2024-37155.json | 8 +- CVE-2024/CVE-2024-382xx/CVE-2024-38203.json | 219 ++++- CVE-2024/CVE-2024-383xx/CVE-2024-38370.json | 8 +- CVE-2024/CVE-2024-388xx/CVE-2024-38828.json | 8 +- CVE-2024/CVE-2024-397xx/CVE-2024-39726.json | 8 +- CVE-2024/CVE-2024-406xx/CVE-2024-40638.json | 8 +- CVE-2024/CVE-2024-411xx/CVE-2024-41151.json | 8 +- CVE-2024/CVE-2024-416xx/CVE-2024-41678.json | 8 +- CVE-2024/CVE-2024-416xx/CVE-2024-41679.json | 8 +- CVE-2024/CVE-2024-417xx/CVE-2024-41784.json | 8 +- CVE-2024/CVE-2024-417xx/CVE-2024-41785.json | 8 +- CVE-2024/CVE-2024-419xx/CVE-2024-41967.json | 8 +- CVE-2024/CVE-2024-419xx/CVE-2024-41968.json | 8 +- CVE-2024/CVE-2024-419xx/CVE-2024-41969.json | 8 +- CVE-2024/CVE-2024-419xx/CVE-2024-41970.json | 8 +- CVE-2024/CVE-2024-419xx/CVE-2024-41971.json | 8 +- CVE-2024/CVE-2024-419xx/CVE-2024-41972.json | 8 +- CVE-2024/CVE-2024-419xx/CVE-2024-41973.json | 8 +- CVE-2024/CVE-2024-419xx/CVE-2024-41974.json | 8 +- CVE-2024/CVE-2024-423xx/CVE-2024-42383.json | 8 +- CVE-2024/CVE-2024-423xx/CVE-2024-42384.json | 8 +- CVE-2024/CVE-2024-423xx/CVE-2024-42385.json | 8 +- CVE-2024/CVE-2024-423xx/CVE-2024-42386.json | 8 +- CVE-2024/CVE-2024-423xx/CVE-2024-42387.json | 8 +- CVE-2024/CVE-2024-423xx/CVE-2024-42388.json | 8 +- CVE-2024/CVE-2024-423xx/CVE-2024-42389.json | 8 +- CVE-2024/CVE-2024-423xx/CVE-2024-42390.json | 8 +- CVE-2024/CVE-2024-423xx/CVE-2024-42391.json | 8 +- CVE-2024/CVE-2024-423xx/CVE-2024-42392.json | 8 +- CVE-2024/CVE-2024-426xx/CVE-2024-42677.json | 6 +- CVE-2024/CVE-2024-426xx/CVE-2024-42678.json | 8 +- CVE-2024/CVE-2024-431xx/CVE-2024-43189.json | 8 +- CVE-2024/CVE-2024-434xx/CVE-2024-43416.json | 60 ++ CVE-2024/CVE-2024-434xx/CVE-2024-43417.json | 8 +- CVE-2024/CVE-2024-434xx/CVE-2024-43418.json | 8 +- CVE-2024/CVE-2024-437xx/CVE-2024-43704.json | 8 +- CVE-2024/CVE-2024-446xx/CVE-2024-44625.json | 8 +- CVE-2024/CVE-2024-447xx/CVE-2024-44756.json | 25 + CVE-2024/CVE-2024-447xx/CVE-2024-44757.json | 25 + CVE-2024/CVE-2024-447xx/CVE-2024-44758.json | 8 +- CVE-2024/CVE-2024-447xx/CVE-2024-44759.json | 8 +- CVE-2024/CVE-2024-447xx/CVE-2024-44761.json | 8 +- CVE-2024/CVE-2024-455xx/CVE-2024-45505.json | 8 +- CVE-2024/CVE-2024-456xx/CVE-2024-45608.json | 8 +- CVE-2024/CVE-2024-456xx/CVE-2024-45609.json | 8 +- CVE-2024/CVE-2024-456xx/CVE-2024-45610.json | 8 +- CVE-2024/CVE-2024-456xx/CVE-2024-45611.json | 8 +- CVE-2024/CVE-2024-457xx/CVE-2024-45791.json | 8 +- CVE-2024/CVE-2024-459xx/CVE-2024-45969.json | 8 +- CVE-2024/CVE-2024-459xx/CVE-2024-45970.json | 8 +- CVE-2024/CVE-2024-459xx/CVE-2024-45971.json | 8 +- CVE-2024/CVE-2024-463xx/CVE-2024-46383.json | 8 +- CVE-2024/CVE-2024-464xx/CVE-2024-46462.json | 8 +- CVE-2024/CVE-2024-464xx/CVE-2024-46463.json | 8 +- CVE-2024/CVE-2024-464xx/CVE-2024-46465.json | 8 +- CVE-2024/CVE-2024-464xx/CVE-2024-46466.json | 8 +- CVE-2024/CVE-2024-464xx/CVE-2024-46467.json | 8 +- CVE-2024/CVE-2024-472xx/CVE-2024-47208.json | 8 +- CVE-2024/CVE-2024-475xx/CVE-2024-47533.json | 64 ++ CVE-2024/CVE-2024-477xx/CVE-2024-47759.json | 8 +- CVE-2024/CVE-2024-478xx/CVE-2024-47820.json | 60 ++ CVE-2024/CVE-2024-478xx/CVE-2024-47873.json | 68 ++ CVE-2024/CVE-2024-480xx/CVE-2024-48068.json | 8 +- CVE-2024/CVE-2024-482xx/CVE-2024-48284.json | 39 +- CVE-2024/CVE-2024-482xx/CVE-2024-48292.json | 25 + CVE-2024/CVE-2024-488xx/CVE-2024-48896.json | 8 +- CVE-2024/CVE-2024-488xx/CVE-2024-48897.json | 8 +- CVE-2024/CVE-2024-488xx/CVE-2024-48898.json | 8 +- CVE-2024/CVE-2024-489xx/CVE-2024-48901.json | 8 +- CVE-2024/CVE-2024-489xx/CVE-2024-48962.json | 8 +- CVE-2024/CVE-2024-490xx/CVE-2024-49060.json | 8 +- CVE-2024/CVE-2024-495xx/CVE-2024-49514.json | 51 +- CVE-2024/CVE-2024-495xx/CVE-2024-49521.json | 43 +- CVE-2024/CVE-2024-495xx/CVE-2024-49526.json | 51 +- CVE-2024/CVE-2024-495xx/CVE-2024-49527.json | 51 +- CVE-2024/CVE-2024-495xx/CVE-2024-49528.json | 51 +- CVE-2024/CVE-2024-495xx/CVE-2024-49536.json | 8 +- CVE-2024/CVE-2024-495xx/CVE-2024-49574.json | 8 +- CVE-2024/CVE-2024-495xx/CVE-2024-49592.json | 4 +- CVE-2024/CVE-2024-497xx/CVE-2024-49754.json | 8 +- CVE-2024/CVE-2024-497xx/CVE-2024-49758.json | 8 +- CVE-2024/CVE-2024-497xx/CVE-2024-49759.json | 8 +- CVE-2024/CVE-2024-497xx/CVE-2024-49764.json | 8 +- CVE-2024/CVE-2024-503xx/CVE-2024-50324.json | 92 +- CVE-2024/CVE-2024-503xx/CVE-2024-50326.json | 92 +- CVE-2024/CVE-2024-503xx/CVE-2024-50327.json | 92 +- CVE-2024/CVE-2024-503xx/CVE-2024-50328.json | 92 +- CVE-2024/CVE-2024-503xx/CVE-2024-50329.json | 92 +- CVE-2024/CVE-2024-503xx/CVE-2024-50350.json | 8 +- CVE-2024/CVE-2024-503xx/CVE-2024-50351.json | 8 +- CVE-2024/CVE-2024-503xx/CVE-2024-50352.json | 8 +- CVE-2024/CVE-2024-503xx/CVE-2024-50355.json | 8 +- CVE-2024/CVE-2024-506xx/CVE-2024-50647.json | 8 +- CVE-2024/CVE-2024-506xx/CVE-2024-50648.json | 8 +- CVE-2024/CVE-2024-506xx/CVE-2024-50649.json | 8 +- CVE-2024/CVE-2024-506xx/CVE-2024-50650.json | 8 +- CVE-2024/CVE-2024-506xx/CVE-2024-50651.json | 8 +- CVE-2024/CVE-2024-506xx/CVE-2024-50652.json | 8 +- CVE-2024/CVE-2024-506xx/CVE-2024-50653.json | 8 +- CVE-2024/CVE-2024-506xx/CVE-2024-50654.json | 8 +- CVE-2024/CVE-2024-506xx/CVE-2024-50655.json | 8 +- CVE-2024/CVE-2024-507xx/CVE-2024-50724.json | 8 +- CVE-2024/CVE-2024-508xx/CVE-2024-50800.json | 8 +- CVE-2024/CVE-2024-508xx/CVE-2024-50836.json | 34 +- CVE-2024/CVE-2024-509xx/CVE-2024-50983.json | 8 +- CVE-2024/CVE-2024-509xx/CVE-2024-50986.json | 8 +- CVE-2024/CVE-2024-50xx/CVE-2024-5030.json | 8 +- CVE-2024/CVE-2024-510xx/CVE-2024-51037.json | 8 +- CVE-2024/CVE-2024-510xx/CVE-2024-51093.json | 63 +- CVE-2024/CVE-2024-511xx/CVE-2024-51141.json | 8 +- CVE-2024/CVE-2024-511xx/CVE-2024-51142.json | 8 +- CVE-2024/CVE-2024-511xx/CVE-2024-51156.json | 39 +- CVE-2024/CVE-2024-511xx/CVE-2024-51164.json | 8 +- CVE-2024/CVE-2024-513xx/CVE-2024-51330.json | 8 +- CVE-2024/CVE-2024-514xx/CVE-2024-51494.json | 8 +- CVE-2024/CVE-2024-514xx/CVE-2024-51495.json | 8 +- CVE-2024/CVE-2024-514xx/CVE-2024-51496.json | 8 +- CVE-2024/CVE-2024-514xx/CVE-2024-51497.json | 8 +- CVE-2024/CVE-2024-517xx/CVE-2024-51764.json | 8 +- CVE-2024/CVE-2024-517xx/CVE-2024-51765.json | 8 +- CVE-2024/CVE-2024-522xx/CVE-2024-52298.json | 61 +- CVE-2024/CVE-2024-522xx/CVE-2024-52299.json | 59 +- CVE-2024/CVE-2024-523xx/CVE-2024-52300.json | 59 +- CVE-2024/CVE-2024-523xx/CVE-2024-52316.json | 8 +- CVE-2024/CVE-2024-523xx/CVE-2024-52317.json | 8 +- CVE-2024/CVE-2024-523xx/CVE-2024-52318.json | 8 +- CVE-2024/CVE-2024-523xx/CVE-2024-52386.json | 8 +- CVE-2024/CVE-2024-523xx/CVE-2024-52397.json | 8 +- CVE-2024/CVE-2024-523xx/CVE-2024-52398.json | 8 +- CVE-2024/CVE-2024-523xx/CVE-2024-52399.json | 8 +- CVE-2024/CVE-2024-524xx/CVE-2024-52400.json | 8 +- CVE-2024/CVE-2024-524xx/CVE-2024-52403.json | 8 +- CVE-2024/CVE-2024-524xx/CVE-2024-52404.json | 8 +- CVE-2024/CVE-2024-524xx/CVE-2024-52405.json | 8 +- CVE-2024/CVE-2024-524xx/CVE-2024-52406.json | 8 +- CVE-2024/CVE-2024-524xx/CVE-2024-52407.json | 8 +- CVE-2024/CVE-2024-524xx/CVE-2024-52408.json | 8 +- CVE-2024/CVE-2024-524xx/CVE-2024-52409.json | 8 +- CVE-2024/CVE-2024-524xx/CVE-2024-52410.json | 8 +- CVE-2024/CVE-2024-524xx/CVE-2024-52411.json | 8 +- CVE-2024/CVE-2024-524xx/CVE-2024-52412.json | 8 +- CVE-2024/CVE-2024-524xx/CVE-2024-52413.json | 8 +- CVE-2024/CVE-2024-524xx/CVE-2024-52414.json | 8 +- CVE-2024/CVE-2024-524xx/CVE-2024-52415.json | 8 +- CVE-2024/CVE-2024-524xx/CVE-2024-52416.json | 8 +- CVE-2024/CVE-2024-524xx/CVE-2024-52419.json | 8 +- CVE-2024/CVE-2024-524xx/CVE-2024-52422.json | 8 +- CVE-2024/CVE-2024-524xx/CVE-2024-52423.json | 8 +- CVE-2024/CVE-2024-524xx/CVE-2024-52424.json | 8 +- CVE-2024/CVE-2024-524xx/CVE-2024-52425.json | 8 +- CVE-2024/CVE-2024-524xx/CVE-2024-52426.json | 8 +- CVE-2024/CVE-2024-524xx/CVE-2024-52427.json | 8 +- CVE-2024/CVE-2024-524xx/CVE-2024-52428.json | 8 +- CVE-2024/CVE-2024-524xx/CVE-2024-52429.json | 8 +- CVE-2024/CVE-2024-524xx/CVE-2024-52430.json | 8 +- CVE-2024/CVE-2024-524xx/CVE-2024-52431.json | 8 +- CVE-2024/CVE-2024-524xx/CVE-2024-52432.json | 8 +- CVE-2024/CVE-2024-524xx/CVE-2024-52433.json | 8 +- CVE-2024/CVE-2024-524xx/CVE-2024-52434.json | 8 +- CVE-2024/CVE-2024-524xx/CVE-2024-52435.json | 8 +- CVE-2024/CVE-2024-524xx/CVE-2024-52436.json | 8 +- CVE-2024/CVE-2024-525xx/CVE-2024-52507.json | 8 +- CVE-2024/CVE-2024-525xx/CVE-2024-52508.json | 8 +- CVE-2024/CVE-2024-525xx/CVE-2024-52509.json | 8 +- CVE-2024/CVE-2024-525xx/CVE-2024-52510.json | 8 +- CVE-2024/CVE-2024-525xx/CVE-2024-52511.json | 8 +- CVE-2024/CVE-2024-525xx/CVE-2024-52512.json | 8 +- CVE-2024/CVE-2024-525xx/CVE-2024-52513.json | 8 +- CVE-2024/CVE-2024-525xx/CVE-2024-52514.json | 8 +- CVE-2024/CVE-2024-525xx/CVE-2024-52515.json | 8 +- CVE-2024/CVE-2024-525xx/CVE-2024-52516.json | 8 +- CVE-2024/CVE-2024-525xx/CVE-2024-52517.json | 8 +- CVE-2024/CVE-2024-525xx/CVE-2024-52518.json | 8 +- CVE-2024/CVE-2024-525xx/CVE-2024-52519.json | 8 +- CVE-2024/CVE-2024-525xx/CVE-2024-52520.json | 8 +- CVE-2024/CVE-2024-525xx/CVE-2024-52521.json | 8 +- CVE-2024/CVE-2024-525xx/CVE-2024-52522.json | 8 +- CVE-2024/CVE-2024-525xx/CVE-2024-52523.json | 8 +- CVE-2024/CVE-2024-525xx/CVE-2024-52525.json | 8 +- CVE-2024/CVE-2024-525xx/CVE-2024-52526.json | 8 +- CVE-2024/CVE-2024-525xx/CVE-2024-52528.json | 8 +- CVE-2024/CVE-2024-525xx/CVE-2024-52555.json | 8 +- CVE-2024/CVE-2024-525xx/CVE-2024-52565.json | 8 +- CVE-2024/CVE-2024-525xx/CVE-2024-52566.json | 8 +- CVE-2024/CVE-2024-525xx/CVE-2024-52567.json | 8 +- CVE-2024/CVE-2024-525xx/CVE-2024-52568.json | 8 +- CVE-2024/CVE-2024-525xx/CVE-2024-52569.json | 8 +- CVE-2024/CVE-2024-525xx/CVE-2024-52570.json | 8 +- CVE-2024/CVE-2024-525xx/CVE-2024-52571.json | 8 +- CVE-2024/CVE-2024-525xx/CVE-2024-52572.json | 8 +- CVE-2024/CVE-2024-525xx/CVE-2024-52573.json | 8 +- CVE-2024/CVE-2024-525xx/CVE-2024-52574.json | 8 +- CVE-2024/CVE-2024-528xx/CVE-2024-52867.json | 8 +- CVE-2024/CVE-2024-528xx/CVE-2024-52871.json | 33 +- CVE-2024/CVE-2024-528xx/CVE-2024-52872.json | 33 +- CVE-2024/CVE-2024-528xx/CVE-2024-52876.json | 45 +- CVE-2024/CVE-2024-529xx/CVE-2024-52912.json | 4 +- CVE-2024/CVE-2024-529xx/CVE-2024-52913.json | 4 +- CVE-2024/CVE-2024-529xx/CVE-2024-52914.json | 4 +- CVE-2024/CVE-2024-529xx/CVE-2024-52915.json | 4 +- CVE-2024/CVE-2024-529xx/CVE-2024-52916.json | 4 +- CVE-2024/CVE-2024-529xx/CVE-2024-52917.json | 4 +- CVE-2024/CVE-2024-529xx/CVE-2024-52918.json | 4 +- CVE-2024/CVE-2024-529xx/CVE-2024-52919.json | 4 +- CVE-2024/CVE-2024-529xx/CVE-2024-52920.json | 4 +- CVE-2024/CVE-2024-529xx/CVE-2024-52921.json | 4 +- CVE-2024/CVE-2024-529xx/CVE-2024-52922.json | 33 +- CVE-2024/CVE-2024-529xx/CVE-2024-52926.json | 20 +- CVE-2024/CVE-2024-529xx/CVE-2024-52940.json | 4 +- CVE-2024/CVE-2024-529xx/CVE-2024-52941.json | 8 +- CVE-2024/CVE-2024-529xx/CVE-2024-52942.json | 8 +- CVE-2024/CVE-2024-529xx/CVE-2024-52943.json | 8 +- CVE-2024/CVE-2024-529xx/CVE-2024-52944.json | 8 +- CVE-2024/CVE-2024-529xx/CVE-2024-52945.json | 8 +- CVE-2024/CVE-2024-529xx/CVE-2024-52946.json | 8 +- CVE-2024/CVE-2024-529xx/CVE-2024-52947.json | 45 +- CVE-2024/CVE-2024-66xx/CVE-2024-6628.json | 8 +- CVE-2024/CVE-2024-72xx/CVE-2024-7295.json | 47 +- CVE-2024/CVE-2024-80xx/CVE-2024-8049.json | 59 +- CVE-2024/CVE-2024-87xx/CVE-2024-8781.json | 8 +- CVE-2024/CVE-2024-88xx/CVE-2024-8856.json | 8 +- CVE-2024/CVE-2024-88xx/CVE-2024-8873.json | 8 +- CVE-2024/CVE-2024-91xx/CVE-2024-9192.json | 8 +- CVE-2024/CVE-2024-93xx/CVE-2024-9386.json | 8 +- CVE-2024/CVE-2024-94xx/CVE-2024-9474.json | 8 +- CVE-2024/CVE-2024-95xx/CVE-2024-9500.json | 8 +- CVE-2024/CVE-2024-95xx/CVE-2024-9526.json | 8 +- CVE-2024/CVE-2024-96xx/CVE-2024-9615.json | 8 +- CVE-2024/CVE-2024-98xx/CVE-2024-9839.json | 8 +- CVE-2024/CVE-2024-98xx/CVE-2024-9849.json | 8 +- CVE-2024/CVE-2024-98xx/CVE-2024-9850.json | 8 +- CVE-2024/CVE-2024-98xx/CVE-2024-9887.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9935.json | 8 +- CVE-2024/CVE-2024-99xx/CVE-2024-9938.json | 8 +- README.md | 96 +- _state.csv | 933 ++++++++++---------- 420 files changed, 5492 insertions(+), 1418 deletions(-) create mode 100644 CVE-2020/CVE-2020-260xx/CVE-2020-26066.json create mode 100644 CVE-2020/CVE-2020-260xx/CVE-2020-26067.json create mode 100644 CVE-2023/CVE-2023-499xx/CVE-2023-49952.json create mode 100644 CVE-2024/CVE-2024-103xx/CVE-2024-10390.json create mode 100644 CVE-2024/CVE-2024-434xx/CVE-2024-43416.json create mode 100644 CVE-2024/CVE-2024-447xx/CVE-2024-44756.json create mode 100644 CVE-2024/CVE-2024-447xx/CVE-2024-44757.json create mode 100644 CVE-2024/CVE-2024-475xx/CVE-2024-47533.json create mode 100644 CVE-2024/CVE-2024-478xx/CVE-2024-47820.json create mode 100644 CVE-2024/CVE-2024-478xx/CVE-2024-47873.json create mode 100644 CVE-2024/CVE-2024-482xx/CVE-2024-48292.json diff --git a/CVE-2015/CVE-2015-201xx/CVE-2015-20111.json b/CVE-2015/CVE-2015-201xx/CVE-2015-20111.json index 79f2d1c617f..81f39fb140a 100644 --- a/CVE-2015/CVE-2015-201xx/CVE-2015-20111.json +++ b/CVE-2015/CVE-2015-201xx/CVE-2015-20111.json @@ -2,16 +2,55 @@ "id": "CVE-2015-20111", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-18T04:15:03.987", - "lastModified": "2024-11-18T04:15:03.987", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:35:00.977", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "miniupnp before 4c90b87, as used in Bitcoin Core before 0.12 and other products, lacks checks for snprintf return values, leading to a buffer overflow and significant data leak, a different vulnerability than CVE-2019-12107. In Bitcoin Core before 0.12, remote code execution was possible in conjunction with CVE-2015-6031 exploitation." + }, + { + "lang": "es", + "value": "En las versiones anteriores a 4c90b87 de Bitcoin Core y otros productos, la ejecuci\u00f3n remota de c\u00f3digo no se puede realizar junto con la explotaci\u00f3n de CVE-2015-6031." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://bitcoincore.org/en/2024/07/03/disclose_upnp_rce/", diff --git a/CVE-2017/CVE-2017-133xx/CVE-2017-13309.json b/CVE-2017/CVE-2017-133xx/CVE-2017-13309.json index 85ca11546a9..89831d1c4d1 100644 --- a/CVE-2017/CVE-2017-133xx/CVE-2017-13309.json +++ b/CVE-2017/CVE-2017-133xx/CVE-2017-13309.json @@ -2,13 +2,17 @@ "id": "CVE-2017-13309", "sourceIdentifier": "security@android.com", "published": "2024-11-15T21:15:05.980", - "lastModified": "2024-11-15T21:35:00.833", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In readEncryptedData of ConscryptEngine.java, there is a possible plaintext leak due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En readEncryptedData de ConscryptEngine.java, existe una posible fuga de texto plano debido a un cifrado utilizado incorrectamente. Esto podr\u00eda provocar la divulgaci\u00f3n de informaci\u00f3n local sin necesidad de privilegios de ejecuci\u00f3n adicionales. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n." } ], "metrics": { diff --git a/CVE-2017/CVE-2017-133xx/CVE-2017-13310.json b/CVE-2017/CVE-2017-133xx/CVE-2017-13310.json index 4bf0d0bd72a..3863b64edce 100644 --- a/CVE-2017/CVE-2017-133xx/CVE-2017-13310.json +++ b/CVE-2017/CVE-2017-133xx/CVE-2017-13310.json @@ -2,13 +2,17 @@ "id": "CVE-2017-13310", "sourceIdentifier": "security@android.com", "published": "2024-11-15T22:15:14.177", - "lastModified": "2024-11-15T22:15:14.177", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In createFromParcel of ViewPager.java, there is a possible read/write serialization issue leading to a permissions bypass. This could lead to local escalation of privilege where an app can start an activity with system privileges with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En createFromParcel de ViewPager.java, existe un posible problema de serializaci\u00f3n de lectura/escritura que conduce a una omisi\u00f3n de permisos. Esto podr\u00eda conducir a una escalada local de privilegios donde una aplicaci\u00f3n puede iniciar una actividad con privilegios del sistema sin necesidad de privilegios de ejecuci\u00f3n adicionales. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2017/CVE-2017-133xx/CVE-2017-13311.json b/CVE-2017/CVE-2017-133xx/CVE-2017-13311.json index d8b17bbadf0..572dbfcad43 100644 --- a/CVE-2017/CVE-2017-133xx/CVE-2017-13311.json +++ b/CVE-2017/CVE-2017-133xx/CVE-2017-13311.json @@ -2,13 +2,17 @@ "id": "CVE-2017-13311", "sourceIdentifier": "security@android.com", "published": "2024-11-15T22:15:14.240", - "lastModified": "2024-11-15T22:15:14.240", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the read() function of ProcessStats.java, there is a possible read/write serialization issue leading to a permissions bypass. This could lead to local escalation of privilege where an app can start an activity with system privileges with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En la funci\u00f3n read() de ProcessStats.java, existe un posible problema de serializaci\u00f3n de lectura/escritura que conduce a una omisi\u00f3n de permisos. Esto podr\u00eda provocar una escalada local de privilegios donde una aplicaci\u00f3n puede iniciar una actividad con privilegios del sistema sin necesidad de privilegios de ejecuci\u00f3n adicionales. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2017/CVE-2017-133xx/CVE-2017-13312.json b/CVE-2017/CVE-2017-133xx/CVE-2017-13312.json index 558867a576f..c66ff0e2460 100644 --- a/CVE-2017/CVE-2017-133xx/CVE-2017-13312.json +++ b/CVE-2017/CVE-2017-133xx/CVE-2017-13312.json @@ -2,13 +2,17 @@ "id": "CVE-2017-13312", "sourceIdentifier": "security@android.com", "published": "2024-11-15T22:15:14.300", - "lastModified": "2024-11-15T22:15:14.300", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In createFromParcel of MediaCas.java, there is a possible parcel read/write mismatch due to improper input validation. This could lead to local escalation of privilege where an app can start an activity with system privileges with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En createFromParcel de MediaCas.java, existe una posible discrepancia entre la lectura y la escritura de paquetes debido a una validaci\u00f3n de entrada incorrecta. Esto podr\u00eda provocar una escalada local de privilegios, donde una aplicaci\u00f3n puede iniciar una actividad con privilegios del sistema sin necesidad de privilegios de ejecuci\u00f3n adicionales. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2017/CVE-2017-133xx/CVE-2017-13313.json b/CVE-2017/CVE-2017-133xx/CVE-2017-13313.json index 7bcdf9604b2..f75de05bdbd 100644 --- a/CVE-2017/CVE-2017-133xx/CVE-2017-13313.json +++ b/CVE-2017/CVE-2017-133xx/CVE-2017-13313.json @@ -2,13 +2,17 @@ "id": "CVE-2017-13313", "sourceIdentifier": "security@android.com", "published": "2024-11-15T22:15:14.373", - "lastModified": "2024-11-15T22:15:14.373", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In ElementaryStreamQueue::dequeueAccessUnitMPEG4Video of ESQueue.cpp, there is a possible infinite loop leading to resource exhaustion due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation." + }, + { + "lang": "es", + "value": "En ElementaryStreamQueue::dequeueAccessUnitMPEG4Video de ESQueue.cpp, existe un posible bucle infinito que conduce al agotamiento de los recursos debido a una comprobaci\u00f3n incorrecta de los l\u00edmites. Esto podr\u00eda provocar una denegaci\u00f3n de servicio remota sin necesidad de privilegios de ejecuci\u00f3n adicionales. Se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2017/CVE-2017-133xx/CVE-2017-13314.json b/CVE-2017/CVE-2017-133xx/CVE-2017-13314.json index 433b8974045..468aa177740 100644 --- a/CVE-2017/CVE-2017-133xx/CVE-2017-13314.json +++ b/CVE-2017/CVE-2017-133xx/CVE-2017-13314.json @@ -2,13 +2,17 @@ "id": "CVE-2017-13314", "sourceIdentifier": "security@android.com", "published": "2024-11-15T22:15:14.440", - "lastModified": "2024-11-15T22:15:14.440", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In setAllowOnlyVpnForUids of NetworkManagementService.java, there is a possible security settings bypass due to a missing permission check. This could lead to local escalation of privilege allowing users to access non-VPN networks, when they are supposed to be restricted to the VPN networks, with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En setAllowOnlyVpnForUids de NetworkManagementService.java, existe una posible omisi\u00f3n de la configuraci\u00f3n de seguridad debido a la falta de una verificaci\u00f3n de permisos. Esto podr\u00eda provocar una escalada local de privilegios que permita a los usuarios acceder a redes que no sean VPN, cuando se supone que deben estar restringidos a las redes VPN, sin necesidad de privilegios de ejecuci\u00f3n adicionales. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2019/CVE-2019-252xx/CVE-2019-25220.json b/CVE-2019/CVE-2019-252xx/CVE-2019-25220.json index 0ec1ede4dcd..0bbf79abb0e 100644 --- a/CVE-2019/CVE-2019-252xx/CVE-2019-25220.json +++ b/CVE-2019/CVE-2019-252xx/CVE-2019-25220.json @@ -2,16 +2,55 @@ "id": "CVE-2019-25220", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-18T04:15:04.107", - "lastModified": "2024-11-18T04:15:04.107", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:35:01.780", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Bitcoin Core before 24.0.1 allows remote attackers to cause a denial of service (daemon crash) via a flood of low-difficulty header chains (aka a \"Chain Width Expansion\" attack) because a node does not first verify that a presented chain has enough work before committing to store it." + }, + { + "lang": "es", + "value": "Bitcoin Core anterior a 24.0.1 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (falla del demonio) a trav\u00e9s de una inundaci\u00f3n de cadenas de encabezado de baja dificultad (tambi\u00e9n conocido como un ataque de \"expansi\u00f3n del ancho de la cadena\") porque un nodo no verifica primero que una cadena presentada tenga suficiente trabajo antes de comprometerse a almacenarla." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-770" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://bitcoincore.org/en/2024/09/18/disclose-headers-oom", diff --git a/CVE-2020/CVE-2020-257xx/CVE-2020-25720.json b/CVE-2020/CVE-2020-257xx/CVE-2020-25720.json index 9f76bf27bef..525223f5502 100644 --- a/CVE-2020/CVE-2020-257xx/CVE-2020-25720.json +++ b/CVE-2020/CVE-2020-257xx/CVE-2020-25720.json @@ -2,13 +2,17 @@ "id": "CVE-2020-25720", "sourceIdentifier": "secalert@redhat.com", "published": "2024-11-17T11:15:04.320", - "lastModified": "2024-11-17T11:15:04.320", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in Samba where a delegated administrator with permission to create objects in Active Directory can write to all attributes of the newly created object, including security-sensitive attributes, even after the object's creation. This issue occurs because the administrator owns the object due to the lack of an Access Control List (ACL) at the time of creation and later being recognized as the 'creator owner.' The retained significant rights of the delegated administrator may not be well understood, potentially leading to unintended privilege escalation or security risks." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en Samba donde un administrador delegado con permiso para crear objetos en Active Directory puede escribir en todos los atributos del objeto reci\u00e9n creado, incluidos los atributos sensibles a la seguridad, incluso despu\u00e9s de la creaci\u00f3n del objeto. Este problema se produce porque el administrador es el propietario del objeto debido a la falta de una lista de control de acceso (ACL) en el momento de la creaci\u00f3n y, posteriormente, se lo reconoce como el \"propietario creador\". Es posible que no se comprendan bien los derechos importantes que conserva el administrador delegado, lo que puede provocar una escalada de privilegios no deseada o riesgos de seguridad." } ], "metrics": { diff --git a/CVE-2020/CVE-2020-260xx/CVE-2020-26062.json b/CVE-2020/CVE-2020-260xx/CVE-2020-26062.json index 15d78a92b0e..48368a68d91 100644 --- a/CVE-2020/CVE-2020-260xx/CVE-2020-26062.json +++ b/CVE-2020/CVE-2020-260xx/CVE-2020-26062.json @@ -2,13 +2,17 @@ "id": "CVE-2020-26062", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-18T16:15:05.170", - "lastModified": "2024-11-18T16:15:05.170", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in Cisco Integrated Management Controller could allow an unauthenticated, remote attacker to enumerate valid usernames within the vulnerable application.\r\nThe vulnerability is due to differences in authentication responses sent back from the application as part of an authentication attempt. An attacker could exploit this vulnerability by sending authentication requests to the affected application. A successful exploit could allow the attacker to confirm the names of administrative user accounts for use in further attacks.There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en Cisco Integrated Management Controller podr\u00eda permitir que un atacante remoto no autenticado enumere nombres de usuario v\u00e1lidos dentro de la aplicaci\u00f3n vulnerable. La vulnerabilidad se debe a diferencias en las respuestas de autenticaci\u00f3n enviadas desde la aplicaci\u00f3n como parte de un intento de autenticaci\u00f3n. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando solicitudes de autenticaci\u00f3n a la aplicaci\u00f3n afectada. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante confirmar los nombres de las cuentas de usuario administrativas para usarlas en ataques posteriores. No existen workarounds que aborden esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2020/CVE-2020-260xx/CVE-2020-26063.json b/CVE-2020/CVE-2020-260xx/CVE-2020-26063.json index bbafce2b0e4..96012d1b0e7 100644 --- a/CVE-2020/CVE-2020-260xx/CVE-2020-26063.json +++ b/CVE-2020/CVE-2020-260xx/CVE-2020-26063.json @@ -2,13 +2,17 @@ "id": "CVE-2020-26063", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-18T16:15:05.460", - "lastModified": "2024-11-18T16:15:05.460", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the API endpoints of Cisco Integrated Management Controller could allow an authenticated, remote attacker to bypass authorization and take actions on a vulnerable system without authorization.\r\nThe vulnerability is due to improper authorization checks on API endpoints. An attacker could exploit this vulnerability by sending malicious requests to an API endpoint. An exploit could allow the attacker to download files from or modify limited configuration options on the affected system.There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en los puntos finales de API de Cisco Integrated Management Controller podr\u00eda permitir que un atacante remoto autenticado omita la autorizaci\u00f3n y realice acciones en un sistema vulnerable sin autorizaci\u00f3n. La vulnerabilidad se debe a comprobaciones de autorizaci\u00f3n incorrectas en los endpoints de API. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando solicitudes maliciosas a un endpoint de API. Una vulnerabilidad podr\u00eda permitir al atacante descargar archivos o modificar opciones de configuraci\u00f3n limitadas en el sistema afectado. No existen workarounds que aborden esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2020/CVE-2020-260xx/CVE-2020-26066.json b/CVE-2020/CVE-2020-260xx/CVE-2020-26066.json new file mode 100644 index 00000000000..3da4a6148ae --- /dev/null +++ b/CVE-2020/CVE-2020-260xx/CVE-2020-26066.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2020-26066", + "sourceIdentifier": "ykramarz@cisco.com", + "published": "2024-11-18T17:15:09.437", + "lastModified": "2024-11-18T17:15:09.437", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected system.\r\nThe vulnerability is due to improper handling of XML External Entity (XXE) entries when parsing certain XML files. An attacker could exploit this vulnerability by persuading a user to import a crafted XML file with malicious entries. A successful exploit could allow the attacker to read and write files within the affected application.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "ykramarz@cisco.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "ykramarz@cisco.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-611" + } + ] + } + ], + "references": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanx3-vrZbOqqD", + "source": "ykramarz@cisco.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-260xx/CVE-2020-26067.json b/CVE-2020/CVE-2020-260xx/CVE-2020-26067.json new file mode 100644 index 00000000000..70600365c19 --- /dev/null +++ b/CVE-2020/CVE-2020-260xx/CVE-2020-26067.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2020-26067", + "sourceIdentifier": "ykramarz@cisco.com", + "published": "2024-11-18T17:15:09.757", + "lastModified": "2024-11-18T17:15:09.757", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability in the web-based interface of Cisco Webex Teams could allow an authenticated, remote attacker to conduct cross-site scripting attacks.\r\nThe vulnerability is due to improper validation of usernames. An attacker could exploit this vulnerability by creating an account that contains malicious HTML or script content and joining a space using the malicious account name. A successful exploit could allow the attacker to conduct cross-site scripting attacks and potentially gain access to sensitive browser-based information.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "ykramarz@cisco.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "ykramarz@cisco.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-80" + } + ] + } + ], + "references": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-teams-xss-zLW9tD3", + "source": "ykramarz@cisco.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-260xx/CVE-2020-26071.json b/CVE-2020/CVE-2020-260xx/CVE-2020-26071.json index 7991ea8f467..7b07e18785f 100644 --- a/CVE-2020/CVE-2020-260xx/CVE-2020-26071.json +++ b/CVE-2020/CVE-2020-260xx/CVE-2020-26071.json @@ -2,13 +2,17 @@ "id": "CVE-2020-26071", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-18T16:15:05.710", - "lastModified": "2024-11-18T16:15:05.710", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to create or overwrite arbitrary files on an affected device, which could result in a denial of service (DoS) condition.\r\nThe vulnerability is due to insufficient input validation for specific commands. An attacker could exploit this vulnerability by including crafted arguments to those specific commands. A successful exploit could allow the attacker to create or overwrite arbitrary files on the affected device, which could result in a DoS condition.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la CLI del software Cisco SD-WAN podr\u00eda permitir que un atacante local autenticado cree o sobrescriba archivos arbitrarios en un dispositivo afectado, lo que podr\u00eda generar una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad se debe a una validaci\u00f3n de entrada insuficiente para comandos espec\u00edficos. Un atacante podr\u00eda aprovechar esta vulnerabilidad al incluir argumentos manipulados para esos comandos espec\u00edficos. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante cree o sobrescriba archivos arbitrarios en el dispositivo afectado, lo que podr\u00eda generar una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2020/CVE-2020-260xx/CVE-2020-26073.json b/CVE-2020/CVE-2020-260xx/CVE-2020-26073.json index 3844fea1f81..2b88bf27078 100644 --- a/CVE-2020/CVE-2020-260xx/CVE-2020-26073.json +++ b/CVE-2020/CVE-2020-260xx/CVE-2020-26073.json @@ -2,13 +2,17 @@ "id": "CVE-2020-26073", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-18T16:15:05.947", - "lastModified": "2024-11-18T16:15:05.947", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the application data endpoints of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to gain access to sensitive information.\r\nThe vulnerability is due to improper validation of directory traversal character sequences within requests to application programmatic interfaces (APIs). An attacker could exploit this vulnerability by sending malicious requests to an API within the affected application. A successful exploit could allow the attacker to conduct directory traversal attacks and gain access to sensitive information including credentials or user tokens.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en los puntos finales de datos de la aplicaci\u00f3n de Cisco SD-WAN vManage Software podr\u00eda permitir que un atacante remoto no autenticado obtenga acceso a informaci\u00f3n confidencial. La vulnerabilidad se debe a una validaci\u00f3n incorrecta de las secuencias de caracteres de directory traversal dentro de las solicitudes a las interfaces program\u00e1ticas de aplicaciones (API). Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando solicitudes maliciosas a una API dentro de la aplicaci\u00f3n afectada. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante realizar ataques de directory traversal y obtener acceso a informaci\u00f3n confidencial, incluidas las credenciales o los tokens de usuario. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2020/CVE-2020-260xx/CVE-2020-26074.json b/CVE-2020/CVE-2020-260xx/CVE-2020-26074.json index 7280719f141..0a73e4a9f0b 100644 --- a/CVE-2020/CVE-2020-260xx/CVE-2020-26074.json +++ b/CVE-2020/CVE-2020-260xx/CVE-2020-26074.json @@ -2,13 +2,17 @@ "id": "CVE-2020-26074", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-18T16:15:06.170", - "lastModified": "2024-11-18T16:15:06.170", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in system file transfer functions of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to gain escalated privileges on the underlying operating system.\r\nThe vulnerability is due to improper validation of path input to the system file transfer functions. An attacker could exploit this vulnerability by sending requests that contain specially crafted path variables to the vulnerable system. A successful exploit could allow the attacker to overwrite arbitrary files, allowing the attacker to modify the system in such a way that could allow the attacker to gain escalated privileges.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en las funciones de transferencia de archivos del sistema de Cisco SD-WAN vManage Software podr\u00eda permitir que un atacante local autenticado obtenga privilegios elevados en el sistema operativo subyacente. La vulnerabilidad se debe a una validaci\u00f3n incorrecta de la entrada de ruta a las funciones de transferencia de archivos del sistema. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando solicitudes que contengan variables de ruta especialmente dise\u00f1adas al sistema vulnerable. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante sobrescribir archivos arbitrarios, lo que le permitir\u00eda modificar el sistema de tal manera que podr\u00eda permitirle obtener privilegios elevados. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2020/CVE-2020-271xx/CVE-2020-27124.json b/CVE-2020/CVE-2020-271xx/CVE-2020-27124.json index 3fd5f25a2b2..71c1a898c2c 100644 --- a/CVE-2020/CVE-2020-271xx/CVE-2020-27124.json +++ b/CVE-2020/CVE-2020-271xx/CVE-2020-27124.json @@ -2,13 +2,17 @@ "id": "CVE-2020-27124", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-18T16:15:06.397", - "lastModified": "2024-11-18T16:15:06.397", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the SSL/TLS handler of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause the affected device to reload unexpectedly, leading to a denial of service (DoS) condition.\r\nThe vulnerability is due to improper error handling on established SSL/TLS connections. An attacker could exploit this vulnerability by establishing an SSL/TLS connection with the affected device and then sending a malicious SSL/TLS message within that connection. A successful exploit could allow the attacker to cause the device to reload.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en el controlador SSL/TLS del software Cisco Adaptive Security Appliance (ASA) podr\u00eda permitir que un atacante remoto no autenticado haga que el dispositivo afectado se recargue inesperadamente, lo que genera una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad se debe a un manejo inadecuado de errores en conexiones SSL/TLS establecidas. Un atacante podr\u00eda aprovechar esta vulnerabilidad estableciendo una conexi\u00f3n SSL/TLS con el dispositivo afectado y luego enviando un mensaje SSL/TLS malicioso dentro de esa conexi\u00f3n. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante haga que el dispositivo se recargue. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2020/CVE-2020-34xx/CVE-2020-3420.json b/CVE-2020/CVE-2020-34xx/CVE-2020-3420.json index b4730d4ce97..7543b952184 100644 --- a/CVE-2020/CVE-2020-34xx/CVE-2020-3420.json +++ b/CVE-2020/CVE-2020-34xx/CVE-2020-3420.json @@ -2,13 +2,17 @@ "id": "CVE-2020-3420", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-18T16:15:06.630", - "lastModified": "2024-11-18T16:15:06.630", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.\r\nThe vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by inserting malicious data into a specific data field in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information.There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco Unified Communications Manager (Unified CM) y Cisco Unified Communications Manager Session Management Edition (Unified CM SME) podr\u00eda permitir que un atacante remoto autenticado realice un ataque de cross-site scripting (XSS) contra un usuario de la interfaz. La vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario por parte de la interfaz de administraci\u00f3n basada en web del software afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad insertando datos maliciosos en un campo de datos espec\u00edfico de la interfaz. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de secuencia de comandos arbitrario en el contexto de la interfaz afectada o acceder a informaci\u00f3n confidencial basada en el navegador. No existen workarounds que aborden esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2020/CVE-2020-34xx/CVE-2020-3431.json b/CVE-2020/CVE-2020-34xx/CVE-2020-3431.json index b3808354af8..34798f2098f 100644 --- a/CVE-2020/CVE-2020-34xx/CVE-2020-3431.json +++ b/CVE-2020/CVE-2020-34xx/CVE-2020-3431.json @@ -2,13 +2,17 @@ "id": "CVE-2020-3431", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-18T16:15:06.897", - "lastModified": "2024-11-18T16:15:06.897", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Small Business RV042 Dual WAN VPN Routers and Cisco Small Business RV042G Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.\r\nThe vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de los enrutadores Cisco Small Business RV042 Dual WAN VPN y Cisco Small Business RV042G Dual Gigabit WAN VPN podr\u00eda permitir que un atacante remoto no autenticado realice un ataque de cross-site scripting (XSS) contra un usuario de la interfaz de administraci\u00f3n basada en web de un dispositivo afectado. La vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario por parte de la interfaz de administraci\u00f3n basada en web del software afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad persuadiendo a un usuario de la interfaz para que haga clic en un v\u00ednculo creado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de secuencia de comandos arbitrario en el contexto de la interfaz afectada o acceder a informaci\u00f3n confidencial basada en el navegador. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2020/CVE-2020-35xx/CVE-2020-3525.json b/CVE-2020/CVE-2020-35xx/CVE-2020-3525.json index f2d25210c00..42025c5e64d 100644 --- a/CVE-2020/CVE-2020-35xx/CVE-2020-3525.json +++ b/CVE-2020/CVE-2020-35xx/CVE-2020-3525.json @@ -2,16 +2,42 @@ "id": "CVE-2020-3525", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-18T16:15:07.127", - "lastModified": "2024-11-18T16:15:07.127", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:35:05.240", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to recover service account passwords that are saved on an affected system.\r\nThe vulnerability is due to the incorrect inclusion of saved passwords when loading configuration pages in the Admin portal. An attacker with read or write access to the Admin portal could exploit this vulnerability by browsing to a page that contains sensitive data. A successful exploit could allow the attacker to recover passwords and expose those accounts to further attack.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en el portal de administraci\u00f3n de Cisco Identity Services Engine (ISE) podr\u00eda permitir que un atacante remoto autenticado recupere contrase\u00f1as de cuentas de servicio guardadas en un sistema afectado. La vulnerabilidad se debe a la inclusi\u00f3n incorrecta de contrase\u00f1as guardadas al cargar p\u00e1ginas de configuraci\u00f3n en el portal de administraci\u00f3n. Un atacante con acceso de lectura o escritura al portal de administraci\u00f3n podr\u00eda aprovechar esta vulnerabilidad navegando a una p\u00e1gina que contenga datos confidenciales. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante recuperar contrase\u00f1as y exponer esas cuentas a m\u00e1s ataques. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ], "cvssMetricV30": [ { "source": "ykramarz@cisco.com", diff --git a/CVE-2020/CVE-2020-35xx/CVE-2020-3532.json b/CVE-2020/CVE-2020-35xx/CVE-2020-3532.json index cdb4926019c..35f9b3f0298 100644 --- a/CVE-2020/CVE-2020-35xx/CVE-2020-3532.json +++ b/CVE-2020/CVE-2020-35xx/CVE-2020-3532.json @@ -2,13 +2,17 @@ "id": "CVE-2020-3532", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-18T16:15:07.367", - "lastModified": "2024-11-18T16:15:07.367", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.\r\nThe vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information.There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service y Cisco Unity Connection podr\u00eda permitir que un atacante remoto no autenticado realice un ataque de cross-site scripting (XSS) contra un usuario de la interfaz. La vulnerabilidad existe porque la interfaz de administraci\u00f3n basada en web no valida correctamente la entrada proporcionada por el usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad persuadiendo a un usuario de la interfaz para que haga clic en un v\u00ednculo creado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de secuencia de comandos arbitrario en el contexto de la interfaz afectada o acceder a informaci\u00f3n confidencial basada en el navegador. No existen workarounds que aborden esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2020/CVE-2020-35xx/CVE-2020-3538.json b/CVE-2020/CVE-2020-35xx/CVE-2020-3538.json index 59686631379..dae69c2c9e7 100644 --- a/CVE-2020/CVE-2020-35xx/CVE-2020-3538.json +++ b/CVE-2020/CVE-2020-35xx/CVE-2020-3538.json @@ -2,13 +2,17 @@ "id": "CVE-2020-3538", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-18T16:15:07.660", - "lastModified": "2024-11-18T16:15:07.660", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in a certain REST API endpoint of Cisco Data Center Network Manager (DCNM) Software could allow an authenticated, remote attacker to perform a path traversal attack on an affected device.\r\nThe vulnerability is due to insufficient path restriction enforcement. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to overwrite or list arbitrary files on the affected device.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en un determinado punto final de la API REST del software Cisco Data Center Network Manager (DCNM) podr\u00eda permitir que un atacante remoto autenticado realice un ataque de path traversal en un dispositivo afectado. La vulnerabilidad se debe a una aplicaci\u00f3n insuficiente de las restricciones de ruta. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando solicitudes HTTP manipuladas a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante sobrescribir o enumerar archivos arbitrarios en el dispositivo afectado. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2020/CVE-2020-35xx/CVE-2020-3539.json b/CVE-2020/CVE-2020-35xx/CVE-2020-3539.json index d2394f3f6f1..53a0589b887 100644 --- a/CVE-2020/CVE-2020-35xx/CVE-2020-3539.json +++ b/CVE-2020/CVE-2020-35xx/CVE-2020-3539.json @@ -2,13 +2,17 @@ "id": "CVE-2020-3539", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-18T16:15:07.880", - "lastModified": "2024-11-18T16:15:07.880", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization.\r\nThe vulnerability is due to a failure to limit access to resources that are intended for users with Administrator privileges. An attacker could exploit this vulnerability by convincing a user to click a malicious URL. A successful exploit could allow a low-privileged attacker to list, view, create, edit, and delete templates in the same manner as a user with Administrator privileges.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco Data Center Network Manager (DCNM) podr\u00eda permitir que un atacante remoto autenticado vea, modifique y elimine datos sin la autorizaci\u00f3n correspondiente. La vulnerabilidad se debe a un error al limitar el acceso a los recursos destinados a usuarios con privilegios de administrador. Un atacante podr\u00eda aprovechar esta vulnerabilidad convenciendo a un usuario de que haga clic en una URL maliciosa. Una explotaci\u00f3n exitosa podr\u00eda permitir que un atacante con pocos privilegios enumere, vea, cree, edite y elimine plantillas de la misma manera que un usuario con privilegios de administrador. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2020/CVE-2020-35xx/CVE-2020-3548.json b/CVE-2020/CVE-2020-35xx/CVE-2020-3548.json index a57e3b9aec4..b4eaf6980dc 100644 --- a/CVE-2020/CVE-2020-35xx/CVE-2020-3548.json +++ b/CVE-2020/CVE-2020-35xx/CVE-2020-3548.json @@ -2,13 +2,17 @@ "id": "CVE-2020-3548", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-18T16:15:08.100", - "lastModified": "2024-11-18T16:15:08.100", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the Transport Layer Security (TLS) protocol implementation of Cisco AsyncOS software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition.\r\nThe vulnerability is due to inefficient processing of incoming TLS traffic. An attacker could exploit this vulnerability by sending a series of crafted TLS packets to an affected device. A successful exploit could allow the attacker to trigger a prolonged state of high CPU utilization. The affected device would still be operative, but response time and overall performance may be degraded.There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la implementaci\u00f3n del protocolo Transport Layer Security (TLS) del software Cisco AsyncOS para Cisco Email Security Appliance (ESA) podr\u00eda permitir que un atacante remoto no autenticado provoque un alto uso de la CPU en un dispositivo afectado, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad se debe a un procesamiento ineficiente del tr\u00e1fico TLS entrante. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una serie de paquetes TLS manipulados a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante activar un estado prolongado de alto uso de la CPU. El dispositivo afectado seguir\u00eda funcionando, pero el tiempo de respuesta y el rendimiento general podr\u00edan verse degradados. No existen workarounds que aborden esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2021/CVE-2021-11xx/CVE-2021-1132.json b/CVE-2021/CVE-2021-11xx/CVE-2021-1132.json index 99bb6b13a21..85e33936e8f 100644 --- a/CVE-2021/CVE-2021-11xx/CVE-2021-1132.json +++ b/CVE-2021/CVE-2021-11xx/CVE-2021-1132.json @@ -2,13 +2,17 @@ "id": "CVE-2021-1132", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-18T16:15:08.343", - "lastModified": "2024-11-18T16:15:08.343", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the API subsystem and in the web-management interface of Cisco Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to access sensitive data.\r\nThis vulnerability exists because the web-management interface and certain HTTP-based APIs do not properly validate user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request that contains directory traversal character sequences to an affected system. A successful exploit could allow the attacker to access sensitive files on the affected system.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en el subsistema API y en la interfaz de administraci\u00f3n web de Cisco Network Services Orchestrator (NSO) podr\u00eda permitir que un atacante remoto no autenticado acceda a datos confidenciales. Esta vulnerabilidad existe porque la interfaz de administraci\u00f3n web y ciertas API basadas en HTTP no validan correctamente la entrada proporcionada por el usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud HTTP manipulada que contenga secuencias de caracteres de directory traversal a un sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante acceder a archivos confidenciales en el sistema afectado. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2021/CVE-2021-12xx/CVE-2021-1232.json b/CVE-2021/CVE-2021-12xx/CVE-2021-1232.json index e3f02b65841..5b873c2bd58 100644 --- a/CVE-2021/CVE-2021-12xx/CVE-2021-1232.json +++ b/CVE-2021/CVE-2021-12xx/CVE-2021-1232.json @@ -2,13 +2,17 @@ "id": "CVE-2021-1232", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-18T16:15:08.567", - "lastModified": "2024-11-18T16:15:08.567", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to read arbitrary files on the underlying filesystem of an affected system.\r\nThis vulnerability is due to insufficient access control for sensitive information that is written to an affected system. An attacker could exploit this vulnerability by accessing sensitive information that they are not authorized to access on an affected system. A successful exploit could allow the attacker to gain access to devices and other network management systems that they should not have access to.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco SD-WAN vManage Software podr\u00eda permitir que un atacante remoto autenticado lea archivos arbitrarios en el sistema de archivos subyacente de un sistema afectado. Esta vulnerabilidad se debe a un control de acceso insuficiente para la informaci\u00f3n confidencial que se escribe en un sistema afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad al acceder a informaci\u00f3n confidencial a la que no est\u00e1 autorizado a acceder en un sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante obtener acceso a dispositivos y otros sistemas de administraci\u00f3n de red a los que no deber\u00eda tener acceso. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2021/CVE-2021-12xx/CVE-2021-1234.json b/CVE-2021/CVE-2021-12xx/CVE-2021-1234.json index c13a5c79481..63b8a73716e 100644 --- a/CVE-2021/CVE-2021-12xx/CVE-2021-1234.json +++ b/CVE-2021/CVE-2021-12xx/CVE-2021-1234.json @@ -2,13 +2,17 @@ "id": "CVE-2021-1234", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-18T16:15:08.813", - "lastModified": "2024-11-18T16:15:08.813", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the cluster management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system. To be affected by this vulnerability, the vManage software must be in cluster mode.\r\nThis vulnerability is due to the absence of authentication for sensitive information in the cluster management interface. An attacker could exploit this vulnerability by sending a crafted request to the cluster management interface of an affected system. A successful exploit could allow the attacker to view sensitive information on the affected system.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n de cl\u00fasteres de Cisco SD-WAN vManage Software podr\u00eda permitir que un atacante remoto no autenticado vea informaci\u00f3n confidencial en un sistema afectado. Para verse afectado por esta vulnerabilidad, el software vManage debe estar en modo de cl\u00faster. Esta vulnerabilidad se debe a la ausencia de autenticaci\u00f3n para informaci\u00f3n confidencial en la interfaz de administraci\u00f3n de cl\u00fasteres. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud dise\u00f1ada a la interfaz de administraci\u00f3n de cl\u00fasteres de un sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante vea informaci\u00f3n confidencial en el sistema afectado. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2021/CVE-2021-12xx/CVE-2021-1285.json b/CVE-2021/CVE-2021-12xx/CVE-2021-1285.json index 33bdbf6b698..fff606769f7 100644 --- a/CVE-2021/CVE-2021-12xx/CVE-2021-1285.json +++ b/CVE-2021/CVE-2021-12xx/CVE-2021-1285.json @@ -2,13 +2,17 @@ "id": "CVE-2021-1285", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-18T16:15:09.087", - "lastModified": "2024-11-18T16:15:09.087", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple Cisco products are affected by a vulnerability in the Ethernet Frame Decoder of the Snort detection engine that could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition.\r\nThe vulnerability is due to improper handling of error conditions when processing Ethernet frames. An attacker could exploit this vulnerability by sending malicious Ethernet frames through an affected device. A successful exploit could allow the attacker to exhaust disk space on the affected device, which could result in administrators being unable to log in to the device or the device being unable to boot up correctly.Note: Manual intervention is required to recover from this situation. Customers are advised to contact the Cisco Technical Assistance Center (TAC) to help recover a device in this condition.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Varios productos de Cisco se ven afectados por una vulnerabilidad en el decodificador de tramas Ethernet del motor de detecci\u00f3n Snort que podr\u00eda permitir que un atacante adyacente no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad se debe a un manejo inadecuado de las condiciones de error al procesar tramas Ethernet. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando tramas Ethernet maliciosas a trav\u00e9s de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante agote el espacio en disco en el dispositivo afectado, lo que podr\u00eda provocar que los administradores no puedan iniciar sesi\u00f3n en el dispositivo o que el dispositivo no pueda iniciarse correctamente. Nota: Se requiere intervenci\u00f3n manual para recuperarse de esta situaci\u00f3n. Se recomienda a los clientes que se comuniquen con el Centro de asistencia t\u00e9cnica (TAC) de Cisco para obtener ayuda para recuperar un dispositivo en esta condici\u00f3n. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2021/CVE-2021-13xx/CVE-2021-1379.json b/CVE-2021/CVE-2021-13xx/CVE-2021-1379.json index b969ea8825c..8dc5c93dc0a 100644 --- a/CVE-2021/CVE-2021-13xx/CVE-2021-1379.json +++ b/CVE-2021/CVE-2021-13xx/CVE-2021-1379.json @@ -2,13 +2,17 @@ "id": "CVE-2021-1379", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-18T16:15:09.310", - "lastModified": "2024-11-18T16:15:09.310", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple vulnerabilities in the Cisco Discovery Protocol and Link Layer Discovery Protocol (LLDP) implementations for Cisco IP Phone Series 68xx/78xx/88xx could allow an unauthenticated, adjacent attacker to execute code remotely or cause a reload of an affected IP phone.\r\nThese vulnerabilities are due to missing checks when the IP phone processes a Cisco Discovery Protocol or LLDP packet. An attacker could exploit these vulnerabilities by sending a malicious Cisco Discovery Protocol or LLDP packet to the targeted IP phone. A successful exploit could allow the attacker to execute code on the affected IP phone or cause it to reload unexpectedly, resulting in a denial of service (DoS) condition.Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities." + }, + { + "lang": "es", + "value": "Varias vulnerabilidades en las implementaciones de Cisco Discovery Protocol y Link Layer Discovery Protocol (LLDP) para los tel\u00e9fonos IP de Cisco de las series 68xx/78xx/88xx podr\u00edan permitir que un atacante adyacente no autenticado ejecute c\u00f3digo de forma remota o provoque una recarga de un tel\u00e9fono IP afectado. Estas vulnerabilidades se deben a la falta de comprobaciones cuando el tel\u00e9fono IP procesa un paquete Cisco Discovery Protocol o LLDP. Un atacante podr\u00eda explotar estas vulnerabilidades enviando un paquete Cisco Discovery Protocol o LLDP malicioso al tel\u00e9fono IP de destino. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo en el tel\u00e9fono IP afectado o hacer que se recargue inesperadamente, lo que resultar\u00eda en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Nota: Cisco Discovery Protocol es un protocolo de capa 2. Para explotar estas vulnerabilidades, un atacante debe estar en el mismo dominio de difusi\u00f3n que el dispositivo afectado (adyacente a la capa 2). Cisco ha publicado actualizaciones de software que solucionan estas vulnerabilidades. No existen workarounds que solucionen estas vulnerabilidades." } ], "metrics": { diff --git a/CVE-2021/CVE-2021-14xx/CVE-2021-1410.json b/CVE-2021/CVE-2021-14xx/CVE-2021-1410.json index b9d9777464e..b845dae3ae6 100644 --- a/CVE-2021/CVE-2021-14xx/CVE-2021-1410.json +++ b/CVE-2021/CVE-2021-14xx/CVE-2021-1410.json @@ -2,13 +2,17 @@ "id": "CVE-2021-1410", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-18T16:15:09.553", - "lastModified": "2024-11-18T16:15:09.553", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the distribution list feature of Cisco Webex Meetings could allow an authenticated, remote attacker to modify a distribution list that belongs to another user of their organization.\r\nThe vulnerability is due to insufficient authorization enforcement for requests to update distribution lists. An attacker could exploit this vulnerability by sending a crafted request to the Webex Meetings interface to modify an existing distribution list. A successful exploit could allow the attacker to modify a distribution list that belongs to a user other than themselves.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la funci\u00f3n de lista de distribuci\u00f3n de Cisco Webex Meetings podr\u00eda permitir que un atacante remoto autenticado modifique una lista de distribuci\u00f3n que pertenece a otro usuario de su organizaci\u00f3n. La vulnerabilidad se debe a una aplicaci\u00f3n insuficiente de la autorizaci\u00f3n para las solicitudes de actualizaci\u00f3n de listas de distribuci\u00f3n. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud manipulada a la interfaz de Webex Meetings para modificar una lista de distribuci\u00f3n existente. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante modificar una lista de distribuci\u00f3n que pertenece a un usuario que no sea \u00e9l mismo. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2021/CVE-2021-14xx/CVE-2021-1424.json b/CVE-2021/CVE-2021-14xx/CVE-2021-1424.json index 67a2f57fe20..e52e44c1260 100644 --- a/CVE-2021/CVE-2021-14xx/CVE-2021-1424.json +++ b/CVE-2021/CVE-2021-14xx/CVE-2021-1424.json @@ -2,13 +2,17 @@ "id": "CVE-2021-1424", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-18T16:15:09.823", - "lastModified": "2024-11-18T16:15:09.823", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:15:10.423", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the ipsecmgr process of Cisco ASR 5000 Series Software (StarOS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.\r\nThis vulnerability is due to insufficient validation of incoming Internet Key Exchange Version 2 (IKEv2) packets. An attacker could exploit this vulnerability by sending specifically malformed IKEv2 packets to an affected device. A successful exploit could allow the attacker to cause the ipsecmgr process to restart, which would disrupt ongoing IKE negotiations and result in a temporary DoS condition.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en el proceso ipsecmgr del software Cisco ASR 5000 Series (StarOS) podr\u00eda permitir que un atacante remoto no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de los paquetes entrantes de Internet Key Exchange versi\u00f3n 2 (IKEv2). Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando paquetes IKEv2 espec\u00edficamente malformados a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante haga que el proceso ipsecmgr se reinicie, lo que interrumpir\u00eda las negociaciones IKE en curso y dar\u00eda como resultado una condici\u00f3n de DoS temporal. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2021/CVE-2021-14xx/CVE-2021-1425.json b/CVE-2021/CVE-2021-14xx/CVE-2021-1425.json index f3d7e34eca7..b847683d42b 100644 --- a/CVE-2021/CVE-2021-14xx/CVE-2021-1425.json +++ b/CVE-2021/CVE-2021-14xx/CVE-2021-1425.json @@ -2,13 +2,17 @@ "id": "CVE-2021-1425", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-18T16:15:10.180", - "lastModified": "2024-11-18T16:15:10.180", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to access sensitive information on an affected device.\r\nThe vulnerability exists because confidential information is being included in HTTP requests that are exchanged between the user and the device. An attacker could exploit this vulnerability by looking at the raw HTTP requests that are sent to the interface. A successful exploit could allow the attacker to obtain some of the passwords that are configured throughout the interface.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco AsyncOS Software para Cisco Content Security Management Appliance (SMA) podr\u00eda permitir que un atacante remoto autenticado acceda a informaci\u00f3n confidencial en un dispositivo afectado. La vulnerabilidad existe porque se incluye informaci\u00f3n confidencial en las solicitudes HTTP que se intercambian entre el usuario y el dispositivo. Un atacante podr\u00eda aprovechar esta vulnerabilidad al observar las solicitudes HTTP sin procesar que se env\u00edan a la interfaz. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante obtener algunas de las contrase\u00f1as que se configuran en toda la interfaz. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2021/CVE-2021-14xx/CVE-2021-1440.json b/CVE-2021/CVE-2021-14xx/CVE-2021-1440.json index 113559ff5ee..e51475e7451 100644 --- a/CVE-2021/CVE-2021-14xx/CVE-2021-1440.json +++ b/CVE-2021/CVE-2021-14xx/CVE-2021-1440.json @@ -2,13 +2,17 @@ "id": "CVE-2021-1440", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-18T16:15:10.400", - "lastModified": "2024-11-18T16:15:10.400", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the implementation of the Resource Public Key Infrastructure (RPKI) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the Border Gateway Protocol (BGP) process to crash, resulting in a denial of service (DoS) condition.\r\nThis vulnerability is due to the incorrect handling of a specific RPKI to Router (RTR) Protocol packet header. An attacker could exploit this vulnerability by compromising the RPKI validator server and sending a specifically crafted RTR packet to an affected device. Alternatively, the attacker could use man-in-the-middle techniques to impersonate the RPKI validator server and send a specifically crafted RTR response packet over the established RTR TCP connection to the affected device. A successful exploit could allow the attacker to cause a DoS condition because the BGP process could constantly restart and BGP routing could become unstable.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.This advisory is part of the September 2021 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see ." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la implementaci\u00f3n de la caracter\u00edstica Resource Public Key Infrastructure (RPKI) del software Cisco IOS XR podr\u00eda permitir que un atacante remoto no autenticado provoque el bloqueo del proceso del protocolo de puerta de enlace fronteriza (BGP), lo que dar\u00eda lugar a una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se debe al manejo incorrecto de un encabezado de paquete espec\u00edfico del protocolo RPKI a enrutador (RTR). Un atacante podr\u00eda aprovechar esta vulnerabilidad comprometiendo el servidor validador de RPKI y enviando un paquete RTR espec\u00edficamente manipulado a un dispositivo afectado. Como alternativa, el atacante podr\u00eda utilizar t\u00e9cnicas de intermediario para hacerse pasar por el servidor validador de RPKI y enviar un paquete de respuesta RTR espec\u00edficamente manipulado a trav\u00e9s de la conexi\u00f3n TCP RTR establecida al dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante provocar una condici\u00f3n de DoS porque el proceso BGP podr\u00eda reiniciarse constantemente y el enrutamiento BGP podr\u00eda volverse inestable. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que aborden esta vulnerabilidad. Este aviso es parte de la publicaci\u00f3n de septiembre de 2021 del paquete de avisos de seguridad del software Cisco IOS XR. Para obtener una lista completa de los avisos y los enlaces a ellos, consulte ." } ], "metrics": { diff --git a/CVE-2021/CVE-2021-14xx/CVE-2021-1444.json b/CVE-2021/CVE-2021-14xx/CVE-2021-1444.json index d38d96201fc..403a2d2783e 100644 --- a/CVE-2021/CVE-2021-14xx/CVE-2021-1444.json +++ b/CVE-2021/CVE-2021-14xx/CVE-2021-1444.json @@ -2,13 +2,17 @@ "id": "CVE-2021-1444", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-18T16:15:10.627", - "lastModified": "2024-11-18T16:15:10.627", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface.\r\nThis vulnerability is due to insufficient validation of user-supplied input by the web services interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive, browser-based information.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.This advisory is part of the October 2021 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication. For a complete list of the advisories and links to them, see ." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de servicios web del software Cisco Adaptive Security Appliance (ASA) y del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado realice ataques de cross-site scripting (XSS) contra un usuario de la interfaz. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario por parte de la interfaz de servicios web de un dispositivo afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad persuadiendo a un usuario de la interfaz para que haga clic en un v\u00ednculo creado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de secuencia de comandos arbitrario en el contexto de la interfaz o permitirle acceder a informaci\u00f3n confidencial basada en el navegador. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad. Este aviso es parte de la versi\u00f3n de octubre de 2021 de la publicaci\u00f3n Cisco ASA, FTD y FMC Security Advisory Bundled. Para obtener una lista completa de los avisos y los v\u00ednculos a ellos, consulte." } ], "metrics": { diff --git a/CVE-2021/CVE-2021-14xx/CVE-2021-1461.json b/CVE-2021/CVE-2021-14xx/CVE-2021-1461.json index e12336d223c..ef8bf7f20ee 100644 --- a/CVE-2021/CVE-2021-14xx/CVE-2021-1461.json +++ b/CVE-2021/CVE-2021-14xx/CVE-2021-1461.json @@ -2,13 +2,17 @@ "id": "CVE-2021-1461", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-18T16:15:10.850", - "lastModified": "2024-11-18T16:15:10.850", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the Image Signature Verification feature of Cisco SD-WAN Software could allow an authenticated, remote attacker with Administrator-level credentials to install a malicious software patch on an affected device.\r\nThe vulnerability is due to improper verification of digital signatures for patch images. An attacker could exploit this vulnerability by crafting an unsigned software patch to bypass signature checks and loading it on an affected device. A successful exploit could allow the attacker to boot a malicious software patch image.Cisco has released software updates that address the vulnerability described in this advisory. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la funci\u00f3n de verificaci\u00f3n de firma de imagen del software Cisco SD-WAN podr\u00eda permitir que un atacante remoto autenticado con credenciales de nivel de administrador instale un parche de software malicioso en un dispositivo afectado. La vulnerabilidad se debe a una verificaci\u00f3n incorrecta de las firmas digitales para las im\u00e1genes de parches. Un atacante podr\u00eda aprovechar esta vulnerabilidad creando un parche de software sin firmar para eludir las comprobaciones de firmas y cargarlo en un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante iniciar una imagen de parche de software malicioso. Cisco ha publicado actualizaciones de software que solucionan la vulnerabilidad descrita en este aviso. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2021/CVE-2021-14xx/CVE-2021-1462.json b/CVE-2021/CVE-2021-14xx/CVE-2021-1462.json index 27cf13104c7..4363a5c0fa6 100644 --- a/CVE-2021/CVE-2021-14xx/CVE-2021-1462.json +++ b/CVE-2021/CVE-2021-14xx/CVE-2021-1462.json @@ -2,13 +2,17 @@ "id": "CVE-2021-1462", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-18T16:15:11.087", - "lastModified": "2024-11-18T16:15:11.087", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to elevate privileges on an affected system. To exploit this vulnerability, an attacker would need to have a valid Administrator account on an affected system.\r\nThe vulnerability is due to incorrect privilege assignment. An attacker could exploit this vulnerability by logging in to an affected system with an Administrator account and creating a malicious file, which the system would parse at a later time. A successful exploit could allow the attacker to obtain root privileges on the affected system.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la CLI del software Cisco SD-WAN vManage podr\u00eda permitir que un atacante local autenticado eleve los privilegios en un sistema afectado. Para explotar esta vulnerabilidad, un atacante necesitar\u00eda tener una cuenta de administrador v\u00e1lida en un sistema afectado. La vulnerabilidad se debe a una asignaci\u00f3n incorrecta de privilegios. Un atacante podr\u00eda explotar esta vulnerabilidad iniciando sesi\u00f3n en un sistema afectado con una cuenta de administrador y creando un archivo malicioso, que el sistema analizar\u00eda m\u00e1s adelante. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante obtenga privilegios de superusuario en el sistema afectado. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2021/CVE-2021-14xx/CVE-2021-1464.json b/CVE-2021/CVE-2021-14xx/CVE-2021-1464.json index 6b49dc514d6..1f32930ccc4 100644 --- a/CVE-2021/CVE-2021-14xx/CVE-2021-1464.json +++ b/CVE-2021/CVE-2021-14xx/CVE-2021-1464.json @@ -2,13 +2,17 @@ "id": "CVE-2021-1464", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T17:15:07.350", - "lastModified": "2024-11-15T17:15:07.350", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization checking and gain restricted access to the configuration information of an affected system.\r\nThis vulnerability exists because the affected software has insufficient input validation for certain commands. An attacker could exploit this vulnerability by sending crafted requests to the affected commands of an affected system. A successful exploit could allow the attacker to bypass authorization checking and gain restricted access to the configuration data of the affected system.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en el software Cisco SD-WAN vManage podr\u00eda permitir que un atacante remoto autenticado eluda la verificaci\u00f3n de autorizaci\u00f3n y obtenga acceso restringido a la informaci\u00f3n de configuraci\u00f3n de un sistema afectado. Esta vulnerabilidad existe porque el software afectado no tiene suficiente validaci\u00f3n de entrada para determinados comandos. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando solicitudes manipuladas a los comandos afectados de un sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante eluda la verificaci\u00f3n de autorizaci\u00f3n y obtenga acceso restringido a los datos de configuraci\u00f3n del sistema afectado. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2021/CVE-2021-14xx/CVE-2021-1465.json b/CVE-2021/CVE-2021-14xx/CVE-2021-1465.json index 6c752f86bc7..910333a982d 100644 --- a/CVE-2021/CVE-2021-14xx/CVE-2021-1465.json +++ b/CVE-2021/CVE-2021-14xx/CVE-2021-1465.json @@ -2,13 +2,17 @@ "id": "CVE-2021-1465", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-18T16:15:11.350", - "lastModified": "2024-11-18T16:15:11.350", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a directory traversal attack and obtain read access to sensitive files on an affected system.\r\n The vulnerability is due to insufficient validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request that contains directory traversal character sequences to an affected system. A successful exploit could allow the attacker to write arbitrary files on the affected system." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web del software Cisco SD-WAN vManage podr\u00eda permitir que un atacante remoto autenticado realice un ataque de directory traversal y obtenga acceso de lectura a archivos confidenciales en un sistema afectado. La vulnerabilidad se debe a una validaci\u00f3n insuficiente de las solicitudes HTTP. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud HTTP manipulada que contenga secuencias de caracteres de directory traversal a un sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante escribir archivos arbitrarios en el sistema afectado." } ], "metrics": { diff --git a/CVE-2021/CVE-2021-14xx/CVE-2021-1466.json b/CVE-2021/CVE-2021-14xx/CVE-2021-1466.json index 8f089dff5d6..49cf3ae0ec3 100644 --- a/CVE-2021/CVE-2021-14xx/CVE-2021-1466.json +++ b/CVE-2021/CVE-2021-14xx/CVE-2021-1466.json @@ -2,13 +2,17 @@ "id": "CVE-2021-1466", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T17:15:07.670", - "lastModified": "2024-11-15T17:15:07.670", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the vDaemon service of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to cause a buffer overflow on an affected system, resulting in a denial of service (DoS) condition.\r\nThe vulnerability is due to incomplete bounds checks for data that is provided to the vDaemon service of an affected system. An attacker could exploit this vulnerability by sending malicious data to the vDaemon listening service on the affected system. A successful exploit could allow the attacker to cause a buffer overflow condition on the affected system, which could allow the attacker to cause the vDaemon listening service to reload and result in a DoS condition.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en el servicio vDaemon de Cisco SD-WAN vManage Software podr\u00eda permitir que un atacante local autenticado provoque un desbordamiento de b\u00fafer en un sistema afectado, lo que dar\u00eda como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad se debe a comprobaciones de los l\u00edmites incompletas para los datos que se proporcionan al servicio vDaemon de un sistema afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando datos maliciosos al servicio de escucha vDaemon en el sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante provoque una condici\u00f3n de desbordamiento de b\u00fafer en el sistema afectado, lo que podr\u00eda permitirle al atacante hacer que el servicio de escucha vDaemon se vuelva a cargar y genere una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2021/CVE-2021-14xx/CVE-2021-1470.json b/CVE-2021/CVE-2021-14xx/CVE-2021-1470.json index b69ca4affa4..a2577e79309 100644 --- a/CVE-2021/CVE-2021-14xx/CVE-2021-1470.json +++ b/CVE-2021/CVE-2021-14xx/CVE-2021-1470.json @@ -2,13 +2,17 @@ "id": "CVE-2021-1470", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T17:15:07.977", - "lastModified": "2024-11-15T17:35:11.340", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system.\r\nThis vulnerability is due to improper input validation of SQL queries to an affected system. An attacker could exploit this vulnerability by authenticating to the application and sending malicious SQL queries to an affected system. A successful exploit could allow the attacker to modify values on or return values from the vManage database or the underlying operating system.Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco SD-WAN vManage Software podr\u00eda permitir que un atacante remoto autenticado realice ataques de inyecci\u00f3n SQL en un sistema afectado. Esta vulnerabilidad se debe a una validaci\u00f3n de entrada incorrecta de consultas SQL en un sistema afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad autentic\u00e1ndose en la aplicaci\u00f3n y enviando consultas SQL maliciosas a un sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante modificar valores o devolver valores de la base de datos de vManage o del sistema operativo subyacente. Cisco ha publicado actualizaciones de software que solucionan estas vulnerabilidades. No existen workarounds que solucionen estas vulnerabilidades." } ], "metrics": { diff --git a/CVE-2021/CVE-2021-14xx/CVE-2021-1481.json b/CVE-2021/CVE-2021-14xx/CVE-2021-1481.json index c79166cf017..0909a0511da 100644 --- a/CVE-2021/CVE-2021-14xx/CVE-2021-1481.json +++ b/CVE-2021/CVE-2021-14xx/CVE-2021-1481.json @@ -2,13 +2,17 @@ "id": "CVE-2021-1481", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T17:15:08.277", - "lastModified": "2024-11-15T17:15:08.277", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct Cypher query language injection attacks on an affected system.\r\nThis vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to the interface of an affected system. A successful exploit could allow the attacker to obtain sensitive information.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco SD-WAN vManage Software podr\u00eda permitir que un atacante remoto autenticado realice ataques de inyecci\u00f3n de lenguaje de consulta Cypher en un sistema afectado. Esta vulnerabilidad se debe a una validaci\u00f3n de entrada insuficiente por parte de la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando solicitudes HTTP manipuladas a la interfaz de un sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante obtener informaci\u00f3n confidencial. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2021/CVE-2021-14xx/CVE-2021-1482.json b/CVE-2021/CVE-2021-14xx/CVE-2021-1482.json index 8c5f7cdbdae..46e247058f9 100644 --- a/CVE-2021/CVE-2021-14xx/CVE-2021-1482.json +++ b/CVE-2021/CVE-2021-14xx/CVE-2021-1482.json @@ -2,13 +2,17 @@ "id": "CVE-2021-1482", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T17:15:08.530", - "lastModified": "2024-11-15T17:15:08.530", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization checking and gain access to sensitive information on an affected system.\r\nThis vulnerability is due to insufficient authorization checks. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface of an affected system. A successful exploit could allow the attacker to bypass authorization checking and gain access to sensitive information on the affected system.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco SD-WAN vManage Software podr\u00eda permitir que un atacante remoto autenticado eluda la verificaci\u00f3n de autorizaci\u00f3n y obtenga acceso a informaci\u00f3n confidencial en un sistema afectado. Esta vulnerabilidad se debe a verificaciones de autorizaci\u00f3n insuficientes. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando solicitudes HTTP manipuladas a la interfaz de administraci\u00f3n basada en web de un sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante eluda la verificaci\u00f3n de autorizaci\u00f3n y obtenga acceso a informaci\u00f3n confidencial en el sistema afectado. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2021/CVE-2021-14xx/CVE-2021-1483.json b/CVE-2021/CVE-2021-14xx/CVE-2021-1483.json index e9bbec58274..d7433ca8b62 100644 --- a/CVE-2021/CVE-2021-14xx/CVE-2021-1483.json +++ b/CVE-2021/CVE-2021-14xx/CVE-2021-1483.json @@ -2,13 +2,17 @@ "id": "CVE-2021-1483", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T17:15:08.760", - "lastModified": "2024-11-15T17:15:08.760", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected system.\r\nThis vulnerability is due to improper handling of XML External Entity (XXE) entries when the affected software parses certain XML files. An attacker could exploit this vulnerability by persuading a user to import a crafted XML file with malicious entries. A successful exploit could allow the attacker to read and write files within the affected application.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de usuario web del software Cisco SD-WAN vManage podr\u00eda permitir que un atacante remoto autenticado obtenga acceso de lectura y escritura a la informaci\u00f3n almacenada en un sistema afectado. Esta vulnerabilidad se debe a un manejo inadecuado de las entradas de entidad externa XML (XXE) cuando el software afectado analiza determinados archivos XML. Un atacante podr\u00eda aprovechar esta vulnerabilidad persuadiendo a un usuario para que importe un archivo XML creado con entradas maliciosas. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante leer y escribir archivos dentro de la aplicaci\u00f3n afectada. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2021/CVE-2021-14xx/CVE-2021-1484.json b/CVE-2021/CVE-2021-14xx/CVE-2021-1484.json index b745980f564..b81d884bc43 100644 --- a/CVE-2021/CVE-2021-14xx/CVE-2021-1484.json +++ b/CVE-2021/CVE-2021-14xx/CVE-2021-1484.json @@ -2,13 +2,17 @@ "id": "CVE-2021-1484", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T17:15:08.983", - "lastModified": "2024-11-15T17:15:08.983", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to inject arbitrary commands on an affected system and cause a denial of service (DoS) condition.\r\nThis vulnerability is due to improper input validation of user-supplied input to the device template configuration. An attacker could exploit this vulnerability by submitting crafted input to the device template configuration. A successful exploit could allow the attacker to cause a DoS condition on the affected system.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de usuario web de Cisco SD-WAN vManage Software podr\u00eda permitir que un atacante remoto autenticado inyecte comandos arbitrarios en un sistema afectado y provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se debe a una validaci\u00f3n incorrecta de la entrada proporcionada por el usuario a la configuraci\u00f3n de la plantilla del dispositivo. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una entrada dise\u00f1ada a la configuraci\u00f3n de la plantilla del dispositivo. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante provoque una condici\u00f3n de denegaci\u00f3n de servicio en el sistema afectado. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2021/CVE-2021-14xx/CVE-2021-1491.json b/CVE-2021/CVE-2021-14xx/CVE-2021-1491.json index a688ee3b58a..e6d77d6713d 100644 --- a/CVE-2021/CVE-2021-14xx/CVE-2021-1491.json +++ b/CVE-2021/CVE-2021-14xx/CVE-2021-1491.json @@ -2,13 +2,17 @@ "id": "CVE-2021-1491", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T17:15:09.220", - "lastModified": "2024-11-15T17:15:09.220", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to read arbitrary files on the underlying file system of the device.\r\nThis vulnerability is due to insufficient file scope limiting. An attacker could exploit this vulnerability by creating a specific file reference on the file system and then accessing it through the web-based management interface. A successful exploit could allow the attacker to read arbitrary files from the file system of the underlying operating system.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web del software Cisco SD-WAN vManage podr\u00eda permitir que un atacante remoto autenticado lea archivos arbitrarios en el sistema de archivos subyacente del dispositivo. Esta vulnerabilidad se debe a una limitaci\u00f3n insuficiente del alcance de los archivos. Un atacante podr\u00eda aprovechar esta vulnerabilidad creando una referencia de archivo espec\u00edfica en el sistema de archivos y luego accediendo a ella a trav\u00e9s de la interfaz de administraci\u00f3n basada en web. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante lea archivos arbitrarios del sistema de archivos del sistema operativo subyacente. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2021/CVE-2021-14xx/CVE-2021-1494.json b/CVE-2021/CVE-2021-14xx/CVE-2021-1494.json index dc632279bfe..ae0867bf124 100644 --- a/CVE-2021/CVE-2021-14xx/CVE-2021-1494.json +++ b/CVE-2021/CVE-2021-14xx/CVE-2021-1494.json @@ -2,13 +2,17 @@ "id": "CVE-2021-1494", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T17:15:09.423", - "lastModified": "2024-11-15T17:15:09.423", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP.\r\n The vulnerability is due to incorrect handling of specific HTTP header parameters. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass a configured file policy for HTTP packets and deliver a malicious payload." + }, + { + "lang": "es", + "value": "Varios productos de Cisco se ven afectados por una vulnerabilidad en el motor de detecci\u00f3n Snort que podr\u00eda permitir que un atacante remoto no autenticado eluda una pol\u00edtica de archivos configurada para HTTP. La vulnerabilidad se debe a un manejo incorrecto de par\u00e1metros de encabezado HTTP espec\u00edficos. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando paquetes HTTP manipulado a trav\u00e9s de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante eludir una pol\u00edtica de archivos configurada para paquetes HTTP y entregar una carga maliciosa." } ], "metrics": { diff --git a/CVE-2021/CVE-2021-347xx/CVE-2021-34750.json b/CVE-2021/CVE-2021-347xx/CVE-2021-34750.json index c199d60aeb2..4211f526fea 100644 --- a/CVE-2021/CVE-2021-347xx/CVE-2021-34750.json +++ b/CVE-2021/CVE-2021-347xx/CVE-2021-34750.json @@ -2,13 +2,17 @@ "id": "CVE-2021-34750", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T17:15:09.657", - "lastModified": "2024-11-15T17:15:09.657", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the administrative web-based GUI configuration manager of Cisco Firepower Management Center Software could allow an authenticated, remote attacker to access sensitive configuration information. The attacker would require low privilege credentials on an affected device.\r\nThis vulnerability is due to lack of proper encryption of sensitive information stored within the GUI configuration manager. An attacker could exploit this vulnerability by logging into the FMC GUI and navigating to certain sensitive configurations. A successful exploit could allow the attacker to view sensitive configuration parameters in clear text.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.[[Publication_URL{Layout()}]]This advisory is part of the October 2021 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication. For a complete list of the advisories and links to them, see ." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en el administrador de configuraci\u00f3n de la interfaz gr\u00e1fica de usuario (GUI) administrativa basada en la web del software Cisco Firepower Management Center podr\u00eda permitir que un atacante remoto autenticado acceda a informaci\u00f3n de configuraci\u00f3n confidencial. El atacante necesitar\u00eda credenciales con pocos privilegios en un dispositivo afectado. Esta vulnerabilidad se debe a la falta de cifrado adecuado de la informaci\u00f3n confidencial almacenada en el administrador de configuraci\u00f3n de la interfaz gr\u00e1fica de usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad iniciando sesi\u00f3n en la interfaz gr\u00e1fica de usuario de FMC y navegando a determinadas configuraciones confidenciales. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ver par\u00e1metros de configuraci\u00f3n confidenciales en texto plano. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad. [[Publication_URL{Layout()}]] Este aviso es parte de la versi\u00f3n de octubre de 2021 de la publicaci\u00f3n Cisco ASA, FTD y FMC Security Advisory Bundled. Para obtener una lista completa de los avisos y los v\u00ednculos a ellos, consulte ." } ], "metrics": { diff --git a/CVE-2021/CVE-2021-347xx/CVE-2021-34751.json b/CVE-2021/CVE-2021-347xx/CVE-2021-34751.json index a344b314d02..d094a105178 100644 --- a/CVE-2021/CVE-2021-347xx/CVE-2021-34751.json +++ b/CVE-2021/CVE-2021-347xx/CVE-2021-34751.json @@ -2,13 +2,17 @@ "id": "CVE-2021-34751", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T17:15:09.883", - "lastModified": "2024-11-15T17:15:09.883", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the administrative web-based GUI configuration manager of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to access sensitive configuration information. The attacker would require low privilege credentials on an affected device.\r\nThis vulnerability exists because of improper encryption of sensitive information stored within the GUI configuration manager. An attacker could exploit this vulnerability by logging into the GUI of Cisco FMC Software and navigating to certain sensitive configurations. A successful exploit could allow the attacker to view sensitive configuration parameters in clear text.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.[[Publication_URL{Layout()}]]This advisory is part of the October 2021 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication. For a complete list of the advisories and links to them, see . " + }, + { + "lang": "es", + "value": "Una vulnerabilidad en el administrador de configuraci\u00f3n de la interfaz gr\u00e1fica de usuario (GUI) administrativa basada en la Web del software Cisco Firepower Management Center (FMC) podr\u00eda permitir que un atacante remoto autenticado acceda a informaci\u00f3n de configuraci\u00f3n confidencial. El atacante requerir\u00eda credenciales con pocos privilegios en un dispositivo afectado. Esta vulnerabilidad existe debido al cifrado incorrecto de la informaci\u00f3n confidencial almacenada en el administrador de configuraci\u00f3n de la interfaz gr\u00e1fica de usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad iniciando sesi\u00f3n en la interfaz gr\u00e1fica de usuario del software Cisco FMC y navegando a determinadas configuraciones confidenciales. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ver par\u00e1metros de configuraci\u00f3n confidenciales en texto plano. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad. [[Publication_URL{Layout()}]] Este aviso es parte de la versi\u00f3n de octubre de 2021 de la publicaci\u00f3n Cisco ASA, FTD y FMC Security Advisory Bundled. Para obtener una lista completa de los avisos y los v\u00ednculos a ellos, consulte . " } ], "metrics": { diff --git a/CVE-2021/CVE-2021-347xx/CVE-2021-34752.json b/CVE-2021/CVE-2021-347xx/CVE-2021-34752.json index 7f51ba06967..f01c76af1b7 100644 --- a/CVE-2021/CVE-2021-347xx/CVE-2021-34752.json +++ b/CVE-2021/CVE-2021-347xx/CVE-2021-34752.json @@ -2,13 +2,17 @@ "id": "CVE-2021-34752", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T17:15:10.097", - "lastModified": "2024-11-15T17:15:10.097", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the CLI of Cisco FTD Software could allow an authenticated, local attacker with administrative privileges to execute arbitrary commands with root privileges on the underlying operating system of an affected device. \r\n\r\nThis vulnerability is due to insufficient validation of user-supplied command arguments. An attacker could exploit this vulnerability by submitting crafted input to the affected commands. A successful exploit could allow the attacker to execute commands with root privileges on the underlying operating system.\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la CLI de Cisco FTD Software podr\u00eda permitir que un atacante local autenticado con privilegios administrativos ejecute comandos arbitrarios con privilegios de superusuario en el sistema operativo subyacente de un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de los argumentos de los comandos proporcionados por el usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una entrada dise\u00f1ada a los comandos afectados. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante ejecute comandos con privilegios de superusuario en el sistema operativo subyacente. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2021/CVE-2021-347xx/CVE-2021-34753.json b/CVE-2021/CVE-2021-347xx/CVE-2021-34753.json index 99331acdf0b..f86881a1bfe 100644 --- a/CVE-2021/CVE-2021-347xx/CVE-2021-34753.json +++ b/CVE-2021/CVE-2021-347xx/CVE-2021-34753.json @@ -2,13 +2,17 @@ "id": "CVE-2021-34753", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T17:15:10.303", - "lastModified": "2024-11-15T17:15:10.303", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured rules for ENIP traffic.\r\n\r\nThis vulnerability is due to incomplete processing during deep packet inspection for ENIP packets. An attacker could exploit this vulnerability by sending a crafted ENIP packet to the targeted interface. A successful exploit could allow the attacker to bypass configured access control and intrusion policies that should trigger and drop for the ENIP packet." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la inspecci\u00f3n de payload del tr\u00e1fico del Protocolo industrial Ethernet (ENIP) para el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado eluda las reglas configuradas para el tr\u00e1fico ENIP. Esta vulnerabilidad se debe a un procesamiento incompleto durante la inspecci\u00f3n profunda de paquetes de ENIP. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando un paquete ENIP manipulado a la interfaz de destino. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante eludir las pol\u00edticas de intrusi\u00f3n y control de acceso configuradas que deber\u00edan activarse y descartarse para el paquete ENIP." } ], "metrics": { diff --git a/CVE-2022/CVE-2022-206xx/CVE-2022-20626.json b/CVE-2022/CVE-2022-206xx/CVE-2022-20626.json index 225b19a8ff4..3cf86e77d0d 100644 --- a/CVE-2022/CVE-2022-206xx/CVE-2022-20626.json +++ b/CVE-2022/CVE-2022-206xx/CVE-2022-20626.json @@ -2,13 +2,17 @@ "id": "CVE-2022-20626", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T16:15:19.287", - "lastModified": "2024-11-15T16:15:19.287", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Prime Access Registrar Appliance could allow an authenticated, remote attacker to conduct a cross-site scripting attack against a user of the interface. The attacker would require valid credentials for the device.\r\nThis vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco Prime Access Registrar Appliance podr\u00eda permitir que un atacante remoto autenticado realice un ataque de cross site scripting contra un usuario de la interfaz. El atacante necesitar\u00eda credenciales v\u00e1lidas para el dispositivo. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario por parte de la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda aprovechar esta vulnerabilidad persuadiendo a un usuario de la interfaz para que haga clic en un v\u00ednculo manipulado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de secuencia de comandos arbitrario en el contexto de la interfaz o acceder a informaci\u00f3n confidencial basada en el navegador. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2022/CVE-2022-206xx/CVE-2022-20631.json b/CVE-2022/CVE-2022-206xx/CVE-2022-20631.json index 1eb20c55a7e..e19028f39fe 100644 --- a/CVE-2022/CVE-2022-206xx/CVE-2022-20631.json +++ b/CVE-2022/CVE-2022-206xx/CVE-2022-20631.json @@ -2,13 +2,17 @@ "id": "CVE-2022-20631", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T16:15:19.527", - "lastModified": "2024-11-15T16:15:19.527", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface of an affected device.\r\nThe vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious script code in a chat window. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en la web de Cisco ECE podr\u00eda permitir que un atacante remoto no autenticado realice un ataque XSS contra un usuario de la interfaz de un dispositivo afectado. La vulnerabilidad existe porque la interfaz de administraci\u00f3n basada en la web no valida correctamente la entrada proporcionada por el usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad insertando c\u00f3digo de script malicioso en una ventana de chat. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de script arbitrario en el contexto de la interfaz o permitirle acceder a informaci\u00f3n confidencial basada en el navegador. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad. " } ], "metrics": { diff --git a/CVE-2022/CVE-2022-206xx/CVE-2022-20632.json b/CVE-2022/CVE-2022-206xx/CVE-2022-20632.json index e057dece0dc..e751a015300 100644 --- a/CVE-2022/CVE-2022-206xx/CVE-2022-20632.json +++ b/CVE-2022/CVE-2022-206xx/CVE-2022-20632.json @@ -2,13 +2,17 @@ "id": "CVE-2022-20632", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T17:15:10.583", - "lastModified": "2024-11-15T17:15:10.583", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface of an affected device.\r\nThe vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco ECE podr\u00eda permitir que un atacante remoto no autenticado realice un ataque XSS contra un usuario de la interfaz de un dispositivo afectado. La vulnerabilidad existe porque la interfaz de administraci\u00f3n basada en web no valida correctamente la entrada proporcionada por el usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad persuadiendo a un usuario de la interfaz para que haga clic en un v\u00ednculo creado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de script arbitrario en el contexto de la interfaz o permitirle acceder a informaci\u00f3n confidencial basada en el navegador. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2022/CVE-2022-206xx/CVE-2022-20633.json b/CVE-2022/CVE-2022-206xx/CVE-2022-20633.json index 24785baa3a7..eb6d8ed3511 100644 --- a/CVE-2022/CVE-2022-206xx/CVE-2022-20633.json +++ b/CVE-2022/CVE-2022-206xx/CVE-2022-20633.json @@ -2,13 +2,17 @@ "id": "CVE-2022-20633", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T17:15:10.820", - "lastModified": "2024-11-15T17:15:10.820", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to perform a username enumeration attack against an affected device.\r\n\r\nThis vulnerability is due to differences in authentication responses that are sent back from the application as part of an authentication attempt. An attacker could exploit this vulnerability by sending authentication requests to an affected device. A successful exploit could allow the attacker to confirm existing user accounts, which could be used in further attacks.\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco ECE podr\u00eda permitir que un atacante remoto no autenticado realice un ataque de enumeraci\u00f3n de nombres de usuario contra un dispositivo afectado. Esta vulnerabilidad se debe a diferencias en las respuestas de autenticaci\u00f3n que se env\u00edan desde la aplicaci\u00f3n como parte de un intento de autenticaci\u00f3n. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando solicitudes de autenticaci\u00f3n a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante confirmar cuentas de usuario existentes, que podr\u00edan usarse en ataques posteriores. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2022/CVE-2022-206xx/CVE-2022-20634.json b/CVE-2022/CVE-2022-206xx/CVE-2022-20634.json index 808d04e9531..bc501be34c7 100644 --- a/CVE-2022/CVE-2022-206xx/CVE-2022-20634.json +++ b/CVE-2022/CVE-2022-206xx/CVE-2022-20634.json @@ -2,13 +2,17 @@ "id": "CVE-2022-20634", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T16:15:19.747", - "lastModified": "2024-11-15T16:15:19.747", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to redirect a user to an undesired web page.\r\nThis vulnerability is due to improper input validation of the URL parameters in an HTTP request that is sent to an affected system. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to cause the interface to redirect the user to a specific, malicious URL. This type of vulnerability is known as an open redirect and is used in phishing attacks that get users to unknowingly visit malicious sites.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco ECE podr\u00eda permitir que un atacante remoto no autenticado redirija a un usuario a una p\u00e1gina web no deseada. Esta vulnerabilidad se debe a una validaci\u00f3n de entrada incorrecta de los par\u00e1metros de URL en una solicitud HTTP que se env\u00eda a un sistema afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad persuadiendo a un usuario de la interfaz para que haga clic en un v\u00ednculo manipulada. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante hacer que la interfaz redirija al usuario a una URL espec\u00edfica y maliciosa. Este tipo de vulnerabilidad se conoce como redirecci\u00f3n abierta y se utiliza en ataques de phishing que hacen que los usuarios visiten sitios maliciosos sin saberlo. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2022/CVE-2022-206xx/CVE-2022-20648.json b/CVE-2022/CVE-2022-206xx/CVE-2022-20648.json index 6a7dbaba962..0dde09ff8ec 100644 --- a/CVE-2022/CVE-2022-206xx/CVE-2022-20648.json +++ b/CVE-2022/CVE-2022-206xx/CVE-2022-20648.json @@ -2,13 +2,17 @@ "id": "CVE-2022-20648", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T16:15:19.983", - "lastModified": "2024-11-15T16:15:19.983", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in a debug function for Cisco RCM for Cisco StarOS Software could allow an unauthenticated, remote attacker to perform debug actions that could result in the disclosure of confidential information that should be restricted.\r\nThis vulnerability exists because of a debug service that incorrectly listens to and accepts incoming connections. An attacker could exploit this vulnerability by connecting to the debug port and executing debug commands. A successful exploit could allow the attacker to view sensitive debugging information.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en una funci\u00f3n de depuraci\u00f3n de Cisco RCM para Cisco StarOS Software podr\u00eda permitir que un atacante remoto no autenticado realice acciones de depuraci\u00f3n que podr\u00edan dar como resultado la divulgaci\u00f3n de informaci\u00f3n confidencial que deber\u00eda estar restringida. Esta vulnerabilidad existe debido a un servicio de depuraci\u00f3n que escucha y acepta incorrectamente las conexiones entrantes. Un atacante podr\u00eda aprovechar esta vulnerabilidad conect\u00e1ndose al puerto de depuraci\u00f3n y ejecutando comandos de depuraci\u00f3n. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ver informaci\u00f3n de depuraci\u00f3n confidencial. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2022/CVE-2022-206xx/CVE-2022-20649.json b/CVE-2022/CVE-2022-206xx/CVE-2022-20649.json index 63f9bbce4c6..0968b493100 100644 --- a/CVE-2022/CVE-2022-206xx/CVE-2022-20649.json +++ b/CVE-2022/CVE-2022-206xx/CVE-2022-20649.json @@ -2,13 +2,17 @@ "id": "CVE-2022-20649", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T16:15:20.247", - "lastModified": "2024-11-15T16:15:20.247", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in Cisco RCM for Cisco StarOS Software could allow an unauthenticated, remote attacker to perform remote code execution on the application with root-level privileges in the context of the configured container.\r\n\r\nThis vulnerability exists because the debug mode is incorrectly enabled for specific services. An attacker could exploit this vulnerability by connecting to the device and navigating to the service with debug mode enabled. A successful exploit could allow the attacker to execute arbitrary commands as the root user.\r\nThe attacker would need to perform detailed reconnaissance to allow for unauthenticated access. The vulnerability can also be exploited by an authenticated attacker.\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en Cisco RCM para Cisco StarOS Software podr\u00eda permitir que un atacante remoto no autenticado ejecute c\u00f3digo remoto en la aplicaci\u00f3n con privilegios de nivel superusuario en el contexto del contenedor configurado. Esta vulnerabilidad existe porque el modo de depuraci\u00f3n est\u00e1 habilitado incorrectamente para servicios espec\u00edficos. Un atacante podr\u00eda aprovechar esta vulnerabilidad conect\u00e1ndose al dispositivo y navegando al servicio con el modo de depuraci\u00f3n habilitado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar comandos arbitrarios como usuario superusuario. El atacante tendr\u00eda que realizar un reconocimiento detallado para permitir el acceso no autenticado. La vulnerabilidad tambi\u00e9n puede ser explotada por un atacante autenticado. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2022/CVE-2022-206xx/CVE-2022-20652.json b/CVE-2022/CVE-2022-206xx/CVE-2022-20652.json index d64d6d75824..96eebfc5f25 100644 --- a/CVE-2022/CVE-2022-206xx/CVE-2022-20652.json +++ b/CVE-2022/CVE-2022-206xx/CVE-2022-20652.json @@ -2,13 +2,17 @@ "id": "CVE-2022-20652", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T16:15:20.520", - "lastModified": "2024-11-15T16:15:20.520", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface and in the API subsystem of Cisco Tetration could allow an authenticated, remote attacker to inject arbitrary commands to be executed with root-level privileges on the underlying operating system.\r\nThis vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by submitting a crafted HTTP message to the affected system. A successful exploit could allow the attacker to execute commands with root-level privileges. To exploit this vulnerability, an attacker would need valid administrator-level credentials.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web y en el subsistema API de Cisco Tetration podr\u00eda permitir que un atacante remoto autenticado inyecte comandos arbitrarios para que se ejecuten con privilegios de nivel ra\u00edz en el sistema operativo subyacente. Esta vulnerabilidad se debe a una validaci\u00f3n de entrada insuficiente. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando un mensaje HTTP manipulado al sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar comandos con privilegios de nivel superusuario. Para aprovechar esta vulnerabilidad, un atacante necesitar\u00eda credenciales de nivel de administrador v\u00e1lidas. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2022/CVE-2022-206xx/CVE-2022-20654.json b/CVE-2022/CVE-2022-206xx/CVE-2022-20654.json index b46dbd80f56..ace2abb9e5b 100644 --- a/CVE-2022/CVE-2022-206xx/CVE-2022-20654.json +++ b/CVE-2022/CVE-2022-206xx/CVE-2022-20654.json @@ -2,13 +2,17 @@ "id": "CVE-2022-20654", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T16:15:20.767", - "lastModified": "2024-11-15T16:15:20.767", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface.\r\nThis vulnerability is due to insufficient validation of user-supplied input by the web-based interface of Cisco Webex Meetings. An attacker could exploit this vulnerability by persuading a user of the interface to click a maliciously crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz basada en web de Cisco Webex Meetings podr\u00eda permitir que un atacante remoto no autenticado realice un ataque de cross site scripting (XSS) contra un usuario de la interfaz basada en web. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario por la interfaz basada en web de Cisco Webex Meetings. Un atacante podr\u00eda aprovechar esta vulnerabilidad persuadiendo a un usuario de la interfaz para que haga clic en un v\u00ednculo manipulado con fines malintencionados. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de secuencia de comandos arbitrario en el contexto de la interfaz afectada o acceder a informaci\u00f3n confidencial basada en el navegador. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2022/CVE-2022-206xx/CVE-2022-20655.json b/CVE-2022/CVE-2022-206xx/CVE-2022-20655.json index 758bdd78c6b..a65d20412d7 100644 --- a/CVE-2022/CVE-2022-206xx/CVE-2022-20655.json +++ b/CVE-2022/CVE-2022-206xx/CVE-2022-20655.json @@ -2,13 +2,17 @@ "id": "CVE-2022-20655", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T16:15:20.987", - "lastModified": "2024-11-15T16:15:20.987", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the implementation of the CLI on a device that is running ConfD could allow an authenticated, local attacker to perform a command injection attack.\r\n The vulnerability is due to insufficient validation of a process argument on an affected device. An attacker could exploit this vulnerability by injecting commands during the execution of this process. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privilege level of ConfD, which is commonly root." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la implementaci\u00f3n de la CLI en un dispositivo que ejecuta ConfD podr\u00eda permitir que un atacante local autenticado realice un ataque de inyecci\u00f3n de comandos. La vulnerabilidad se debe a una validaci\u00f3n insuficiente de un argumento de proceso en un dispositivo afectado. Un atacante podr\u00eda explotar esta vulnerabilidad inyectando comandos durante la ejecuci\u00f3n de este proceso. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con el nivel de privilegio de ConfD, que normalmente es superusuario." } ], "metrics": { diff --git a/CVE-2022/CVE-2022-206xx/CVE-2022-20656.json b/CVE-2022/CVE-2022-206xx/CVE-2022-20656.json index 0f0f028df73..fb181c5e650 100644 --- a/CVE-2022/CVE-2022-206xx/CVE-2022-20656.json +++ b/CVE-2022/CVE-2022-206xx/CVE-2022-20656.json @@ -2,13 +2,17 @@ "id": "CVE-2022-20656", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T16:15:21.237", - "lastModified": "2024-11-15T16:15:21.237", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco PI and Cisco EPNM could allow an authenticated, remote attacker to conduct a path traversal attack on an affected device. To exploit this vulnerability, the attacker must have valid credentials on the system.\r\n\r\nThis vulnerability is due to insufficient input validation of the HTTPS URL by the web-based management interface. An attacker could exploit this vulnerability by sending a crafted request that contains directory traversal character sequences to an affected device. A successful exploit could allow the attacker to write arbitrary files to the host system.\r\nCisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco PI y Cisco EPNM podr\u00eda permitir que un atacante remoto autenticado realice un ataque de path traversal en un dispositivo afectado. Para aprovechar esta vulnerabilidad, el atacante debe tener credenciales v\u00e1lidas en el sistema. Esta vulnerabilidad se debe a una validaci\u00f3n de entrada insuficiente de la URL HTTPS por parte de la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud manipulada que contenga secuencias de caracteres de directory traversal a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante escribir archivos arbitrarios en el sistema host. Cisco ha publicado actualizaciones de software que solucionan estas vulnerabilidades. No existen workarounds que solucionen estas vulnerabilidades." } ], "metrics": { diff --git a/CVE-2022/CVE-2022-206xx/CVE-2022-20657.json b/CVE-2022/CVE-2022-206xx/CVE-2022-20657.json index 60acb30b70b..a43d558692c 100644 --- a/CVE-2022/CVE-2022-206xx/CVE-2022-20657.json +++ b/CVE-2022/CVE-2022-206xx/CVE-2022-20657.json @@ -2,13 +2,17 @@ "id": "CVE-2022-20657", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T16:15:21.473", - "lastModified": "2024-11-15T16:15:21.473", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco PI and Cisco EPNM could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface of an affected device.\r\nThis vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco PI y Cisco EPNM podr\u00eda permitir que un atacante remoto no autenticado realice un ataque XSS contra un usuario de la interfaz de un dispositivo afectado. Esta vulnerabilidad existe porque la interfaz de administraci\u00f3n basada en web no valida correctamente la entrada proporcionada por el usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad persuadiendo a un usuario de una interfaz afectada para que haga clic en un v\u00ednculo manipulado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de script arbitrario en el contexto de la interfaz afectada o acceder a informaci\u00f3n confidencial basada en el navegador. Cisco ha publicado actualizaciones de software que solucionan estas vulnerabilidades. No existen workarounds que solucionen estas vulnerabilidades." } ], "metrics": { diff --git a/CVE-2022/CVE-2022-206xx/CVE-2022-20663.json b/CVE-2022/CVE-2022-206xx/CVE-2022-20663.json index 97747d37376..8f509e9da8d 100644 --- a/CVE-2022/CVE-2022-206xx/CVE-2022-20663.json +++ b/CVE-2022/CVE-2022-206xx/CVE-2022-20663.json @@ -2,13 +2,17 @@ "id": "CVE-2022-20663", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T16:15:21.693", - "lastModified": "2024-11-15T16:15:21.693", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Secure Network Analytics, formerly Stealthwatch Enterprise, could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.\r\nThe vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.Attention: Simplifying the Cisco portfolio includes the renaming of security products under one brand: Cisco Secure. For more information, see ." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco Secure Network Analytics, anteriormente Stealthwatch Enterprise, podr\u00eda permitir que un atacante remoto no autenticado realice un ataque de cross site scripting (XSS) contra un usuario de la interfaz. La vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario por parte de la interfaz de administraci\u00f3n basada en web del software afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad persuadiendo a un usuario para que haga clic en un v\u00ednculo manipulado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de secuencia de comandos arbitrario en el contexto de la interfaz afectada o acceder a informaci\u00f3n confidencial basada en el navegador. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad. Atenci\u00f3n: la simplificaci\u00f3n de la cartera de Cisco incluye el cambio de nombre de los productos de seguridad bajo una sola marca: Cisco Secure. Para obtener m\u00e1s informaci\u00f3n, consulte." } ], "metrics": { diff --git a/CVE-2022/CVE-2022-206xx/CVE-2022-20685.json b/CVE-2022/CVE-2022-206xx/CVE-2022-20685.json index fbc4b2bf6f2..58c3fd3898d 100644 --- a/CVE-2022/CVE-2022-206xx/CVE-2022-20685.json +++ b/CVE-2022/CVE-2022-206xx/CVE-2022-20685.json @@ -2,13 +2,17 @@ "id": "CVE-2022-20685", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T16:15:21.910", - "lastModified": "2024-11-15T16:15:21.910", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the Modbus preprocessor of the Snort detection engine could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\nThis vulnerability is due to an integer overflow while processing Modbus traffic. An attacker could exploit this vulnerability by sending crafted Modbus traffic through an affected device. A successful exploit could allow the attacker to cause the Snort process to hang, causing traffic inspection to stop.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en el preprocesador Modbus del motor de detecci\u00f3n Snort podr\u00eda permitir que un atacante remoto no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad se debe a un desbordamiento de enteros durante el procesamiento del tr\u00e1fico Modbus. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando tr\u00e1fico Modbus manipulado a trav\u00e9s de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante provoque que el proceso Snort se bloquee, lo que provocar\u00eda que se detenga la inspecci\u00f3n del tr\u00e1fico. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2022/CVE-2022-207xx/CVE-2022-20766.json b/CVE-2022/CVE-2022-207xx/CVE-2022-20766.json index 921eef920f3..b1e07c93a02 100644 --- a/CVE-2022/CVE-2022-207xx/CVE-2022-20766.json +++ b/CVE-2022/CVE-2022-207xx/CVE-2022-20766.json @@ -2,13 +2,17 @@ "id": "CVE-2022-20766", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T16:15:22.133", - "lastModified": "2024-11-15T16:15:22.133", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Adaptive Telephone Adapter firmware could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device.\r\nThis vulnerability is due to an out-of-bounds read when processing Cisco Discovery Protocol packets. An attacker could exploit this vulnerability by sending crafted Cisco Discovery Protocol packets to an affected device. A successful exploit could allow the attacker to cause a service restart.Cisco has released firmware updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la funcionalidad Cisco Discovery Protocol del firmware del adaptador telef\u00f3nico adaptable Cisco ATA 190 Series podr\u00eda permitir que un atacante remoto no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio en un dispositivo afectado. Esta vulnerabilidad se debe a una lectura fuera de los l\u00edmites al procesar paquetes Cisco Discovery Protocol. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando paquetes Cisco Discovery Protocol manipulados a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante provoque un reinicio del servicio. Cisco ha publicado actualizaciones de firmware que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2022/CVE-2022-207xx/CVE-2022-20793.json b/CVE-2022/CVE-2022-207xx/CVE-2022-20793.json index c26acda3e2f..e5d21e47d27 100644 --- a/CVE-2022/CVE-2022-207xx/CVE-2022-20793.json +++ b/CVE-2022/CVE-2022-207xx/CVE-2022-20793.json @@ -2,13 +2,17 @@ "id": "CVE-2022-20793", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T16:15:22.370", - "lastModified": "2024-11-15T16:15:22.370", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in pairing process of Cisco TelePresence CE Software and RoomOS Software for Cisco Touch 10 Devices could allow an unauthenticated, remote attacker to impersonate a legitimate device and pair with an affected device.\r\nThis vulnerability is due to insufficient identity verification. An attacker could exploit this vulnerability by impersonating a legitimate device and responding to the pairing broadcast from an affected device. A successful exploit could allow the attacker to access the affected device while impersonating a legitimate device.There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en el proceso de emparejamiento del software Cisco TelePresence CE y el software RoomOS para dispositivos Cisco Touch 10 podr\u00eda permitir que un atacante remoto no autenticado se haga pasar por un dispositivo leg\u00edtimo y se empareje con un dispositivo afectado. Esta vulnerabilidad se debe a una verificaci\u00f3n de identidad insuficiente. Un atacante podr\u00eda aprovechar esta vulnerabilidad haci\u00e9ndose pasar por un dispositivo leg\u00edtimo y respondiendo a la transmisi\u00f3n de emparejamiento de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante acceder al dispositivo afectado mientras se hace pasar por un dispositivo leg\u00edtimo. No existen workarounds que aborden esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2022/CVE-2022-208xx/CVE-2022-20814.json b/CVE-2022/CVE-2022-208xx/CVE-2022-20814.json index 9e8b593beb6..e67724ee922 100644 --- a/CVE-2022/CVE-2022-208xx/CVE-2022-20814.json +++ b/CVE-2022/CVE-2022-208xx/CVE-2022-20814.json @@ -2,13 +2,17 @@ "id": "CVE-2022-20814", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T16:15:22.670", - "lastModified": "2024-11-15T22:15:14.747", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the certificate validation of Cisco Expressway-C and Cisco TelePresence VCS could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data.  The vulnerability is due to a lack of validation of the SSL server certificate that an affected device receives when it establishes a connection to a Cisco Unified Communications Manager device. An attacker could exploit this vulnerability by using a man-in-the-middle technique to intercept the traffic between the devices, and then using a self-signed certificate to impersonate the endpoint. A successful exploit could allow the attacker to view the intercepted traffic in clear text or alter the contents of the traffic.\r\nNote: Cisco Expressway-E is not affected by this vulnerability.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la validaci\u00f3n de certificados de Cisco Expressway-C y Cisco TelePresence VCS podr\u00eda permitir que un atacante remoto no autenticado obtenga acceso no autorizado a datos confidenciales. La vulnerabilidad se debe a la falta de validaci\u00f3n del certificado de servidor SSL que recibe un dispositivo afectado cuando establece una conexi\u00f3n con un dispositivo Cisco Unified Communications Manager. Un atacante podr\u00eda aprovechar esta vulnerabilidad utilizando una t\u00e9cnica de intermediario para interceptar el tr\u00e1fico entre los dispositivos y, a continuaci\u00f3n, utilizando un certificado autofirmado para hacerse pasar por el punto final. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ver el tr\u00e1fico interceptado en texto plano o alterar el contenido del tr\u00e1fico. Nota: Cisco Expressway-E no se ve afectado por esta vulnerabilidad. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad. " } ], "metrics": { diff --git a/CVE-2022/CVE-2022-208xx/CVE-2022-20845.json b/CVE-2022/CVE-2022-208xx/CVE-2022-20845.json index 3be2fc9370b..0354e0a6bb3 100644 --- a/CVE-2022/CVE-2022-208xx/CVE-2022-20845.json +++ b/CVE-2022/CVE-2022-208xx/CVE-2022-20845.json @@ -2,13 +2,17 @@ "id": "CVE-2022-20845", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T16:15:22.913", - "lastModified": "2024-11-15T16:15:22.913", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the TL1 function of Cisco Network Convergence System (NCS) 4000 Series could allow an authenticated, local attacker to cause a memory leak in the TL1 process.\r\nThis vulnerability is due to TL1 not freeing memory under some conditions. An attacker could exploit this vulnerability by connecting to the device and issuing TL1 commands after being authenticated. A successful exploit could allow the attacker to cause the TL1 process to consume large amounts of memory. When the memory reaches a threshold, the Resource Monitor (Resmon) process will begin to restart or shutdown the top five consumers of memory, resulting in a denial of service (DoS).Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.This advisory is part of the September 2022 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see ." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la funci\u00f3n TL1 de Cisco Network Convergence System (NCS) serie 4000 podr\u00eda permitir que un atacante local autenticado provoque una p\u00e9rdida de memoria en el proceso TL1. Esta vulnerabilidad se debe a que TL1 no libera memoria en determinadas condiciones. Un atacante podr\u00eda aprovechar esta vulnerabilidad conect\u00e1ndose al dispositivo y emitiendo comandos TL1 despu\u00e9s de ser autenticado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante haga que el proceso TL1 consuma grandes cantidades de memoria. Cuando la memoria alcanza un umbral, el proceso Resource Monitor (Resmon) comenzar\u00e1 a reiniciar o apagar los cinco principales consumidores de memoria, lo que provocar\u00e1 una denegaci\u00f3n de servicio (DoS). Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad. Este aviso es parte de la versi\u00f3n de septiembre de 2022 de la publicaci\u00f3n agrupada de avisos de seguridad del software Cisco IOS XR. Para obtener una lista completa de los avisos y los v\u00ednculos a ellos, consulte." } ], "metrics": { diff --git a/CVE-2022/CVE-2022-208xx/CVE-2022-20846.json b/CVE-2022/CVE-2022-208xx/CVE-2022-20846.json index fd62610416a..0a668a5b6d0 100644 --- a/CVE-2022/CVE-2022-208xx/CVE-2022-20846.json +++ b/CVE-2022/CVE-2022-208xx/CVE-2022-20846.json @@ -2,13 +2,17 @@ "id": "CVE-2022-20846", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T16:15:23.120", - "lastModified": "2024-11-15T17:15:11.147", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the Cisco Discovery Protocol process to reload on an affected device.\r\nThis vulnerability is due to a heap buffer overflow in certain Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to cause a heap overflow, which could cause the Cisco Discovery Protocol process to reload on the device. The bytes that can be written in the buffer overflow are restricted, which limits remote code execution.Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).  Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.This advisory is part of the September 2022 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see ." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la implementaci\u00f3n del protocolo Cisco Discovery para el software Cisco IOS XR podr\u00eda permitir que un atacante adyacente no autenticado haga que el proceso del protocolo Cisco Discovery se vuelva a cargar en un dispositivo afectado. Esta vulnerabilidad se debe a un desbordamiento del b\u00fafer de pila en ciertos mensajes del protocolo Cisco Discovery. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando un paquete malicioso del protocolo Cisco Discovery a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante provoque un desbordamiento de pila, lo que podr\u00eda hacer que el proceso del protocolo Cisco Discovery se vuelva a cargar en el dispositivo. Los bytes que se pueden escribir en el desbordamiento del b\u00fafer est\u00e1n restringidos, lo que limita la ejecuci\u00f3n remota de c\u00f3digo. Nota: el protocolo Cisco Discovery es un protocolo de capa 2. Para aprovechar esta vulnerabilidad, un atacante debe estar en el mismo dominio de difusi\u00f3n que el dispositivo afectado (capa 2 adyacente). Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que aborden esta vulnerabilidad. Este aviso es parte de la versi\u00f3n de septiembre de 2022 de la publicaci\u00f3n conjunta de avisos de seguridad del software Cisco IOS XR. Para obtener una lista completa de los avisos y los enlaces a ellos, consulte." } ], "metrics": { diff --git a/CVE-2022/CVE-2022-208xx/CVE-2022-20849.json b/CVE-2022/CVE-2022-208xx/CVE-2022-20849.json index 609364d7604..f74c89afe05 100644 --- a/CVE-2022/CVE-2022-208xx/CVE-2022-20849.json +++ b/CVE-2022/CVE-2022-208xx/CVE-2022-20849.json @@ -2,13 +2,17 @@ "id": "CVE-2022-20849", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T16:15:23.327", - "lastModified": "2024-11-15T16:15:23.327", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the Broadband Network Gateway PPP over Ethernet (PPPoE) feature of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the PPPoE process to continually crash.\r\nThis vulnerability exists because the PPPoE feature does not properly handle an error condition within a specific crafted packet sequence. An attacker could exploit this vulnerability by sending a sequence of specific PPPoE packets from controlled customer premises equipment (CPE). A successful exploit could allow the attacker to cause the PPPoE process to continually restart, resulting in a denial of service condition (DoS).Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.This advisory is part of the September 2022 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see ." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la funci\u00f3n Broadband Network Gateway PPP over Ethernet (PPPoE) del software Cisco IOS XR podr\u00eda permitir que un atacante adyacente no autenticado provoque que el proceso PPPoE se bloquee continuamente. Esta vulnerabilidad existe porque la funci\u00f3n PPPoE no maneja correctamente una condici\u00f3n de error dentro de una secuencia de paquetes espec\u00edfica manipulada. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una secuencia de paquetes PPPoE espec\u00edficos desde un equipo local del cliente (CPE) controlado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante haga que el proceso PPPoE se reinicie continuamente, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad. Este aviso es parte de la publicaci\u00f3n de septiembre de 2022 del aviso de seguridad del software Cisco IOS XR. Para obtener una lista completa de los avisos y los enlaces a ellos, consulte." } ], "metrics": { diff --git a/CVE-2022/CVE-2022-208xx/CVE-2022-20853.json b/CVE-2022/CVE-2022-208xx/CVE-2022-20853.json index f49e3a716c0..9fc8f9673fc 100644 --- a/CVE-2022/CVE-2022-208xx/CVE-2022-20853.json +++ b/CVE-2022/CVE-2022-208xx/CVE-2022-20853.json @@ -2,13 +2,17 @@ "id": "CVE-2022-20853", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T16:15:23.540", - "lastModified": "2024-11-15T16:15:23.540", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the REST API of Cisco Expressway Series and Cisco TelePresence VCS could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system.\r\n\r\nThis vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected system. An attacker could exploit this vulnerability by persuading a user of the REST API to follow a crafted link. A successful exploit could allow the attacker to cause the affected system to reload.\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. " + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la API REST de Cisco Expressway Series y Cisco TelePresence VCS podr\u00eda permitir que un atacante remoto no autenticado realice un ataque de Cross-Site Request Forgery (CSRF) en un sistema afectado. Esta vulnerabilidad se debe a que no hay suficientes protecciones CSRF para la interfaz de administraci\u00f3n basada en web de un sistema afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad persuadiendo a un usuario de la API REST para que siga un enlace manipulado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante haga que el sistema afectado se recargue. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2022/CVE-2022-208xx/CVE-2022-20871.json b/CVE-2022/CVE-2022-208xx/CVE-2022-20871.json index 51bd88ca8f5..7668bf37a01 100644 --- a/CVE-2022/CVE-2022-208xx/CVE-2022-20871.json +++ b/CVE-2022/CVE-2022-208xx/CVE-2022-20871.json @@ -2,13 +2,17 @@ "id": "CVE-2022-20871", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T16:15:23.757", - "lastModified": "2024-11-15T16:15:23.757", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web management interface of Cisco AsyncOS for Cisco Secure Web Appliance, formerly Cisco Web Security Appliance (WSA), could allow an authenticated, remote attacker to perform a command injection and elevate privileges to root.\r\nThis vulnerability is due to insufficient validation of user-supplied input for the web interface. An attacker could exploit this vulnerability by authenticating to the system and sending a crafted HTTP packet to the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root. To successfully exploit this vulnerability, an attacker would need at least read-only credentials.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.Attention: Simplifying the Cisco portfolio includes the renaming of security products under one brand: Cisco Secure. For more information, see ." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n web de Cisco AsyncOS para Cisco Secure Web Appliance, anteriormente Cisco Web Security Appliance (WSA), podr\u00eda permitir que un atacante remoto autenticado realice una inyecci\u00f3n de comandos y eleve los privilegios a superusuario. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario para la interfaz web. Un atacante podr\u00eda explotar esta vulnerabilidad autentic\u00e1ndose en el sistema y enviando un paquete HTTP dise\u00f1ado al dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente y elevar los privilegios a superusuario. Para explotar con \u00e9xito esta vulnerabilidad, un atacante necesitar\u00eda al menos credenciales de solo lectura. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad. Atenci\u00f3n: la simplificaci\u00f3n de la cartera de Cisco incluye el cambio de nombre de los productos de seguridad bajo una sola marca: Cisco Secure. Para obtener m\u00e1s informaci\u00f3n, consulte." } ], "metrics": { diff --git a/CVE-2022/CVE-2022-209xx/CVE-2022-20931.json b/CVE-2022/CVE-2022-209xx/CVE-2022-20931.json index d151bab6d6a..62cf150f323 100644 --- a/CVE-2022/CVE-2022-209xx/CVE-2022-20931.json +++ b/CVE-2022/CVE-2022-209xx/CVE-2022-20931.json @@ -2,13 +2,17 @@ "id": "CVE-2022-20931", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T16:15:23.967", - "lastModified": "2024-11-15T16:15:23.967", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the version control of Cisco TelePresence CE Software for Cisco Touch 10 Devices could allow an unauthenticated, adjacent attacker to install an older version of the software on an affected device.\r\nThis vulnerability is due to insufficient version control. An attacker could exploit this vulnerability by installing an older version of Cisco TelePresence CE Software on an affected device. A successful exploit could allow the attacker to take advantage of vulnerabilities in older versions of the software.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en el control de versiones del software Cisco TelePresence CE para dispositivos Cisco Touch 10 podr\u00eda permitir que un atacante adyacente no autenticado instale una versi\u00f3n anterior del software en un dispositivo afectado. Esta vulnerabilidad se debe a un control de versiones insuficiente. Un atacante podr\u00eda aprovechar esta vulnerabilidad instalando una versi\u00f3n anterior del software Cisco TelePresence CE en un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante se aproveche de las vulnerabilidades en versiones anteriores del software. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2022/CVE-2022-209xx/CVE-2022-20939.json b/CVE-2022/CVE-2022-209xx/CVE-2022-20939.json index abc84ac74e4..d708830b61f 100644 --- a/CVE-2022/CVE-2022-209xx/CVE-2022-20939.json +++ b/CVE-2022/CVE-2022-209xx/CVE-2022-20939.json @@ -2,13 +2,17 @@ "id": "CVE-2022-20939", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T16:15:24.200", - "lastModified": "2024-11-15T16:15:24.200", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem could allow an authenticated, remote attacker to elevate privileges on an affected system.\r\nThis vulnerability is due to inadequate protection of sensitive user information. An attacker could exploit this vulnerability by accessing certain logs on an affected system. A successful exploit could allow the attacker to use the obtained information to elevate privileges to System Admin.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco Smart Software Manager On-Prem podr\u00eda permitir que un atacante remoto autenticado eleve los privilegios en un sistema afectado. Esta vulnerabilidad se debe a una protecci\u00f3n inadecuada de la informaci\u00f3n confidencial del usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad accediendo a determinados registros de un sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante use la informaci\u00f3n obtenida para elevar los privilegios a Administrador del sistema. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2022/CVE-2022-209xx/CVE-2022-20948.json b/CVE-2022/CVE-2022-209xx/CVE-2022-20948.json index 9fd865a58b8..52eec04d9fb 100644 --- a/CVE-2022/CVE-2022-209xx/CVE-2022-20948.json +++ b/CVE-2022/CVE-2022-209xx/CVE-2022-20948.json @@ -2,13 +2,17 @@ "id": "CVE-2022-20948", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T16:15:24.427", - "lastModified": "2024-11-15T16:15:24.427", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web management interface of Cisco BroadWorks Hosted Thin Receptionist could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.\r\nThis vulnerability is due to insufficient user input validation. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n web de Cisco BroadWorks Hosted Thin Receptionist podr\u00eda permitir que un atacante remoto autenticado realice un ataque de cross site scripting (XSS) contra un usuario de la interfaz. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada de usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad persuadiendo a un usuario de la interfaz para que haga clic en un v\u00ednculo creado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de secuencia de comandos arbitrario en el contexto de la interfaz afectada o acceder a informaci\u00f3n confidencial basada en el navegador. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2022/CVE-2022-264xx/CVE-2022-26494.json b/CVE-2022/CVE-2022-264xx/CVE-2022-26494.json index de2e1b421da..92e25695575 100644 --- a/CVE-2022/CVE-2022-264xx/CVE-2022-26494.json +++ b/CVE-2022/CVE-2022-264xx/CVE-2022-26494.json @@ -2,8 +2,8 @@ "id": "CVE-2022-26494", "sourceIdentifier": "cve@mitre.org", "published": "2022-03-21T15:15:08.313", - "lastModified": "2022-03-28T17:18:35.420", - "vulnStatus": "Analyzed", + "lastModified": "2024-11-18T17:15:10.723", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -96,19 +96,12 @@ ], "references": [ { - "url": "https://doc.primekey.com/signserver", - "source": "cve@mitre.org", - "tags": [ - "Product", - "Vendor Advisory" - ] + "url": "https://docs.keyfactor.com/signserver/", + "source": "cve@mitre.org" }, { - "url": "https://support.primekey.com/news/posts/signserver-security-advisory-cross-site-scripting-issue-in-admin-web", - "source": "cve@mitre.org", - "tags": [ - "Vendor Advisory" - ] + "url": "https://support.keyfactor.com/hc/en-us/articles/15618125602715-Security-Advisory-SignServer-Cross-site-scripting-issue-in-Admin-Web", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-06xx/CVE-2023-0657.json b/CVE-2023/CVE-2023-06xx/CVE-2023-0657.json index 50607cfd2c7..311468c24d1 100644 --- a/CVE-2023/CVE-2023-06xx/CVE-2023-0657.json +++ b/CVE-2023/CVE-2023-06xx/CVE-2023-0657.json @@ -2,13 +2,17 @@ "id": "CVE-2023-0657", "sourceIdentifier": "secalert@redhat.com", "published": "2024-11-17T11:15:05.300", - "lastModified": "2024-11-17T11:15:05.300", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A flaw was found in Keycloak. This issue occurs due to improperly enforcing token types when validating signatures locally. This could allow an authenticated attacker to exchange a logout token for an access token and possibly gain access to data outside of enforced permissions." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una falla en Keycloak. Este problema ocurre debido a la aplicaci\u00f3n incorrecta de tipos de tokens al validar firmas localmente. Esto podr\u00eda permitir que un atacante autenticado intercambie un token de cierre de sesi\u00f3n por un token de acceso y posiblemente obtenga acceso a datos fuera de los permisos aplicados." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-14xx/CVE-2023-1419.json b/CVE-2023/CVE-2023-14xx/CVE-2023-1419.json index 3e498e4c6e3..092e4389e25 100644 --- a/CVE-2023/CVE-2023-14xx/CVE-2023-1419.json +++ b/CVE-2023/CVE-2023-14xx/CVE-2023-1419.json @@ -2,13 +2,17 @@ "id": "CVE-2023-1419", "sourceIdentifier": "secalert@redhat.com", "published": "2024-11-17T11:15:05.593", - "lastModified": "2024-11-17T11:15:05.593", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A script injection vulnerability was found in the Debezium database connector, where it does not properly sanitize some parameters. This flaw allows an attacker to send a malicious request to inject a parameter that may allow the viewing of unauthorized data." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad de inyecci\u00f3n de scripts en el conector de base de datos de Debezium, donde no se sanean correctamente algunos par\u00e1metros. Esta falla permite que un atacante env\u00ede una solicitud maliciosa para inyectar un par\u00e1metro que puede permitir la visualizaci\u00f3n de datos no autorizados." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-200xx/CVE-2023-20004.json b/CVE-2023/CVE-2023-200xx/CVE-2023-20004.json index d6c76fe7692..d1a8c4debdd 100644 --- a/CVE-2023/CVE-2023-200xx/CVE-2023-20004.json +++ b/CVE-2023/CVE-2023-200xx/CVE-2023-20004.json @@ -2,13 +2,17 @@ "id": "CVE-2023-20004", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T16:15:24.657", - "lastModified": "2024-11-15T16:15:24.657", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device.\r\n\r\nThese vulnerabilities are due to improper access controls on files that are on the local file system. An attacker could exploit these vulnerabilities by placing a symbolic link in a specific location on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device. To exploit these vulnerabilities, an attacker would need to have a remote support user account.\r\nNote: CVE-2023-20092 does not affect Cisco DX70, DX80, TelePresence MX Series, or TelePresence SX Series devices.\r\nCisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities." + }, + { + "lang": "es", + "value": "Tres vulnerabilidades en la CLI de Cisco TelePresence CE y RoomOS podr\u00edan permitir que un atacante local autenticado sobrescriba archivos arbitrarios en el sistema de archivos local de un dispositivo afectado. Estas vulnerabilidades se deben a controles de acceso inadecuados en los archivos que se encuentran en el sistema de archivos local. Un atacante podr\u00eda explotar estas vulnerabilidades colocando un enlace simb\u00f3lico en una ubicaci\u00f3n espec\u00edfica en el sistema de archivos local de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante sobrescribir archivos arbitrarios en el dispositivo afectado. Para explotar estas vulnerabilidades, un atacante necesitar\u00eda tener una cuenta de usuario de soporte remoto. Nota: CVE-2023-20092 no afecta a los dispositivos Cisco DX70, DX80, TelePresence MX Series o TelePresence SX Series. Cisco ha publicado actualizaciones de software que solucionan estas vulnerabilidades. No existen workarounds que solucionen estas vulnerabilidades." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-200xx/CVE-2023-20036.json b/CVE-2023/CVE-2023-200xx/CVE-2023-20036.json index 9c363e6bb53..dce7773be3d 100644 --- a/CVE-2023/CVE-2023-200xx/CVE-2023-20036.json +++ b/CVE-2023/CVE-2023-200xx/CVE-2023-20036.json @@ -2,13 +2,17 @@ "id": "CVE-2023-20036", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T16:15:24.950", - "lastModified": "2024-11-15T16:15:24.950", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web UI of Cisco IND could allow an authenticated, remote attacker to execute arbitrary commands with administrative privileges on the underlying operating system of an affected device.\r\n\r\nThis vulnerability is due to improper input validation when uploading a Device Pack. An attacker could exploit this vulnerability by altering the request that is sent when uploading a Device Pack. A successful exploit could allow the attacker to execute arbitrary commands as NT AUTHORITY\\SYSTEM on the underlying operating system of an affected device.\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz web de Cisco IND podr\u00eda permitir que un atacante remoto autenticado ejecute comandos arbitrarios con privilegios administrativos en el sistema operativo subyacente de un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n de entrada incorrecta al cargar un Device Pack. Un atacante podr\u00eda aprovechar esta vulnerabilidad modificando la solicitud que se env\u00eda al cargar un Device Pack. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante ejecute comandos arbitrarios como NT AUTHORITY\\SYSTEM en el sistema operativo subyacente de un dispositivo afectado. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-200xx/CVE-2023-20039.json b/CVE-2023/CVE-2023-200xx/CVE-2023-20039.json index 7670db8f7e9..aba1934ba8f 100644 --- a/CVE-2023/CVE-2023-200xx/CVE-2023-20039.json +++ b/CVE-2023/CVE-2023-200xx/CVE-2023-20039.json @@ -2,13 +2,17 @@ "id": "CVE-2023-20039", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T16:15:25.157", - "lastModified": "2024-11-15T16:15:25.157", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in Cisco IND could allow an authenticated, local attacker to read application data.\r\n\r\nThis vulnerability is due to insufficient default file permissions that are applied to the application data directory. An attacker could exploit this vulnerability by accessing files in the application data directory. A successful exploit could allow the attacker to view sensitive information.\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. " + }, + { + "lang": "es", + "value": "Una vulnerabilidad en Cisco IND podr\u00eda permitir que un atacante local autenticado lea datos de la aplicaci\u00f3n. Esta vulnerabilidad se debe a que los permisos de archivo predeterminados que se aplican al directorio de datos de la aplicaci\u00f3n son insuficientes. Un atacante podr\u00eda aprovechar esta vulnerabilidad accediendo a los archivos del directorio de datos de la aplicaci\u00f3n. Si lo hiciera, podr\u00eda permitirle ver informaci\u00f3n confidencial. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-200xx/CVE-2023-20060.json b/CVE-2023/CVE-2023-200xx/CVE-2023-20060.json index 68d772f83b0..4f79eef71ff 100644 --- a/CVE-2023/CVE-2023-200xx/CVE-2023-20060.json +++ b/CVE-2023/CVE-2023-200xx/CVE-2023-20060.json @@ -2,13 +2,17 @@ "id": "CVE-2023-20060", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T16:15:25.357", - "lastModified": "2024-11-15T16:15:25.357", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Prime Collaboration Deployment could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack against a user of the interface.\r\n\r\nThis vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.\r\nCisco plans to release software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco Prime Collaboration Deployment podr\u00eda permitir que un atacante remoto no autenticado realice un ataque de cross site scripting contra un usuario de la interfaz. Esta vulnerabilidad existe porque la interfaz de administraci\u00f3n basada en web no valida correctamente la entrada proporcionada por el usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad persuadiendo a un usuario de la interfaz para que haga clic en un v\u00ednculo creado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de secuencia de comandos arbitrario en el contexto de la interfaz afectada o acceder a informaci\u00f3n confidencial basada en el navegador. Cisco planea lanzar actualizaciones de software que solucionen esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-200xx/CVE-2023-20090.json b/CVE-2023/CVE-2023-200xx/CVE-2023-20090.json index 9e4ed60b632..afe8704d1c1 100644 --- a/CVE-2023/CVE-2023-200xx/CVE-2023-20090.json +++ b/CVE-2023/CVE-2023-200xx/CVE-2023-20090.json @@ -2,13 +2,17 @@ "id": "CVE-2023-20090", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T16:15:25.560", - "lastModified": "2024-11-15T16:15:25.560", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to elevate privileges to root on an affected device.\r\n\r\nThis vulnerability is due to improper access control on certain CLI commands. An attacker could exploit this vulnerability by running a series of crafted commands. A successful exploit could allow the attacker to elevate privileges to root.\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en Cisco TelePresence CE y RoomOS podr\u00eda permitir que un atacante local autenticado eleve los privilegios a superusuario en un dispositivo afectado. Esta vulnerabilidad se debe a un control de acceso inadecuado en determinados comandos de la CLI. Un atacante podr\u00eda aprovechar esta vulnerabilidad ejecutando una serie de comandos manipulados. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante elevar los privilegios a superusuario. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-200xx/CVE-2023-20091.json b/CVE-2023/CVE-2023-200xx/CVE-2023-20091.json index 185f859de58..bc2db370f1e 100644 --- a/CVE-2023/CVE-2023-200xx/CVE-2023-20091.json +++ b/CVE-2023/CVE-2023-200xx/CVE-2023-20091.json @@ -2,13 +2,17 @@ "id": "CVE-2023-20091", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T16:15:25.770", - "lastModified": "2024-11-15T16:15:25.770", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device.\r\n\r\nThis vulnerability is due to improper access controls on files that are on the local file system. An attacker could exploit this vulnerability by placing a symbolic link in a specific location on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device. To exploit this vulnerability, an attacker would need to have a remote support user account.\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la CLI de Cisco TelePresence CE y RoomOS podr\u00eda permitir que un atacante local autenticado sobrescribiera archivos arbitrarios en el sistema de archivos local de un dispositivo afectado. Esta vulnerabilidad se debe a controles de acceso inadecuados en los archivos que se encuentran en el sistema de archivos local. Un atacante podr\u00eda aprovechar esta vulnerabilidad colocando un enlace simb\u00f3lico en una ubicaci\u00f3n espec\u00edfica en el sistema de archivos local de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante sobrescribir archivos arbitrarios en el dispositivo afectado. Para aprovechar esta vulnerabilidad, un atacante necesitar\u00eda tener una cuenta de usuario de soporte remoto. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-200xx/CVE-2023-20092.json b/CVE-2023/CVE-2023-200xx/CVE-2023-20092.json index b11eb8d654e..f41f479753e 100644 --- a/CVE-2023/CVE-2023-200xx/CVE-2023-20092.json +++ b/CVE-2023/CVE-2023-200xx/CVE-2023-20092.json @@ -2,13 +2,17 @@ "id": "CVE-2023-20092", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T16:15:25.980", - "lastModified": "2024-11-15T16:15:25.980", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device.\r\n\r\nThese vulnerabilities are due to improper access controls on files that are on the local file system. An attacker could exploit these vulnerabilities by placing a symbolic link in a specific location on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device. To exploit these vulnerabilities, an attacker would need to have a remote support user account.\r\nNote: CVE-2023-20092 does not affect Cisco DX70, DX80, TelePresence MX Series, or TelePresence SX Series devices.\r\nCisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities." + }, + { + "lang": "es", + "value": "Tres vulnerabilidades en la CLI de Cisco TelePresence CE y RoomOS podr\u00edan permitir que un atacante local autenticado sobrescriba archivos arbitrarios en el sistema de archivos local de un dispositivo afectado. Estas vulnerabilidades se deben a controles de acceso inadecuados en los archivos que se encuentran en el sistema de archivos local. Un atacante podr\u00eda explotar estas vulnerabilidades colocando un enlace simb\u00f3lico en una ubicaci\u00f3n espec\u00edfica en el sistema de archivos local de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante sobrescribir archivos arbitrarios en el dispositivo afectado. Para explotar estas vulnerabilidades, un atacante necesitar\u00eda tener una cuenta de usuario de soporte remoto. Nota: CVE-2023-20092 no afecta a los dispositivos Cisco DX70, DX80, TelePresence MX Series o TelePresence SX Series. Cisco ha publicado actualizaciones de software que solucionan estas vulnerabilidades. No existen workarounds que solucionen estas vulnerabilidades." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-200xx/CVE-2023-20093.json b/CVE-2023/CVE-2023-200xx/CVE-2023-20093.json index 683dd2f70ba..9e547995ebf 100644 --- a/CVE-2023/CVE-2023-200xx/CVE-2023-20093.json +++ b/CVE-2023/CVE-2023-200xx/CVE-2023-20093.json @@ -2,13 +2,17 @@ "id": "CVE-2023-20093", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T16:15:26.187", - "lastModified": "2024-11-15T16:15:26.187", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device.\r\n\r\nThese vulnerabilities are due to improper access controls on files that are on the local file system. An attacker could exploit these vulnerabilities by placing a symbolic link in a specific location on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device. To exploit these vulnerabilities, an attacker would need to have a remote support user account.\r\nNote: CVE-2023-20092 does not affect Cisco DX70, DX80, TelePresence MX Series, or TelePresence SX Series devices.\r\nCisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities." + }, + { + "lang": "es", + "value": "Tres vulnerabilidades en la CLI de Cisco TelePresence CE y RoomOS podr\u00edan permitir que un atacante local autenticado sobrescriba archivos arbitrarios en el sistema de archivos local de un dispositivo afectado. Estas vulnerabilidades se deben a controles de acceso inadecuados en los archivos que se encuentran en el sistema de archivos local. Un atacante podr\u00eda explotar estas vulnerabilidades colocando un enlace simb\u00f3lico en una ubicaci\u00f3n espec\u00edfica en el sistema de archivos local de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante sobrescribir archivos arbitrarios en el dispositivo afectado. Para explotar estas vulnerabilidades, un atacante necesitar\u00eda tener una cuenta de usuario de soporte remoto. Nota: CVE-2023-20092 no afecta a los dispositivos Cisco DX70, DX80, TelePresence MX Series o TelePresence SX Series. Cisco ha publicado actualizaciones de software que solucionan estas vulnerabilidades. No existen workarounds que solucionen estas vulnerabilidades." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-200xx/CVE-2023-20094.json b/CVE-2023/CVE-2023-200xx/CVE-2023-20094.json index 1e75539a985..f5c1c113ed3 100644 --- a/CVE-2023/CVE-2023-200xx/CVE-2023-20094.json +++ b/CVE-2023/CVE-2023-200xx/CVE-2023-20094.json @@ -2,13 +2,17 @@ "id": "CVE-2023-20094", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T16:15:26.390", - "lastModified": "2024-11-15T16:15:26.390", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in Cisco TelePresence CE and RoomOS could allow an unauthenticated, adjacent attacker to view sensitive information on an affected device.\r\n\r\nThis vulnerability exists because the affected software performs improper bounds checks. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to cause an out-of-bounds read that discloses sensitive information.\r\nNote: This vulnerability only affects Cisco Webex Desk Hub.\r\nThere are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en Cisco TelePresence CE y RoomOS podr\u00eda permitir que un atacante adyacente no autenticado vea informaci\u00f3n confidencial en un dispositivo afectado. Esta vulnerabilidad existe porque el software afectado realiza comprobaciones de los l\u00edmites incorrectas. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud manipulada a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante provocar una lectura fuera de los l\u00edmites que revele informaci\u00f3n confidencial. Nota: Esta vulnerabilidad solo afecta a Cisco Webex Desk Hub. No existen workarounds que aborden esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-201xx/CVE-2023-20125.json b/CVE-2023/CVE-2023-201xx/CVE-2023-20125.json index e1eeadbb5d4..ea3bf883ee4 100644 --- a/CVE-2023/CVE-2023-201xx/CVE-2023-20125.json +++ b/CVE-2023/CVE-2023-201xx/CVE-2023-20125.json @@ -2,13 +2,17 @@ "id": "CVE-2023-20125", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T15:15:05.347", - "lastModified": "2024-11-15T15:15:05.347", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the local interface of Cisco BroadWorks Network Server could allow an unauthenticated, remote attacker to exhaust system resources, causing a denial of service (DoS) condition.\r\n\r\nThis vulnerability exists because rate limiting does not occur for certain incoming TCP connections. An attacker could exploit this vulnerability by sending a high rate of TCP connections to the server. A successful exploit could allow the attacker to cause TCP connection resources to grow rapidly until the Cisco BroadWorks Network Server becomes unusable.\r\nNote: To recover from this vulnerability, either Cisco BroadWorks Network Server software must be restarted or the Cisco BroadWorks Network Server node must be rebooted. For more information, see the section of this advisory.\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la interfaz local de Cisco BroadWorks Network Server podr\u00eda permitir que un atacante remoto no autenticado agote los recursos del sistema, lo que provocar\u00eda una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad existe porque no se produce una limitaci\u00f3n de velocidad para determinadas conexiones TCP entrantes. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una alta tasa de conexiones TCP al servidor. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante hacer que los recursos de conexi\u00f3n TCP crezcan r\u00e1pidamente hasta que Cisco BroadWorks Network Server se vuelva inutilizable. Nota: Para recuperarse de esta vulnerabilidad, se debe reiniciar el software de Cisco BroadWorks Network Server o el nodo de Cisco BroadWorks Network Server. Para obtener m\u00e1s informaci\u00f3n, consulte la secci\u00f3n de este aviso. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-201xx/CVE-2023-20154.json b/CVE-2023/CVE-2023-201xx/CVE-2023-20154.json index 3b37c1d446c..5d3641a81a3 100644 --- a/CVE-2023/CVE-2023-201xx/CVE-2023-20154.json +++ b/CVE-2023/CVE-2023-201xx/CVE-2023-20154.json @@ -2,13 +2,17 @@ "id": "CVE-2023-20154", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T15:15:05.697", - "lastModified": "2024-11-15T15:15:05.697", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the external authentication mechanism of Cisco Modeling Labs could allow an unauthenticated, remote attacker to access the web interface with administrative privileges.\r\n\r\nThis vulnerability is due to the improper handling of certain messages that are returned by the associated external authentication server. An attacker could exploit this vulnerability by logging in to the web interface of an affected server. Under certain conditions, the authentication mechanism would be bypassed and the attacker would be logged in as an administrator. A successful exploit could allow the attacker to obtain administrative privileges on the web interface of an affected server, including the ability to access and modify every simulation and all user-created data. To exploit this vulnerability, the attacker would need valid user credentials that are stored on the associated external authentication server.\r\nCisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en el mecanismo de autenticaci\u00f3n externa de Cisco Modeling Labs podr\u00eda permitir que un atacante remoto no autenticado acceda a la interfaz web con privilegios administrativos. Esta vulnerabilidad se debe al manejo inadecuado de ciertos mensajes que devuelve el servidor de autenticaci\u00f3n externo asociado. Un atacante podr\u00eda aprovechar esta vulnerabilidad iniciando sesi\u00f3n en la interfaz web de un servidor afectado. En determinadas condiciones, se omitir\u00eda el mecanismo de autenticaci\u00f3n y el atacante iniciar\u00eda sesi\u00f3n como administrador. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante obtener privilegios administrativos en la interfaz web de un servidor afectado, incluida la capacidad de acceder y modificar todas las simulaciones y todos los datos creados por el usuario. Para aprovechar esta vulnerabilidad, el atacante necesitar\u00eda credenciales de usuario v\u00e1lidas que est\u00e9n almacenadas en el servidor de autenticaci\u00f3n externo asociado. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. Existen workarounds que solucionan esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-391xx/CVE-2023-39176.json b/CVE-2023/CVE-2023-391xx/CVE-2023-39176.json index c3916db9362..4da43121468 100644 --- a/CVE-2023/CVE-2023-391xx/CVE-2023-39176.json +++ b/CVE-2023/CVE-2023-391xx/CVE-2023-39176.json @@ -2,13 +2,17 @@ "id": "CVE-2023-39176", "sourceIdentifier": "patrick@puiterwijk.org", "published": "2024-11-18T10:15:04.667", - "lastModified": "2024-11-18T10:15:04.667", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A flaw was found within the parsing of SMB2 requests that have a transform header in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose sensitive information on affected installations of Linux. Only systems with ksmbd enabled are vulnerable to this CVE." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una falla en el an\u00e1lisis de las solicitudes SMB2 que tienen un encabezado de transformaci\u00f3n en el m\u00f3dulo ksmbd del kernel. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un b\u00fafer asignado. Un atacante puede aprovechar esto para divulgar informaci\u00f3n confidencial sobre las instalaciones afectadas de Linux. Solo los sistemas con ksmbd habilitado son vulnerables a esta CVE." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-391xx/CVE-2023-39179.json b/CVE-2023/CVE-2023-391xx/CVE-2023-39179.json index cd0959bd5d6..f3fe91d9a41 100644 --- a/CVE-2023/CVE-2023-391xx/CVE-2023-39179.json +++ b/CVE-2023/CVE-2023-391xx/CVE-2023-39179.json @@ -2,13 +2,17 @@ "id": "CVE-2023-39179", "sourceIdentifier": "patrick@puiterwijk.org", "published": "2024-11-18T10:15:04.980", - "lastModified": "2024-11-18T10:15:04.980", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A flaw was found within the handling of SMB2 read requests in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose sensitive information on affected installations of Linux. Only systems with ksmbd enabled are vulnerable to this CVE." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una falla en el manejo de solicitudes de lectura SMB2 en el m\u00f3dulo ksmbd del kernel. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un b\u00fafer asignado. Un atacante puede aprovechar esto para divulgar informaci\u00f3n confidencial sobre las instalaciones afectadas de Linux. Solo los sistemas con ksmbd habilitado son vulnerables a esta CVE." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-391xx/CVE-2023-39180.json b/CVE-2023/CVE-2023-391xx/CVE-2023-39180.json index e43d4b2e84f..49d633a9859 100644 --- a/CVE-2023/CVE-2023-391xx/CVE-2023-39180.json +++ b/CVE-2023/CVE-2023-391xx/CVE-2023-39180.json @@ -2,8 +2,8 @@ "id": "CVE-2023-39180", "sourceIdentifier": "patrick@puiterwijk.org", "published": "2024-11-18T10:15:05.217", - "lastModified": "2024-11-18T15:35:02.397", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2023/CVE-2023-430xx/CVE-2023-43091.json b/CVE-2023/CVE-2023-430xx/CVE-2023-43091.json index 91936d7b25f..d54a5376c91 100644 --- a/CVE-2023/CVE-2023-430xx/CVE-2023-43091.json +++ b/CVE-2023/CVE-2023-430xx/CVE-2023-43091.json @@ -2,13 +2,17 @@ "id": "CVE-2023-43091", "sourceIdentifier": "patrick@puiterwijk.org", "published": "2024-11-17T13:15:14.140", - "lastModified": "2024-11-17T13:15:14.140", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A flaw was found in GNOME Maps, which is vulnerable to a code injection attack via its service.json configuration file. If the configuration file is malicious, it may execute arbitrary code." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una falla en GNOME Maps, que es vulnerable a un ataque de inyecci\u00f3n de c\u00f3digo a trav\u00e9s de su archivo de configuraci\u00f3n service.json. Si el archivo de configuraci\u00f3n es malicioso, puede ejecutar c\u00f3digo arbitrario." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-46xx/CVE-2023-4639.json b/CVE-2023/CVE-2023-46xx/CVE-2023-4639.json index b63046afc50..176f53547db 100644 --- a/CVE-2023/CVE-2023-46xx/CVE-2023-4639.json +++ b/CVE-2023/CVE-2023-46xx/CVE-2023-4639.json @@ -2,13 +2,17 @@ "id": "CVE-2023-4639", "sourceIdentifier": "secalert@redhat.com", "published": "2024-11-17T11:15:05.840", - "lastModified": "2024-11-17T11:15:05.840", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A flaw was found in Undertow, which incorrectly parses cookies with certain value-delimiting characters in incoming requests. This issue could allow an attacker to construct a cookie value to exfiltrate HttpOnly cookie values or spoof arbitrary additional cookie values, leading to unauthorized data access or modification. The main threat from this flaw impacts data confidentiality and integrity." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una falla en Undertow que analiza incorrectamente las cookies con ciertos caracteres que delimitan valores en las solicitudes entrantes. Este problema podr\u00eda permitir que un atacante construya un valor de cookie para extraer valores de cookies HttpOnly o falsificar valores de cookies adicionales arbitrarios, lo que lleva a un acceso o modificaci\u00f3n de datos no autorizados. La principal amenaza de esta falla afecta la confidencialidad e integridad de los datos." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-499xx/CVE-2023-49952.json b/CVE-2023/CVE-2023-499xx/CVE-2023-49952.json new file mode 100644 index 00000000000..7926824e523 --- /dev/null +++ b/CVE-2023/CVE-2023-499xx/CVE-2023-49952.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2023-49952", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-11-18T18:15:05.927", + "lastModified": "2024-11-18T18:15:05.927", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Mastodon 4.1.x before 4.1.17 and 4.2.x before 4.2.9 allows a bypass of rate limiting via a crafted HTTP request header." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/mastodon/mastodon/security", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/mastodon/mastodon/security/advisories/GHSA-c2r5-cfqr-c553", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-61xx/CVE-2023-6110.json b/CVE-2023/CVE-2023-61xx/CVE-2023-6110.json index 24a4e5a8093..e66bcab42fd 100644 --- a/CVE-2023/CVE-2023-61xx/CVE-2023-6110.json +++ b/CVE-2023/CVE-2023-61xx/CVE-2023-6110.json @@ -2,13 +2,17 @@ "id": "CVE-2023-6110", "sourceIdentifier": "secalert@redhat.com", "published": "2024-11-17T11:15:06.097", - "lastModified": "2024-11-17T11:15:06.097", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A flaw was found in OpenStack. When a user tries to delete a non-existing access rule in it's scope, it deletes other existing access rules which are not associated with any application credentials." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una falla en OpenStack. Cuando un usuario intenta eliminar una regla de acceso inexistente en su \u00e1mbito, elimina otras reglas de acceso existentes que no est\u00e1n asociadas con ninguna credencial de aplicaci\u00f3n." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-00xx/CVE-2024-0012.json b/CVE-2024/CVE-2024-00xx/CVE-2024-0012.json index b25da6e1f0d..3fd79966ff0 100644 --- a/CVE-2024/CVE-2024-00xx/CVE-2024-0012.json +++ b/CVE-2024/CVE-2024-00xx/CVE-2024-0012.json @@ -2,13 +2,17 @@ "id": "CVE-2024-0012", "sourceIdentifier": "psirt@paloaltonetworks.com", "published": "2024-11-18T16:15:11.683", - "lastModified": "2024-11-18T16:15:11.683", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges to perform administrative actions, tamper with the configuration, or exploit other authenticated privilege escalation vulnerabilities like CVE-2024-9474 https://security.paloaltonetworks.com/CVE-2024-9474 .\n\nThe risk of this issue is greatly reduced if you secure access to the management web interface by restricting access to only trusted internal IP addresses according to our recommended\u00a0 best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .\n\nThis issue is applicable only to PAN-OS 10.2, PAN-OS 11.0, PAN-OS 11.1, and PAN-OS 11.2 software.\n\nCloud NGFW and Prisma Access are not impacted by this vulnerability." + }, + { + "lang": "es", + "value": "Una omisi\u00f3n de autenticaci\u00f3n en el software PAN-OS de Palo Alto Networks permite que un atacante no autenticado con acceso a la red a la interfaz web de administraci\u00f3n obtenga privilegios de administrador de PAN-OS para realizar acciones administrativas, alterar la configuraci\u00f3n o explotar otras vulnerabilidades de escalada de privilegios autenticados como CVE-2024-9474 https://security.paloaltonetworks.com/CVE-2024-9474 . El riesgo de este problema se reduce en gran medida si protege el acceso a la interfaz web de administraci\u00f3n restringiendo el acceso solo a direcciones IP internas confiables de acuerdo con nuestras pautas de implementaci\u00f3n recomendadas https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . Este problema solo se aplica al software PAN-OS 10.2, PAN-OS 11.0, PAN-OS 11.1 y PAN-OS 11.2. Cloud NGFW y Prisma Access no se ven afectados por esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-07xx/CVE-2024-0793.json b/CVE-2024/CVE-2024-07xx/CVE-2024-0793.json index aa6b30f2fe8..1af681ec85a 100644 --- a/CVE-2024/CVE-2024-07xx/CVE-2024-0793.json +++ b/CVE-2024/CVE-2024-07xx/CVE-2024-0793.json @@ -2,13 +2,17 @@ "id": "CVE-2024-0793", "sourceIdentifier": "secalert@redhat.com", "published": "2024-11-17T11:15:06.340", - "lastModified": "2024-11-17T11:15:06.340", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A flaw was found in kube-controller-manager. This issue occurs when the initial application of a HPA config YAML lacking a .spec.behavior.scaleUp block causes a denial of service due to KCM pods going into restart churn." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una falla en kube-controller-manager. Este problema ocurre cuando la aplicaci\u00f3n inicial de un archivo YAML de configuraci\u00f3n de HPA que carece de un bloque .spec.behavior.scaleUp provoca una denegaci\u00f3n de servicio debido a que los pods de KCM entran en un estado de reinicio." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-100xx/CVE-2024-10015.json b/CVE-2024/CVE-2024-100xx/CVE-2024-10015.json index d8b7d87c43d..b441c7588e8 100644 --- a/CVE-2024/CVE-2024-100xx/CVE-2024-10015.json +++ b/CVE-2024/CVE-2024-100xx/CVE-2024-10015.json @@ -2,13 +2,17 @@ "id": "CVE-2024-10015", "sourceIdentifier": "security@wordfence.com", "published": "2024-11-16T04:15:03.917", - "lastModified": "2024-11-16T04:15:03.917", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The ConvertCalculator for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' and 'type' parameters in all versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento ConvertCalculator for WordPress para WordPress es vulnerable a cross site scripting almacenado a trav\u00e9s de los par\u00e1metros 'id' y 'type' en todas las versiones hasta la 1.1.1 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-100xx/CVE-2024-10017.json b/CVE-2024/CVE-2024-100xx/CVE-2024-10017.json index 02d1ef24d26..22ec8ec277e 100644 --- a/CVE-2024/CVE-2024-100xx/CVE-2024-10017.json +++ b/CVE-2024/CVE-2024-100xx/CVE-2024-10017.json @@ -2,13 +2,17 @@ "id": "CVE-2024-10017", "sourceIdentifier": "security@wordfence.com", "published": "2024-11-16T04:15:04.157", - "lastModified": "2024-11-16T04:15:04.157", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The PJW Mime Config plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file." + }, + { + "lang": "es", + "value": "El complemento PJW Mime Config para WordPress es vulnerable a cross site scripting almacenado mediante cargas de archivos SVG en todas las versiones hasta la 1.0 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes autenticados, con acceso de nivel de autor o superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda al archivo SVG." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-101xx/CVE-2024-10147.json b/CVE-2024/CVE-2024-101xx/CVE-2024-10147.json index 3669e32bad7..c2e6447f352 100644 --- a/CVE-2024/CVE-2024-101xx/CVE-2024-10147.json +++ b/CVE-2024/CVE-2024-101xx/CVE-2024-10147.json @@ -2,13 +2,17 @@ "id": "CVE-2024-10147", "sourceIdentifier": "security@wordfence.com", "published": "2024-11-16T04:15:04.370", - "lastModified": "2024-11-16T04:15:04.370", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Steel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's btn shortcode in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento Steel para WordPress es vulnerable a cross site scripting almacenado a trav\u00e9s del c\u00f3digo corto btn del complemento en todas las versiones hasta la 1.3.0 incluida, debido a una desinfecci\u00f3n de entrada insuficiente y al escape de salida en los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-102xx/CVE-2024-10262.json b/CVE-2024/CVE-2024-102xx/CVE-2024-10262.json index 05acc2eb27f..c01c48c52be 100644 --- a/CVE-2024/CVE-2024-102xx/CVE-2024-10262.json +++ b/CVE-2024/CVE-2024-102xx/CVE-2024-10262.json @@ -2,13 +2,17 @@ "id": "CVE-2024-10262", "sourceIdentifier": "security@wordfence.com", "published": "2024-11-16T04:15:04.587", - "lastModified": "2024-11-16T04:15:04.587", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The The Drop Shadow Boxes plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.7.14. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for authenticated attackers, with Subscriber-level access and above, to execute arbitrary shortcodes." + }, + { + "lang": "es", + "value": "El complemento Drop Shadow Boxes para WordPress es vulnerable a la ejecuci\u00f3n arbitraria de c\u00f3digos cortos en todas las versiones hasta la 1.7.14 incluida. Esto se debe a que el software permite a los usuarios ejecutar una acci\u00f3n que no valida correctamente un valor antes de ejecutar do_shortcode. Esto hace posible que atacantes autenticados, con acceso de nivel de suscriptor y superior, ejecuten c\u00f3digos cortos arbitrarios." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-103xx/CVE-2024-10390.json b/CVE-2024/CVE-2024-103xx/CVE-2024-10390.json new file mode 100644 index 00000000000..6b59def8ab1 --- /dev/null +++ b/CVE-2024/CVE-2024-103xx/CVE-2024-10390.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-10390", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-11-18T17:15:10.897", + "lastModified": "2024-11-18T17:15:10.897", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Elfsight Telegram Chat CC plugin for WordPress is vulnerable to unauthorized modification of data to a missing capability check on the 'updatePreferences' function in all versions up to, and including, 1.1.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://codecanyon.net/item/elfsight-telegram-chat/25288599", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/07244763-3482-4cfb-8ae4-d19f312011aa?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-105xx/CVE-2024-10533.json b/CVE-2024/CVE-2024-105xx/CVE-2024-10533.json index 27c3499928a..23d35f7cbf6 100644 --- a/CVE-2024/CVE-2024-105xx/CVE-2024-10533.json +++ b/CVE-2024/CVE-2024-105xx/CVE-2024-10533.json @@ -2,13 +2,17 @@ "id": "CVE-2024-10533", "sourceIdentifier": "security@wordfence.com", "published": "2024-11-16T04:15:04.810", - "lastModified": "2024-11-16T04:15:04.810", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The WP Chat App plugin for WordPress is vulnerable to unauthorized plugin installation due to a missing capability check on the ajax_install_plugin() function in all versions up to, and including, 3.6.8. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install the filebird plugin." + }, + { + "lang": "es", + "value": "El complemento WP Chat App para WordPress es vulnerable a la instalaci\u00f3n no autorizada de complementos debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n ajax_install_plugin() en todas las versiones hasta la 3.6.8 incluida. Esto hace posible que atacantes autenticados, con acceso de nivel de suscriptor y superior, instalen el complemento filebird." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-105xx/CVE-2024-10592.json b/CVE-2024/CVE-2024-105xx/CVE-2024-10592.json index e2ec7af18e3..a625f000c41 100644 --- a/CVE-2024/CVE-2024-105xx/CVE-2024-10592.json +++ b/CVE-2024/CVE-2024-105xx/CVE-2024-10592.json @@ -2,13 +2,17 @@ "id": "CVE-2024-10592", "sourceIdentifier": "security@wordfence.com", "published": "2024-11-16T10:15:04.173", - "lastModified": "2024-11-16T10:15:04.173", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Mapster WP Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the popup class parameter in all versions up to, and including, 1.6.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento Mapster WP Maps para WordPress es vulnerable a cross site scripting almacenado a trav\u00e9s del par\u00e1metro de clase emergente en todas las versiones hasta la 1.6.0 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-106xx/CVE-2024-10614.json b/CVE-2024/CVE-2024-106xx/CVE-2024-10614.json index 168dbd94d4f..988dd47c12b 100644 --- a/CVE-2024/CVE-2024-106xx/CVE-2024-10614.json +++ b/CVE-2024/CVE-2024-106xx/CVE-2024-10614.json @@ -2,13 +2,17 @@ "id": "CVE-2024-10614", "sourceIdentifier": "security@wordfence.com", "published": "2024-11-16T06:15:07.470", - "lastModified": "2024-11-16T06:15:07.470", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the cancel_import() function in all versions up to, and including, 5.61.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to cancel and import or check on the status." + }, + { + "lang": "es", + "value": "El complemento Customer Reviews for WooCommerce para WordPress es vulnerable al acceso no autorizado debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n cancel_import() en todas las versiones hasta la 5.61.0 incluida. Esto permite que atacantes autenticados, con acceso de nivel de suscriptor y superior, cancelen e importen o verifiquen el estado." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-106xx/CVE-2024-10645.json b/CVE-2024/CVE-2024-106xx/CVE-2024-10645.json index e6ee64074e5..a6488d8346b 100644 --- a/CVE-2024/CVE-2024-106xx/CVE-2024-10645.json +++ b/CVE-2024/CVE-2024-106xx/CVE-2024-10645.json @@ -2,13 +2,17 @@ "id": "CVE-2024-10645", "sourceIdentifier": "security@wordfence.com", "published": "2024-11-16T09:15:04.037", - "lastModified": "2024-11-16T09:15:04.037", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Blogger 301 Redirect plugin for WordPress is vulnerable to blind time-based SQL Injection via the \u2018br\u2019 parameter in all versions up to, and including, 2.5.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database." + }, + { + "lang": "es", + "value": "El complemento Blogger 301 Redirect para WordPress es vulnerable a la inyecci\u00f3n SQL a ciegas basada en tiempo a trav\u00e9s del par\u00e1metro 'br' en todas las versiones hasta la 2.5.3 incluida, debido a un escape insuficiente en el par\u00e1metro proporcionado por el usuario y a la falta de preparaci\u00f3n suficiente en la consulta SQL existente. Esto permite que atacantes no autenticados agreguen consultas SQL adicionales a consultas ya existentes que se pueden usar para extraer informaci\u00f3n confidencial de la base de datos." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-107xx/CVE-2024-10728.json b/CVE-2024/CVE-2024-107xx/CVE-2024-10728.json index 662f6293167..e3eae6451f3 100644 --- a/CVE-2024/CVE-2024-107xx/CVE-2024-10728.json +++ b/CVE-2024/CVE-2024-107xx/CVE-2024-10728.json @@ -2,13 +2,17 @@ "id": "CVE-2024-10728", "sourceIdentifier": "security@wordfence.com", "published": "2024-11-16T05:15:12.510", - "lastModified": "2024-11-16T05:15:12.510", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Post Grid Gutenberg Blocks and WordPress Blog Plugin \u2013 PostX plugin for WordPress is vulnerable to unauthorized plugin installation/activation due to a missing capability check on the 'install_required_plugin_callback' function in all versions up to, and including, 4.1.16. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install and activate arbitrary plugins which can be leveraged to achieve remote code execution if another vulnerable plugin is installed and activated." + }, + { + "lang": "es", + "value": "El complemento Post Grid Gutenberg Blocks and WordPress Blog Plugin \u2013 PostX para WordPress es vulnerable a la instalaci\u00f3n/activaci\u00f3n no autorizada de complementos debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n 'install_required_plugin_callback' en todas las versiones hasta la 4.1.16 incluida. Esto permite que atacantes autenticados, con acceso de nivel de suscriptor y superior, instalen y activen complementos arbitrarios que pueden aprovecharse para lograr la ejecuci\u00f3n remota de c\u00f3digo si se instala y activa otro complemento vulnerable." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-107xx/CVE-2024-10786.json b/CVE-2024/CVE-2024-107xx/CVE-2024-10786.json index c468a6903be..17cc59b1fff 100644 --- a/CVE-2024/CVE-2024-107xx/CVE-2024-10786.json +++ b/CVE-2024/CVE-2024-107xx/CVE-2024-10786.json @@ -2,13 +2,17 @@ "id": "CVE-2024-10786", "sourceIdentifier": "security@wordfence.com", "published": "2024-11-16T03:15:14.433", - "lastModified": "2024-11-16T03:15:14.433", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Simple Local Avatars plugin for WordPress is vulnerable to unauthorized modification of datadue to a missing capability check on the sla_clear_user_cache function in all versions up to, and including, 2.7.11. This makes it possible for authenticated attackers, with Subscriber-level access and above, to clear user caches." + }, + { + "lang": "es", + "value": "El complemento Simple Local Avatars para WordPress es vulnerable a la modificaci\u00f3n no autorizada de datos debido a una verificaci\u00f3n de capacidad faltante en la funci\u00f3n sla_clear_user_cache en todas las versiones hasta la 2.7.11 incluida. Esto permite que atacantes autenticados, con acceso de nivel de suscriptor y superior, borren los cach\u00e9s de los usuarios." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-107xx/CVE-2024-10795.json b/CVE-2024/CVE-2024-107xx/CVE-2024-10795.json index ed060a6595e..5a29e5f4fed 100644 --- a/CVE-2024/CVE-2024-107xx/CVE-2024-10795.json +++ b/CVE-2024/CVE-2024-107xx/CVE-2024-10795.json @@ -2,13 +2,17 @@ "id": "CVE-2024-10795", "sourceIdentifier": "security@wordfence.com", "published": "2024-11-16T03:15:14.737", - "lastModified": "2024-11-16T03:15:14.737", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Popularis Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.2.7 via the 'elementor-template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private or draft posts created via Elementor that they should not have access to." + }, + { + "lang": "es", + "value": "El complemento Popularis Extra para WordPress es vulnerable a la exposici\u00f3n de informaci\u00f3n en todas las versiones hasta la 1.2.7 incluida a trav\u00e9s del c\u00f3digo abreviado 'elementor-template' debido a restricciones insuficientes sobre qu\u00e9 publicaciones se pueden incluir. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, extraigan datos de publicaciones privadas o borradores creadas a trav\u00e9s de Elementor a las que no deber\u00edan tener acceso." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-108xx/CVE-2024-10861.json b/CVE-2024/CVE-2024-108xx/CVE-2024-10861.json index 50c341bdb4e..a87709cae53 100644 --- a/CVE-2024/CVE-2024-108xx/CVE-2024-10861.json +++ b/CVE-2024/CVE-2024-108xx/CVE-2024-10861.json @@ -2,13 +2,17 @@ "id": "CVE-2024-10861", "sourceIdentifier": "security@wordfence.com", "published": "2024-11-16T03:15:14.967", - "lastModified": "2024-11-16T03:15:14.967", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Popup Box \u2013 Create Countdown, Coupon, Video, Contact Form Popups plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the deactivate_plugin_option() function in all versions up to, and including, 4.9.7. This makes it possible for unauthenticated attackers to update the 'ays_pb_upgrade_plugin' option with arbitrary data." + }, + { + "lang": "es", + "value": "El complemento Popup Box \u2013 Create Countdown, Coupon, Video, Contact Form Popups para WordPress es vulnerable a la modificaci\u00f3n no autorizada de datos debido a una verificaci\u00f3n de capacidad faltante en la funci\u00f3n deactivate_plugin_option() en todas las versiones hasta la 4.9.7 incluida. Esto hace posible que atacantes no autenticados actualicen la opci\u00f3n 'ays_pb_upgrade_plugin' con datos arbitrarios." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-108xx/CVE-2024-10875.json b/CVE-2024/CVE-2024-108xx/CVE-2024-10875.json index c2863bb4a31..6d766742251 100644 --- a/CVE-2024/CVE-2024-108xx/CVE-2024-10875.json +++ b/CVE-2024/CVE-2024-108xx/CVE-2024-10875.json @@ -2,13 +2,17 @@ "id": "CVE-2024-10875", "sourceIdentifier": "security@wordfence.com", "published": "2024-11-16T04:15:05.040", - "lastModified": "2024-11-16T04:15:05.040", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Gallery Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of remove_Query_Arg without appropriate escaping on the URL in all versions up to, and including, 1.6.58. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento Gallery Manager para WordPress es vulnerable a ataques de cross site scripting reflejado debido al uso de remove_Query_Arg sin el escape adecuado en la URL en todas las versiones hasta la 1.6.58 incluida. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n, como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-108xx/CVE-2024-10883.json b/CVE-2024/CVE-2024-108xx/CVE-2024-10883.json index 27edd906b0c..de332abb91c 100644 --- a/CVE-2024/CVE-2024-108xx/CVE-2024-10883.json +++ b/CVE-2024/CVE-2024-108xx/CVE-2024-10883.json @@ -2,13 +2,17 @@ "id": "CVE-2024-10883", "sourceIdentifier": "security@wordfence.com", "published": "2024-11-16T04:15:05.263", - "lastModified": "2024-11-16T04:15:05.263", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The SimpleForm \u2013 Contact form made simple plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.2.0. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento SimpleForm \u2013 Contact form made simple para WordPress es vulnerable a ataques de cross site scripting reflejado debido al uso de add_query_arg y remove_query_arg sin el escape adecuado en la URL en todas las versiones hasta la 2.2.0 incluida. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-108xx/CVE-2024-10884.json b/CVE-2024/CVE-2024-108xx/CVE-2024-10884.json index a51202749c4..cc48971fedc 100644 --- a/CVE-2024/CVE-2024-108xx/CVE-2024-10884.json +++ b/CVE-2024/CVE-2024-108xx/CVE-2024-10884.json @@ -2,13 +2,17 @@ "id": "CVE-2024-10884", "sourceIdentifier": "security@wordfence.com", "published": "2024-11-16T04:15:05.477", - "lastModified": "2024-11-16T04:15:05.477", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The SimpleForm Contact Form Submissions plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.1.0. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento SimpleForm Contact Form Submissions para WordPress es vulnerable a ataques de cross site scripting reflejado debido al uso de add_query_arg y remove_query_arg sin el escape adecuado en la URL en todas las versiones hasta la 2.1.0 incluida. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n, como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-109xx/CVE-2024-10934.json b/CVE-2024/CVE-2024-109xx/CVE-2024-10934.json index d96b67c7e89..d7d15a7d0e4 100644 --- a/CVE-2024/CVE-2024-109xx/CVE-2024-10934.json +++ b/CVE-2024/CVE-2024-109xx/CVE-2024-10934.json @@ -2,13 +2,17 @@ "id": "CVE-2024-10934", "sourceIdentifier": "9119a7d8-5eab-497f-8521-727c672e3725", "published": "2024-11-15T20:15:17.620", - "lastModified": "2024-11-15T20:15:17.620", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In OpenBSD 7.5 before errata 008 and OpenBSD 7.4 before errata 021, \navoid possible mbuf double free in NFS client and server implementation, do not use uninitialized variable in error handling of NFS server." + }, + { + "lang": "es", + "value": "En OpenBSD 7.5 antes de la errata 008 y OpenBSD 7.4 antes de la errata 021, evite la posible doble liberaci\u00f3n de mbuf en la implementaci\u00f3n del cliente y servidor NFS, no utilice variables no inicializadas en el manejo de errores del servidor NFS." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-109xx/CVE-2024-10990.json b/CVE-2024/CVE-2024-109xx/CVE-2024-10990.json index 13b6842b575..40dba9ccfc2 100644 --- a/CVE-2024/CVE-2024-109xx/CVE-2024-10990.json +++ b/CVE-2024/CVE-2024-109xx/CVE-2024-10990.json @@ -2,8 +2,8 @@ "id": "CVE-2024-10990", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-08T05:15:05.690", - "lastModified": "2024-11-08T19:01:03.880", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-18T18:42:26.973", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -110,8 +130,18 @@ }, "weaknesses": [ { - "source": "cna@vuldb.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + }, + { + "source": "cna@vuldb.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -124,26 +154,63 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oretnom23:online_veterinary_appointment_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "CAC7F6E3-BB0E-4D82-B646-935A155614D1" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/AspirePig/Cve_report/blob/main/online-veterinary-appointment-system/SQLi-1.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.283456", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.283456", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.437383", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://www.sourcecodester.com/", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-109xx/CVE-2024-10991.json b/CVE-2024/CVE-2024-109xx/CVE-2024-10991.json index d02e337361e..faf89c8d2bc 100644 --- a/CVE-2024/CVE-2024-109xx/CVE-2024-10991.json +++ b/CVE-2024/CVE-2024-109xx/CVE-2024-10991.json @@ -2,8 +2,8 @@ "id": "CVE-2024-10991", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-08T05:15:06.127", - "lastModified": "2024-11-08T19:01:03.880", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-18T18:41:42.597", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -110,8 +130,18 @@ }, "weaknesses": [ { - "source": "cna@vuldb.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + }, + { + "source": "cna@vuldb.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -124,22 +154,56 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codezips:hospital_appointment_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "433A683B-ACF7-4D3C-8078-D70615147B08" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/ppp-src/CVE/issues/30", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.283457", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.283457", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.437393", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-109xx/CVE-2024-10993.json b/CVE-2024/CVE-2024-109xx/CVE-2024-10993.json index 2729609e526..37d76f790a5 100644 --- a/CVE-2024/CVE-2024-109xx/CVE-2024-10993.json +++ b/CVE-2024/CVE-2024-109xx/CVE-2024-10993.json @@ -2,8 +2,8 @@ "id": "CVE-2024-10993", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-08T06:15:14.243", - "lastModified": "2024-11-08T19:01:03.880", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-18T18:41:21.927", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -110,8 +130,18 @@ }, "weaknesses": [ { - "source": "cna@vuldb.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + }, + { + "source": "cna@vuldb.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -124,22 +154,56 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codezips:online_institute_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "51A6CFF2-B568-4430-ACB8-C640A44A06B9" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/NG0324/CVE/issues/2", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.283458", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.283458", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.437409", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-109xx/CVE-2024-10994.json b/CVE-2024/CVE-2024-109xx/CVE-2024-10994.json index c3e00779aca..8b8140318fc 100644 --- a/CVE-2024/CVE-2024-109xx/CVE-2024-10994.json +++ b/CVE-2024/CVE-2024-109xx/CVE-2024-10994.json @@ -2,8 +2,8 @@ "id": "CVE-2024-10994", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-08T06:15:14.540", - "lastModified": "2024-11-08T19:01:03.880", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-18T18:41:06.630", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -109,6 +129,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -124,22 +154,56 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codezips:online_institute_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "51A6CFF2-B568-4430-ACB8-C640A44A06B9" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/Hacker0xone/CVE/issues/1", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.283459", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.283459", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.438412", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-110xx/CVE-2024-11017.json b/CVE-2024/CVE-2024-110xx/CVE-2024-11017.json index c7453e11f6b..312f7736ea4 100644 --- a/CVE-2024/CVE-2024-110xx/CVE-2024-11017.json +++ b/CVE-2024/CVE-2024-110xx/CVE-2024-11017.json @@ -2,8 +2,8 @@ "id": "CVE-2024-11017", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-11-11T07:15:04.910", - "lastModified": "2024-11-12T13:55:21.227", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-11-18T18:47:19.347", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:vice:webopac:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6", + "versionEndExcluding": "6.5.1", + "matchCriteriaId": "05F9B655-8FA4-48EC-A45C-2023F4C74AF9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:vice:webopac:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7", + "versionEndExcluding": "7.2.3", + "matchCriteriaId": "A2179D8C-B827-4464-918B-5C74013AC527" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.twcert.org.tw/en/cp-139-8212-a7d3a-2.html", - "source": "twcert@cert.org.tw" + "source": "twcert@cert.org.tw", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.twcert.org.tw/tw/cp-132-8211-a2da2-1.html", - "source": "twcert@cert.org.tw" + "source": "twcert@cert.org.tw", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-110xx/CVE-2024-11018.json b/CVE-2024/CVE-2024-110xx/CVE-2024-11018.json index 4cdd0794808..f92387a151f 100644 --- a/CVE-2024/CVE-2024-110xx/CVE-2024-11018.json +++ b/CVE-2024/CVE-2024-110xx/CVE-2024-11018.json @@ -2,8 +2,8 @@ "id": "CVE-2024-11018", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-11-11T07:15:05.210", - "lastModified": "2024-11-12T13:55:21.227", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-11-18T18:59:01.513", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:vice:webopac:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6", + "versionEndExcluding": "6.5.1", + "matchCriteriaId": "05F9B655-8FA4-48EC-A45C-2023F4C74AF9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:vice:webopac:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7", + "versionEndExcluding": "7.2.3", + "matchCriteriaId": "A2179D8C-B827-4464-918B-5C74013AC527" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.twcert.org.tw/en/cp-139-8214-64fa2-2.html", - "source": "twcert@cert.org.tw" + "source": "twcert@cert.org.tw", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.twcert.org.tw/tw/cp-132-8213-3413b-1.html", - "source": "twcert@cert.org.tw" + "source": "twcert@cert.org.tw", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-110xx/CVE-2024-11019.json b/CVE-2024/CVE-2024-110xx/CVE-2024-11019.json index 37583ccd6e9..51241b152bb 100644 --- a/CVE-2024/CVE-2024-110xx/CVE-2024-11019.json +++ b/CVE-2024/CVE-2024-110xx/CVE-2024-11019.json @@ -2,8 +2,8 @@ "id": "CVE-2024-11019", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-11-11T07:15:05.517", - "lastModified": "2024-11-12T13:55:21.227", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-11-18T18:59:24.527", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:vice:webopac:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6", + "versionEndExcluding": "6.5.1", + "matchCriteriaId": "05F9B655-8FA4-48EC-A45C-2023F4C74AF9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:vice:webopac:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7", + "versionEndExcluding": "7.2.3", + "matchCriteriaId": "A2179D8C-B827-4464-918B-5C74013AC527" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.twcert.org.tw/en/cp-139-8216-f7dbf-2.html", - "source": "twcert@cert.org.tw" + "source": "twcert@cert.org.tw", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.twcert.org.tw/tw/cp-132-8215-98582-1.html", - "source": "twcert@cert.org.tw" + "source": "twcert@cert.org.tw", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-110xx/CVE-2024-11020.json b/CVE-2024/CVE-2024-110xx/CVE-2024-11020.json index c36e9ae6afe..70b58569330 100644 --- a/CVE-2024/CVE-2024-110xx/CVE-2024-11020.json +++ b/CVE-2024/CVE-2024-110xx/CVE-2024-11020.json @@ -2,8 +2,8 @@ "id": "CVE-2024-11020", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-11-11T08:15:03.610", - "lastModified": "2024-11-12T13:55:21.227", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-11-18T18:59:39.293", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:vice:webopac:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6", + "versionEndExcluding": "6.5.1", + "matchCriteriaId": "05F9B655-8FA4-48EC-A45C-2023F4C74AF9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:vice:webopac:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7", + "versionEndExcluding": "7.2.3", + "matchCriteriaId": "A2179D8C-B827-4464-918B-5C74013AC527" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.twcert.org.tw/en/cp-139-8218-e238b-2.html", - "source": "twcert@cert.org.tw" + "source": "twcert@cert.org.tw", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.twcert.org.tw/tw/cp-132-8217-05b42-1.html", - "source": "twcert@cert.org.tw" + "source": "twcert@cert.org.tw", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-110xx/CVE-2024-11021.json b/CVE-2024/CVE-2024-110xx/CVE-2024-11021.json index 86378349e7b..e7d612f26f8 100644 --- a/CVE-2024/CVE-2024-110xx/CVE-2024-11021.json +++ b/CVE-2024/CVE-2024-110xx/CVE-2024-11021.json @@ -2,8 +2,8 @@ "id": "CVE-2024-11021", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-11-11T08:15:04.987", - "lastModified": "2024-11-12T13:55:21.227", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-11-18T19:00:03.487", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:vice:webopac:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6", + "versionEndExcluding": "6.5.1", + "matchCriteriaId": "05F9B655-8FA4-48EC-A45C-2023F4C74AF9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:vice:webopac:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7", + "versionEndExcluding": "7.2.3", + "matchCriteriaId": "A2179D8C-B827-4464-918B-5C74013AC527" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.twcert.org.tw/en/cp-139-8220-e75c2-2.html", - "source": "twcert@cert.org.tw" + "source": "twcert@cert.org.tw", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.twcert.org.tw/tw/cp-132-8219-f12d0-1.html", - "source": "twcert@cert.org.tw" + "source": "twcert@cert.org.tw", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-110xx/CVE-2024-11023.json b/CVE-2024/CVE-2024-110xx/CVE-2024-11023.json index a15964d2bb1..aae9367e53c 100644 --- a/CVE-2024/CVE-2024-110xx/CVE-2024-11023.json +++ b/CVE-2024/CVE-2024-110xx/CVE-2024-11023.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11023", "sourceIdentifier": "cve-coordination@google.com", "published": "2024-11-18T11:15:05.507", - "lastModified": "2024-11-18T15:35:03.307", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Firebase JavaScript SDK utilizes a \"FIREBASE_DEFAULTS\" cookie to store configuration data, including an \"_authTokenSyncURL\" field used for session synchronization. If this cookie field is preset via an attacker by any other method, the attacker can manipulate the \"_authTokenSyncURL\" to point to their own server and it would allow an actor to capture user session data transmitted by the SDK. We recommend upgrading Firebase JS SDK at least to 10.9.0." + }, + { + "lang": "es", + "value": "Firebase JavaScript SDK utiliza una cookie \"FIREBASE_DEFAULTS\" para almacenar datos de configuraci\u00f3n, incluido un campo \"_authTokenSyncURL\" utilizado para la sincronizaci\u00f3n de sesiones. Si un atacante configura este campo de cookie por cualquier otro m\u00e9todo, el atacante puede manipular \"_authTokenSyncURL\" para que apunte a su propio servidor y permitir\u00eda a un actor capturar datos de sesi\u00f3n de usuario transmitidos por el SDK. Recomendamos actualizar Firebase JS SDK al menos a la versi\u00f3n 10.9.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-110xx/CVE-2024-11073.json b/CVE-2024/CVE-2024-110xx/CVE-2024-11073.json index 3056877004b..a9f6fc3c772 100644 --- a/CVE-2024/CVE-2024-110xx/CVE-2024-11073.json +++ b/CVE-2024/CVE-2024-110xx/CVE-2024-11073.json @@ -2,8 +2,8 @@ "id": "CVE-2024-11073", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-11T17:15:04.520", - "lastModified": "2024-11-12T13:55:21.227", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-11-18T17:21:19.557", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.2 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -109,6 +129,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-639" + } + ] + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -124,30 +154,70 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mayurik:hospital_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "50855DED-FC21-4EF8-848C-67AD37E8A86A" + } + ] + } + ] + } + ], "references": [ { "url": "https://drive.google.com/file/d/1yFo0re8taTry7oR4-EDg3UHwO2lkqO9N/view?usp=sharing", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://github.com/Salah-Tayeh/CVEs-and-Vulnerabilities/blob/main/Hospital%20Management%20System%20-%20IDOR%20Causing%20Deletion%20of%20any%20patient%20account.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.283869", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.283869", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.440799", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://www.sourcecodester.com/", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-110xx/CVE-2024-11085.json b/CVE-2024/CVE-2024-110xx/CVE-2024-11085.json index 02ee2ce256b..c1d92dd3f10 100644 --- a/CVE-2024/CVE-2024-110xx/CVE-2024-11085.json +++ b/CVE-2024/CVE-2024-110xx/CVE-2024-11085.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11085", "sourceIdentifier": "security@wordfence.com", "published": "2024-11-16T04:15:05.700", - "lastModified": "2024-11-16T04:15:05.700", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The WP Log Viewer plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on several AJAX actions in all versions up to, and including, 1.2.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to access logs, update plugin-related user settings and general plugin settings." + }, + { + "lang": "es", + "value": "El complemento WP Log Viewer para WordPress es vulnerable al uso no autorizado de funciones debido a la falta de una comprobaci\u00f3n de capacidad en varias acciones AJAX en todas las versiones hasta la 1.2.1 incluida. Esto permite que atacantes autenticados, con acceso de nivel de suscriptor o superior, accedan a los registros, actualicen la configuraci\u00f3n de usuario relacionada con el complemento y la configuraci\u00f3n general del complemento." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-110xx/CVE-2024-11092.json b/CVE-2024/CVE-2024-110xx/CVE-2024-11092.json index 45d6d1310f5..862c9c4242a 100644 --- a/CVE-2024/CVE-2024-110xx/CVE-2024-11092.json +++ b/CVE-2024/CVE-2024-110xx/CVE-2024-11092.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11092", "sourceIdentifier": "security@wordfence.com", "published": "2024-11-16T04:15:05.917", - "lastModified": "2024-11-16T04:15:05.917", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The SVGPlus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file." + }, + { + "lang": "es", + "value": "El complemento SVGPlus para WordPress es vulnerable a cross site scripting almacenado a trav\u00e9s de las cargas de archivos SVG de la API REST en todas las versiones hasta la 1.1.0 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes autenticados, con acceso de nivel de autor y superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda al archivo SVG." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-110xx/CVE-2024-11094.json b/CVE-2024/CVE-2024-110xx/CVE-2024-11094.json index 11c760792c7..bfb9f9c4ed1 100644 --- a/CVE-2024/CVE-2024-110xx/CVE-2024-11094.json +++ b/CVE-2024/CVE-2024-110xx/CVE-2024-11094.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11094", "sourceIdentifier": "security@wordfence.com", "published": "2024-11-16T10:15:04.737", - "lastModified": "2024-11-16T10:15:04.737", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The 404 Solution plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.35.17 via the export feature. This makes it possible for unauthenticated attackers to extract sensitive data such as redirects including GET parameters which may reveal sensitive information." + }, + { + "lang": "es", + "value": "El complemento 404 Solution para WordPress es vulnerable a la exposici\u00f3n de informaci\u00f3n confidencial en todas las versiones hasta la 2.35.17 incluida a trav\u00e9s de la funci\u00f3n de exportaci\u00f3n. Esto permite que atacantes no autenticados extraigan datos confidenciales, como redirecciones que incluyen par\u00e1metros GET que pueden revelar informaci\u00f3n confidencial." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-111xx/CVE-2024-11100.json b/CVE-2024/CVE-2024-111xx/CVE-2024-11100.json index 252dc9a406b..e82bb7dbb36 100644 --- a/CVE-2024/CVE-2024-111xx/CVE-2024-11100.json +++ b/CVE-2024/CVE-2024-111xx/CVE-2024-11100.json @@ -2,8 +2,8 @@ "id": "CVE-2024-11100", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-12T04:15:04.823", - "lastModified": "2024-11-12T13:55:21.227", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-11-18T18:52:35.447", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -110,8 +130,18 @@ }, "weaknesses": [ { - "source": "cna@vuldb.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + }, + { + "source": "cna@vuldb.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -124,26 +154,59 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:1000projects:beauty_parlour_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "4CC5BB9B-86BF-4DDC-9A70-B48A4707A48E" + } + ] + } + ] + } + ], "references": [ { "url": "https://1000projects.org/", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Product" + ] }, { "url": "https://github.com/Hacker0xone/CVE/issues/6", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.283921", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.283921", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?submit.441292", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-111xx/CVE-2024-11101.json b/CVE-2024/CVE-2024-111xx/CVE-2024-11101.json index ce187c63c0e..6bc9ee4897b 100644 --- a/CVE-2024/CVE-2024-111xx/CVE-2024-11101.json +++ b/CVE-2024/CVE-2024-111xx/CVE-2024-11101.json @@ -2,8 +2,8 @@ "id": "CVE-2024-11101", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-12T04:15:05.080", - "lastModified": "2024-11-12T13:55:21.227", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-11-18T18:57:28.193", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -109,6 +129,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -124,26 +154,59 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:1000projects:beauty_parlour_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "4CC5BB9B-86BF-4DDC-9A70-B48A4707A48E" + } + ] + } + ] + } + ], "references": [ { "url": "https://1000projects.org/", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Product" + ] }, { "url": "https://github.com/Hacker0xone/CVE/issues/7", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.283920", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.283920", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?submit.441314", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-111xx/CVE-2024-11118.json b/CVE-2024/CVE-2024-111xx/CVE-2024-11118.json index 90ac8c36394..f40cc8647c5 100644 --- a/CVE-2024/CVE-2024-111xx/CVE-2024-11118.json +++ b/CVE-2024/CVE-2024-111xx/CVE-2024-11118.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11118", "sourceIdentifier": "security@wordfence.com", "published": "2024-11-16T04:15:06.140", - "lastModified": "2024-11-16T04:15:06.140", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The 404 Error Monitor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is due to missing or incorrect nonce validation on the updatePluginSettings() function. This makes it possible for unauthenticated attackers to make changes to plugin settings and clear up all the error logs via a forged request granted they can trick a site administrator into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento 404 Error Monitor para WordPress es vulnerable a Cross-Site Request Forgery en todas las versiones hasta la 1.1 incluida. Esto se debe a una validaci\u00f3n de nonce incorrecta o faltante en la funci\u00f3n updatePluginSettings(). Esto permite que atacantes no autenticados realicen cambios en la configuraci\u00f3n del complemento y borren todos los registros de errores a trav\u00e9s de una solicitud falsificada, siempre que puedan enga\u00f1ar a un administrador del sitio para que realice una acci\u00f3n como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-112xx/CVE-2024-11217.json b/CVE-2024/CVE-2024-112xx/CVE-2024-11217.json index 6b1eb20f146..a86e0ed02d5 100644 --- a/CVE-2024/CVE-2024-112xx/CVE-2024-11217.json +++ b/CVE-2024/CVE-2024-112xx/CVE-2024-11217.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11217", "sourceIdentifier": "secalert@redhat.com", "published": "2024-11-15T21:15:06.543", - "lastModified": "2024-11-15T21:15:06.543", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in the OAuth-server. OAuth-server logs the OAuth2 client secret when the logLevel is Debug higher for OIDC/GitHub/GitLab/Google IDPs login options." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en el servidor OAuth. El servidor OAuth registra el secreto del cliente OAuth2 cuando el nivel de registro es mayor que el de Depuraci\u00f3n para las opciones de inicio de sesi\u00f3n de los IDP de OIDC/GitHub/GitLab/Google." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-112xx/CVE-2024-11241.json b/CVE-2024/CVE-2024-112xx/CVE-2024-11241.json index 5f8a306cd98..11e9b56abe8 100644 --- a/CVE-2024/CVE-2024-112xx/CVE-2024-11241.json +++ b/CVE-2024/CVE-2024-112xx/CVE-2024-11241.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11241", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-15T15:15:06.003", - "lastModified": "2024-11-15T15:15:06.003", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in code-projects Job Recruitment 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file reset.php. The manipulation of the argument e leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad en code-projects Job Recruitment 1.0. Se ha declarado como cr\u00edtica. Esta vulnerabilidad afecta a una funcionalidad desconocida del archivo reset.php. La manipulaci\u00f3n del argumento e conduce a una inyecci\u00f3n SQL. El ataque se puede ejecutar de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-112xx/CVE-2024-11242.json b/CVE-2024/CVE-2024-112xx/CVE-2024-11242.json index 27d91e25142..34c0109a2ec 100644 --- a/CVE-2024/CVE-2024-112xx/CVE-2024-11242.json +++ b/CVE-2024/CVE-2024-112xx/CVE-2024-11242.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11242", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-15T15:15:06.280", - "lastModified": "2024-11-15T15:15:06.280", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in ZZCMS 2023. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/ad_list.php?action=pass of the component Keyword Filtering. The manipulation of the argument keyword leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en ZZCMS 2023. Se ha calificado como cr\u00edtica. Este problema afecta a una funcionalidad desconocida del archivo /admin/ad_list.php?action=pass del componente Keyword Filtering. La manipulaci\u00f3n de la palabra clave del argumento conduce a una inyecci\u00f3n SQL. El ataque puede ejecutarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-112xx/CVE-2024-11243.json b/CVE-2024/CVE-2024-112xx/CVE-2024-11243.json index 9c7798401b4..cfe40c2793d 100644 --- a/CVE-2024/CVE-2024-112xx/CVE-2024-11243.json +++ b/CVE-2024/CVE-2024-112xx/CVE-2024-11243.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11243", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-15T15:15:06.557", - "lastModified": "2024-11-15T15:15:06.557", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability classified as problematic has been found in code-projects Online Shop Store 1.0. This affects an unknown part of the file /signup.php. The manipulation of the argument m2 with the input leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad clasificada como problem\u00e1tica en code-projects Online Shop Store 1.0. Afecta a una parte desconocida del archivo /signup.php. La manipulaci\u00f3n del argumento m2 con la entrada provoca ataques de cross site scripting. Es posible iniciar el ataque de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-112xx/CVE-2024-11244.json b/CVE-2024/CVE-2024-112xx/CVE-2024-11244.json index f7df850d695..f386826866f 100644 --- a/CVE-2024/CVE-2024-112xx/CVE-2024-11244.json +++ b/CVE-2024/CVE-2024-112xx/CVE-2024-11244.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11244", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-15T16:15:32.790", - "lastModified": "2024-11-15T16:15:32.790", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability classified as critical was found in code-projects Farmacia 1.0. This vulnerability affects unknown code of the file /editar-cliente.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en code-projects Farmacia 1.0. Esta vulnerabilidad afecta al c\u00f3digo desconocido del archivo /editar-cliente.php. La manipulaci\u00f3n del argumento id conduce a una inyecci\u00f3n SQL. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-112xx/CVE-2024-11245.json b/CVE-2024/CVE-2024-112xx/CVE-2024-11245.json index 08c151a6141..894c4372908 100644 --- a/CVE-2024/CVE-2024-112xx/CVE-2024-11245.json +++ b/CVE-2024/CVE-2024-112xx/CVE-2024-11245.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11245", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-15T16:15:33.153", - "lastModified": "2024-11-15T16:15:33.153", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as critical, has been found in code-projects Farmacia 1.0. This issue affects some unknown processing of the file /editar-produto.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en code-projects Farmacia 1.0. Este problema afecta a algunos procesos desconocidos del archivo /editar-produto.php. La manipulaci\u00f3n del argumento id provoca una inyecci\u00f3n SQL. El ataque puede iniciarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-112xx/CVE-2024-11246.json b/CVE-2024/CVE-2024-112xx/CVE-2024-11246.json index f5ebc80c236..dc0fabb1e3e 100644 --- a/CVE-2024/CVE-2024-112xx/CVE-2024-11246.json +++ b/CVE-2024/CVE-2024-112xx/CVE-2024-11246.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11246", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-15T16:15:33.593", - "lastModified": "2024-11-15T16:15:33.593", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as problematic, was found in code-projects Farmacia 1.0. Affected is an unknown function of the file /adicionar-cliente.php. The manipulation of the argument nome/cpf/dataNascimento leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The initial researcher advisory mentions the parameter \"nome\" to be affected. But further inspection indicates that other parameters might be affected as well." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad clasificada como problem\u00e1tica en code-projects Farmacia 1.0. Se trata de una funci\u00f3n desconocida del archivo /adicionar-cliente.php. La manipulaci\u00f3n del argumento nome/cpf/dataNascimento provoca cross site scripting. Es posible lanzar el ataque de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse. El aviso inicial para investigadores menciona que el par\u00e1metro \"nome\" se ver\u00e1 afectado, pero una inspecci\u00f3n m\u00e1s detallada indica que tambi\u00e9n pueden verse afectados otros par\u00e1metros." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-112xx/CVE-2024-11247.json b/CVE-2024/CVE-2024-112xx/CVE-2024-11247.json index 3ea4df7b4c4..b4bed4b0f8b 100644 --- a/CVE-2024/CVE-2024-112xx/CVE-2024-11247.json +++ b/CVE-2024/CVE-2024-112xx/CVE-2024-11247.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11247", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-15T17:15:19.237", - "lastModified": "2024-11-15T17:15:19.237", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability has been found in SourceCodester Online Eyewear Shop 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /oews/classes/Master.php?f=save_product of the component Inventory Page. The manipulation of the argument brand leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad en SourceCodester Online Eyewear Shop 1.0 y se ha clasificado como problem\u00e1tica. Esta vulnerabilidad afecta a una funcionalidad desconocida del archivo /oews/classes/Master.php?f=save_product del componente Inventory Page. La manipulaci\u00f3n del argumento brand provoca cross site scripting. El ataque se puede ejecutar de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse. Tambi\u00e9n pueden verse afectados otros par\u00e1metros." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-112xx/CVE-2024-11248.json b/CVE-2024/CVE-2024-112xx/CVE-2024-11248.json index 650cae796b3..ede2cf765b3 100644 --- a/CVE-2024/CVE-2024-112xx/CVE-2024-11248.json +++ b/CVE-2024/CVE-2024-112xx/CVE-2024-11248.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11248", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-15T17:15:19.580", - "lastModified": "2024-11-15T17:15:19.580", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. Affected by this issue is the function formSetRebootTimer of the file /goform/SetSysAutoRebbotCfg. The manipulation of the argument rebootTime leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha detectado una vulnerabilidad en Tenda AC10 16.03.10.13 que se ha clasificado como cr\u00edtica. Este problema afecta a la funci\u00f3n formSetRebootTimer del archivo /goform/SetSysAutoRebbotCfg. La manipulaci\u00f3n del argumento rebootTime provoca un desbordamiento del b\u00fafer basado en la pila. El ataque puede ejecutarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-112xx/CVE-2024-11250.json b/CVE-2024/CVE-2024-112xx/CVE-2024-11250.json index cbec25859e8..41b8b778424 100644 --- a/CVE-2024/CVE-2024-112xx/CVE-2024-11250.json +++ b/CVE-2024/CVE-2024-112xx/CVE-2024-11250.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11250", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-15T18:15:26.280", - "lastModified": "2024-11-15T18:15:26.280", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in code-projects Inventory Management up to 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /model/editProduct.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad en code-projects Inventory Management hasta la versi\u00f3n 1.0. Se ha declarado como cr\u00edtica. Esta vulnerabilidad afecta al c\u00f3digo desconocido del archivo /model/editProduct.php. La manipulaci\u00f3n del argumento id provoca una inyecci\u00f3n SQL. El ataque puede iniciarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-112xx/CVE-2024-11251.json b/CVE-2024/CVE-2024-112xx/CVE-2024-11251.json index 30716ac0f15..036e4eb2ad6 100644 --- a/CVE-2024/CVE-2024-112xx/CVE-2024-11251.json +++ b/CVE-2024/CVE-2024-112xx/CVE-2024-11251.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11251", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-15T18:15:26.653", - "lastModified": "2024-11-15T18:15:26.653", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in erzhongxmu Jeewms up to 20241108. It has been rated as critical. This issue affects some unknown processing of the file cgReportController.do of the component AuthInterceptor. The manipulation of the argument begin_date leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. Other parameters might be affected as well." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en erzhongxmu Jeewms hasta 20241108. Se ha calificado como cr\u00edtica. Este problema afecta a algunos procesamientos desconocidos del archivo cgReportController.do del componente AuthInterceptor. La manipulaci\u00f3n del argumento begin_date conduce a una inyecci\u00f3n SQL. El ataque puede iniciarse de forma remota. El exploit se ha divulgado al p\u00fablico y puede utilizarse. Este producto no utiliza control de versiones. Por este motivo, no est\u00e1 disponible la informaci\u00f3n sobre las versiones afectadas y no afectadas. Tambi\u00e9n pueden verse afectados otros par\u00e1metros." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-112xx/CVE-2024-11256.json b/CVE-2024/CVE-2024-112xx/CVE-2024-11256.json index 800c05e0722..96ec14f994e 100644 --- a/CVE-2024/CVE-2024-112xx/CVE-2024-11256.json +++ b/CVE-2024/CVE-2024-112xx/CVE-2024-11256.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11256", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-15T20:15:17.957", - "lastModified": "2024-11-15T20:15:17.957", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0 and classified as critical. This issue affects some unknown processing of the file /login.php. The manipulation of the argument username leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad en 1000 Projects Portfolio Management System MCA 1.0 y se ha clasificado como cr\u00edtica. Este problema afecta a algunos procesos desconocidos del archivo /login.php. La manipulaci\u00f3n del argumento username provoca una inyecci\u00f3n SQL. El ataque puede iniciarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-112xx/CVE-2024-11257.json b/CVE-2024/CVE-2024-112xx/CVE-2024-11257.json index 881e693d31a..a6366c1f3ad 100644 --- a/CVE-2024/CVE-2024-112xx/CVE-2024-11257.json +++ b/CVE-2024/CVE-2024-112xx/CVE-2024-11257.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11257", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-15T20:15:18.253", - "lastModified": "2024-11-15T20:15:18.253", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability classified as critical has been found in 1000 Projects Beauty Parlour Management System 1.0. This affects an unknown part of the file /admin/forgot-password.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en 1000 Projects Beauty Parlour Management System 1.0. Afecta a una parte desconocida del archivo /admin/forgot-password.php. La manipulaci\u00f3n del argumento email provoca una inyecci\u00f3n SQL. Es posible iniciar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede ser utilizado." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-112xx/CVE-2024-11258.json b/CVE-2024/CVE-2024-112xx/CVE-2024-11258.json index be903d9e3ce..0bfdcae5d21 100644 --- a/CVE-2024/CVE-2024-112xx/CVE-2024-11258.json +++ b/CVE-2024/CVE-2024-112xx/CVE-2024-11258.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11258", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-15T20:15:18.523", - "lastModified": "2024-11-15T20:15:18.523", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability classified as critical was found in 1000 Projects Beauty Parlour Management System 1.0. This vulnerability affects unknown code of the file /admin/index.php. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en 1000 Projects Beauty Parlour Management System 1.0. Esta vulnerabilidad afecta al c\u00f3digo desconocido del archivo /admin/index.php. La manipulaci\u00f3n del argumento username conduce a una inyecci\u00f3n SQL. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-112xx/CVE-2024-11259.json b/CVE-2024/CVE-2024-112xx/CVE-2024-11259.json index 1749edbc7dc..68343b2a858 100644 --- a/CVE-2024/CVE-2024-112xx/CVE-2024-11259.json +++ b/CVE-2024/CVE-2024-112xx/CVE-2024-11259.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11259", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-15T20:15:18.797", - "lastModified": "2024-11-15T20:15:18.797", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as problematic, has been found in code-projects Farmacia 1.0. This issue affects some unknown processing of the file /fornecedores.php. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad clasificada como problem\u00e1tica en code-projects Farmacia 1.0. Este problema afecta a algunos procesos desconocidos del archivo /fornecedores.php. La manipulaci\u00f3n conduce a cross site scripting. El ataque puede iniciarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-112xx/CVE-2024-11261.json b/CVE-2024/CVE-2024-112xx/CVE-2024-11261.json index 3fc23290f0a..825a9fe8cce 100644 --- a/CVE-2024/CVE-2024-112xx/CVE-2024-11261.json +++ b/CVE-2024/CVE-2024-112xx/CVE-2024-11261.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11261", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-15T22:15:14.970", - "lastModified": "2024-11-15T22:15:14.970", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as critical, was found in SourceCodester Student Record Management System 1.0. Affected is an unknown function of the file StudentRecordManagementSystem.cpp of the component Number of Students Menu. The manipulation leads to memory corruption. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en SourceCodester Student Record Management System 1.0. Se trata de una funci\u00f3n desconocida del archivo StudentRecordManagementSystem.cpp del componente Number of Students Menu. La manipulaci\u00f3n provoca la corrupci\u00f3n de la memoria. Es necesario realizar un ataque local. El exploit se ha hecho p\u00fablico y puede utilizarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-112xx/CVE-2024-11262.json b/CVE-2024/CVE-2024-112xx/CVE-2024-11262.json index bce6c5cd4d3..7d2d7f412cb 100644 --- a/CVE-2024/CVE-2024-112xx/CVE-2024-11262.json +++ b/CVE-2024/CVE-2024-112xx/CVE-2024-11262.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11262", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-15T23:15:10.270", - "lastModified": "2024-11-15T23:15:10.270", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability has been found in SourceCodester Student Record Management System 1.0 and classified as critical. Affected by this vulnerability is the function main of the component View All Student Marks. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad en SourceCodester Student Record Management System 1.0 y se ha clasificado como cr\u00edtica. Esta vulnerabilidad afecta a la funci\u00f3n main del componente View All Student Marks. La manipulaci\u00f3n provoca un desbordamiento del b\u00fafer basado en la pila. Es posible lanzar el ataque en el host local. El exploit se ha hecho p\u00fablico y puede utilizarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-112xx/CVE-2024-11263.json b/CVE-2024/CVE-2024-112xx/CVE-2024-11263.json index b712595047f..740b6b604ef 100644 --- a/CVE-2024/CVE-2024-112xx/CVE-2024-11263.json +++ b/CVE-2024/CVE-2024-112xx/CVE-2024-11263.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11263", "sourceIdentifier": "vulnerabilities@zephyrproject.org", "published": "2024-11-15T23:15:10.557", - "lastModified": "2024-11-15T23:15:10.557", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "When the Global Pointer (GP) relative addressing is enabled (CONFIG_RISCV_GP=y), the gp reg points at 0x800 bytes past the start of the .sdata section which is then used by the linker to relax accesses to global symbols." + }, + { + "lang": "es", + "value": "Cuando la direcci\u00f3n relativa del puntero global (GP) est\u00e1 habilitada (CONFIG_RISCV_GP=y), el registro gp apunta a 0x800 bytes m\u00e1s all\u00e1 del inicio de la secci\u00f3n .sdata, que luego es utilizada por el enlazador para relajar los accesos a los s\u00edmbolos globales." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-113xx/CVE-2024-11303.json b/CVE-2024/CVE-2024-113xx/CVE-2024-11303.json index e6a405767d4..c90f63c021e 100644 --- a/CVE-2024/CVE-2024-113xx/CVE-2024-11303.json +++ b/CVE-2024/CVE-2024-113xx/CVE-2024-11303.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11303", "sourceIdentifier": "office@cyberdanube.com", "published": "2024-11-18T14:15:04.963", - "lastModified": "2024-11-18T14:15:04.963", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The pathname of the root directory to a Restricted Directory ('Path Traversal') vulnerability in Korenix JetPort 5601 allows Path Traversal.This issue affects JetPort 5601: through 1.2." + }, + { + "lang": "es", + "value": "La vulnerabilidad de ruta del directorio ra\u00edz a un directorio restringido ('Path Traversal') en Korenix JetPort 5601 permite Path Traversal. Este problema afecta a JetPort 5601: hasta 1.2." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-113xx/CVE-2024-11304.json b/CVE-2024/CVE-2024-113xx/CVE-2024-11304.json index c4583013fa8..b0e9132c911 100644 --- a/CVE-2024/CVE-2024-113xx/CVE-2024-11304.json +++ b/CVE-2024/CVE-2024-113xx/CVE-2024-11304.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11304", "sourceIdentifier": "office@cyberdanube.com", "published": "2024-11-18T15:15:05.663", - "lastModified": "2024-11-18T15:15:05.663", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Missing input validation in the SEH Computertechnik utnserver Pro, SEH Computertechnik utnserver ProMAX, SEH Computertechnik INU-100 web-interface allows stored Cross-Site Scripting (XSS). This issue affects utnserver Pro, utnserver ProMAX, INU-100 version 20.1.22 and below." + }, + { + "lang": "es", + "value": "Falta la validaci\u00f3n de entrada en SEH Computertechnik utnserver Pro, SEH Computertechnik utnserver ProMAX, la interfaz web SEH Computertechnik INU-100 permite Cross-Site Scripting (XSS) almacenado. Este problema afecta a utnserver Pro, utnserver ProMAX, INU-100 versi\u00f3n 20.1.22 y anteriores." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-113xx/CVE-2024-11305.json b/CVE-2024/CVE-2024-113xx/CVE-2024-11305.json index f527069de31..28ba7cfcdcf 100644 --- a/CVE-2024/CVE-2024-113xx/CVE-2024-11305.json +++ b/CVE-2024/CVE-2024-113xx/CVE-2024-11305.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11305", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-18T01:15:16.307", - "lastModified": "2024-11-18T01:15:16.307", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability classified as critical was found in Altenergy Power Control Software up to 20241108. This vulnerability affects the function get_status_zigbee of the file /index.php/display/status_zigbee. The manipulation of the argument date leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Se ha detectado una vulnerabilidad clasificada como cr\u00edtica en Altenergy Power Control Software hasta el 20241108. Esta vulnerabilidad afecta a la funci\u00f3n get_status_zigbee del archivo /index.php/display/status_zigbee. La manipulaci\u00f3n del argumento date conduce a una inyecci\u00f3n SQL. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. Se contact\u00f3 al proveedor con anticipaci\u00f3n sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-113xx/CVE-2024-11306.json b/CVE-2024/CVE-2024-113xx/CVE-2024-11306.json index aee1eb851d3..82714b4bc69 100644 --- a/CVE-2024/CVE-2024-113xx/CVE-2024-11306.json +++ b/CVE-2024/CVE-2024-113xx/CVE-2024-11306.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11306", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-18T02:15:15.577", - "lastModified": "2024-11-18T02:15:15.577", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as critical, has been found in Altenergy Power Control Software up to 20241108. This issue affects some unknown processing of the file /index.php/display/database/. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other endpoints might be affected as well. The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad, que se ha clasificado como cr\u00edtica, en Altenergy Power Control Software hasta 20241108. Este problema afecta a algunos procesos desconocidos del archivo /index.php/display/database/. La manipulaci\u00f3n conduce a una autorizaci\u00f3n incorrecta. El ataque puede iniciarse de forma remota. El exploit se ha divulgado al p\u00fablico y puede utilizarse. Tambi\u00e9n podr\u00edan verse afectados otros endpoints. Se contact\u00f3 al proveedor con anticipaci\u00f3n sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-113xx/CVE-2024-11308.json b/CVE-2024/CVE-2024-113xx/CVE-2024-11308.json index 48f472fcad0..585d2b23180 100644 --- a/CVE-2024/CVE-2024-113xx/CVE-2024-11308.json +++ b/CVE-2024/CVE-2024-113xx/CVE-2024-11308.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11308", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-11-18T06:15:04.263", - "lastModified": "2024-11-18T06:15:04.263", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The DVC from TRCore encrypts files using a hardcoded key. Attackers can use this key to decrypt the files and restore the original content." + }, + { + "lang": "es", + "value": "El DVC de TRCore cifra los archivos mediante una clave codificada. Los atacantes pueden utilizar esta clave para descifrar los archivos y restaurar el contenido original." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-113xx/CVE-2024-11309.json b/CVE-2024/CVE-2024-113xx/CVE-2024-11309.json index 550142a8556..39277ad12db 100644 --- a/CVE-2024/CVE-2024-113xx/CVE-2024-11309.json +++ b/CVE-2024/CVE-2024-113xx/CVE-2024-11309.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11309", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-11-18T06:15:04.673", - "lastModified": "2024-11-18T06:15:04.673", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The DVC from TRCore has a Path Traversal vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files." + }, + { + "lang": "es", + "value": "El DVC de TRCore tiene una vulnerabilidad de path traversal, lo que permite a atacantes remotos no autenticados explotar esta vulnerabilidad para leer archivos de sistema arbitrarios." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-113xx/CVE-2024-11310.json b/CVE-2024/CVE-2024-113xx/CVE-2024-11310.json index 946b13f0d68..e14638da109 100644 --- a/CVE-2024/CVE-2024-113xx/CVE-2024-11310.json +++ b/CVE-2024/CVE-2024-113xx/CVE-2024-11310.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11310", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-11-18T06:15:04.987", - "lastModified": "2024-11-18T06:15:04.987", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The DVC from TRCore has a Path Traversal vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files." + }, + { + "lang": "es", + "value": "El DVC de TRCore tiene una vulnerabilidad de path traversal, lo que permite a atacantes remotos no autenticados explotar esta vulnerabilidad para leer archivos de sistema arbitrarios." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-113xx/CVE-2024-11311.json b/CVE-2024/CVE-2024-113xx/CVE-2024-11311.json index 96d26e0fc5b..c45bd15905a 100644 --- a/CVE-2024/CVE-2024-113xx/CVE-2024-11311.json +++ b/CVE-2024/CVE-2024-113xx/CVE-2024-11311.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11311", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-11-18T07:15:13.063", - "lastModified": "2024-11-18T07:15:13.063", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files. This allows unauthenticated remote attackers to upload arbitrary files to any directory, leading to arbitrary code execution by uploading webshells." + }, + { + "lang": "es", + "value": "El DVC de TRCore tiene una vulnerabilidad de Path Traversal y no restringe los tipos de archivos cargados. Esto permite que atacantes remotos no autenticados carguen archivos arbitrarios en cualquier directorio, lo que lleva a la ejecuci\u00f3n de c\u00f3digo arbitrario al cargar webshells." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-113xx/CVE-2024-11312.json b/CVE-2024/CVE-2024-113xx/CVE-2024-11312.json index 21e9cdd0137..b80a6c32c67 100644 --- a/CVE-2024/CVE-2024-113xx/CVE-2024-11312.json +++ b/CVE-2024/CVE-2024-113xx/CVE-2024-11312.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11312", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-11-18T07:15:14.903", - "lastModified": "2024-11-18T07:15:14.903", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files. This allows unauthenticated remote attackers to upload arbitrary files to any directory, leading to arbitrary code execution by uploading webshells." + }, + { + "lang": "es", + "value": "El DVC de TRCore tiene una vulnerabilidad de Path Traversal y no restringe los tipos de archivos cargados. Esto permite que atacantes remotos no autenticados carguen archivos arbitrarios en cualquier directorio, lo que lleva a la ejecuci\u00f3n de c\u00f3digo arbitrario al cargar webshells." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-113xx/CVE-2024-11313.json b/CVE-2024/CVE-2024-113xx/CVE-2024-11313.json index 3ee91e8a251..7ec7cde4771 100644 --- a/CVE-2024/CVE-2024-113xx/CVE-2024-11313.json +++ b/CVE-2024/CVE-2024-113xx/CVE-2024-11313.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11313", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-11-18T07:15:15.420", - "lastModified": "2024-11-18T07:15:15.420", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files. This allows unauthenticated remote attackers to upload arbitrary files to any directory, leading to arbitrary code execution by uploading webshells." + }, + { + "lang": "es", + "value": "El DVC de TRCore tiene una vulnerabilidad de Path Traversal y no restringe los tipos de archivos cargados. Esto permite que atacantes remotos no autenticados carguen archivos arbitrarios en cualquier directorio, lo que lleva a la ejecuci\u00f3n de c\u00f3digo arbitrario al cargar webshells." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-113xx/CVE-2024-11314.json b/CVE-2024/CVE-2024-113xx/CVE-2024-11314.json index 9525a135351..be3b84b8df3 100644 --- a/CVE-2024/CVE-2024-113xx/CVE-2024-11314.json +++ b/CVE-2024/CVE-2024-113xx/CVE-2024-11314.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11314", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-11-18T07:15:15.993", - "lastModified": "2024-11-18T07:15:15.993", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files. This allows unauthenticated remote attackers to upload arbitrary files to any directory, leading to arbitrary code execution by uploading webshells." + }, + { + "lang": "es", + "value": "El DVC de TRCore tiene una vulnerabilidad de Path Traversal y no restringe los tipos de archivos cargados. Esto permite que atacantes remotos no autenticados carguen archivos arbitrarios en cualquier directorio, lo que lleva a la ejecuci\u00f3n de c\u00f3digo arbitrario al cargar webshells." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-113xx/CVE-2024-11315.json b/CVE-2024/CVE-2024-113xx/CVE-2024-11315.json index 7a861295919..bc2cbefe77e 100644 --- a/CVE-2024/CVE-2024-113xx/CVE-2024-11315.json +++ b/CVE-2024/CVE-2024-113xx/CVE-2024-11315.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11315", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-11-18T07:15:16.673", - "lastModified": "2024-11-18T07:15:16.673", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files. This allows unauthenticated remote attackers to upload arbitrary files to any directory, leading to arbitrary code execution by uploading webshells." + }, + { + "lang": "es", + "value": "El DVC de TRCore tiene una vulnerabilidad de Path Traversal y no restringe los tipos de archivos cargados. Esto permite que atacantes remotos no autenticados carguen archivos arbitrarios en cualquier directorio, lo que lleva a la ejecuci\u00f3n de c\u00f3digo arbitrario al cargar webshells." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-113xx/CVE-2024-11318.json b/CVE-2024/CVE-2024-113xx/CVE-2024-11318.json index 381e2fadbfe..a13813cea7b 100644 --- a/CVE-2024/CVE-2024-113xx/CVE-2024-11318.json +++ b/CVE-2024/CVE-2024-113xx/CVE-2024-11318.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11318", "sourceIdentifier": "cve-coordination@incibe.es", "published": "2024-11-18T14:15:05.233", - "lastModified": "2024-11-18T14:15:05.233", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An IDOR (Insecure Direct Object Reference) vulnerability has been discovered in AbsysNet, affecting version 2.3.1. This vulnerability could allow a remote attacker to obtain the session of an unauthenticated user by brute-force attacking the session identifier on the \"/cgi-bin/ocap/\" endpoint." + }, + { + "lang": "es", + "value": "Se ha descubierto una vulnerabilidad IDOR (Insecure Direct Object Reference) en AbsysNet, que afecta a la versi\u00f3n 2.3.1. Esta vulnerabilidad podr\u00eda permitir a un atacante remoto obtener la sesi\u00f3n de un usuario no autenticado mediante un ataque de fuerza bruta al identificador de sesi\u00f3n en el punto de conexi\u00f3n \"/cgi-bin/ocap/\"." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-113xx/CVE-2024-11319.json b/CVE-2024/CVE-2024-113xx/CVE-2024-11319.json index 0cac04ea623..29138313efe 100644 --- a/CVE-2024/CVE-2024-113xx/CVE-2024-11319.json +++ b/CVE-2024/CVE-2024-113xx/CVE-2024-11319.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11319", "sourceIdentifier": "iletisim@usom.gov.tr", "published": "2024-11-18T12:15:17.853", - "lastModified": "2024-11-18T15:35:04.247", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in django CMS Association django-cms allows Cross-Site Scripting (XSS).This issue affects django-cms: 3.11.7, 3.11.8, 4.1.2, 4.1.3." + }, + { + "lang": "es", + "value": "Vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web (XSS o 'Cross-site Scripting') en django CMS Association django-cms permite Cross-Site Scripting (XSS). Este problema afecta a Django-cms: 3.11.7, 3.11.8, 4.1.2, 4.1.3." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-203xx/CVE-2024-20373.json b/CVE-2024/CVE-2024-203xx/CVE-2024-20373.json index 5dd7a157af0..a306a1fb6f4 100644 --- a/CVE-2024/CVE-2024-203xx/CVE-2024-20373.json +++ b/CVE-2024/CVE-2024-203xx/CVE-2024-20373.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20373", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-15T15:15:06.823", - "lastModified": "2024-11-15T15:15:06.823", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) IPv4 access control list (ACL) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic. \r\n\r\nThis vulnerability exists because Cisco IOS Software and Cisco IOS XE Software do not support extended IPv4 ACLs for SNMP, but they do allow administrators to configure extended named IPv4 ACLs that are attached to the SNMP server configuration without a warning message. This can result in no ACL being applied to the SNMP listening process. An attacker could exploit this vulnerability by performing SNMP polling of an affected device. A successful exploit could allow the attacker to perform SNMP operations that should be denied. The attacker has no control of the SNMP ACL configuration and would still need a valid SNMP version 2c (SNMPv2c) community string or SNMP version 3 (SNMPv3) user credentials.\r\nSNMP with IPv6 ACL configurations is not affected.\r\nFor more information, see the section of this advisory." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la implementaci\u00f3n de la caracter\u00edstica de lista de control de acceso (ACL) IPv4 del Protocolo simple de administraci\u00f3n de redes (SNMP) de Cisco IOS Software y Cisco IOS XE Software podr\u00eda permitir que un atacante remoto no autenticado realice un sondeo SNMP de un dispositivo afectado, incluso si est\u00e1 configurado para denegar el tr\u00e1fico SNMP. Esta vulnerabilidad existe porque Cisco IOS Software y Cisco IOS XE Software no admiten ACL IPv4 extendidas para SNMP, pero s\u00ed permiten a los administradores configurar ACL IPv4 con nombre extendidas que se adjuntan a la configuraci\u00f3n del servidor SNMP sin un mensaje de advertencia. Esto puede provocar que no se aplique ninguna ACL al proceso de escucha SNMP. Un atacante podr\u00eda aprovechar esta vulnerabilidad realizando un sondeo SNMP de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante realizar operaciones SNMP que deber\u00edan denegarse. El atacante no tiene control sobre la configuraci\u00f3n de la ACL de SNMP y a\u00fan necesitar\u00eda una cadena de comunidad de SNMP versi\u00f3n 2c (SNMPv2c) v\u00e1lida o credenciales de usuario de SNMP versi\u00f3n 3 (SNMPv3). SNMP con configuraciones de ACL de IPv6 no se ve afectado. Para obtener m\u00e1s informaci\u00f3n, consulte la secci\u00f3n de este aviso." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-220xx/CVE-2024-22067.json b/CVE-2024/CVE-2024-220xx/CVE-2024-22067.json index 5625398eaea..08c3113856d 100644 --- a/CVE-2024/CVE-2024-220xx/CVE-2024-22067.json +++ b/CVE-2024/CVE-2024-220xx/CVE-2024-22067.json @@ -2,13 +2,17 @@ "id": "CVE-2024-22067", "sourceIdentifier": "psirt@zte.com.cn", "published": "2024-11-18T07:15:17.370", - "lastModified": "2024-11-18T07:15:17.370", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "ZTE NH8091 product has an improper permission control vulnerability. Due to improper permission control of the Web module interface, an authenticated attacker may exploit the vulnerability to execute arbitrary commands." + }, + { + "lang": "es", + "value": "El producto ZTE NH8091 tiene una vulnerabilidad de control de permisos inadecuado. Debido al control de permisos inadecuado de la interfaz del m\u00f3dulo web, un atacante autenticado puede aprovechar la vulnerabilidad para ejecutar comandos arbitrarios." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-231xx/CVE-2024-23169.json b/CVE-2024/CVE-2024-231xx/CVE-2024-23169.json index bd427527c63..8667eb540d6 100644 --- a/CVE-2024/CVE-2024-231xx/CVE-2024-23169.json +++ b/CVE-2024/CVE-2024-231xx/CVE-2024-23169.json @@ -2,13 +2,17 @@ "id": "CVE-2024-23169", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T19:15:05.830", - "lastModified": "2024-11-15T19:35:06.473", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The web interface in RSA NetWitness 11.7.2.0 allows Cross-Site Scripting (XSS) via the Where textbox on the Reports screen during new rule creation." + }, + { + "lang": "es", + "value": "La interfaz web de RSA NetWitness 11.7.2.0 permite la ejecuci\u00f3n de cross site scripting (XSS) a trav\u00e9s del cuadro de texto D\u00f3nde en la pantalla Informes durante la creaci\u00f3n de una nueva regla." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-244xx/CVE-2024-24425.json b/CVE-2024/CVE-2024-244xx/CVE-2024-24425.json index 1e7f7fb4672..36fef944d84 100644 --- a/CVE-2024/CVE-2024-244xx/CVE-2024-24425.json +++ b/CVE-2024/CVE-2024-244xx/CVE-2024-24425.json @@ -2,13 +2,17 @@ "id": "CVE-2024-24425", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T19:15:05.927", - "lastModified": "2024-11-15T19:15:05.927", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Magma v1.8.0 and OAI EPC Federation v1.20 were discovered to contain an out-of-bounds read in the amf_as_establish_req function at /tasks/amf/amf_as.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que Magma v1.8.0 y OAI EPC Federation v1.20 conten\u00edan una lectura fuera de los l\u00edmites en la funci\u00f3n amf_as_establish_req en /tasks/amf/amf_as.cpp. Esta vulnerabilidad permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de un paquete NAS manipulado." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-244xx/CVE-2024-24426.json b/CVE-2024/CVE-2024-244xx/CVE-2024-24426.json index b3f36517fb8..424193dbf3e 100644 --- a/CVE-2024/CVE-2024-244xx/CVE-2024-24426.json +++ b/CVE-2024/CVE-2024-244xx/CVE-2024-24426.json @@ -2,13 +2,17 @@ "id": "CVE-2024-24426", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T19:15:06.057", - "lastModified": "2024-11-15T19:15:06.057", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Reachable assertions in the NGAP_FIND_PROTOCOLIE_BY_ID function of OpenAirInterface Magma v1.8.0 and OAI EPC Federation v1.2.0 allow attackers to cause a Denial of Service (DoS) via a crafted NGAP packet." + }, + { + "lang": "es", + "value": "Las afirmaciones alcanzables en la funci\u00f3n NGAP_FIND_PROTOCOLIE_BY_ID de OpenAirInterface Magma v1.8.0 y OAI EPC Federation v1.2.0 permiten a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de un paquete NGAP manipulado." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-244xx/CVE-2024-24431.json b/CVE-2024/CVE-2024-244xx/CVE-2024-24431.json index 5d56b0d9396..8c0a9985166 100644 --- a/CVE-2024/CVE-2024-244xx/CVE-2024-24431.json +++ b/CVE-2024/CVE-2024-244xx/CVE-2024-24431.json @@ -2,13 +2,17 @@ "id": "CVE-2024-24431", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T19:15:06.137", - "lastModified": "2024-11-15T19:15:06.137", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A reachable assertion in the ogs_nas_emm_decode function of Open5GS v2.7.0 allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet with a zero-length EMM message length." + }, + { + "lang": "es", + "value": "Una afirmaci\u00f3n alcanzable en la funci\u00f3n ogs_nas_emm_decode de Open5GS v2.7.0 permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de un paquete NAS manipulado con una longitud de mensaje EMM de longitud cero." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-244xx/CVE-2024-24446.json b/CVE-2024/CVE-2024-244xx/CVE-2024-24446.json index 51b2317a287..8a6682c26e9 100644 --- a/CVE-2024/CVE-2024-244xx/CVE-2024-24446.json +++ b/CVE-2024/CVE-2024-244xx/CVE-2024-24446.json @@ -2,13 +2,17 @@ "id": "CVE-2024-24446", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T19:15:06.220", - "lastModified": "2024-11-15T19:15:06.220", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An uninitialized pointer dereference in OpenAirInterface CN5G AMF up to v2.0.0 allows attackers to cause a Denial of Service (DoS) via a crafted InitialContextSetupResponse message sent to the AMF." + }, + { + "lang": "es", + "value": "Una desreferencia de puntero no inicializado en OpenAirInterface CN5G AMF hasta v2.0.0 permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de un mensaje InitialContextSetupResponse creado a medida enviado a AMF." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-244xx/CVE-2024-24447.json b/CVE-2024/CVE-2024-244xx/CVE-2024-24447.json index 2460a44ee42..f5e1d5ead9f 100644 --- a/CVE-2024/CVE-2024-244xx/CVE-2024-24447.json +++ b/CVE-2024/CVE-2024-244xx/CVE-2024-24447.json @@ -2,13 +2,17 @@ "id": "CVE-2024-24447", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T18:15:26.930", - "lastModified": "2024-11-15T21:35:05.520", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A buffer overflow in the ngap_amf_handle_pdu_session_resource_setup_response function of oai-cn5g-amf up to v2.0.0 allows attackers to cause a Denial of Service (DoS) via a PDU Session Resource Setup Response with an empty Response Item list." + }, + { + "lang": "es", + "value": "Un desbordamiento de b\u00fafer en la funci\u00f3n ngap_amf_handle_pdu_session_resource_setup_response de oai-cn5g-amf hasta v2.0.0 permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de una respuesta de configuraci\u00f3n de recursos de sesi\u00f3n de PDU con una lista de elementos de respuesta vac\u00eda." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-244xx/CVE-2024-24449.json b/CVE-2024/CVE-2024-244xx/CVE-2024-24449.json index 48645c63530..2f5ace30d03 100644 --- a/CVE-2024/CVE-2024-244xx/CVE-2024-24449.json +++ b/CVE-2024/CVE-2024-244xx/CVE-2024-24449.json @@ -2,13 +2,17 @@ "id": "CVE-2024-24449", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T18:15:27.013", - "lastModified": "2024-11-15T18:15:27.013", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An uninitialized pointer dereference in the NasPdu::NasPdu component of OpenAirInterface CN5G AMF up to v2.0.0 allows attackers to cause a Denial of Service (DoS) via a crafted InitialUEMessage message sent to the AMF." + }, + { + "lang": "es", + "value": "Una desreferencia de puntero no inicializado en el componente NasPdu::NasPdu de OpenAirInterface CN5G AMF hasta v2.0.0 permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de un mensaje InitialUEMessage manipulado a medida enviado a AMF." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-244xx/CVE-2024-24450.json b/CVE-2024/CVE-2024-244xx/CVE-2024-24450.json index db80eb266da..ed7179f76da 100644 --- a/CVE-2024/CVE-2024-244xx/CVE-2024-24450.json +++ b/CVE-2024/CVE-2024-244xx/CVE-2024-24450.json @@ -2,13 +2,17 @@ "id": "CVE-2024-24450", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T18:15:27.097", - "lastModified": "2024-11-15T21:35:06.360", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Stack-based memcpy buffer overflow in the ngap_handle_pdu_session_resource_setup_response routine in OpenAirInterface CN5G AMF <= 2.0.0 allows a remote attacker with access to the N2 interface to carry out denial of service against the AMF and potentially execute code by sending a PDU Session Resource Setup Response with a suffciently large FailedToSetupList IE." + }, + { + "lang": "es", + "value": "El desbordamiento del b\u00fafer de memcpy basado en pila en la rutina ngap_handle_pdu_session_resource_setup_response en OpenAirInterface CN5G AMF <= 2.0.0 permite que un atacante remoto con acceso a la interfaz N2 realice una denegaci\u00f3n de servicio contra AMF y potencialmente ejecute c\u00f3digo enviando una respuesta de configuraci\u00f3n de recurso de sesi\u00f3n PDU con un IE FailedToSetupList suficientemente grande." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-244xx/CVE-2024-24452.json b/CVE-2024/CVE-2024-244xx/CVE-2024-24452.json index b4edb6a0dc9..28afe1baefa 100644 --- a/CVE-2024/CVE-2024-244xx/CVE-2024-24452.json +++ b/CVE-2024/CVE-2024-244xx/CVE-2024-24452.json @@ -2,13 +2,17 @@ "id": "CVE-2024-24452", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T20:15:19.117", - "lastModified": "2024-11-15T21:35:07.200", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An invalid memory access when handling the ProtocolIE_ID field of E-RAB Release Indication messages in Athonet vEPC MME v11.4.0 allows attackers to cause a Denial of Service (DoS) to the cellular network by repeatedly initiating connections and sending a crafted payload." + }, + { + "lang": "es", + "value": "Un acceso a memoria no v\u00e1lido al manejar el campo ProtocolIE_ID de los mensajes de indicaci\u00f3n de liberaci\u00f3n de E-RAB en Athonet vEPC MME v11.4.0 permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a la red celular al iniciar conexiones repetidamente y enviar un payload manipulado." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-244xx/CVE-2024-24453.json b/CVE-2024/CVE-2024-244xx/CVE-2024-24453.json index f94570ea983..77df9baa554 100644 --- a/CVE-2024/CVE-2024-244xx/CVE-2024-24453.json +++ b/CVE-2024/CVE-2024-244xx/CVE-2024-24453.json @@ -2,13 +2,17 @@ "id": "CVE-2024-24453", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T20:15:19.203", - "lastModified": "2024-11-15T21:35:08.027", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An invalid memory access when handling the ProtocolIE_ID field of E-RAB NotToBeModifiedBearerModInd information element in Athonet vEPC MME v11.4.0 allows attackers to cause a Denial of Service (DoS) to the cellular network by repeatedly initiating connections and sending a crafted payload." + }, + { + "lang": "es", + "value": "Un acceso a memoria no v\u00e1lido al manejar el campo ProtocolIE_ID del elemento de informaci\u00f3n E-RAB NotToBeModifiedBearerModInd en Athonet vEPC MME v11.4.0 permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a la red celular iniciando conexiones repetidamente y enviando un payload manipulado." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-244xx/CVE-2024-24454.json b/CVE-2024/CVE-2024-244xx/CVE-2024-24454.json index 2a419162f94..2885a0acbdb 100644 --- a/CVE-2024/CVE-2024-244xx/CVE-2024-24454.json +++ b/CVE-2024/CVE-2024-244xx/CVE-2024-24454.json @@ -2,13 +2,17 @@ "id": "CVE-2024-24454", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T20:15:19.300", - "lastModified": "2024-11-15T21:35:08.870", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An invalid memory access when handling the ProtocolIE_ID field of E-RAB Modify Request messages in Athonet vEPC MME v11.4.0 allows attackers to cause a Denial of Service (DoS) to the cellular network by repeatedly initiating connections and sending a crafted payload." + }, + { + "lang": "es", + "value": "Un acceso a memoria no v\u00e1lido al manejar el campo ProtocolIE_ID de los mensajes de solicitud de modificaci\u00f3n de E-RAB en Athonet vEPC MME v11.4.0 permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a la red celular al iniciar conexiones repetidamente y enviar un payload manipulado." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-244xx/CVE-2024-24455.json b/CVE-2024/CVE-2024-244xx/CVE-2024-24455.json index d569b079410..0b9a096e582 100644 --- a/CVE-2024/CVE-2024-244xx/CVE-2024-24455.json +++ b/CVE-2024/CVE-2024-244xx/CVE-2024-24455.json @@ -2,13 +2,17 @@ "id": "CVE-2024-24455", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T20:15:19.403", - "lastModified": "2024-11-15T21:35:09.713", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An invalid memory access when handling a UE Context Release message containing an invalid UE identifier in Athonet vEPC MME v11.4.0 allows attackers to cause a Denial of Service (DoS) to the cellular network by repeatedly initiating connections and sending a crafted payload." + }, + { + "lang": "es", + "value": "Un acceso a memoria no v\u00e1lido al manejar un mensaje de liberaci\u00f3n de contexto de UE que contiene un identificador de UE no v\u00e1lido en Athonet vEPC MME v11.4.0 permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a la red celular iniciando conexiones repetidamente y enviando un payload manipulado." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-244xx/CVE-2024-24457.json b/CVE-2024/CVE-2024-244xx/CVE-2024-24457.json index 84592a5efdc..5b526b9c411 100644 --- a/CVE-2024/CVE-2024-244xx/CVE-2024-24457.json +++ b/CVE-2024/CVE-2024-244xx/CVE-2024-24457.json @@ -2,13 +2,17 @@ "id": "CVE-2024-24457", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T20:15:19.510", - "lastModified": "2024-11-15T21:35:10.550", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An invalid memory access when handling the ProtocolIE_ID field of E-RAB Setup List Context SURes messages in Athonet vEPC MME v11.4.0 allows attackers to cause a Denial of Service (DoS) to the cellular network by repeatedly initiating connections and sending a crafted payload." + }, + { + "lang": "es", + "value": "Un acceso a memoria no v\u00e1lido al manejar el campo ProtocolIE_ID de los mensajes SURes del contexto de lista de configuraci\u00f3n E-RAB en Athonet vEPC MME v11.4.0 permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a la red celular iniciando conexiones repetidamente y enviando un payload manipulado." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-244xx/CVE-2024-24458.json b/CVE-2024/CVE-2024-244xx/CVE-2024-24458.json index 257ddf9956a..761d083cea3 100644 --- a/CVE-2024/CVE-2024-244xx/CVE-2024-24458.json +++ b/CVE-2024/CVE-2024-244xx/CVE-2024-24458.json @@ -2,13 +2,17 @@ "id": "CVE-2024-24458", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T20:15:19.610", - "lastModified": "2024-11-15T21:35:11.383", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An invalid memory access when handling the ENB Configuration Transfer messages containing invalid PLMN Identities in Athonet vEPC MME v11.4.0 allows attackers to cause a Denial of Service (DoS) to the cellular network by repeatedly initiating connections and sending a crafted payload." + }, + { + "lang": "es", + "value": "Un acceso a memoria no v\u00e1lido al manejar mensajes de transferencia de configuraci\u00f3n de ENB que contienen identidades PLMN no v\u00e1lidas en Athonet vEPC MME v11.4.0 permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a la red celular al iniciar conexiones repetidamente y enviar un payload manipulado." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-244xx/CVE-2024-24459.json b/CVE-2024/CVE-2024-244xx/CVE-2024-24459.json index c5601d79bcb..5366528d7bf 100644 --- a/CVE-2024/CVE-2024-244xx/CVE-2024-24459.json +++ b/CVE-2024/CVE-2024-244xx/CVE-2024-24459.json @@ -2,13 +2,17 @@ "id": "CVE-2024-24459", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T20:15:19.703", - "lastModified": "2024-11-15T21:35:12.210", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An invalid memory access when handling the ProtocolIE_ID field of S1Setup Request messages in Athonet vEPC MME v11.4.0 allows attackers to cause a Denial of Service (DoS) to the cellular network by repeatedly initiating connections and sending a crafted payload." + }, + { + "lang": "es", + "value": "Un acceso a memoria no v\u00e1lido al manejar ProtocolIE_ID field of S1Setup Request messages in Athonet vEPC MME v11.4.0 permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a la red celular al iniciar conexiones repetidamente y enviar un payload manipulado." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-280xx/CVE-2024-28058.json b/CVE-2024/CVE-2024-280xx/CVE-2024-28058.json index a72c78f61fb..e55dbfd9412 100644 --- a/CVE-2024/CVE-2024-280xx/CVE-2024-28058.json +++ b/CVE-2024/CVE-2024-280xx/CVE-2024-28058.json @@ -2,13 +2,17 @@ "id": "CVE-2024-28058", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-18T15:15:05.843", - "lastModified": "2024-11-18T15:15:05.843", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In RSA NetWitness (NW) Platform before 12.5.1, even when an administrator revokes the access of a specific user with an active session, an internal threat actor could impersonate the revoked user and gain unauthorized access to sensitive data." + }, + { + "lang": "es", + "value": "RSA NetWitness (NW) Platform anterior a la versi\u00f3n 12.5.1, incluso cuando un administrador revoca el acceso de un usuario espec\u00edfico con una sesi\u00f3n activa, un actor de amenazas interno podr\u00eda hacerse pasar por el usuario revocado y obtener acceso no autorizado a datos confidenciales." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-33xx/CVE-2024-3334.json b/CVE-2024/CVE-2024-33xx/CVE-2024-3334.json index 02929f19482..e9fcf35884d 100644 --- a/CVE-2024/CVE-2024-33xx/CVE-2024-3334.json +++ b/CVE-2024/CVE-2024-33xx/CVE-2024-3334.json @@ -2,13 +2,17 @@ "id": "CVE-2024-3334", "sourceIdentifier": "df4dee71-de3a-4139-9588-11b62fe6c0ff", "published": "2024-11-15T20:15:19.910", - "lastModified": "2024-11-15T20:15:19.910", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A security bypass vulnerability exists in the Removable Media Encryption (RME)component of Digital Guardian Windows Agents prior to version 8.2.0. This allows a user to circumvent encryption controls by modifying metadata on the USB device thereby compromising the confidentiality of the stored data." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de omisi\u00f3n de seguridad en el componente de cifrado de medios extra\u00edbles (RME) de los agentes de Windows de Digital Guardian anteriores a la versi\u00f3n 8.2.0. Esto permite que un usuario eluda los controles de cifrado modificando los metadatos en el dispositivo USB, lo que pone en peligro la confidencialidad de los datos almacenados." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-33xx/CVE-2024-3370.json b/CVE-2024/CVE-2024-33xx/CVE-2024-3370.json index 890429629df..7a582c500fa 100644 --- a/CVE-2024/CVE-2024-33xx/CVE-2024-3370.json +++ b/CVE-2024/CVE-2024-33xx/CVE-2024-3370.json @@ -2,13 +2,17 @@ "id": "CVE-2024-3370", "sourceIdentifier": "iletisim@usom.gov.tr", "published": "2024-11-18T13:15:04.310", - "lastModified": "2024-11-18T15:35:10.060", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Egebilgi Software Website Template allows SQL Injection.This issue affects Website Template: before 29.04.2024." + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de elementos especiales utilizados en un comando SQL ('Inyecci\u00f3n SQL') en Egebilgi Software Website Template permite la inyecci\u00f3n SQL. Este problema afecta a la plantilla de sitio web: antes del 29.04.2024." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-371xx/CVE-2024-37155.json b/CVE-2024/CVE-2024-371xx/CVE-2024-37155.json index aede75ac66d..499b42f9346 100644 --- a/CVE-2024/CVE-2024-371xx/CVE-2024-37155.json +++ b/CVE-2024/CVE-2024-371xx/CVE-2024-37155.json @@ -2,13 +2,17 @@ "id": "CVE-2024-37155", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-18T15:15:06.210", - "lastModified": "2024-11-18T15:15:06.210", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "OpenCTI is an open source platform allowing organizations to manage their cyber threat intelligence knowledge and observables. Prior to version 6.1.9, the regex validation used to prevent Introspection queries can be bypassed by removing the extra whitespace, carriage return, and line feed characters from the query. GraphQL Queries in OpenCTI can be validated using the `secureIntrospectionPlugin`. The regex check in the plkugin can be bypassed by removing the carriage return and line feed characters (`\\r\\n`). Running a curl command against a local instance of OpenCTI will result in a limited error message. By running the same Introspection query without the `\\r\\n` characters, the unauthenticated user is able to successfully run a full Introspection query. Bypassing this restriction allows the attacker to gather a wealth of information about the GraphQL endpoint functionality that can be used to perform actions and/or read data without authorization. These queries can also be weaponized to conduct a Denial of Service (DoS) attack if sent repeatedly. Users should upgrade to version 6.1.9 to receive a patch for the issue." + }, + { + "lang": "es", + "value": "OpenCTI es una plataforma de c\u00f3digo abierto que permite a las organizaciones gestionar su conocimiento y observables de inteligencia sobre amenazas cibern\u00e9ticas. Antes de la versi\u00f3n 6.1.9, la validaci\u00f3n de expresiones regulares utilizada para evitar las consultas de introspecci\u00f3n se puede omitir eliminando los espacios en blanco adicionales, los retornos de carro y los caracteres de avance de l\u00ednea de la consulta. Las consultas GraphQL en OpenCTI se pueden validar utilizando `secureIntrospectionPlugin`. La comprobaci\u00f3n de expresiones regulares en plkugin se puede omitir eliminando los caracteres de retorno de carro y avance de l\u00ednea (`\\r\\n`). La ejecuci\u00f3n de un comando curl contra una instancia local de OpenCTI dar\u00e1 como resultado un mensaje de error limitado. Al ejecutar la misma consulta de introspecci\u00f3n sin los caracteres `\\r\\n`, el usuario no autenticado puede ejecutar con \u00e9xito una consulta de introspecci\u00f3n completa. Omitir esta restricci\u00f3n permite al atacante recopilar una gran cantidad de informaci\u00f3n sobre la funcionalidad del punto final de GraphQL que se puede utilizar para realizar acciones o leer datos sin autorizaci\u00f3n. Estas consultas tambi\u00e9n pueden utilizarse como arma para llevar a cabo un ataque de denegaci\u00f3n de servicio (DoS) si se env\u00edan repetidamente. Los usuarios deben actualizar a la versi\u00f3n 6.1.9 para recibir un parche para solucionar el problema." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-382xx/CVE-2024-38203.json b/CVE-2024/CVE-2024-382xx/CVE-2024-38203.json index 8f424ddbf99..8a884dbb0f2 100644 --- a/CVE-2024/CVE-2024-382xx/CVE-2024-38203.json +++ b/CVE-2024/CVE-2024-382xx/CVE-2024-38203.json @@ -2,8 +2,8 @@ "id": "CVE-2024-38203", "sourceIdentifier": "secure@microsoft.com", "published": "2024-11-12T18:15:20.720", - "lastModified": "2024-11-13T17:01:58.603", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-18T18:23:07.743", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -18,8 +18,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, + { + "source": "secure@microsoft.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", @@ -41,8 +61,18 @@ }, "weaknesses": [ { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, + { + "source": "secure@microsoft.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +81,189 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.10240.20826", + "matchCriteriaId": "94D57126-EC8D-4898-A5FE-D7EB6463B634" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.10240.20826", + "matchCriteriaId": "54AA8A1F-0EAD-406A-A4AF-B86C316D1089" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.14393.7515", + "matchCriteriaId": "86F8F1B2-C206-4CD6-83C6-C450329CEE10" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.14393.7515", + "matchCriteriaId": "FCBE6103-075E-4841-836D-4E0D630E99FF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.17763.6532", + "matchCriteriaId": "81C732A1-CC0F-4633-B00D-473869E77DB9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.17763.6532", + "matchCriteriaId": "AF9C20B8-CB5E-46C9-B041-D6A42C26703B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.19044.5131", + "matchCriteriaId": "71AD0B79-C3EF-4E13-AB04-D5FAEABA6954" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.19044.5131", + "matchCriteriaId": "B35413A3-DE3B-4E35-AB48-C6D5D138AC07" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.19044.5131", + "matchCriteriaId": "D0558F5F-A561-41E9-9242-7F4A5D924479" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.19045.5131", + "matchCriteriaId": "EA243DE7-EDB1-43DA-AD7E-541843DECB58" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.19045.5131", + "matchCriteriaId": "5D428E06-FC7C-4151-9582-D66D05D7AFE6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.19045.5131", + "matchCriteriaId": "FB49C811-F4D7-46EB-9ED6-50CB3EAAAD90" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.22621.4460", + "matchCriteriaId": "04BC0915-6F14-4D7A-951F-83CBAB47C3C4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.22621.4460", + "matchCriteriaId": "8A16CFCB-D002-4F63-B568-9D14ACE88E94" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.22631.4460", + "matchCriteriaId": "B8FE14E5-7226-43CA-A57E-A81636185AD4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.22631.4460", + "matchCriteriaId": "97507261-3969-4EBF-BCED-93FBADCBB6DC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.26100.2314", + "matchCriteriaId": "D32C04CA-E5BE-47CA-AF79-B39859288531" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.26100.2314", + "matchCriteriaId": "40A6B92E-21C6-4BDD-BA57-DC227FF0F998" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", + "matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*", + "matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.7515", + "matchCriteriaId": "82E3AC46-9D0D-4381-93EE-FE87C212040A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.6532", + "matchCriteriaId": "A43E1F6C-B2A7-4DEC-B4EC-04153746C42B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.20348.2849", + "matchCriteriaId": "38D9CE84-B85F-42B0-959D-A390427A1641" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.25398.1251", + "matchCriteriaId": "A549BD98-3DE2-4EF3-A579-12AFCB764975" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.26100.2314", + "matchCriteriaId": "4F17FD7F-254D-4EE6-9D22-468E76D9B054" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38203", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-383xx/CVE-2024-38370.json b/CVE-2024/CVE-2024-383xx/CVE-2024-38370.json index a9ff6f40e4d..5fb289d05e0 100644 --- a/CVE-2024/CVE-2024-383xx/CVE-2024-38370.json +++ b/CVE-2024/CVE-2024-383xx/CVE-2024-38370.json @@ -2,13 +2,17 @@ "id": "CVE-2024-38370", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T22:15:15.317", - "lastModified": "2024-11-15T22:15:15.317", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "GLPI is a free asset and IT management software package. Starting in 9.2.0 and prior to 11.0.0, it is possible to download a document from the API without appropriate rights. Upgrade to 10.0.16." + }, + { + "lang": "es", + "value": "GLPI es un paquete de software gratuito de gesti\u00f3n de activos y TI. A partir de la versi\u00f3n 9.2.0 y anteriores a la 11.0.0, es posible descargar un documento desde la API sin los derechos correspondientes. Actualice a la versi\u00f3n 10.0.16." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-388xx/CVE-2024-38828.json b/CVE-2024/CVE-2024-388xx/CVE-2024-38828.json index ab2fbd70b1a..54fbe8c5a79 100644 --- a/CVE-2024/CVE-2024-388xx/CVE-2024-38828.json +++ b/CVE-2024/CVE-2024-388xx/CVE-2024-38828.json @@ -2,13 +2,17 @@ "id": "CVE-2024-38828", "sourceIdentifier": "security@vmware.com", "published": "2024-11-18T04:15:04.233", - "lastModified": "2024-11-18T04:15:04.233", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Spring MVC controller methods with an @RequestBody byte[]\u00a0method parameter are vulnerable to a DoS attack." + }, + { + "lang": "es", + "value": "Los m\u00e9todos del controlador Spring MVC con un par\u00e1metro de m\u00e9todo byte[] @RequestBody son vulnerables a un ataque DoS." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-397xx/CVE-2024-39726.json b/CVE-2024/CVE-2024-397xx/CVE-2024-39726.json index e158bdd1e6c..375f8bbf869 100644 --- a/CVE-2024/CVE-2024-397xx/CVE-2024-39726.json +++ b/CVE-2024/CVE-2024-397xx/CVE-2024-39726.json @@ -2,13 +2,17 @@ "id": "CVE-2024-39726", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-11-15T17:15:19.983", - "lastModified": "2024-11-15T17:15:19.983", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources." + }, + { + "lang": "es", + "value": "IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 y 7.0.3 es vulnerable a un ataque de inyecci\u00f3n de entidad externa XML (XXE) al procesar datos XML. Un atacante remoto podr\u00eda aprovechar esta vulnerabilidad para exponer informaci\u00f3n confidencial o consumir recursos de memoria." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-406xx/CVE-2024-40638.json b/CVE-2024/CVE-2024-406xx/CVE-2024-40638.json index d3f6ff3b1fe..336c7e3c42a 100644 --- a/CVE-2024/CVE-2024-406xx/CVE-2024-40638.json +++ b/CVE-2024/CVE-2024-406xx/CVE-2024-40638.json @@ -2,13 +2,17 @@ "id": "CVE-2024-40638", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T18:15:27.457", - "lastModified": "2024-11-15T18:15:27.457", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "GLPI is a free asset and IT management software package. An authenticated user can exploit multiple SQL injection vulnerabilities. One of them can be used to alter another user account data and take control of it. Upgrade to 10.0.17." + }, + { + "lang": "es", + "value": "GLPI es un paquete de software gratuito de gesti\u00f3n de activos y TI. Un usuario autenticado puede explotar m\u00faltiples vulnerabilidades de inyecci\u00f3n SQL. Una de ellas puede utilizarse para alterar los datos de la cuenta de otro usuario y tomar el control de esta. Actualice a la versi\u00f3n 10.0.17." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-411xx/CVE-2024-41151.json b/CVE-2024/CVE-2024-411xx/CVE-2024-41151.json index c536da57055..e4a29951e11 100644 --- a/CVE-2024/CVE-2024-411xx/CVE-2024-41151.json +++ b/CVE-2024/CVE-2024-411xx/CVE-2024-41151.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41151", "sourceIdentifier": "security@apache.org", "published": "2024-11-18T09:15:05.010", - "lastModified": "2024-11-18T15:35:10.290", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Deserialization of Untrusted Data vulnerability in Apache HertzBeat.\n\nThis vulnerability can only be exploited by authorized attackers.\n\n\nThis issue affects Apache HertzBeat: before 1.6.1.\n\nUsers are recommended to upgrade to version 1.6.1, which fixes the issue." + }, + { + "lang": "es", + "value": "Vulnerabilidad de deserializaci\u00f3n de datos no confiables en Apache HertzBeat. Esta vulnerabilidad solo puede ser explotada por atacantes autorizados. Este problema afecta a Apache HertzBeat: versiones anteriores a 1.6.1. Se recomienda a los usuarios que actualicen a la versi\u00f3n 1.6.1, que soluciona el problema." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-416xx/CVE-2024-41678.json b/CVE-2024/CVE-2024-416xx/CVE-2024-41678.json index 59291c08158..511a3b08ecc 100644 --- a/CVE-2024/CVE-2024-416xx/CVE-2024-41678.json +++ b/CVE-2024/CVE-2024-416xx/CVE-2024-41678.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41678", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T18:15:27.720", - "lastModified": "2024-11-15T18:15:27.720", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "GLPI is a free asset and IT management software package. An unauthenticated user can provide a malicious link to a GLPI technician in order to exploit a reflected XSS vulnerability. Upgrade to 10.0.17." + }, + { + "lang": "es", + "value": "GLPI es un paquete de software gratuito de gesti\u00f3n de activos y TI. Un usuario no autenticado puede proporcionar un enlace malicioso a un t\u00e9cnico de GLPI para explotar una vulnerabilidad XSS reflejado. Actualice a la versi\u00f3n 10.0.17." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-416xx/CVE-2024-41679.json b/CVE-2024/CVE-2024-416xx/CVE-2024-41679.json index 7a7ce1db3fd..94ddb03c6d0 100644 --- a/CVE-2024/CVE-2024-416xx/CVE-2024-41679.json +++ b/CVE-2024/CVE-2024-416xx/CVE-2024-41679.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41679", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T19:15:06.527", - "lastModified": "2024-11-15T19:15:06.527", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "GLPI is a free asset and IT management software package. An authenticated user can exploit a SQL injection vulnerability from the ticket form. Upgrade to 10.0.17." + }, + { + "lang": "es", + "value": "GLPI es un paquete de software gratuito de gesti\u00f3n de activos y TI. Un usuario autenticado puede aprovechar una vulnerabilidad de inyecci\u00f3n SQL desde el formulario de tickets. Actualice a la versi\u00f3n 10.0.17." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-417xx/CVE-2024-41784.json b/CVE-2024/CVE-2024-417xx/CVE-2024-41784.json index b6d8f01f95b..20c54676120 100644 --- a/CVE-2024/CVE-2024-417xx/CVE-2024-41784.json +++ b/CVE-2024/CVE-2024-417xx/CVE-2024-41784.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41784", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-11-15T16:15:34.240", - "lastModified": "2024-11-15T16:15:34.240", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, and 6.1.0.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing \"dot dot dot\" sequences (/.../) to view arbitrary files on the system." + }, + { + "lang": "es", + "value": "IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3 y 6.1.0.0 podr\u00eda permitir que un atacante remoto recorra directorios en el sistema. Un atacante podr\u00eda enviar una solicitud de URL especialmente manipulada que contenga secuencias \"punto punto punto\" (/.../) para ver archivos arbitrarios en el sistema." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-417xx/CVE-2024-41785.json b/CVE-2024/CVE-2024-417xx/CVE-2024-41785.json index 832620224bf..0c13baa5823 100644 --- a/CVE-2024/CVE-2024-417xx/CVE-2024-41785.json +++ b/CVE-2024/CVE-2024-417xx/CVE-2024-41785.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41785", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-11-15T15:15:07.047", - "lastModified": "2024-11-15T15:15:07.047", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM Concert Software 1.0.0 through 1.0.1 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session." + }, + { + "lang": "es", + "value": "IBM Concert Software 1.0.0 a 1.0.1 es vulnerable a ataques de cross site scripting. Esta vulnerabilidad permite a un atacante no autenticado insertar c\u00f3digo JavaScript arbitrario en la interfaz de usuario web, alterando as\u00ed la funcionalidad prevista y pudiendo provocar la divulgaci\u00f3n de credenciales dentro de una sesi\u00f3n de confianza." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-419xx/CVE-2024-41967.json b/CVE-2024/CVE-2024-419xx/CVE-2024-41967.json index 45d50ce48ae..43be51b747a 100644 --- a/CVE-2024/CVE-2024-419xx/CVE-2024-41967.json +++ b/CVE-2024/CVE-2024-419xx/CVE-2024-41967.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41967", "sourceIdentifier": "info@cert.vde.com", "published": "2024-11-18T09:15:05.150", - "lastModified": "2024-11-18T09:15:05.150", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A low privileged remote attacker\u00a0may modify the boot mode configuration setup of the device, leading to modification of the firmware upgrade process or a denial-of-service attack." + }, + { + "lang": "es", + "value": "Un atacante remoto con pocos privilegios puede modificar la configuraci\u00f3n del modo de arranque del dispositivo, lo que provocar\u00eda una modificaci\u00f3n del proceso de actualizaci\u00f3n del firmware o un ataque de denegaci\u00f3n de servicio." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-419xx/CVE-2024-41968.json b/CVE-2024/CVE-2024-419xx/CVE-2024-41968.json index 06bb304fcf8..80260463bae 100644 --- a/CVE-2024/CVE-2024-419xx/CVE-2024-41968.json +++ b/CVE-2024/CVE-2024-419xx/CVE-2024-41968.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41968", "sourceIdentifier": "info@cert.vde.com", "published": "2024-11-18T09:15:05.410", - "lastModified": "2024-11-18T09:15:05.410", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A low privileged remote attacker may modify the docker settings setup of the device, leading to a limited DoS." + }, + { + "lang": "es", + "value": "Un atacante remoto con pocos privilegios puede modificar la configuraci\u00f3n de Docker del dispositivo, lo que genera un DoS limitado." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-419xx/CVE-2024-41969.json b/CVE-2024/CVE-2024-419xx/CVE-2024-41969.json index 981222941ad..11fb6d5001e 100644 --- a/CVE-2024/CVE-2024-419xx/CVE-2024-41969.json +++ b/CVE-2024/CVE-2024-419xx/CVE-2024-41969.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41969", "sourceIdentifier": "info@cert.vde.com", "published": "2024-11-18T09:15:05.637", - "lastModified": "2024-11-18T09:15:05.637", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A low privileged remote attacker may\u00a0modify the configuration of the CODESYS V3 service through a missing authentication vulnerability which could lead to full system access and/or DoS." + }, + { + "lang": "es", + "value": "Un atacante remoto con pocos privilegios puede modificar la configuraci\u00f3n del servicio CODESYS V3 a trav\u00e9s de una vulnerabilidad de autenticaci\u00f3n faltante, lo que podr\u00eda provocar acceso total al sistema y/o DoS." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-419xx/CVE-2024-41970.json b/CVE-2024/CVE-2024-419xx/CVE-2024-41970.json index 2755b127909..43fb988e3f7 100644 --- a/CVE-2024/CVE-2024-419xx/CVE-2024-41970.json +++ b/CVE-2024/CVE-2024-419xx/CVE-2024-41970.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41970", "sourceIdentifier": "info@cert.vde.com", "published": "2024-11-18T10:15:05.487", - "lastModified": "2024-11-18T10:15:05.487", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A low privileged remote attacker\u00a0may gain access to forbidden diagnostic data due to incorrect permission assignment for critical resources." + }, + { + "lang": "es", + "value": "Un atacante remoto con pocos privilegios puede obtener acceso a datos de diagn\u00f3stico prohibidos debido a una asignaci\u00f3n incorrecta de permisos para recursos cr\u00edticos." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-419xx/CVE-2024-41971.json b/CVE-2024/CVE-2024-419xx/CVE-2024-41971.json index 161dcef5e7d..e983b6e3481 100644 --- a/CVE-2024/CVE-2024-419xx/CVE-2024-41971.json +++ b/CVE-2024/CVE-2024-419xx/CVE-2024-41971.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41971", "sourceIdentifier": "info@cert.vde.com", "published": "2024-11-18T10:15:05.750", - "lastModified": "2024-11-18T10:15:05.750", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A low privileged remote attacker can overwrite an arbitrary file on the filesystem leading to a DoS and data loss." + }, + { + "lang": "es", + "value": "Un atacante remoto con pocos privilegios puede sobrescribir un archivo arbitrario en el sistema de archivos, lo que provoca un ataque de denegaci\u00f3n de servicio (DoS) y p\u00e9rdida de datos." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-419xx/CVE-2024-41972.json b/CVE-2024/CVE-2024-419xx/CVE-2024-41972.json index fa28fc8e37e..67c5b9de1d4 100644 --- a/CVE-2024/CVE-2024-419xx/CVE-2024-41972.json +++ b/CVE-2024/CVE-2024-419xx/CVE-2024-41972.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41972", "sourceIdentifier": "info@cert.vde.com", "published": "2024-11-18T10:15:05.967", - "lastModified": "2024-11-18T10:15:05.967", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A low privileged remote attacker can\u00a0overwrite an arbitrary file on the filesystem which\u00a0may lead to an arbitrary file read with root privileges." + }, + { + "lang": "es", + "value": "Un atacante remoto con pocos privilegios puede sobrescribir un archivo arbitrario en el sistema de archivos, lo que puede provocar la lectura de un archivo arbitrario con privilegios de superusuario." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-419xx/CVE-2024-41973.json b/CVE-2024/CVE-2024-419xx/CVE-2024-41973.json index f03451b6016..29e8fcc215a 100644 --- a/CVE-2024/CVE-2024-419xx/CVE-2024-41973.json +++ b/CVE-2024/CVE-2024-419xx/CVE-2024-41973.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41973", "sourceIdentifier": "info@cert.vde.com", "published": "2024-11-18T10:15:06.213", - "lastModified": "2024-11-18T10:15:06.213", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A low privileged remote attacker can\u00a0specify an arbitrary file on the filesystem which\u00a0may lead to an arbitrary file writes with root privileges." + }, + { + "lang": "es", + "value": "Un atacante remoto con pocos privilegios puede especificar un archivo arbitrario en el sistema de archivos, lo que puede provocar escrituras de archivos arbitrarias con privilegios de superusuario." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-419xx/CVE-2024-41974.json b/CVE-2024/CVE-2024-419xx/CVE-2024-41974.json index 69d59341476..558dce7757f 100644 --- a/CVE-2024/CVE-2024-419xx/CVE-2024-41974.json +++ b/CVE-2024/CVE-2024-419xx/CVE-2024-41974.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41974", "sourceIdentifier": "info@cert.vde.com", "published": "2024-11-18T10:15:06.447", - "lastModified": "2024-11-18T10:15:06.447", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A low privileged remote attacker\u00a0may modify the BACNet service properties due to incorrect permission assignment for critical resources which may lead to a DoS limited to BACNet communication." + }, + { + "lang": "es", + "value": "Un atacante remoto con pocos privilegios puede modificar las propiedades del servicio BACNet debido a una asignaci\u00f3n incorrecta de permisos para recursos cr\u00edticos, lo que puede provocar un DoS limitado a la comunicaci\u00f3n BACNet." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-423xx/CVE-2024-42383.json b/CVE-2024/CVE-2024-423xx/CVE-2024-42383.json index 07c769a3735..5a9f547e8df 100644 --- a/CVE-2024/CVE-2024-423xx/CVE-2024-42383.json +++ b/CVE-2024/CVE-2024-423xx/CVE-2024-42383.json @@ -2,13 +2,17 @@ "id": "CVE-2024-42383", "sourceIdentifier": "prodsec@nozominetworks.com", "published": "2024-11-18T10:15:06.667", - "lastModified": "2024-11-18T10:15:06.667", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows to write a NULL byte value beyond the memory space dedicated for the hostname field." + }, + { + "lang": "es", + "value": "El uso de la vulnerabilidad de desplazamiento de puntero fuera de rango en Cesanta Mongoose Web Server v7.14 permite escribir un valor de byte NULL m\u00e1s all\u00e1 del espacio de memoria dedicado para el campo de nombre de host." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-423xx/CVE-2024-42384.json b/CVE-2024/CVE-2024-423xx/CVE-2024-42384.json index 75f87e48922..a60c904b362 100644 --- a/CVE-2024/CVE-2024-423xx/CVE-2024-42384.json +++ b/CVE-2024/CVE-2024-423xx/CVE-2024-42384.json @@ -2,13 +2,17 @@ "id": "CVE-2024-42384", "sourceIdentifier": "prodsec@nozominetworks.com", "published": "2024-11-18T10:15:06.943", - "lastModified": "2024-11-18T10:15:06.943", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Integer Overflow or Wraparound vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and produce a segmentation fault on the application." + }, + { + "lang": "es", + "value": "La vulnerabilidad de desbordamiento de enteros o envoltura en Cesanta Mongoose Web Server v7.14 permite a un atacante enviar un paquete TLS inesperado y producir una falla de segmentaci\u00f3n en la aplicaci\u00f3n." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-423xx/CVE-2024-42385.json b/CVE-2024/CVE-2024-423xx/CVE-2024-42385.json index bde101f8e28..308e0c07b08 100644 --- a/CVE-2024/CVE-2024-423xx/CVE-2024-42385.json +++ b/CVE-2024/CVE-2024-423xx/CVE-2024-42385.json @@ -2,13 +2,17 @@ "id": "CVE-2024-42385", "sourceIdentifier": "prodsec@nozominetworks.com", "published": "2024-11-18T10:15:07.187", - "lastModified": "2024-11-18T10:15:07.187", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Delimiters vulnerability in Cesanta Mongoose Web Server v7.14 allows to trigger an out-of-bound memory write if the PEM certificate contains unexpected characters." + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de delimitadores en Cesanta Mongoose Web Server v7.14 permite activar una escritura en memoria fuera de los l\u00edmites si el certificado PEM contiene caracteres inesperados." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-423xx/CVE-2024-42386.json b/CVE-2024/CVE-2024-423xx/CVE-2024-42386.json index 29806cf8797..c9df1282b0c 100644 --- a/CVE-2024/CVE-2024-423xx/CVE-2024-42386.json +++ b/CVE-2024/CVE-2024-423xx/CVE-2024-42386.json @@ -2,13 +2,17 @@ "id": "CVE-2024-42386", "sourceIdentifier": "prodsec@nozominetworks.com", "published": "2024-11-18T10:15:07.427", - "lastModified": "2024-11-18T10:15:07.427", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and produce a segmentation fault on the application." + }, + { + "lang": "es", + "value": "El uso de la vulnerabilidad de desplazamiento de puntero fuera de rango en Cesanta Mongoose Web Server v7.14 permite a un atacante enviar un paquete TLS inesperado y producir una falla de segmentaci\u00f3n en la aplicaci\u00f3n." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-423xx/CVE-2024-42387.json b/CVE-2024/CVE-2024-423xx/CVE-2024-42387.json index 40915d90d9c..c0f5b11897a 100644 --- a/CVE-2024/CVE-2024-423xx/CVE-2024-42387.json +++ b/CVE-2024/CVE-2024-423xx/CVE-2024-42387.json @@ -2,13 +2,17 @@ "id": "CVE-2024-42387", "sourceIdentifier": "prodsec@nozominetworks.com", "published": "2024-11-18T10:15:07.647", - "lastModified": "2024-11-18T10:15:07.647", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space." + }, + { + "lang": "es", + "value": "El uso de la vulnerabilidad de desplazamiento de puntero fuera de rango en Cesanta Mongoose Web Server v7.14 permite a un atacante enviar un paquete TLS inesperado y obligar a la aplicaci\u00f3n a leer un espacio de memoria de mont\u00f3n no deseado." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-423xx/CVE-2024-42388.json b/CVE-2024/CVE-2024-423xx/CVE-2024-42388.json index bdea9579466..af537cb0f1f 100644 --- a/CVE-2024/CVE-2024-423xx/CVE-2024-42388.json +++ b/CVE-2024/CVE-2024-423xx/CVE-2024-42388.json @@ -2,13 +2,17 @@ "id": "CVE-2024-42388", "sourceIdentifier": "prodsec@nozominetworks.com", "published": "2024-11-18T10:15:07.873", - "lastModified": "2024-11-18T10:15:07.873", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space." + }, + { + "lang": "es", + "value": "El uso de la vulnerabilidad de desplazamiento de puntero fuera de rango en Cesanta Mongoose Web Server v7.14 permite a un atacante enviar un paquete TLS inesperado y obligar a la aplicaci\u00f3n a leer un espacio de memoria de mont\u00f3n no deseado." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-423xx/CVE-2024-42389.json b/CVE-2024/CVE-2024-423xx/CVE-2024-42389.json index 8a16349e330..88db297a05a 100644 --- a/CVE-2024/CVE-2024-423xx/CVE-2024-42389.json +++ b/CVE-2024/CVE-2024-423xx/CVE-2024-42389.json @@ -2,13 +2,17 @@ "id": "CVE-2024-42389", "sourceIdentifier": "prodsec@nozominetworks.com", "published": "2024-11-18T10:15:08.090", - "lastModified": "2024-11-18T10:15:08.090", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space." + }, + { + "lang": "es", + "value": "El uso de la vulnerabilidad de desplazamiento de puntero fuera de rango en Cesanta Mongoose Web Server v7.14 permite a un atacante enviar un paquete TLS inesperado y obligar a la aplicaci\u00f3n a leer un espacio de memoria de mont\u00f3n no deseado." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-423xx/CVE-2024-42390.json b/CVE-2024/CVE-2024-423xx/CVE-2024-42390.json index d641ee697d6..54f2529a96f 100644 --- a/CVE-2024/CVE-2024-423xx/CVE-2024-42390.json +++ b/CVE-2024/CVE-2024-423xx/CVE-2024-42390.json @@ -2,13 +2,17 @@ "id": "CVE-2024-42390", "sourceIdentifier": "prodsec@nozominetworks.com", "published": "2024-11-18T10:15:08.307", - "lastModified": "2024-11-18T10:15:08.307", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space." + }, + { + "lang": "es", + "value": "El uso de la vulnerabilidad de desplazamiento de puntero fuera de rango en Cesanta Mongoose Web Server v7.14 permite a un atacante enviar un paquete TLS inesperado y obligar a la aplicaci\u00f3n a leer un espacio de memoria de mont\u00f3n no deseado." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-423xx/CVE-2024-42391.json b/CVE-2024/CVE-2024-423xx/CVE-2024-42391.json index 8cbeecb718f..545ac94a303 100644 --- a/CVE-2024/CVE-2024-423xx/CVE-2024-42391.json +++ b/CVE-2024/CVE-2024-423xx/CVE-2024-42391.json @@ -2,13 +2,17 @@ "id": "CVE-2024-42391", "sourceIdentifier": "prodsec@nozominetworks.com", "published": "2024-11-18T10:15:08.540", - "lastModified": "2024-11-18T10:15:08.540", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space." + }, + { + "lang": "es", + "value": "El uso de la vulnerabilidad de desplazamiento de puntero fuera de rango en Cesanta Mongoose Web Server v7.14 permite a un atacante enviar un paquete TLS inesperado y obligar a la aplicaci\u00f3n a leer un espacio de memoria de mont\u00f3n no deseado." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-423xx/CVE-2024-42392.json b/CVE-2024/CVE-2024-423xx/CVE-2024-42392.json index 5023df158cc..21ee27b6277 100644 --- a/CVE-2024/CVE-2024-423xx/CVE-2024-42392.json +++ b/CVE-2024/CVE-2024-423xx/CVE-2024-42392.json @@ -2,13 +2,17 @@ "id": "CVE-2024-42392", "sourceIdentifier": "prodsec@nozominetworks.com", "published": "2024-11-18T10:15:08.753", - "lastModified": "2024-11-18T10:15:08.753", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Delimiters vulnerability in Cesanta Mongoose Web Server v7.14 allows to trigger an infinite loop bug if the input string contains unexpected characters." + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de delimitadores en Cesanta Mongoose Web Server v7.14 permite desencadenar un error de bucle infinito si la cadena de entrada contiene caracteres inesperados." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-426xx/CVE-2024-42677.json b/CVE-2024/CVE-2024-426xx/CVE-2024-42677.json index b2056a601f9..a3004275405 100644 --- a/CVE-2024/CVE-2024-426xx/CVE-2024-42677.json +++ b/CVE-2024/CVE-2024-426xx/CVE-2024-42677.json @@ -2,7 +2,7 @@ "id": "CVE-2024-42677", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-15T14:15:10.813", - "lastModified": "2024-10-30T20:35:26.493", + "lastModified": "2024-11-18T17:15:11.133", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -100,6 +100,10 @@ } ], "references": [ + { + "url": "https://github.com/WarmBrew/web_vul/blob/main/CVES/CVE-2024-42677.md", + "source": "cve@mitre.org" + }, { "url": "https://github.com/WarmBrew/web_vul/blob/main/HZ-cve/HZlfi.md", "source": "cve@mitre.org", diff --git a/CVE-2024/CVE-2024-426xx/CVE-2024-42678.json b/CVE-2024/CVE-2024-426xx/CVE-2024-42678.json index a0029bff5d0..53b93b10729 100644 --- a/CVE-2024/CVE-2024-426xx/CVE-2024-42678.json +++ b/CVE-2024/CVE-2024-426xx/CVE-2024-42678.json @@ -2,8 +2,8 @@ "id": "CVE-2024-42678", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-15T14:15:10.910", - "lastModified": "2024-08-19T16:06:36.343", - "vulnStatus": "Analyzed", + "lastModified": "2024-11-18T18:15:06.070", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -100,6 +100,10 @@ } ], "references": [ + { + "url": "https://github.com/WarmBrew/web_vul/blob/main/CVES/CVE-2024-42678.md", + "source": "cve@mitre.org" + }, { "url": "https://github.com/WarmBrew/web_vul/blob/main/CYGLXT/CYxss.md", "source": "cve@mitre.org", diff --git a/CVE-2024/CVE-2024-431xx/CVE-2024-43189.json b/CVE-2024/CVE-2024-431xx/CVE-2024-43189.json index bd1c9d0d7e0..5bd11f75332 100644 --- a/CVE-2024/CVE-2024-431xx/CVE-2024-43189.json +++ b/CVE-2024/CVE-2024-431xx/CVE-2024-43189.json @@ -2,13 +2,17 @@ "id": "CVE-2024-43189", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-11-15T15:15:07.307", - "lastModified": "2024-11-15T15:15:07.307", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM Concert Software 1.0.0 through 1.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques." + }, + { + "lang": "es", + "value": "IBM Concert Software 1.0.0 a 1.0.1 podr\u00eda permitir que un atacante remoto obtenga informaci\u00f3n confidencial, debido a la falla en la habilitaci\u00f3n correcta de HTTP Strict Transport Security. Un atacante podr\u00eda aprovechar esta vulnerabilidad para obtener informaci\u00f3n confidencial mediante t\u00e9cnicas de intermediario." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-434xx/CVE-2024-43416.json b/CVE-2024/CVE-2024-434xx/CVE-2024-43416.json new file mode 100644 index 00000000000..7825b45defa --- /dev/null +++ b/CVE-2024/CVE-2024-434xx/CVE-2024-43416.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-43416", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-11-18T17:15:11.220", + "lastModified": "2024-11-18T17:15:11.220", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "GLPI is a free asset and IT management software package. Starting in version 0.80 and prior to version 10.0.17, an unauthenticated user can use an application endpoint to check if an email address corresponds to a valid GLPI user. Version 10.0.17 fixes the issue." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/glpi-project/glpi/commit/9be1466053f829680db318f7e7e5880d2d789c6d", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/glpi-project/glpi/security/advisories/GHSA-j8gc-xpgr-2ww7", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-434xx/CVE-2024-43417.json b/CVE-2024/CVE-2024-434xx/CVE-2024-43417.json index 233a6a65738..de9ef0eb570 100644 --- a/CVE-2024/CVE-2024-434xx/CVE-2024-43417.json +++ b/CVE-2024/CVE-2024-434xx/CVE-2024-43417.json @@ -2,13 +2,17 @@ "id": "CVE-2024-43417", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T19:15:06.737", - "lastModified": "2024-11-15T19:15:06.737", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "GLPI is a free asset and IT management software package. An unauthenticated user can provide a malicious link to a GLPI technician in order to exploit a reflected XSS vulnerability located in the Software form. Upgrade to 10.0.17." + }, + { + "lang": "es", + "value": "GLPI es un paquete de software gratuito de gesti\u00f3n de activos y TI. Un usuario no autenticado puede proporcionar un enlace malicioso a un t\u00e9cnico de GLPI para explotar una vulnerabilidad XSS reflejado ubicada en el formulario del software. Actualice a la versi\u00f3n 10.0.17." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-434xx/CVE-2024-43418.json b/CVE-2024/CVE-2024-434xx/CVE-2024-43418.json index b5d25395f7f..f0876ad30bc 100644 --- a/CVE-2024/CVE-2024-434xx/CVE-2024-43418.json +++ b/CVE-2024/CVE-2024-434xx/CVE-2024-43418.json @@ -2,13 +2,17 @@ "id": "CVE-2024-43418", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T19:15:06.940", - "lastModified": "2024-11-15T19:15:06.940", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "GLPI is a free asset and IT management software package. An unauthenticated user can provide a malicious link to a GLPI technician in order to exploit a reflected XSS vulnerability. Upgrade to 10.0.17." + }, + { + "lang": "es", + "value": "GLPI es un paquete de software gratuito de gesti\u00f3n de activos y TI. Un usuario no autenticado puede proporcionar un enlace malicioso a un t\u00e9cnico de GLPI para explotar una vulnerabilidad XSS reflejado. Actualice a la versi\u00f3n 10.0.17." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43704.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43704.json index e3ef505a09f..47f0a480a8d 100644 --- a/CVE-2024/CVE-2024-437xx/CVE-2024-43704.json +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43704.json @@ -2,13 +2,17 @@ "id": "CVE-2024-43704", "sourceIdentifier": "367425dc-4d06-4041-9650-c2dc6aaa27ce", "published": "2024-11-18T05:15:04.687", - "lastModified": "2024-11-18T14:35:02.840", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Software installed and run as a non-privileged user may conduct improper GPU system calls to gain access to the graphics buffers of a parent process." + }, + { + "lang": "es", + "value": "El software instalado y ejecutado como un usuario sin privilegios puede realizar llamadas al sistema de GPU indebidas para obtener acceso a los b\u00faferes de gr\u00e1ficos de un proceso principal." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-446xx/CVE-2024-44625.json b/CVE-2024/CVE-2024-446xx/CVE-2024-44625.json index 459fcddf80c..03635563fca 100644 --- a/CVE-2024/CVE-2024-446xx/CVE-2024-44625.json +++ b/CVE-2024/CVE-2024-446xx/CVE-2024-44625.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44625", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T17:15:20.260", - "lastModified": "2024-11-15T17:15:20.260", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Gogs <=0.13.0 is vulnerable to Directory Traversal via the editFilePost function of internal/route/repo/editor.go." + }, + { + "lang": "es", + "value": "Gogs <=0.13.0 es vulnerable a la navegaci\u00f3n de Directory Traversal de la funci\u00f3n editFilePost de internal/route/repo/editor.go." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-447xx/CVE-2024-44756.json b/CVE-2024/CVE-2024-447xx/CVE-2024-44756.json new file mode 100644 index 00000000000..58931155696 --- /dev/null +++ b/CVE-2024/CVE-2024-447xx/CVE-2024-44756.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-44756", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-11-18T17:15:11.450", + "lastModified": "2024-11-18T17:15:11.450", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "NUS-M9 ERP Management Software v3.0.0 was discovered to contain a SQL injection vulnerability via the usercode parameter at /UserWH/checkLogin." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/WarmBrew/web_vul/blob/main/CVES/CVE-2024-44756.md", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/WarmBrew/web_vul/blob/main/M9ERP/M9ERP-sqli.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-447xx/CVE-2024-44757.json b/CVE-2024/CVE-2024-447xx/CVE-2024-44757.json new file mode 100644 index 00000000000..10d4f87044e --- /dev/null +++ b/CVE-2024/CVE-2024-447xx/CVE-2024-44757.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-44757", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-11-18T17:15:11.510", + "lastModified": "2024-11-18T17:15:11.510", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An arbitrary file download vulnerability in the component /Basics/DownloadInpFile of NUS-M9 ERP Management Software v3.0.0 allows attackers to download arbitrary files and access sensitive information via a crafted interface request." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/WarmBrew/web_vul/blob/main/CVES/CVE-2024-44757.md", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/WarmBrew/web_vul/blob/main/M9ERP/M9ERP-filedown-Basics.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-447xx/CVE-2024-44758.json b/CVE-2024/CVE-2024-447xx/CVE-2024-44758.json index 7ef1da04836..acbb2bcc297 100644 --- a/CVE-2024/CVE-2024-447xx/CVE-2024-44758.json +++ b/CVE-2024/CVE-2024-447xx/CVE-2024-44758.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44758", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T21:15:09.233", - "lastModified": "2024-11-15T21:15:09.233", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An arbitrary file upload vulnerability in the component /Production/UploadFile of NUS-M9 ERP Management Software v3.0.0 allows attackers to execute arbitrary code via uploading crafted files." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de carga de archivos arbitrarios en el componente /Production/UploadFile of NUS-M9 ERP Management Software v3.0.0 permite a los atacantes ejecutar c\u00f3digo arbitrario mediante la carga de archivos manipulados." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-447xx/CVE-2024-44759.json b/CVE-2024/CVE-2024-447xx/CVE-2024-44759.json index 858481f8f29..af0220573f5 100644 --- a/CVE-2024/CVE-2024-447xx/CVE-2024-44759.json +++ b/CVE-2024/CVE-2024-447xx/CVE-2024-44759.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44759", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T20:15:20.163", - "lastModified": "2024-11-15T20:15:20.163", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An arbitrary file download vulnerability in the component /Doc/DownloadFile of NUS-M9 ERP Management Software v3.0.0 allows attackers to download arbitrary files and access sensitive information via a crafted interface request." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de descarga de archivos arbitrarios en el componente /Doc/DownloadFile del software de gesti\u00f3n ERP NUS-M9 v3.0.0 permite a los atacantes descargar archivos arbitrarios y acceder a informaci\u00f3n confidencial a trav\u00e9s de una solicitud de interfaz manipulada espec\u00edficamente." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-447xx/CVE-2024-44761.json b/CVE-2024/CVE-2024-447xx/CVE-2024-44761.json index e23a043b00f..9e3e4de5677 100644 --- a/CVE-2024/CVE-2024-447xx/CVE-2024-44761.json +++ b/CVE-2024/CVE-2024-447xx/CVE-2024-44761.json @@ -2,8 +2,8 @@ "id": "CVE-2024-44761", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-28T19:15:08.933", - "lastModified": "2024-08-30T16:00:30.557", - "vulnStatus": "Analyzed", + "lastModified": "2024-11-18T18:15:06.160", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -100,6 +100,10 @@ } ], "references": [ + { + "url": "https://github.com/WarmBrew/web_vul/blob/main/CVES/CVE-2024-44761.md", + "source": "cve@mitre.org" + }, { "url": "https://github.com/WarmBrew/web_vul/blob/main/EQ/EQEMS.md", "source": "cve@mitre.org", diff --git a/CVE-2024/CVE-2024-455xx/CVE-2024-45505.json b/CVE-2024/CVE-2024-455xx/CVE-2024-45505.json index 16353d781ff..6e7f1eee633 100644 --- a/CVE-2024/CVE-2024-455xx/CVE-2024-45505.json +++ b/CVE-2024/CVE-2024-455xx/CVE-2024-45505.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45505", "sourceIdentifier": "security@apache.org", "published": "2024-11-18T09:15:05.870", - "lastModified": "2024-11-18T15:35:10.743", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache HertzBeat (incubating).\n\nThis vulnerability can only be exploited by authorized attackers.\nThis issue affects Apache HertzBeat (incubating): before 1.6.1.\n\nUsers are recommended to upgrade to version 1.6.1, which fixes the issue." + }, + { + "lang": "es", + "value": "Vulnerabilidad de neutralizaci\u00f3n inadecuada de elementos especiales utilizados en un comando ('Inyecci\u00f3n de comandos') en Apache HertzBeat (en incubaci\u00f3n). Esta vulnerabilidad solo puede ser explotada por atacantes autorizados. Este problema afecta a Apache HertzBeat (en incubaci\u00f3n): versiones anteriores a la 1.6.1. Se recomienda a los usuarios que actualicen a la versi\u00f3n 1.6.1, que soluciona el problema." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-456xx/CVE-2024-45608.json b/CVE-2024/CVE-2024-456xx/CVE-2024-45608.json index ea30506503a..8bf58c0f204 100644 --- a/CVE-2024/CVE-2024-456xx/CVE-2024-45608.json +++ b/CVE-2024/CVE-2024-456xx/CVE-2024-45608.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45608", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T19:15:07.143", - "lastModified": "2024-11-15T19:15:07.143", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "GLPI is a free asset and IT management software package. An authenticated user can perfom a SQL injection by changing its preferences. Upgrade to 10.0.17." + }, + { + "lang": "es", + "value": "GLPI es un paquete de software gratuito de gesti\u00f3n de activos y TI. Un usuario autenticado puede realizar una inyecci\u00f3n SQL modificando sus preferencias. Actualice a la versi\u00f3n 10.0.17." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-456xx/CVE-2024-45609.json b/CVE-2024/CVE-2024-456xx/CVE-2024-45609.json index 7b89f258b52..7b6c28e7005 100644 --- a/CVE-2024/CVE-2024-456xx/CVE-2024-45609.json +++ b/CVE-2024/CVE-2024-456xx/CVE-2024-45609.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45609", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T20:15:20.410", - "lastModified": "2024-11-15T20:15:20.410", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An unauthenticated user can provide a malicious link to a GLPI technician in order to exploit a reflected XSS vulnerability located in the reports pages. Upgrade to 10.0.17." + }, + { + "lang": "es", + "value": "GLPI es un paquete de software gratuito de gesti\u00f3n de activos y TI, gesti\u00f3n de centros de datos, ITIL Service Desk, seguimiento de licencias y auditor\u00eda de software. Un usuario no autenticado puede proporcionar un enlace malicioso a un t\u00e9cnico de GLPI para explotar una vulnerabilidad XSS reflejado ubicada en las p\u00e1ginas de informes. Actualice a 10.0.17." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-456xx/CVE-2024-45610.json b/CVE-2024/CVE-2024-456xx/CVE-2024-45610.json index 662ecb55432..bc0b845130b 100644 --- a/CVE-2024/CVE-2024-456xx/CVE-2024-45610.json +++ b/CVE-2024/CVE-2024-456xx/CVE-2024-45610.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45610", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T21:15:09.370", - "lastModified": "2024-11-15T21:15:09.370", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An unauthenticated user can provide a malicious link to a GLPI technician in order to exploit a reflected XSS vulnerability located in the Cable form. Upgrade to 10.0.17." + }, + { + "lang": "es", + "value": "GLPI es un paquete de software de gesti\u00f3n de activos y TI de c\u00f3digo abierto que proporciona funciones de ITIL Service Desk, seguimiento de licencias y auditor\u00eda de software. Un usuario no autenticado puede proporcionar un enlace malicioso a un t\u00e9cnico de GLPI para explotar una vulnerabilidad XSS reflejado ubicada en el formulario Cable. Actualice a 10.0.17." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-456xx/CVE-2024-45611.json b/CVE-2024/CVE-2024-456xx/CVE-2024-45611.json index 12bfab81974..a6367a6bb7b 100644 --- a/CVE-2024/CVE-2024-456xx/CVE-2024-45611.json +++ b/CVE-2024/CVE-2024-456xx/CVE-2024-45611.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45611", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T21:15:09.627", - "lastModified": "2024-11-15T21:15:09.627", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An authenticated user can bypass the access control policy to create a private RSS feed attached to another user account and use a malicious payload to triggger a stored XSS. Upgrade to 10.0.17." + }, + { + "lang": "es", + "value": "GLPI es un paquete de software de gesti\u00f3n de activos y TI de c\u00f3digo abierto que proporciona funciones de ITIL Service Desk, seguimiento de licencias y auditor\u00eda de software. Un usuario autenticado puede eludir la pol\u00edtica de control de acceso para crear una fuente RSS privada adjunta a otra cuenta de usuario y utilizar una carga maliciosa para activar un XSS almacenado. Actualice a 10.0.17." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-457xx/CVE-2024-45791.json b/CVE-2024/CVE-2024-457xx/CVE-2024-45791.json index b757c174193..248551fba50 100644 --- a/CVE-2024/CVE-2024-457xx/CVE-2024-45791.json +++ b/CVE-2024/CVE-2024-457xx/CVE-2024-45791.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45791", "sourceIdentifier": "security@apache.org", "published": "2024-11-18T09:15:05.990", - "lastModified": "2024-11-18T15:35:10.970", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache HertzBeat.\n\nThis issue affects Apache HertzBeat: before 1.6.1.\n\nUsers are recommended to upgrade to version 1.6.1, which fixes the issue." + }, + { + "lang": "es", + "value": "Vulnerabilidad de exposici\u00f3n de informaci\u00f3n confidencial a un agente no autorizado en Apache HertzBeat. Este problema afecta a Apache HertzBeat: versiones anteriores a 1.6.1. Se recomienda a los usuarios que actualicen a la versi\u00f3n 1.6.1, que soluciona el problema." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-459xx/CVE-2024-45969.json b/CVE-2024/CVE-2024-459xx/CVE-2024-45969.json index 223301106d2..075b5a6a7e1 100644 --- a/CVE-2024/CVE-2024-459xx/CVE-2024-45969.json +++ b/CVE-2024/CVE-2024-459xx/CVE-2024-45969.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45969", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T19:15:07.413", - "lastModified": "2024-11-15T19:35:11.467", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "NULL pointer dereference in the MMS Client in MZ Automation LibIEC1850 before commit 7afa40390b26ad1f4cf93deaa0052fe7e357ef33 allows a malicious server to Cause a Denial-of-Service via the MMS InitiationResponse message." + }, + { + "lang": "es", + "value": "La desreferencia de puntero NULL en el cliente MMS en MZ Automation LibIEC1850 antes de el commit 7afa40390b26ad1f4cf93deaa0052fe7e357ef33 permite que un servidor malintencionado provoque una denegaci\u00f3n de servicio a trav\u00e9s del mensaje MMS InitiationResponse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-459xx/CVE-2024-45970.json b/CVE-2024/CVE-2024-459xx/CVE-2024-45970.json index 932dde90170..bbd17a3c280 100644 --- a/CVE-2024/CVE-2024-459xx/CVE-2024-45970.json +++ b/CVE-2024/CVE-2024-459xx/CVE-2024-45970.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45970", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T19:15:07.497", - "lastModified": "2024-11-15T19:35:12.330", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit ac925fae8e281ac6defcd630e9dd756264e9c5bc allow a malicious server to cause a stack-based buffer overflow via the MMS FileDirResponse message." + }, + { + "lang": "es", + "value": "M\u00faltiples desbordamientos de b\u00fafer en el cliente MMS en MZ Automation LibIEC61850 antes de el commit ac925fae8e281ac6defcd630e9dd756264e9c5bc permiten que un servidor malintencionado provoque un desbordamiento de b\u00fafer basado en pila a trav\u00e9s del mensaje MMS FileDirResponse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-459xx/CVE-2024-45971.json b/CVE-2024/CVE-2024-459xx/CVE-2024-45971.json index 8b57697a13d..a9733897104 100644 --- a/CVE-2024/CVE-2024-459xx/CVE-2024-45971.json +++ b/CVE-2024/CVE-2024-459xx/CVE-2024-45971.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45971", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T19:15:07.577", - "lastModified": "2024-11-15T19:35:13.180", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit 1f52be9ddeae00e69cd43e4cac3cb4f0c880c4f0 allow a malicious server to cause a stack-based buffer overflow via the MMS IdentifyResponse message." + }, + { + "lang": "es", + "value": "Varios desbordamientos de b\u00fafer en el cliente MMS en MZ Automation LibIEC61850 antes de el commit 1f52be9ddeae00e69cd43e4cac3cb4f0c880c4f0 permiten que un servidor malintencionado provoque un desbordamiento de b\u00fafer basado en la pila a trav\u00e9s del mensaje MMS IdentifyResponse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-463xx/CVE-2024-46383.json b/CVE-2024/CVE-2024-463xx/CVE-2024-46383.json index 8e6db85bfed..a9f94ed9e28 100644 --- a/CVE-2024/CVE-2024-463xx/CVE-2024-46383.json +++ b/CVE-2024/CVE-2024-463xx/CVE-2024-46383.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46383", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T18:15:27.960", - "lastModified": "2024-11-15T20:35:07.907", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Hathway Skyworth Router CM5100-511 v4.1.1.24 was discovered to store sensitive information about USB and Wifi connected devices in plaintext." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que el enrutador Hathway Skyworth CM5100-511 v4.1.1.24 almacena informaci\u00f3n confidencial sobre dispositivos conectados por USB y Wifi en texto plano." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-464xx/CVE-2024-46462.json b/CVE-2024/CVE-2024-464xx/CVE-2024-46462.json index 612fbca6956..4d74d765806 100644 --- a/CVE-2024/CVE-2024-464xx/CVE-2024-46462.json +++ b/CVE-2024/CVE-2024-464xx/CVE-2024-46462.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46462", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T18:15:28.053", - "lastModified": "2024-11-15T18:15:28.053", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "By default, dedicated folders of ZEDMAIL for Windows up to 2024.3 can be accessed by other users to misuse technical files and make them perform tasks with higher privileges. Configuration of ZEDMAIL has to be modified to prevent this vulnerability." + }, + { + "lang": "es", + "value": "De forma predeterminada, otros usuarios pueden acceder a las carpetas dedicadas de ZEDMAIL para Windows hasta la versi\u00f3n 2024.3 para hacer un uso indebido de los archivos t\u00e9cnicos y obligarlos a realizar tareas con mayores privilegios. Es necesario modificar la configuraci\u00f3n de ZEDMAIL para evitar esta vulnerabilidad." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-464xx/CVE-2024-46463.json b/CVE-2024/CVE-2024-464xx/CVE-2024-46463.json index 2c97cd7e4a9..366d68d4cda 100644 --- a/CVE-2024/CVE-2024-464xx/CVE-2024-46463.json +++ b/CVE-2024/CVE-2024-464xx/CVE-2024-46463.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46463", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T18:15:28.140", - "lastModified": "2024-11-15T18:15:28.140", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "By default, dedicated folders of ORIZON for Windows up to 2024.3 can be accessed by other users to misuse technical files and make them perform tasks with higher privileges. Configuration of ORIZON has to be modified to prevent this vulnerability." + }, + { + "lang": "es", + "value": "De forma predeterminada, otros usuarios pueden acceder a las carpetas dedicadas de ORIZON para Windows hasta la versi\u00f3n 2024.3 para hacer un uso indebido de los archivos t\u00e9cnicos y obligarlos a realizar tareas con mayores privilegios. Es necesario modificar la configuraci\u00f3n de ORIZON para evitar esta vulnerabilidad." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-464xx/CVE-2024-46465.json b/CVE-2024/CVE-2024-464xx/CVE-2024-46465.json index a3c9077862d..6c5a39a269e 100644 --- a/CVE-2024/CVE-2024-464xx/CVE-2024-46465.json +++ b/CVE-2024/CVE-2024-464xx/CVE-2024-46465.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46465", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T18:15:28.220", - "lastModified": "2024-11-15T18:15:28.220", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "By default, dedicated folders of CRYHOD for Windows up to 2024.3 can be accessed by other users to misuse technical files and make them perform tasks with higher privileges. Configuration of CRYHOD has to be modified to prevent this vulnerability." + }, + { + "lang": "es", + "value": "De forma predeterminada, otros usuarios pueden acceder a las carpetas dedicadas de CRYHOD para Windows hasta la versi\u00f3n 2024.3 para hacer un uso indebido de los archivos t\u00e9cnicos y obligarlos a realizar tareas con mayores privilegios. Es necesario modificar la configuraci\u00f3n de CRYHOD para evitar esta vulnerabilidad." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-464xx/CVE-2024-46466.json b/CVE-2024/CVE-2024-464xx/CVE-2024-46466.json index 9386b7b2f8f..efa50bfb32b 100644 --- a/CVE-2024/CVE-2024-464xx/CVE-2024-46466.json +++ b/CVE-2024/CVE-2024-464xx/CVE-2024-46466.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46466", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T18:15:28.297", - "lastModified": "2024-11-15T18:15:28.297", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "By default, dedicated folders of ZONECENTRAL for Windows up to 2024.3 or up to Q.2021.2 (ANSSI qualification submission) can be accessed by other users to misuse technical files and make them perform tasks with higher privileges. Configuration of ZONECENTRAL has to be modified to prevent this vulnerability." + }, + { + "lang": "es", + "value": "De forma predeterminada, otros usuarios pueden acceder a las carpetas dedicadas de ZONECENTRAL para Windows hasta la versi\u00f3n 2024.3 o hasta la versi\u00f3n Q.2021.2 (env\u00edo de calificaci\u00f3n ANSSI) para hacer un uso indebido de los archivos t\u00e9cnicos y obligarlos a realizar tareas con mayores privilegios. Se debe modificar la configuraci\u00f3n de ZONECENTRAL para evitar esta vulnerabilidad." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-464xx/CVE-2024-46467.json b/CVE-2024/CVE-2024-464xx/CVE-2024-46467.json index 2b67771667d..e362635a145 100644 --- a/CVE-2024/CVE-2024-464xx/CVE-2024-46467.json +++ b/CVE-2024/CVE-2024-464xx/CVE-2024-46467.json @@ -2,13 +2,17 @@ "id": "CVE-2024-46467", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T18:15:28.377", - "lastModified": "2024-11-15T18:15:28.377", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "By default, dedicated folders of ZONEPOINT for Windows up to 2024.1 can be accessed by other users to misuse technical files and make them perform tasks with higher privileges. Configuration of ZONEPOINT has to be modified to prevent this vulnerability." + }, + { + "lang": "es", + "value": "De forma predeterminada, otros usuarios pueden acceder a las carpetas dedicadas de ZONEPOINT para Windows hasta la versi\u00f3n 2024.1 para hacer un uso indebido de los archivos t\u00e9cnicos y obligarlos a realizar tareas con mayores privilegios. Es necesario modificar la configuraci\u00f3n de ZONEPOINT para evitar esta vulnerabilidad." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-472xx/CVE-2024-47208.json b/CVE-2024/CVE-2024-472xx/CVE-2024-47208.json index 563074e815a..4e57f0b74eb 100644 --- a/CVE-2024/CVE-2024-472xx/CVE-2024-47208.json +++ b/CVE-2024/CVE-2024-472xx/CVE-2024-47208.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47208", "sourceIdentifier": "security@apache.org", "published": "2024-11-18T09:15:06.100", - "lastModified": "2024-11-18T09:15:06.100", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Server-Side Request Forgery (SSRF), Improper Control of Generation of Code ('Code Injection') vulnerability in Apache OFBiz.\n\nThis issue affects Apache OFBiz: before 18.12.17.\n\nUsers are recommended to upgrade to version 18.12.17, which fixes the issue." + }, + { + "lang": "es", + "value": "Vulnerabilidad de falsificaci\u00f3n de solicitud del lado del servidor (SSRF) y control inadecuado de la generaci\u00f3n de c\u00f3digo ('inyecci\u00f3n de c\u00f3digo') en Apache OFBiz. Este problema afecta a Apache OFBiz: anterior a la versi\u00f3n 18.12.17. Se recomienda a los usuarios que actualicen a la versi\u00f3n 18.12.17, que soluciona el problema." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-475xx/CVE-2024-47533.json b/CVE-2024/CVE-2024-475xx/CVE-2024-47533.json new file mode 100644 index 00000000000..3f0c0680c26 --- /dev/null +++ b/CVE-2024/CVE-2024-475xx/CVE-2024-47533.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-47533", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-11-18T17:15:11.563", + "lastModified": "2024-11-18T17:15:11.563", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cobbler, a Linux installation server that allows for rapid setup of network installation environments, has an improper authentication vulnerability starting in version 3.0.0 and prior to versions 3.2.3 and 3.3.7. `utils.get_shared_secret()` always returns `-1`, which allows anyone to connect to cobbler XML-RPC as user `''` password `-1` and make any changes. This gives anyone with network access to a cobbler server full control of the server. Versions 3.2.3 and 3.3.7 fix the issue." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-287" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/cobbler/cobbler/commit/32c5cada013dc8daa7320a8eda9932c2814742b0", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/cobbler/cobbler/commit/e19717623c10b29e7466ed4ab23515a94beb2dda", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/cobbler/cobbler/security/advisories/GHSA-m26c-fcgh-cp6h", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-477xx/CVE-2024-47759.json b/CVE-2024/CVE-2024-477xx/CVE-2024-47759.json index 44333a4ec3b..556ef73dafe 100644 --- a/CVE-2024/CVE-2024-477xx/CVE-2024-47759.json +++ b/CVE-2024/CVE-2024-477xx/CVE-2024-47759.json @@ -2,13 +2,17 @@ "id": "CVE-2024-47759", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T18:15:28.463", - "lastModified": "2024-11-15T18:35:34.290", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "GLPI is a free Asset and IT management software package. An technician can upload a SVG containing a malicious script. The script will then be executed when any user will try to see the document contents. Upgrade to 10.0.17." + }, + { + "lang": "es", + "value": "GLPI es un paquete de software gratuito de gesti\u00f3n de activos y TI. Un t\u00e9cnico puede cargar un SVG que contenga un script malicioso. El script se ejecutar\u00e1 cuando cualquier usuario intente ver el contenido del documento. Actualice a 10.0.17." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-478xx/CVE-2024-47820.json b/CVE-2024/CVE-2024-478xx/CVE-2024-47820.json new file mode 100644 index 00000000000..cfcb51cee9c --- /dev/null +++ b/CVE-2024/CVE-2024-478xx/CVE-2024-47820.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-47820", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-11-18T17:15:11.777", + "lastModified": "2024-11-18T17:15:11.777", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "MarkUs, a web application for the submission and grading of student assignments, is vulnerable to path traversal in versions prior to 2.4.8. Authenticated instructors may download any file on the web server MarkUs is running on, depending on the file permissions. MarkUs v2.4.8 has addressed this issue. No known workarounds are available at the application level aside from upgrading." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "HIGH", + "baseScore": 5.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.9, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/MarkUsProject/Markus/pull/7026", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/MarkUsProject/Markus/security/advisories/GHSA-wq6v-vx8c-8fj8", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-478xx/CVE-2024-47873.json b/CVE-2024/CVE-2024-478xx/CVE-2024-47873.json new file mode 100644 index 00000000000..80b71a3509f --- /dev/null +++ b/CVE-2024/CVE-2024-478xx/CVE-2024-47873.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2024-47873", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-11-18T17:15:11.973", + "lastModified": "2024-11-18T17:15:11.973", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. The XmlScanner class has a scan method which should prevent XXE attacks. However, prior to versions 1.9.4, 2.1.3, 2.3.2, and 3.4.0, the regexes used in the `scan` method and the findCharSet method can be bypassed by using UCS-4 and encoding guessing. An attacker can bypass the sanitizer and achieve an XML external entity attack. Versions 1.9.4, 2.1.3, 2.3.2, and 3.4.0 fix the issue." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-611" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/PHPOffice/PhpSpreadsheet/blob/39fc51309181e82593b06e2fa8e45ef8333a0335/src/PhpSpreadsheet/Reader/Security/XmlScanner.php", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/PHPOffice/PhpSpreadsheet/security/advisories/GHSA-jw4x-v69f-hh5w", + "source": "security-advisories@github.com" + }, + { + "url": "https://owasp.org/www-community/vulnerabilities/XML_External_Entity_(XXE)_Processing", + "source": "security-advisories@github.com" + }, + { + "url": "https://www.w3.org/TR/xml/#sec-guessing-no-ext-info", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-480xx/CVE-2024-48068.json b/CVE-2024/CVE-2024-480xx/CVE-2024-48068.json index 433eca8020e..c0d9860c130 100644 --- a/CVE-2024/CVE-2024-480xx/CVE-2024-48068.json +++ b/CVE-2024/CVE-2024-480xx/CVE-2024-48068.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48068", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T15:15:07.607", - "lastModified": "2024-11-15T15:15:07.607", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A cross-site scripting (XSS) vulnerability in Shenzhen Landray Software Co.,LTD Landray EKP v16 and earlier allows attackers to execute arbitrary web scripts or HTML via a crafted payload." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de cross site scripting (XSS) en Shenzhen Landray Software Co.,LTD Landray EKP v16 y versiones anteriores permite a los atacantes ejecutar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de un payload especialmente manipulado." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-482xx/CVE-2024-48284.json b/CVE-2024/CVE-2024-482xx/CVE-2024-48284.json index 1c514bc611b..a1e5c53c826 100644 --- a/CVE-2024/CVE-2024-482xx/CVE-2024-48284.json +++ b/CVE-2024/CVE-2024-482xx/CVE-2024-48284.json @@ -2,7 +2,7 @@ "id": "CVE-2024-48284", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-14T18:15:19.150", - "lastModified": "2024-11-15T13:58:08.913", + "lastModified": "2024-11-18T18:35:04.410", "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": "Se encontr\u00f3 una vulnerabilidad de tipo Cross-Site Scripting (XSS) Reflejado en /search-result.php page of the PHPGurukul User Registration & Login and User Management System 3.2. Esta vulnerabilidad permite a atacantes remotos ejecutar secuencias de comandos arbitrarias a trav\u00e9s del par\u00e1metro searchkey en una solicitud HTTP POST." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], "references": [ { "url": "https://github.com/m14r41/Writeups/blob/main/CVE/phpGurukul/User%20Registration%20%26%20Login%20and%20User%20Management%20System%20With%20admin%20panel/Reflected%20XSS%20-%20Search.md", diff --git a/CVE-2024/CVE-2024-482xx/CVE-2024-48292.json b/CVE-2024/CVE-2024-482xx/CVE-2024-48292.json new file mode 100644 index 00000000000..16a634bbad8 --- /dev/null +++ b/CVE-2024/CVE-2024-482xx/CVE-2024-48292.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-48292", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-11-18T18:15:06.260", + "lastModified": "2024-11-18T18:15:06.260", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An issue in the wssrvc.exe service of QuickHeal Antivirus Pro Version v24.0 and Quick Heal Total Security v24.0 allows authenticated attackers to escalate privileges." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/Nero22k/Disclosures/blob/main/QuickHealAV/CVE-2024-48292.md", + "source": "cve@mitre.org" + }, + { + "url": "https://www.quickheal.com/download-free-antivirus/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-488xx/CVE-2024-48896.json b/CVE-2024/CVE-2024-488xx/CVE-2024-48896.json index 2f093686f70..f2aee9a5df8 100644 --- a/CVE-2024/CVE-2024-488xx/CVE-2024-48896.json +++ b/CVE-2024/CVE-2024-488xx/CVE-2024-48896.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48896", "sourceIdentifier": "secalert@redhat.com", "published": "2024-11-18T12:15:18.093", - "lastModified": "2024-11-18T15:35:12.090", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in Moodle. It is possible for users with the \"send message\" capability to view other users' names that they may not otherwise have access to via an error message in Messaging. Note: The name returned follows the full name format configured on the site." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en Moodle. Es posible que los usuarios con la funci\u00f3n \"enviar mensaje\" vean los nombres de otros usuarios a los que de otra manera no podr\u00edan acceder mediante un mensaje de error en Mensajer\u00eda. Nota: El nombre que se devuelve sigue el formato de nombre completo configurado en el sitio." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-488xx/CVE-2024-48897.json b/CVE-2024/CVE-2024-488xx/CVE-2024-48897.json index 88fcafbd464..71a48321a39 100644 --- a/CVE-2024/CVE-2024-488xx/CVE-2024-48897.json +++ b/CVE-2024/CVE-2024-488xx/CVE-2024-48897.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48897", "sourceIdentifier": "secalert@redhat.com", "published": "2024-11-18T12:15:18.243", - "lastModified": "2024-11-18T12:15:18.243", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in Moodle. Additional checks are required to ensure users can only edit or delete RSS feeds that they have permission to modify." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en Moodle. Se requieren verificaciones adicionales para garantizar que los usuarios solo puedan editar o eliminar los feeds RSS que tengan permiso para modificar." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-488xx/CVE-2024-48898.json b/CVE-2024/CVE-2024-488xx/CVE-2024-48898.json index 92ede7eebd7..ce87b362a2d 100644 --- a/CVE-2024/CVE-2024-488xx/CVE-2024-48898.json +++ b/CVE-2024/CVE-2024-488xx/CVE-2024-48898.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48898", "sourceIdentifier": "secalert@redhat.com", "published": "2024-11-18T12:15:18.363", - "lastModified": "2024-11-18T15:35:12.320", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in Moodle. Users with access to delete audiences from reports could delete audiences from other reports that they do not have permission to delete from." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en Moodle. Los usuarios con acceso para eliminar audiencias de los informes podr\u00edan eliminar audiencias de otros informes para los que no tienen permiso de eliminaci\u00f3n." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-489xx/CVE-2024-48901.json b/CVE-2024/CVE-2024-489xx/CVE-2024-48901.json index a01d9a62de7..cc7c46d08ab 100644 --- a/CVE-2024/CVE-2024-489xx/CVE-2024-48901.json +++ b/CVE-2024/CVE-2024-489xx/CVE-2024-48901.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48901", "sourceIdentifier": "secalert@redhat.com", "published": "2024-11-18T12:15:18.493", - "lastModified": "2024-11-18T15:35:12.557", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in Moodle. Additional checks are required to ensure users can only access the schedule of a report if they have permission to edit that report." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en Moodle. Se requieren verificaciones adicionales para garantizar que los usuarios solo puedan acceder al cronograma de un informe si tienen permiso para editarlo." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-489xx/CVE-2024-48962.json b/CVE-2024/CVE-2024-489xx/CVE-2024-48962.json index 415c9a8dfc6..d88974c7e47 100644 --- a/CVE-2024/CVE-2024-489xx/CVE-2024-48962.json +++ b/CVE-2024/CVE-2024-489xx/CVE-2024-48962.json @@ -2,13 +2,17 @@ "id": "CVE-2024-48962", "sourceIdentifier": "security@apache.org", "published": "2024-11-18T09:15:06.237", - "lastModified": "2024-11-18T09:15:06.237", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Control of Generation of Code ('Code Injection'), Cross-Site Request Forgery (CSRF), : Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Apache OFBiz.\n\nThis issue affects Apache OFBiz: before 18.12.17.\n\nUsers are recommended to upgrade to version 18.12.17, which fixes the issue." + }, + { + "lang": "es", + "value": "Control inadecuado de la generaci\u00f3n de c\u00f3digo (\"Inyecci\u00f3n de c\u00f3digo\"), Cross-Site Request Forgery (CSRF), : Neutralizaci\u00f3n inadecuada de elementos especiales utilizados en una vulnerabilidad de motor de plantillas en Apache OFBiz. Este problema afecta a Apache OFBiz: anterior a la versi\u00f3n 18.12.17. Se recomienda a los usuarios que actualicen a la versi\u00f3n 18.12.17, que soluciona el problema." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-490xx/CVE-2024-49060.json b/CVE-2024/CVE-2024-490xx/CVE-2024-49060.json index 73eb1137117..26f5865d7c7 100644 --- a/CVE-2024/CVE-2024-490xx/CVE-2024-49060.json +++ b/CVE-2024/CVE-2024-490xx/CVE-2024-49060.json @@ -2,13 +2,17 @@ "id": "CVE-2024-49060", "sourceIdentifier": "secure@microsoft.com", "published": "2024-11-15T21:15:10.863", - "lastModified": "2024-11-15T21:15:10.863", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Azure Stack HCI Elevation of Privilege Vulnerability" + }, + { + "lang": "es", + "value": "Vulnerabilidad de elevaci\u00f3n de privilegios en Azure Stack HCI" } ], "metrics": { diff --git a/CVE-2024/CVE-2024-495xx/CVE-2024-49514.json b/CVE-2024/CVE-2024-495xx/CVE-2024-49514.json index 4b64456cab8..dd97845204b 100644 --- a/CVE-2024/CVE-2024-495xx/CVE-2024-49514.json +++ b/CVE-2024/CVE-2024-495xx/CVE-2024-49514.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49514", "sourceIdentifier": "psirt@adobe.com", "published": "2024-11-12T17:15:08.490", - "lastModified": "2024-11-13T17:01:58.603", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-18T18:06:39.030", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,10 +51,55 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:photoshop:*:*:*:*:*:*:*:*", + "versionEndExcluding": "24.7.4", + "matchCriteriaId": "0EADA064-4774-43EF-BC6C-843DFD90F147" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:photoshop:*:*:*:*:*:*:*:*", + "versionStartIncluding": "25.0", + "versionEndExcluding": "25.12", + "matchCriteriaId": "7D15601B-F756-430B-9B2B-4C9360E28E11" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/photoshop/apsb24-89.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-495xx/CVE-2024-49521.json b/CVE-2024/CVE-2024-495xx/CVE-2024-49521.json index 82e62e33a32..56d21a01805 100644 --- a/CVE-2024/CVE-2024-495xx/CVE-2024-49521.json +++ b/CVE-2024/CVE-2024-495xx/CVE-2024-49521.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49521", "sourceIdentifier": "psirt@adobe.com", "published": "2024-11-12T17:15:08.783", - "lastModified": "2024-11-13T17:01:58.603", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-18T18:44:32.113", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -40,6 +40,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + }, { "source": "psirt@adobe.com", "type": "Secondary", @@ -51,10 +61,37 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:commerce:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.2.6", + "matchCriteriaId": "F2731236-D6E0-497F-8057-4F35A51E174C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:magento:*:*:*:*:open_source:*:*:*", + "versionEndExcluding": "3.2.6", + "matchCriteriaId": "4D88B043-948D-4D45-9B6E-A29FC028C200" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/magento/apsb24-90.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-495xx/CVE-2024-49526.json b/CVE-2024/CVE-2024-495xx/CVE-2024-49526.json index 6aa0ba402b0..1c3877050e0 100644 --- a/CVE-2024/CVE-2024-495xx/CVE-2024-49526.json +++ b/CVE-2024/CVE-2024-495xx/CVE-2024-49526.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49526", "sourceIdentifier": "psirt@adobe.com", "published": "2024-11-12T17:15:09.020", - "lastModified": "2024-11-13T17:01:58.603", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-18T18:41:33.857", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,10 +51,55 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:animate:*:*:*:*:*:*:*:*", + "versionEndExcluding": "23.0.8", + "matchCriteriaId": "59930447-52F0-45E1-8E7E-C554FB92F3EB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:animate:*:*:*:*:*:*:*:*", + "versionStartIncluding": "24.0.0", + "versionEndExcluding": "24.0.5", + "matchCriteriaId": "0E0AFAFE-6669-4321-95EF-F67D428469BA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/animate/apsb24-76.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-495xx/CVE-2024-49527.json b/CVE-2024/CVE-2024-495xx/CVE-2024-49527.json index 9bbfd7b8b3c..25f28cb0739 100644 --- a/CVE-2024/CVE-2024-495xx/CVE-2024-49527.json +++ b/CVE-2024/CVE-2024-495xx/CVE-2024-49527.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49527", "sourceIdentifier": "psirt@adobe.com", "published": "2024-11-12T17:15:09.240", - "lastModified": "2024-11-13T17:01:58.603", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-18T18:39:52.213", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,10 +51,55 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:animate:*:*:*:*:*:*:*:*", + "versionEndExcluding": "23.0.8", + "matchCriteriaId": "59930447-52F0-45E1-8E7E-C554FB92F3EB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:animate:*:*:*:*:*:*:*:*", + "versionStartIncluding": "24.0.0", + "versionEndExcluding": "24.0.5", + "matchCriteriaId": "0E0AFAFE-6669-4321-95EF-F67D428469BA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/animate/apsb24-76.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-495xx/CVE-2024-49528.json b/CVE-2024/CVE-2024-495xx/CVE-2024-49528.json index f0eb825f0f8..8a0ba2745a0 100644 --- a/CVE-2024/CVE-2024-495xx/CVE-2024-49528.json +++ b/CVE-2024/CVE-2024-495xx/CVE-2024-49528.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49528", "sourceIdentifier": "psirt@adobe.com", "published": "2024-11-12T17:15:09.453", - "lastModified": "2024-11-13T17:01:58.603", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-18T18:34:56.667", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,10 +51,55 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:animate:*:*:*:*:*:*:*:*", + "versionEndExcluding": "23.0.8", + "matchCriteriaId": "59930447-52F0-45E1-8E7E-C554FB92F3EB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:animate:*:*:*:*:*:*:*:*", + "versionStartIncluding": "24.0.0", + "versionEndExcluding": "24.0.5", + "matchCriteriaId": "0E0AFAFE-6669-4321-95EF-F67D428469BA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/animate/apsb24-76.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-495xx/CVE-2024-49536.json b/CVE-2024/CVE-2024-495xx/CVE-2024-49536.json index 0e1c62b0cd5..a58c3610b71 100644 --- a/CVE-2024/CVE-2024-495xx/CVE-2024-49536.json +++ b/CVE-2024/CVE-2024-495xx/CVE-2024-49536.json @@ -2,13 +2,17 @@ "id": "CVE-2024-49536", "sourceIdentifier": "psirt@adobe.com", "published": "2024-11-15T20:15:20.683", - "lastModified": "2024-11-15T20:15:20.683", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Audition versions 23.6.9, 24.4.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + }, + { + "lang": "es", + "value": "Las versiones 23.6.9, 24.4.6 y anteriores de Audition se ven afectadas por una vulnerabilidad de lectura fuera de los l\u00edmites que podr\u00eda provocar la divulgaci\u00f3n de memoria confidencial. Un atacante podr\u00eda aprovechar esta vulnerabilidad para eludir mitigaciones como ASLR. La explotaci\u00f3n de este problema requiere la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-495xx/CVE-2024-49574.json b/CVE-2024/CVE-2024-495xx/CVE-2024-49574.json index 7a8dd9132b1..0bcc34cbd21 100644 --- a/CVE-2024/CVE-2024-495xx/CVE-2024-49574.json +++ b/CVE-2024/CVE-2024-495xx/CVE-2024-49574.json @@ -2,13 +2,17 @@ "id": "CVE-2024-49574", "sourceIdentifier": "0fc0942c-577d-436f-ae8e-945763c79b02", "published": "2024-11-18T08:15:03.550", - "lastModified": "2024-11-18T08:15:03.550", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Zohocorp ManageEngine ADAudit Plus versions below 8123 are vulnerable to SQL Injection in\u00a0the reports module." + }, + { + "lang": "es", + "value": "Las versiones de Zohocorp ManageEngine ADAudit Plus anteriores a 8123 son vulnerables a la inyecci\u00f3n SQL en el m\u00f3dulo de informes." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-495xx/CVE-2024-49592.json b/CVE-2024/CVE-2024-495xx/CVE-2024-49592.json index dfdc9664f16..328fe2338ac 100644 --- a/CVE-2024/CVE-2024-495xx/CVE-2024-49592.json +++ b/CVE-2024/CVE-2024-495xx/CVE-2024-49592.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49592", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T21:15:11.070", - "lastModified": "2024-11-18T16:15:25.520", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [ { "sourceIdentifier": "cve@mitre.org", diff --git a/CVE-2024/CVE-2024-497xx/CVE-2024-49754.json b/CVE-2024/CVE-2024-497xx/CVE-2024-49754.json index 122afde48fb..9e359fac215 100644 --- a/CVE-2024/CVE-2024-497xx/CVE-2024-49754.json +++ b/CVE-2024/CVE-2024-497xx/CVE-2024-49754.json @@ -2,13 +2,17 @@ "id": "CVE-2024-49754", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T16:15:34.510", - "lastModified": "2024-11-15T16:15:34.510", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the API-Access page allows authenticated users to inject arbitrary JavaScript through the \"token\" parameter when creating a new API token. This vulnerability can result in the execution of malicious code in the context of other users' sessions, compromising their accounts and enabling unauthorized actions. This vulnerability is fixed in 24.10.0." + }, + { + "lang": "es", + "value": "LibreNMS es un sistema de monitoreo de red de c\u00f3digo abierto basado en PHP/MySQL/SNMP. Una vulnerabilidad de tipo Cross-Site Scripting (XSS) Almacenado en la p\u00e1gina API-Access permite a los usuarios autenticados inyectar c\u00f3digo JavaScript arbitrario a trav\u00e9s del par\u00e1metro \"token\" al crear un nuevo token de API. Esta vulnerabilidad puede provocar la ejecuci\u00f3n de c\u00f3digo malicioso en el contexto de las sesiones de otros usuarios, comprometiendo sus cuentas y permitiendo acciones no autorizadas. Esta vulnerabilidad se solucion\u00f3 en 24.10.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-497xx/CVE-2024-49758.json b/CVE-2024/CVE-2024-497xx/CVE-2024-49758.json index 42d50ee8ccc..adb636bbab4 100644 --- a/CVE-2024/CVE-2024-497xx/CVE-2024-49758.json +++ b/CVE-2024/CVE-2024-497xx/CVE-2024-49758.json @@ -2,13 +2,17 @@ "id": "CVE-2024-49758", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T16:15:34.880", - "lastModified": "2024-11-15T16:15:34.880", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. User with Admin role can add Notes to a device, the application did not properly sanitize the user input, when the ExamplePlugin enable, if java script code is inside the device's Notes, its will be trigger. This vulnerability is fixed in 24.10.0." + }, + { + "lang": "es", + "value": "LibreNMS es un sistema de monitoreo de red de c\u00f3digo abierto basado en PHP/MySQL/SNMP. El usuario con rol de administrador puede agregar notas a un dispositivo, la aplicaci\u00f3n no desinfect\u00f3 correctamente la entrada del usuario, cuando se habilita ExamplePlugin, si el c\u00f3digo de script de Java est\u00e1 dentro de las notas del dispositivo, se activar\u00e1. Esta vulnerabilidad se corrigi\u00f3 en 24.10.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-497xx/CVE-2024-49759.json b/CVE-2024/CVE-2024-497xx/CVE-2024-49759.json index 685a62fda45..e50406f55d9 100644 --- a/CVE-2024/CVE-2024-497xx/CVE-2024-49759.json +++ b/CVE-2024/CVE-2024-497xx/CVE-2024-49759.json @@ -2,13 +2,17 @@ "id": "CVE-2024-49759", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T16:15:35.100", - "lastModified": "2024-11-15T16:15:35.100", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the \"Manage User Access\" page allows authenticated users to inject arbitrary JavaScript through the \"bill_name\" parameter when creating a new bill. This vulnerability can lead to the execution of malicious code when visiting the \"Bill Access\" dropdown in the user's \"Manage Access\" page, potentially compromising user sessions and allowing unauthorized actions. This vulnerability is fixed in 24.10.0." + }, + { + "lang": "es", + "value": "LibreNMS es un sistema de monitoreo de red de c\u00f3digo abierto basado en PHP/MySQL/SNMP. Una vulnerabilidad de cross site scripting (XSS) almacenado en la p\u00e1gina \"Administrar acceso de usuarios\" permite a los usuarios autenticados inyectar c\u00f3digo JavaScript arbitrario a trav\u00e9s del par\u00e1metro \"bill_name\" al crear una nueva factura. Esta vulnerabilidad puede provocar la ejecuci\u00f3n de c\u00f3digo malicioso al visitar el men\u00fa desplegable \"Acceso a facturas\" en la p\u00e1gina \"Administrar acceso\" del usuario, lo que puede comprometer las sesiones del usuario y permitir acciones no autorizadas. Esta vulnerabilidad se solucion\u00f3 en 24.10.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-497xx/CVE-2024-49764.json b/CVE-2024/CVE-2024-497xx/CVE-2024-49764.json index 0aee3ea74b8..62243b9f2cc 100644 --- a/CVE-2024/CVE-2024-497xx/CVE-2024-49764.json +++ b/CVE-2024/CVE-2024-497xx/CVE-2024-49764.json @@ -2,13 +2,17 @@ "id": "CVE-2024-49764", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T16:15:35.323", - "lastModified": "2024-11-15T16:15:35.323", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the \"Capture Debug Information\" page allows authenticated users to inject arbitrary JavaScript through the \"hostname\" parameter when creating a new device. This vulnerability results in the execution of malicious code when the \"Capture Debug Information\" page is visited, redirecting the user and sending non-httponly cookies to an attacker-controlled domain. This vulnerability is fixed in 24.10.0." + }, + { + "lang": "es", + "value": "LibreNMS es un sistema de monitoreo de red de c\u00f3digo abierto basado en PHP/MySQL/SNMP. Una vulnerabilidad de cross site scripting (XSS) almacenado en la p\u00e1gina \"Capturar informaci\u00f3n de depuraci\u00f3n\" permite a los usuarios autenticados inyectar c\u00f3digo JavaScript arbitrario a trav\u00e9s del par\u00e1metro \"nombre de host\" al crear un nuevo dispositivo. Esta vulnerabilidad da como resultado la ejecuci\u00f3n de c\u00f3digo malicioso cuando se visita la p\u00e1gina \"Capturar informaci\u00f3n de depuraci\u00f3n\", redirigiendo al usuario y enviando cookies que no son solo http a un dominio controlado por el atacante. Esta vulnerabilidad se corrigi\u00f3 en 24.10.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-503xx/CVE-2024-50324.json b/CVE-2024/CVE-2024-503xx/CVE-2024-50324.json index 3913ea7d071..73551d7f8ec 100644 --- a/CVE-2024/CVE-2024-503xx/CVE-2024-50324.json +++ b/CVE-2024/CVE-2024-503xx/CVE-2024-50324.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50324", "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "published": "2024-11-12T16:15:24.653", - "lastModified": "2024-11-13T17:01:58.603", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-18T17:06:27.200", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + }, { "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + }, { "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Secondary", @@ -51,10 +81,66 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2022", + "matchCriteriaId": "B1F6549B-CF5D-4607-B67D-5489905A1705" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:-:*:*:*:*:*:*", + "matchCriteriaId": "46580865-5177-4E55-BDAC-73DA4B472B35" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:su1:*:*:*:*:*:*", + "matchCriteriaId": "E57E12B5-B789-450C-9476-6C4C151E6993" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:su2:*:*:*:*:*:*", + "matchCriteriaId": "E47C65B3-56DD-4D65-8B4B-6AFFE28E94F2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:su3:*:*:*:*:*:*", + "matchCriteriaId": "10D6EAB7-B14B-45E9-92B9-4FADFBBB08AF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:su4:*:*:*:*:*:*", + "matchCriteriaId": "1877FB55-76BA-4714-ABB8-47258132F537" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:su5:*:*:*:*:*:*", + "matchCriteriaId": "4F9E8D45-5F12-4D45-A74E-C314FA3618A3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2024:-:*:*:*:*:*:*", + "matchCriteriaId": "6C7283FE-C10A-4E37-B004-15FB0CAC49A5" + } + ] + } + ] + } + ], "references": [ { "url": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-November-2024-for-EPM-2024-and-EPM-2022", - "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75" + "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-503xx/CVE-2024-50326.json b/CVE-2024/CVE-2024-503xx/CVE-2024-50326.json index 97d04293552..a8c49ec0010 100644 --- a/CVE-2024/CVE-2024-503xx/CVE-2024-50326.json +++ b/CVE-2024/CVE-2024-503xx/CVE-2024-50326.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50326", "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "published": "2024-11-12T16:15:24.840", - "lastModified": "2024-11-13T17:01:58.603", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-18T18:15:52.253", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + }, { "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + }, { "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Secondary", @@ -51,10 +81,66 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2022", + "matchCriteriaId": "B1F6549B-CF5D-4607-B67D-5489905A1705" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:-:*:*:*:*:*:*", + "matchCriteriaId": "46580865-5177-4E55-BDAC-73DA4B472B35" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:su1:*:*:*:*:*:*", + "matchCriteriaId": "E57E12B5-B789-450C-9476-6C4C151E6993" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:su2:*:*:*:*:*:*", + "matchCriteriaId": "E47C65B3-56DD-4D65-8B4B-6AFFE28E94F2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:su3:*:*:*:*:*:*", + "matchCriteriaId": "10D6EAB7-B14B-45E9-92B9-4FADFBBB08AF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:su4:*:*:*:*:*:*", + "matchCriteriaId": "1877FB55-76BA-4714-ABB8-47258132F537" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:su5:*:*:*:*:*:*", + "matchCriteriaId": "4F9E8D45-5F12-4D45-A74E-C314FA3618A3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2024:-:*:*:*:*:*:*", + "matchCriteriaId": "6C7283FE-C10A-4E37-B004-15FB0CAC49A5" + } + ] + } + ] + } + ], "references": [ { "url": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-November-2024-for-EPM-2024-and-EPM-2022", - "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75" + "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-503xx/CVE-2024-50327.json b/CVE-2024/CVE-2024-503xx/CVE-2024-50327.json index 8f580723daa..139d4da6eb4 100644 --- a/CVE-2024/CVE-2024-503xx/CVE-2024-50327.json +++ b/CVE-2024/CVE-2024-503xx/CVE-2024-50327.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50327", "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "published": "2024-11-12T16:15:25.023", - "lastModified": "2024-11-13T17:01:58.603", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-18T18:16:26.200", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + }, { "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + }, { "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Secondary", @@ -51,10 +81,66 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2022", + "matchCriteriaId": "B1F6549B-CF5D-4607-B67D-5489905A1705" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:-:*:*:*:*:*:*", + "matchCriteriaId": "46580865-5177-4E55-BDAC-73DA4B472B35" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:su1:*:*:*:*:*:*", + "matchCriteriaId": "E57E12B5-B789-450C-9476-6C4C151E6993" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:su2:*:*:*:*:*:*", + "matchCriteriaId": "E47C65B3-56DD-4D65-8B4B-6AFFE28E94F2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:su3:*:*:*:*:*:*", + "matchCriteriaId": "10D6EAB7-B14B-45E9-92B9-4FADFBBB08AF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:su4:*:*:*:*:*:*", + "matchCriteriaId": "1877FB55-76BA-4714-ABB8-47258132F537" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:su5:*:*:*:*:*:*", + "matchCriteriaId": "4F9E8D45-5F12-4D45-A74E-C314FA3618A3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2024:-:*:*:*:*:*:*", + "matchCriteriaId": "6C7283FE-C10A-4E37-B004-15FB0CAC49A5" + } + ] + } + ] + } + ], "references": [ { "url": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-November-2024-for-EPM-2024-and-EPM-2022", - "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75" + "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-503xx/CVE-2024-50328.json b/CVE-2024/CVE-2024-503xx/CVE-2024-50328.json index 25c1610bbce..056ce8230d3 100644 --- a/CVE-2024/CVE-2024-503xx/CVE-2024-50328.json +++ b/CVE-2024/CVE-2024-503xx/CVE-2024-50328.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50328", "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "published": "2024-11-12T16:15:25.207", - "lastModified": "2024-11-13T17:01:58.603", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-18T18:08:14.730", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + }, { "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + }, { "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Secondary", @@ -51,10 +81,66 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2022", + "matchCriteriaId": "B1F6549B-CF5D-4607-B67D-5489905A1705" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:-:*:*:*:*:*:*", + "matchCriteriaId": "46580865-5177-4E55-BDAC-73DA4B472B35" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:su1:*:*:*:*:*:*", + "matchCriteriaId": "E57E12B5-B789-450C-9476-6C4C151E6993" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:su2:*:*:*:*:*:*", + "matchCriteriaId": "E47C65B3-56DD-4D65-8B4B-6AFFE28E94F2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:su3:*:*:*:*:*:*", + "matchCriteriaId": "10D6EAB7-B14B-45E9-92B9-4FADFBBB08AF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:su4:*:*:*:*:*:*", + "matchCriteriaId": "1877FB55-76BA-4714-ABB8-47258132F537" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:su5:*:*:*:*:*:*", + "matchCriteriaId": "4F9E8D45-5F12-4D45-A74E-C314FA3618A3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2024:-:*:*:*:*:*:*", + "matchCriteriaId": "6C7283FE-C10A-4E37-B004-15FB0CAC49A5" + } + ] + } + ] + } + ], "references": [ { "url": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-November-2024-for-EPM-2024-and-EPM-2022", - "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75" + "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-503xx/CVE-2024-50329.json b/CVE-2024/CVE-2024-503xx/CVE-2024-50329.json index 0923229ca3f..14737f40d2b 100644 --- a/CVE-2024/CVE-2024-503xx/CVE-2024-50329.json +++ b/CVE-2024/CVE-2024-503xx/CVE-2024-50329.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50329", "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "published": "2024-11-12T16:15:25.383", - "lastModified": "2024-11-13T17:01:58.603", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-18T18:07:25.600", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + }, { "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Secondary", @@ -51,10 +81,66 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2022", + "matchCriteriaId": "B1F6549B-CF5D-4607-B67D-5489905A1705" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:-:*:*:*:*:*:*", + "matchCriteriaId": "46580865-5177-4E55-BDAC-73DA4B472B35" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:su1:*:*:*:*:*:*", + "matchCriteriaId": "E57E12B5-B789-450C-9476-6C4C151E6993" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:su2:*:*:*:*:*:*", + "matchCriteriaId": "E47C65B3-56DD-4D65-8B4B-6AFFE28E94F2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:su3:*:*:*:*:*:*", + "matchCriteriaId": "10D6EAB7-B14B-45E9-92B9-4FADFBBB08AF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:su4:*:*:*:*:*:*", + "matchCriteriaId": "1877FB55-76BA-4714-ABB8-47258132F537" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:su5:*:*:*:*:*:*", + "matchCriteriaId": "4F9E8D45-5F12-4D45-A74E-C314FA3618A3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2024:-:*:*:*:*:*:*", + "matchCriteriaId": "6C7283FE-C10A-4E37-B004-15FB0CAC49A5" + } + ] + } + ] + } + ], "references": [ { "url": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-November-2024-for-EPM-2024-and-EPM-2022", - "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75" + "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-503xx/CVE-2024-50350.json b/CVE-2024/CVE-2024-503xx/CVE-2024-50350.json index 99c596e40ad..a589b8645e2 100644 --- a/CVE-2024/CVE-2024-503xx/CVE-2024-50350.json +++ b/CVE-2024/CVE-2024-503xx/CVE-2024-50350.json @@ -2,13 +2,17 @@ "id": "CVE-2024-50350", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T16:15:35.537", - "lastModified": "2024-11-15T16:15:35.537", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the \"Port Settings\" page allows authenticated users to inject arbitrary JavaScript through the \"name\" parameter when creating a new Port Group. This vulnerability results in the execution of malicious code when the \"Port Settings\" page is visited after the affected Port Group is added to a device, potentially compromising user sessions and allowing unauthorized actions. This vulnerability is fixed in 24.10.0." + }, + { + "lang": "es", + "value": "LibreNMS es un sistema de monitoreo de red de c\u00f3digo abierto basado en PHP/MySQL/SNMP. Una vulnerabilidad de cross site scripting (XSS) almacenado en la p\u00e1gina \"Configuraci\u00f3n de puertos\" permite a los usuarios autenticados inyectar c\u00f3digo JavaScript arbitrario a trav\u00e9s del par\u00e1metro \"nombre\" al crear un nuevo grupo de puertos. Esta vulnerabilidad da como resultado la ejecuci\u00f3n de c\u00f3digo malicioso cuando se visita la p\u00e1gina \"Configuraci\u00f3n de puertos\" despu\u00e9s de que se agrega el grupo de puertos afectado a un dispositivo, lo que potencialmente compromete las sesiones de usuario y permite acciones no autorizadas. Esta vulnerabilidad se corrigi\u00f3 en 24.10.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-503xx/CVE-2024-50351.json b/CVE-2024/CVE-2024-503xx/CVE-2024-50351.json index 7dc334a3ae6..d98ace74f90 100644 --- a/CVE-2024/CVE-2024-503xx/CVE-2024-50351.json +++ b/CVE-2024/CVE-2024-503xx/CVE-2024-50351.json @@ -2,13 +2,17 @@ "id": "CVE-2024-50351", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T16:15:35.750", - "lastModified": "2024-11-15T16:15:35.750", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Reflected Cross-Site Scripting (XSS) vulnerability in the \"section\" parameter of the \"logs\" tab of a device allows attackers to inject arbitrary JavaScript. This vulnerability results in the execution of malicious code when a user accesses the page with a malicious \"section\" parameter, potentially compromising their session and enabling unauthorized actions. The issue arises from a lack of sanitization in the \"report_this()\" function. This vulnerability is fixed in 24.10.0." + }, + { + "lang": "es", + "value": "LibreNMS es un sistema de monitoreo de red de c\u00f3digo abierto basado en PHP/MySQL/SNMP. Una vulnerabilidad de tipo cross site scripting (XSS) reflejado en el par\u00e1metro \"section\" de la pesta\u00f1a \"logs\" de un dispositivo permite a los atacantes inyectar c\u00f3digo JavaScript arbitrario. Esta vulnerabilidad da como resultado la ejecuci\u00f3n de c\u00f3digo malicioso cuando un usuario accede a la p\u00e1gina con un par\u00e1metro \"section\" malicioso, lo que potencialmente compromete su sesi\u00f3n y permite acciones no autorizadas. El problema surge de una falta de limpieza en la funci\u00f3n \"report_this()\". Esta vulnerabilidad se solucion\u00f3 en 24.10.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-503xx/CVE-2024-50352.json b/CVE-2024/CVE-2024-503xx/CVE-2024-50352.json index b6993ef3d87..92f439b2f89 100644 --- a/CVE-2024/CVE-2024-503xx/CVE-2024-50352.json +++ b/CVE-2024/CVE-2024-503xx/CVE-2024-50352.json @@ -2,13 +2,17 @@ "id": "CVE-2024-50352", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T16:15:35.960", - "lastModified": "2024-11-15T16:15:35.960", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the \"Services\" section of the Device Overview page allows authenticated users to inject arbitrary JavaScript through the \"name\" parameter when adding a service to a device. This vulnerability could result in the execution of malicious code in the context of other users' sessions, potentially compromising their accounts and enabling unauthorized actions. This vulnerability is fixed in 24.10.0." + }, + { + "lang": "es", + "value": "LibreNMS es un sistema de monitoreo de red de c\u00f3digo abierto basado en PHP/MySQL/SNMP. Una vulnerabilidad de cross site scripting (XSS) almacenado en la secci\u00f3n \"Servicios\" de la p\u00e1gina Descripci\u00f3n general del dispositivo permite a los usuarios autenticados inyectar c\u00f3digo JavaScript arbitrario a trav\u00e9s del par\u00e1metro \"nombre\" al agregar un servicio a un dispositivo. Esta vulnerabilidad podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo malicioso en el contexto de las sesiones de otros usuarios, lo que podr\u00eda comprometer sus cuentas y permitir acciones no autorizadas. Esta vulnerabilidad se solucion\u00f3 en la versi\u00f3n 24.10.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-503xx/CVE-2024-50355.json b/CVE-2024/CVE-2024-503xx/CVE-2024-50355.json index 6690d925e8d..43effdcd58f 100644 --- a/CVE-2024/CVE-2024-503xx/CVE-2024-50355.json +++ b/CVE-2024/CVE-2024-503xx/CVE-2024-50355.json @@ -2,13 +2,17 @@ "id": "CVE-2024-50355", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T16:15:36.160", - "lastModified": "2024-11-15T16:15:36.160", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. User with Admin role can edit the Display Name of a device, the application did not properly sanitize the user input in the device Display Name, if java script code is inside the name of the device Display Name, its can be trigger from different sources. This vulnerability is fixed in 24.10.0." + }, + { + "lang": "es", + "value": "LibreNMS es un sistema de monitoreo de red de c\u00f3digo abierto basado en PHP/MySQL/SNMP. El usuario con rol de administrador puede editar el nombre para mostrar de un dispositivo, la aplicaci\u00f3n no sane\u00f3 correctamente la entrada del usuario en el nombre para mostrar del dispositivo, si el c\u00f3digo de script de Java est\u00e1 dentro del nombre para mostrar del dispositivo, puede ser activado desde diferentes fuentes. Esta vulnerabilidad se corrigi\u00f3 en 24.10.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-506xx/CVE-2024-50647.json b/CVE-2024/CVE-2024-506xx/CVE-2024-50647.json index 56d7e720f18..e48fa51f75d 100644 --- a/CVE-2024/CVE-2024-506xx/CVE-2024-50647.json +++ b/CVE-2024/CVE-2024-506xx/CVE-2024-50647.json @@ -2,13 +2,17 @@ "id": "CVE-2024-50647", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T16:15:36.467", - "lastModified": "2024-11-15T16:15:36.467", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The python_food ordering system V1.0 has an unauthorized vulnerability that leads to the leakage of sensitive user information. Attackers can access it through https://ip:port/api/myapp/index/user/info?id=1 And modify the ID value to obtain sensitive user information beyond authorization." + }, + { + "lang": "es", + "value": "python_food ordering system V1.0 tiene una vulnerabilidad no autorizada que provoca la filtraci\u00f3n de informaci\u00f3n confidencial del usuario. Los atacantes pueden acceder a \u00e9l a trav\u00e9s de https://ip:port/api/myapp/index/user/info?id=1 y modificar el valor de la identificaci\u00f3n para obtener informaci\u00f3n confidencial del usuario sin autorizaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-506xx/CVE-2024-50648.json b/CVE-2024/CVE-2024-506xx/CVE-2024-50648.json index 1c18b19bb74..06e34a6fa48 100644 --- a/CVE-2024/CVE-2024-506xx/CVE-2024-50648.json +++ b/CVE-2024/CVE-2024-506xx/CVE-2024-50648.json @@ -2,13 +2,17 @@ "id": "CVE-2024-50648", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T16:15:36.547", - "lastModified": "2024-11-15T16:15:36.547", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "yshopmall V1.0 has an arbitrary file upload vulnerability, which can enable RCE or even take over the server when improperly configured to parse JSP files." + }, + { + "lang": "es", + "value": "yshopmall V1.0 tiene una vulnerabilidad de carga de archivos arbitrarios, que puede habilitar RCE o incluso tomar el control del servidor cuando est\u00e1 configurado incorrectamente para analizar archivos JSP." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-506xx/CVE-2024-50649.json b/CVE-2024/CVE-2024-506xx/CVE-2024-50649.json index e6b15a4158e..6ea28277a85 100644 --- a/CVE-2024/CVE-2024-506xx/CVE-2024-50649.json +++ b/CVE-2024/CVE-2024-506xx/CVE-2024-50649.json @@ -2,13 +2,17 @@ "id": "CVE-2024-50649", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T16:15:36.637", - "lastModified": "2024-11-15T16:15:36.637", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The user avatar upload function in python_book V1.0 has an arbitrary file upload vulnerability." + }, + { + "lang": "es", + "value": "La funci\u00f3n de carga de avatar de usuario en python_book V1.0 tiene una vulnerabilidad de carga de archivos arbitrarios." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-506xx/CVE-2024-50650.json b/CVE-2024/CVE-2024-506xx/CVE-2024-50650.json index 1a832c548f6..044d48c384f 100644 --- a/CVE-2024/CVE-2024-506xx/CVE-2024-50650.json +++ b/CVE-2024/CVE-2024-506xx/CVE-2024-50650.json @@ -2,13 +2,17 @@ "id": "CVE-2024-50650", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T16:15:36.710", - "lastModified": "2024-11-15T16:15:36.710", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "python_book V1.0 is vulnerable to Incorrect Access Control, which allows attackers to obtain sensitive information of users with different IDs by modifying the ID parameter." + }, + { + "lang": "es", + "value": "python_book V1.0 es vulnerable a un control de acceso incorrecto, que permite a los atacantes obtener informaci\u00f3n confidencial de usuarios con diferentes ID modificando el par\u00e1metro ID." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-506xx/CVE-2024-50651.json b/CVE-2024/CVE-2024-506xx/CVE-2024-50651.json index e248f554563..0e8ea3f2ffe 100644 --- a/CVE-2024/CVE-2024-506xx/CVE-2024-50651.json +++ b/CVE-2024/CVE-2024-506xx/CVE-2024-50651.json @@ -2,13 +2,17 @@ "id": "CVE-2024-50651", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T16:15:36.783", - "lastModified": "2024-11-15T16:15:36.783", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "java_shop 1.0 is vulnerable to Incorrect Access Control, which allows attackers to obtain sensitive information of users with different IDs by modifying the ID parameter." + }, + { + "lang": "es", + "value": "java_shop 1.0 es vulnerable a un control de acceso incorrecto, que permite a los atacantes obtener informaci\u00f3n confidencial de usuarios con diferentes ID modificando el par\u00e1metro ID." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-506xx/CVE-2024-50652.json b/CVE-2024/CVE-2024-506xx/CVE-2024-50652.json index 853fe1b115b..2f54ce69772 100644 --- a/CVE-2024/CVE-2024-506xx/CVE-2024-50652.json +++ b/CVE-2024/CVE-2024-506xx/CVE-2024-50652.json @@ -2,13 +2,17 @@ "id": "CVE-2024-50652", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T16:15:36.863", - "lastModified": "2024-11-15T16:15:36.863", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A file upload vulnerability in java_shop 1.0 allows attackers to upload arbitrary files by modifying the avatar function." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de carga de archivos en java_shop 1.0 permite a los atacantes cargar archivos arbitrarios modificando la funci\u00f3n de avatar." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-506xx/CVE-2024-50653.json b/CVE-2024/CVE-2024-506xx/CVE-2024-50653.json index a728b04d531..ccc342b7525 100644 --- a/CVE-2024/CVE-2024-506xx/CVE-2024-50653.json +++ b/CVE-2024/CVE-2024-506xx/CVE-2024-50653.json @@ -2,13 +2,17 @@ "id": "CVE-2024-50653", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T17:15:20.417", - "lastModified": "2024-11-15T17:15:20.417", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "CRMEB <=5.4.0 is vulnerable to Incorrect Access Control. Users can bypass the front-end restriction of only being able to claim coupons once by capturing packets and sending a large number of data packets for coupon collection, achieving unlimited coupon collection." + }, + { + "lang": "es", + "value": "CRMEB <=5.4.0 es vulnerable a un control de acceso incorrecto. Los usuarios pueden eludir la restricci\u00f3n del frontend de solo poder reclamar cupones una vez capturando paquetes y enviando una gran cantidad de paquetes de datos para la recolecci\u00f3n de cupones, logrando una recolecci\u00f3n ilimitada de cupones." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-506xx/CVE-2024-50654.json b/CVE-2024/CVE-2024-506xx/CVE-2024-50654.json index c37b5bed96e..95ad5dd179a 100644 --- a/CVE-2024/CVE-2024-506xx/CVE-2024-50654.json +++ b/CVE-2024/CVE-2024-506xx/CVE-2024-50654.json @@ -2,13 +2,17 @@ "id": "CVE-2024-50654", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T17:15:20.507", - "lastModified": "2024-11-15T17:15:20.507", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "lilishop <=4.2.4 is vulnerable to Incorrect Access Control, which can allow attackers to obtain coupons beyond the quantity limit by capturing and sending the data packets for coupon collection in high concurrency." + }, + { + "lang": "es", + "value": "lilishop <=4.2.4 es vulnerable a un control de acceso incorrecto, que puede permitir a los atacantes obtener cupones m\u00e1s all\u00e1 del l\u00edmite de cantidad al capturar y enviar los paquetes de datos para la recolecci\u00f3n de cupones en alta concurrencia." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-506xx/CVE-2024-50655.json b/CVE-2024/CVE-2024-506xx/CVE-2024-50655.json index 66a86abf824..c94b163a17f 100644 --- a/CVE-2024/CVE-2024-506xx/CVE-2024-50655.json +++ b/CVE-2024/CVE-2024-506xx/CVE-2024-50655.json @@ -2,13 +2,17 @@ "id": "CVE-2024-50655", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T17:15:20.613", - "lastModified": "2024-11-15T17:15:20.613", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "emlog pro <=2.3.18 is vulnerable to Cross Site Scripting (XSS), which allows attackers to write malicious JavaScript code in published articles." + }, + { + "lang": "es", + "value": "emlog pro <=2.3.18 es vulnerable a Cross Site Scripting (XSS), que permite a los atacantes escribir c\u00f3digo JavaScript malicioso en art\u00edculos publicados." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-507xx/CVE-2024-50724.json b/CVE-2024/CVE-2024-507xx/CVE-2024-50724.json index 7a8c30954e4..ca4071de399 100644 --- a/CVE-2024/CVE-2024-507xx/CVE-2024-50724.json +++ b/CVE-2024/CVE-2024-507xx/CVE-2024-50724.json @@ -2,13 +2,17 @@ "id": "CVE-2024-50724", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T16:15:36.943", - "lastModified": "2024-11-15T16:15:36.943", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "KASO v9.0 was discovered to contain a SQL injection vulnerability via the person_id parameter at /cardcase/editcard.jsp." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que KASO v9.0 conten\u00eda una vulnerabilidad de inyecci\u00f3n SQL a trav\u00e9s del par\u00e1metro person_id en /cardcase/editcard.jsp." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-508xx/CVE-2024-50800.json b/CVE-2024/CVE-2024-508xx/CVE-2024-50800.json index 32284abbdfe..ea0c797716e 100644 --- a/CVE-2024/CVE-2024-508xx/CVE-2024-50800.json +++ b/CVE-2024/CVE-2024-508xx/CVE-2024-50800.json @@ -2,13 +2,17 @@ "id": "CVE-2024-50800", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T18:15:28.727", - "lastModified": "2024-11-15T19:35:15.183", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cross Site Scripting vulnerability in M2000 Smart4Web before v.5.020241004 allows a remote attacker to execute arbitrary code via the error parameter in URL" + }, + { + "lang": "es", + "value": "La vulnerabilidad de cross site scripting en M2000 Smart4Web anterior a v.5.020241004 permite que un atacante remoto ejecute c\u00f3digo arbitrario a trav\u00e9s del par\u00e1metro de error en la URL" } ], "metrics": { diff --git a/CVE-2024/CVE-2024-508xx/CVE-2024-50836.json b/CVE-2024/CVE-2024-508xx/CVE-2024-50836.json index 4eab29f01ee..d1778f1863a 100644 --- a/CVE-2024/CVE-2024-508xx/CVE-2024-50836.json +++ b/CVE-2024/CVE-2024-508xx/CVE-2024-50836.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50836", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-14T17:15:07.177", - "lastModified": "2024-11-18T16:38:53.153", - "vulnStatus": "Analyzed", + "lastModified": "2024-11-18T18:35:05.817", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 1.7, "impactScore": 2.7 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-79" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] } ], "configurations": [ diff --git a/CVE-2024/CVE-2024-509xx/CVE-2024-50983.json b/CVE-2024/CVE-2024-509xx/CVE-2024-50983.json index e904980fbe6..c31c0a374a8 100644 --- a/CVE-2024/CVE-2024-509xx/CVE-2024-50983.json +++ b/CVE-2024/CVE-2024-509xx/CVE-2024-50983.json @@ -2,13 +2,17 @@ "id": "CVE-2024-50983", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T22:15:15.907", - "lastModified": "2024-11-15T22:15:15.907", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "FlightPath 7.5 contains a Cross Site Scripting (XSS) vulnerability, which allows authenticated remote attackers with administrative rights to inject arbitrary JavaScript in the web browser of a user by including a malicious payload into the Last Name section in the Create/Edit Faculty/Staff User or Create/Edit Student User sections." + }, + { + "lang": "es", + "value": "FlightPath 7.5 contiene una vulnerabilidad de cross site scripting (XSS), que permite a atacantes remotos autenticados con derechos administrativos inyectar JavaScript arbitrario en el navegador web de un usuario al incluir un payload malicioso en la secci\u00f3n Apellido en las secciones Crear/Editar usuario de personal/facultad o Crear/Editar usuario estudiante." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-509xx/CVE-2024-50986.json b/CVE-2024/CVE-2024-509xx/CVE-2024-50986.json index 34ecae57ebf..eee7b645d98 100644 --- a/CVE-2024/CVE-2024-509xx/CVE-2024-50986.json +++ b/CVE-2024/CVE-2024-509xx/CVE-2024-50986.json @@ -2,13 +2,17 @@ "id": "CVE-2024-50986", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T15:15:07.773", - "lastModified": "2024-11-15T15:15:07.773", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in Clementine v.1.3.1 allows a local attacker to execute arbitrary code via a crafted DLL file." + }, + { + "lang": "es", + "value": "Un problema en Clementine v.1.3.1 permite a un atacante local ejecutar c\u00f3digo arbitrario a trav\u00e9s de un archivo DLL manipulado espec\u00edficamente." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-50xx/CVE-2024-5030.json b/CVE-2024/CVE-2024-50xx/CVE-2024-5030.json index 0f9f94199b5..65339b2dbe2 100644 --- a/CVE-2024/CVE-2024-50xx/CVE-2024-5030.json +++ b/CVE-2024/CVE-2024-50xx/CVE-2024-5030.json @@ -2,13 +2,17 @@ "id": "CVE-2024-5030", "sourceIdentifier": "contact@wpscan.com", "published": "2024-11-18T06:15:06.593", - "lastModified": "2024-11-18T14:35:05.030", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The CM Table Of Contents WordPress plugin before 1.2.3 does not have CSRF check in place when resetting its settings, which could allow attackers to make a logged in admin perform such action via a CSRF attack" + }, + { + "lang": "es", + "value": "El complemento CM Table Of Contents de WordPress anterior a la versi\u00f3n 1.2.3 no tiene una comprobaci\u00f3n CSRF activada al restablecer su configuraci\u00f3n, lo que podr\u00eda permitir a los atacantes hacer que un administrador que haya iniciado sesi\u00f3n realice dicha acci\u00f3n a trav\u00e9s de un ataque CSRF." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-510xx/CVE-2024-51037.json b/CVE-2024/CVE-2024-510xx/CVE-2024-51037.json index 70163a5f8c5..049ec1ca9aa 100644 --- a/CVE-2024/CVE-2024-510xx/CVE-2024-51037.json +++ b/CVE-2024/CVE-2024-510xx/CVE-2024-51037.json @@ -2,13 +2,17 @@ "id": "CVE-2024-51037", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T19:15:07.803", - "lastModified": "2024-11-15T19:15:07.803", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in kodbox v.1.52.04 and before allows a remote attacker to obtain sensitive information via the captcha feature in the password reset function." + }, + { + "lang": "es", + "value": "Un problema en kodbox v.1.52.04 y anteriores permite que un atacante remoto obtenga informaci\u00f3n confidencial a trav\u00e9s de la funci\u00f3n captcha en la funci\u00f3n de restablecimiento de contrase\u00f1a." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-510xx/CVE-2024-51093.json b/CVE-2024/CVE-2024-510xx/CVE-2024-51093.json index 2a5a126be29..733dc723515 100644 --- a/CVE-2024/CVE-2024-510xx/CVE-2024-51093.json +++ b/CVE-2024/CVE-2024-510xx/CVE-2024-51093.json @@ -2,8 +2,8 @@ "id": "CVE-2024-51093", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-12T21:15:14.027", - "lastModified": "2024-11-14T22:15:19.993", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-11-18T17:34:30.303", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,11 +15,66 @@ "value": "La vulnerabilidad de Cross Site Scripting en Snipe-IT v.7.0.13 permite a un atacante remoto escalar privilegios a trav\u00e9s de una parte desconocida del archivo /users/{{user-id}}/#files. " } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 8.7, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.3, + "impactScore": 5.8 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:snipeitapp:snipe-it:7.0.13:*:*:*:*:*:*:*", + "matchCriteriaId": "F951017A-C3B3-451E-81E0-793A8C9771AF" + } + ] + } + ] + } + ], "references": [ { "url": "https://gist.githubusercontent.com/Tommywarren/ca70f1c43f4ec34dc19cd13459535780/raw/d13192ae50bc7c024b922412dfa3f530faa8d5db/CVE-2024-51093", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-511xx/CVE-2024-51141.json b/CVE-2024/CVE-2024-511xx/CVE-2024-51141.json index 6ce0a7738aa..6d6fd19abc5 100644 --- a/CVE-2024/CVE-2024-511xx/CVE-2024-51141.json +++ b/CVE-2024/CVE-2024-511xx/CVE-2024-51141.json @@ -2,13 +2,17 @@ "id": "CVE-2024-51141", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T19:15:07.893", - "lastModified": "2024-11-15T19:35:16.037", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in TOTOLINK Bluetooth Wireless Adapter A600UB allows a local attacker to execute arbitrary code via the WifiAutoInstallDriver.exe and MSASN1.dll components." + }, + { + "lang": "es", + "value": "Un problema en el adaptador inal\u00e1mbrico Bluetooth TOTOLINK A600UB permite a un atacante local ejecutar c\u00f3digo arbitrario a trav\u00e9s de los componentes WifiAutoInstallDriver.exe y MSASN1.dll." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-511xx/CVE-2024-51142.json b/CVE-2024/CVE-2024-511xx/CVE-2024-51142.json index 448dff10638..5ea109823fe 100644 --- a/CVE-2024/CVE-2024-511xx/CVE-2024-51142.json +++ b/CVE-2024/CVE-2024-511xx/CVE-2024-51142.json @@ -2,13 +2,17 @@ "id": "CVE-2024-51142", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T19:15:07.980", - "lastModified": "2024-11-15T19:35:16.907", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cross Site Scripting vulnerability in Chamilo LMS v.1.11.26 allows an attacker to execute arbitrary code via the svkey parameter of the storageapi.php file." + }, + { + "lang": "es", + "value": "La vulnerabilidad de cross site scripting en Chamilo LMS v.1.11.26 permite a un atacante ejecutar c\u00f3digo arbitrario a trav\u00e9s del par\u00e1metro svkey del archivo storageapi.php." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-511xx/CVE-2024-51156.json b/CVE-2024/CVE-2024-511xx/CVE-2024-51156.json index 39554bc5426..3193805c7af 100644 --- a/CVE-2024/CVE-2024-511xx/CVE-2024-51156.json +++ b/CVE-2024/CVE-2024-511xx/CVE-2024-51156.json @@ -2,7 +2,7 @@ "id": "CVE-2024-51156", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-14T22:15:20.100", - "lastModified": "2024-11-15T13:58:08.913", + "lastModified": "2024-11-18T18:35:06.703", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": "Se descubri\u00f3 que 07FLYCMS V1.3.9 conten\u00eda una Cross-Site Request Forgery (CSRF) a trav\u00e9s del componente 'erp.07fly.net:80/admin/SysNotifyUser/del.html?id=93'." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], "references": [ { "url": "https://github.com/SamParkerXd/cms/tree/main/1", diff --git a/CVE-2024/CVE-2024-511xx/CVE-2024-51164.json b/CVE-2024/CVE-2024-511xx/CVE-2024-51164.json index a44eca6f6ad..02b510f7cd6 100644 --- a/CVE-2024/CVE-2024-511xx/CVE-2024-51164.json +++ b/CVE-2024/CVE-2024-511xx/CVE-2024-51164.json @@ -2,13 +2,17 @@ "id": "CVE-2024-51164", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T16:15:37.057", - "lastModified": "2024-11-15T16:15:37.057", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple parameters have SQL injection vulnerability in JEPaaS 7.2.8 via /je/login/btnLog/insertBtnLog, which could allow a remote user to submit a specially crafted query, allowing an attacker to retrieve all the information stored in the DB." + }, + { + "lang": "es", + "value": "Varios par\u00e1metros tienen una vulnerabilidad de inyecci\u00f3n SQL en JEPaaS 7.2.8 a trav\u00e9s de /je/login/btnLog/insertBtnLog, lo que podr\u00eda permitir que un usuario remoto env\u00ede una consulta especialmente manipulada, permitiendo a un atacante recuperar toda la informaci\u00f3n almacenada en la base de datos." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-513xx/CVE-2024-51330.json b/CVE-2024/CVE-2024-513xx/CVE-2024-51330.json index bfae7640c1e..e8c88af125a 100644 --- a/CVE-2024/CVE-2024-513xx/CVE-2024-51330.json +++ b/CVE-2024/CVE-2024-513xx/CVE-2024-51330.json @@ -2,13 +2,17 @@ "id": "CVE-2024-51330", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T19:15:08.057", - "lastModified": "2024-11-15T19:15:08.057", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in UltiMaker Cura v.4.41 and 5.8.1 and before allows a local attacker to execute arbitrary code via Inter-process communication (IPC) mechanism between Cura application and CuraEngine processes, localhost network stack, printing settings and G-code processing and transmission components, Ultimaker 3D Printers." + }, + { + "lang": "es", + "value": "Un problema en UltiMaker Cura v.4.41 y 5.8.1 y anteriores permite a un atacante local ejecutar c\u00f3digo arbitrario a trav\u00e9s del mecanismo de comunicaci\u00f3n entre procesos (IPC) entre la aplicaci\u00f3n Cura y los procesos de CuraEngine, la pila de red del host local, las configuraciones de impresi\u00f3n y los componentes de procesamiento y transmisi\u00f3n de c\u00f3digo G, impresoras 3D Ultimaker." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-514xx/CVE-2024-51494.json b/CVE-2024/CVE-2024-514xx/CVE-2024-51494.json index beaa953e64e..fe981bbdb96 100644 --- a/CVE-2024/CVE-2024-514xx/CVE-2024-51494.json +++ b/CVE-2024/CVE-2024-514xx/CVE-2024-51494.json @@ -2,13 +2,17 @@ "id": "CVE-2024-51494", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T16:15:37.140", - "lastModified": "2024-11-15T16:15:37.140", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the \"Port Settings\" page allows authenticated users to inject arbitrary JavaScript through the \"descr\" parameter when editing a device's port settings. This vulnerability can lead to the execution of malicious code when the \"Port Settings\" page is visited, potentially compromising the user's session and allowing unauthorized actions. This vulnerability is fixed in 24.10.0." + }, + { + "lang": "es", + "value": "LibreNMS es un sistema de monitoreo de red de c\u00f3digo abierto basado en PHP/MySQL/SNMP. Una vulnerabilidad de tipo Cross-Site Scripting (XSS) Almacenado en la p\u00e1gina \"Configuraci\u00f3n de puerto\" permite a los usuarios autenticados inyectar c\u00f3digo JavaScript arbitrario a trav\u00e9s del par\u00e1metro \"descr\" al editar la configuraci\u00f3n de puerto de un dispositivo. Esta vulnerabilidad puede provocar la ejecuci\u00f3n de c\u00f3digo malicioso cuando se visita la p\u00e1gina \"Configuraci\u00f3n de puerto\", lo que puede comprometer la sesi\u00f3n del usuario y permitir acciones no autorizadas. Esta vulnerabilidad se solucion\u00f3 en la versi\u00f3n 24.10.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-514xx/CVE-2024-51495.json b/CVE-2024/CVE-2024-514xx/CVE-2024-51495.json index d692a3033e1..82acbfbe43f 100644 --- a/CVE-2024/CVE-2024-514xx/CVE-2024-51495.json +++ b/CVE-2024/CVE-2024-514xx/CVE-2024-51495.json @@ -2,13 +2,17 @@ "id": "CVE-2024-51495", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T16:15:37.343", - "lastModified": "2024-11-15T16:15:37.343", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the Device Overview page allows authenticated users to inject arbitrary JavaScript through the \"overwrite_ip\" parameter when editing a device. This vulnerability results in the execution of malicious code when the device overview page is visited, potentially compromising the accounts of other users. This vulnerability is fixed in 24.10.0." + }, + { + "lang": "es", + "value": "LibreNMS es un sistema de monitoreo de red de c\u00f3digo abierto basado en PHP/MySQL/SNMP. Una vulnerabilidad de cross site scripting (XSS) almacenado en la p\u00e1gina de descripci\u00f3n general del dispositivo permite a los usuarios autenticados inyectar c\u00f3digo JavaScript arbitrario a trav\u00e9s del par\u00e1metro \"overwrite_ip\" al editar un dispositivo. Esta vulnerabilidad da como resultado la ejecuci\u00f3n de c\u00f3digo malicioso cuando se visita la p\u00e1gina de descripci\u00f3n general del dispositivo, lo que puede comprometer las cuentas de otros usuarios. Esta vulnerabilidad se solucion\u00f3 en la versi\u00f3n 24.10.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-514xx/CVE-2024-51496.json b/CVE-2024/CVE-2024-514xx/CVE-2024-51496.json index 315727344d9..f1b5f8da849 100644 --- a/CVE-2024/CVE-2024-514xx/CVE-2024-51496.json +++ b/CVE-2024/CVE-2024-514xx/CVE-2024-51496.json @@ -2,13 +2,17 @@ "id": "CVE-2024-51496", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T16:15:37.553", - "lastModified": "2024-11-15T16:15:37.553", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Reflected Cross-Site Scripting (XSS) vulnerability in the \"metric\" parameter of the \"/wireless\" and \"/health\" endpoints allows attackers to inject arbitrary JavaScript. This vulnerability results in the execution of malicious code when a user accesses the page with a malicious \"metric\" parameter, potentially compromising their session and allowing unauthorized actions. This vulnerability is fixed in 24.10.0." + }, + { + "lang": "es", + "value": "LibreNMS es un sistema de monitoreo de red de c\u00f3digo abierto basado en PHP/MySQL/SNMP. Una vulnerabilidad de tipo cross site scripting (XSS) reflejado en el par\u00e1metro \"metric\" de los endpoints \"/wireless\" y \"/health\" permite a los atacantes inyectar c\u00f3digo JavaScript arbitrario. Esta vulnerabilidad da como resultado la ejecuci\u00f3n de c\u00f3digo malicioso cuando un usuario accede a la p\u00e1gina con un par\u00e1metro \"metric\" malicioso, lo que potencialmente compromete su sesi\u00f3n y permite acciones no autorizadas. Esta vulnerabilidad se corrigi\u00f3 en 24.10.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-514xx/CVE-2024-51497.json b/CVE-2024/CVE-2024-514xx/CVE-2024-51497.json index e2281a958b6..712bb219f06 100644 --- a/CVE-2024/CVE-2024-514xx/CVE-2024-51497.json +++ b/CVE-2024/CVE-2024-514xx/CVE-2024-51497.json @@ -2,13 +2,17 @@ "id": "CVE-2024-51497", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T16:15:37.770", - "lastModified": "2024-11-15T16:15:37.770", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the \"Custom OID\" tab of a device allows authenticated users to inject arbitrary JavaScript through the \"unit\" parameter when creating a new OID. This vulnerability can lead to the execution of malicious code in the context of other users' sessions, compromising their accounts and enabling unauthorized actions. This vulnerability is fixed in 24.10.0." + }, + { + "lang": "es", + "value": "LibreNMS es un sistema de monitoreo de red de c\u00f3digo abierto basado en PHP/MySQL/SNMP. Una vulnerabilidad de cross site scripting (XSS) almacenado en la pesta\u00f1a \"OID personalizado\" de un dispositivo permite a los usuarios autenticados inyectar c\u00f3digo JavaScript arbitrario a trav\u00e9s del par\u00e1metro \"unidad\" al crear un nuevo OID. Esta vulnerabilidad puede provocar la ejecuci\u00f3n de c\u00f3digo malicioso en el contexto de las sesiones de otros usuarios, comprometiendo sus cuentas y permitiendo acciones no autorizadas. Esta vulnerabilidad se solucion\u00f3 en la versi\u00f3n 24.10.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-517xx/CVE-2024-51764.json b/CVE-2024/CVE-2024-517xx/CVE-2024-51764.json index cc0f9db1a92..b8cea80010e 100644 --- a/CVE-2024/CVE-2024-517xx/CVE-2024-51764.json +++ b/CVE-2024/CVE-2024-517xx/CVE-2024-51764.json @@ -2,13 +2,17 @@ "id": "CVE-2024-51764", "sourceIdentifier": "security-alert@hpe.com", "published": "2024-11-15T22:15:16.017", - "lastModified": "2024-11-15T22:15:16.017", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A security vulnerability has been identified in HPE Data Management Framework (DMF) Suite (CXFS). Depending on configuration, this vulnerability may lead to local/cluster unauthorized access." + }, + { + "lang": "es", + "value": "Se ha identificado una vulnerabilidad de seguridad en HPE Data Management Framework (DMF) Suite (CXFS). Seg\u00fan la configuraci\u00f3n, esta vulnerabilidad puede provocar un acceso no autorizado a nivel local o de cl\u00faster." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-517xx/CVE-2024-51765.json b/CVE-2024/CVE-2024-517xx/CVE-2024-51765.json index 95cc66329da..cf7d3999d36 100644 --- a/CVE-2024/CVE-2024-517xx/CVE-2024-51765.json +++ b/CVE-2024/CVE-2024-517xx/CVE-2024-51765.json @@ -2,13 +2,17 @@ "id": "CVE-2024-51765", "sourceIdentifier": "security-alert@hpe.com", "published": "2024-11-15T22:15:16.090", - "lastModified": "2024-11-15T22:15:16.090", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A security vulnerability has been identified in HPE Cray Data Virtualization Service (DVS). Depending on configuration, this vulnerability may lead to local/cluster unauthorized access." + }, + { + "lang": "es", + "value": "Se ha identificado una vulnerabilidad de seguridad en HPE Cray Data Virtualization Service (DVS). Seg\u00fan la configuraci\u00f3n, esta vulnerabilidad puede provocar un acceso no autorizado a nivel local o de cl\u00faster." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-522xx/CVE-2024-52298.json b/CVE-2024/CVE-2024-522xx/CVE-2024-52298.json index f4003cefd9b..5e6f2565c67 100644 --- a/CVE-2024/CVE-2024-522xx/CVE-2024-52298.json +++ b/CVE-2024/CVE-2024-522xx/CVE-2024-52298.json @@ -2,8 +2,8 @@ "id": "CVE-2024-52298", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-13T16:15:19.713", - "lastModified": "2024-11-13T17:01:16.850", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-11-18T17:29:27.170", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -41,8 +61,18 @@ }, "weaknesses": [ { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, + { + "source": "security-advisories@github.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +81,33 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:pdf_viewer_macro:*:*:*:*:pro:*:*:*", + "versionEndExcluding": "2.5.6", + "matchCriteriaId": "75E88265-41BB-488A-9003-7F7D65FF38F0" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/xwikisas/macro-pdfviewer/security/advisories/GHSA-hph4-7j37-7c97", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Mitigation", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-522xx/CVE-2024-52299.json b/CVE-2024/CVE-2024-522xx/CVE-2024-52299.json index 0624923a32d..d5b24e1f1a8 100644 --- a/CVE-2024/CVE-2024-522xx/CVE-2024-52299.json +++ b/CVE-2024/CVE-2024-522xx/CVE-2024-52299.json @@ -2,8 +2,8 @@ "id": "CVE-2024-52299", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-13T16:15:19.990", - "lastModified": "2024-11-13T17:01:16.850", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-11-18T17:29:37.337", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -41,8 +61,18 @@ }, "weaknesses": [ { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, + { + "source": "security-advisories@github.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +81,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:pdf_viewer_macro:*:*:*:*:pro:*:*:*", + "versionEndExcluding": "2.5.6", + "matchCriteriaId": "75E88265-41BB-488A-9003-7F7D65FF38F0" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/xwikisas/macro-pdfviewer/security/advisories/GHSA-522m-m242-jr9p", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-523xx/CVE-2024-52300.json b/CVE-2024/CVE-2024-523xx/CVE-2024-52300.json index 392d3d164e3..9b8fce1b443 100644 --- a/CVE-2024/CVE-2024-523xx/CVE-2024-52300.json +++ b/CVE-2024/CVE-2024-523xx/CVE-2024-52300.json @@ -2,8 +2,8 @@ "id": "CVE-2024-52300", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-13T16:15:20.240", - "lastModified": "2024-11-13T17:01:16.850", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-11-18T17:29:46.807", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.0, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 2.3, + "impactScore": 6.0 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -41,8 +61,18 @@ }, "weaknesses": [ { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, + { + "source": "security-advisories@github.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +81,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:pdf_viewer_macro:*:*:*:*:pro:*:*:*", + "versionEndExcluding": "2.5.6", + "matchCriteriaId": "75E88265-41BB-488A-9003-7F7D65FF38F0" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/xwikisas/macro-pdfviewer/security/advisories/GHSA-84wx-6vfp-5m6g", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-523xx/CVE-2024-52316.json b/CVE-2024/CVE-2024-523xx/CVE-2024-52316.json index 5e688310e0c..ef2c4a161e9 100644 --- a/CVE-2024/CVE-2024-523xx/CVE-2024-52316.json +++ b/CVE-2024/CVE-2024-523xx/CVE-2024-52316.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52316", "sourceIdentifier": "security@apache.org", "published": "2024-11-18T12:15:18.600", - "lastModified": "2024-11-18T15:35:14.030", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unchecked Error Condition vulnerability in Apache Tomcat. If Tomcat is configured to use a custom Jakarta Authentication (formerly JASPIC)\u00a0ServerAuthContext component which may throw an exception during the authentication process without explicitly setting an HTTP status to indicate failure, the authentication may not fail, allowing the user to bypass the authentication process. There are no known Jakarta\u00a0Authentication components that behave in this way.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M26, from 10.1.0-M1 through 10.1.30, from 9.0.0-M1 through 9.0.95.\n\nUsers are recommended to upgrade to version 11.0.0, 10.1.31 or 9.0.96, which fix the issue." + }, + { + "lang": "es", + "value": "Vulnerabilidad de condici\u00f3n de error no comprobada en Apache Tomcat. Si Tomcat est\u00e1 configurado para utilizar un componente ServerAuthContext de autenticaci\u00f3n de Jakarta (anteriormente JASPIC) personalizado que puede generar una excepci\u00f3n durante el proceso de autenticaci\u00f3n sin establecer expl\u00edcitamente un estado HTTP para indicar un error, la autenticaci\u00f3n puede no fallar, lo que permite al usuario omitir el proceso de autenticaci\u00f3n. No se conocen componentes de autenticaci\u00f3n de Jakarta que se comporten de esta manera. Este problema afecta a Apache Tomcat: desde 11.0.0-M1 hasta 11.0.0-M26, desde 10.1.0-M1 hasta 10.1.30, desde 9.0.0-M1 hasta 9.0.95. Se recomienda a los usuarios que actualicen a la versi\u00f3n 11.0.0, 10.1.31 o 9.0.96, que solucionan el problema." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-523xx/CVE-2024-52317.json b/CVE-2024/CVE-2024-523xx/CVE-2024-52317.json index 9aedf058707..bc93dd2a130 100644 --- a/CVE-2024/CVE-2024-523xx/CVE-2024-52317.json +++ b/CVE-2024/CVE-2024-523xx/CVE-2024-52317.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52317", "sourceIdentifier": "security@apache.org", "published": "2024-11-18T12:15:18.727", - "lastModified": "2024-11-18T15:35:14.303", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Incorrect object re-cycling and re-use vulnerability in Apache Tomcat.\u00a0Incorrect recycling of the request and response used by HTTP/2 requests \ncould lead to request and/or response mix-up between users.\n\nThis issue affects Apache Tomcat: from 11.0.0-M23 through 11.0.0-M26, from 10.1.27 through 10.1.30, from 9.0.92 through 9.0.95.\n\nUsers are recommended to upgrade to version 11.0.0, 10.1.31 or 9.0.96, which fixes the issue." + }, + { + "lang": "es", + "value": "Vulnerabilidad de reutilizaci\u00f3n y reciclaje incorrecto de objetos en Apache Tomcat. El reciclaje incorrecto de la solicitud y la respuesta utilizadas por las solicitudes HTTP/2 podr\u00eda provocar una confusi\u00f3n de solicitudes y/o respuestas entre usuarios. Este problema afecta a Apache Tomcat: desde 11.0.0-M23 hasta 11.0.0-M26, desde 10.1.27 hasta 10.1.30, desde 9.0.92 hasta 9.0.95. Se recomienda a los usuarios que actualicen a la versi\u00f3n 11.0.0, 10.1.31 o 9.0.96, que soluciona el problema." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-523xx/CVE-2024-52318.json b/CVE-2024/CVE-2024-523xx/CVE-2024-52318.json index 3b1214a537b..3b8d399d5f2 100644 --- a/CVE-2024/CVE-2024-523xx/CVE-2024-52318.json +++ b/CVE-2024/CVE-2024-523xx/CVE-2024-52318.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52318", "sourceIdentifier": "security@apache.org", "published": "2024-11-18T13:15:04.490", - "lastModified": "2024-11-18T15:35:15.203", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Incorrect object recycling and reuse vulnerability in Apache Tomcat.\n\nThis issue affects Apache Tomcat: 11.0.0, 10.1.31, 9.0.96.\n\nUsers are recommended to upgrade to version 11.0.1, 10.1.32 or 9.0.97, which fixes the issue." + }, + { + "lang": "es", + "value": "Vulnerabilidad de reutilizaci\u00f3n y reciclaje incorrecto de objetos en Apache Tomcat. Este problema afecta a Apache Tomcat: 11.0.0, 10.1.31, 9.0.96. Se recomienda a los usuarios que actualicen a la versi\u00f3n 11.0.1, 10.1.32 o 9.0.97, que soluciona el problema." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-523xx/CVE-2024-52386.json b/CVE-2024/CVE-2024-523xx/CVE-2024-52386.json index 98860149c5a..a234bb99fe3 100644 --- a/CVE-2024/CVE-2024-523xx/CVE-2024-52386.json +++ b/CVE-2024/CVE-2024-523xx/CVE-2024-52386.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52386", "sourceIdentifier": "audit@patchstack.com", "published": "2024-11-16T22:15:03.793", - "lastModified": "2024-11-16T22:15:03.793", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Business Directory Team by RadiusTheme Classified Listing classified-listing allows PHP Local File Inclusion.This issue affects Classified Listing: from n/a through 3.1.15.1." + }, + { + "lang": "es", + "value": "Vulnerabilidad de control inadecuado del nombre de archivo para la declaraci\u00f3n Include/Require en el programa PHP ('Inclusi\u00f3n de archivo remoto PHP') en Business Directory Team de RadiusTheme Classified Listing classified-listing permite la inclusi\u00f3n de archivos locales PHP. Este problema afecta a Classified Listing: desde n/a hasta 3.1.15.1." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-523xx/CVE-2024-52397.json b/CVE-2024/CVE-2024-523xx/CVE-2024-52397.json index aebed6afff4..8a9c9726666 100644 --- a/CVE-2024/CVE-2024-523xx/CVE-2024-52397.json +++ b/CVE-2024/CVE-2024-523xx/CVE-2024-52397.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52397", "sourceIdentifier": "audit@patchstack.com", "published": "2024-11-16T23:15:04.007", - "lastModified": "2024-11-16T23:15:04.007", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unrestricted Upload of File with Dangerous Type vulnerability in Davor Zeljkovic Convert Docx2post allows Upload a Web Shell to a Web Server.This issue affects Convert Docx2post: from n/a through 1.4." + }, + { + "lang": "es", + "value": "La vulnerabilidad de carga sin restricciones de archivos con tipo peligroso en Convert Docx2post de Davor Zeljkovic permite cargar un shell web a un servidor web. Este problema afecta a Convert Docx2post: desde n/a hasta 1.4." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-523xx/CVE-2024-52398.json b/CVE-2024/CVE-2024-523xx/CVE-2024-52398.json index c898bbc6a23..d3925660f98 100644 --- a/CVE-2024/CVE-2024-523xx/CVE-2024-52398.json +++ b/CVE-2024/CVE-2024-523xx/CVE-2024-52398.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52398", "sourceIdentifier": "audit@patchstack.com", "published": "2024-11-16T22:15:04.640", - "lastModified": "2024-11-16T22:15:04.640", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unrestricted Upload of File with Dangerous Type vulnerability in Halyra CDI.This issue affects CDI: from n/a through 5.5.3." + }, + { + "lang": "es", + "value": "Vulnerabilidad de carga sin restricciones de archivos con tipo peligroso en Halyra CDI. Este problema afecta a CDI: desde n/a hasta 5.5.3." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-523xx/CVE-2024-52399.json b/CVE-2024/CVE-2024-523xx/CVE-2024-52399.json index f7141aae93e..c709205f313 100644 --- a/CVE-2024/CVE-2024-523xx/CVE-2024-52399.json +++ b/CVE-2024/CVE-2024-523xx/CVE-2024-52399.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52399", "sourceIdentifier": "audit@patchstack.com", "published": "2024-11-16T22:15:04.917", - "lastModified": "2024-11-16T22:15:04.917", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unrestricted Upload of File with Dangerous Type vulnerability in Clarisse K. Writer Helper allows Upload a Web Shell to a Web Server.This issue affects Writer Helper: from n/a through 3.1.6." + }, + { + "lang": "es", + "value": "Vulnerabilidad de carga sin restricciones de archivos con tipos peligrosos en Clarisse K. Writer Helper permite cargar un shell web a un servidor web. Este problema afecta a Writer Helper: desde n/a hasta 3.1.6." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52400.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52400.json index 19fee41f009..0881eb3d696 100644 --- a/CVE-2024/CVE-2024-524xx/CVE-2024-52400.json +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52400.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52400", "sourceIdentifier": "audit@patchstack.com", "published": "2024-11-16T22:15:05.157", - "lastModified": "2024-11-16T22:15:05.157", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unrestricted Upload of File with Dangerous Type vulnerability in Subhasis Laha Gallerio allows Upload a Web Shell to a Web Server.This issue affects Gallerio: from n/a through 1.01." + }, + { + "lang": "es", + "value": "La vulnerabilidad de carga sin restricciones de archivos con tipos peligrosos en Subhasis Laha Gallerio permite cargar un shell web a un servidor web. Este problema afecta a Gallerio: desde n/a hasta 1.01." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52403.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52403.json index 341b64951e0..cab7f6657c6 100644 --- a/CVE-2024/CVE-2024-524xx/CVE-2024-52403.json +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52403.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52403", "sourceIdentifier": "audit@patchstack.com", "published": "2024-11-16T22:15:05.380", - "lastModified": "2024-11-16T22:15:05.380", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unrestricted Upload of File with Dangerous Type vulnerability in WPExperts User Management allows Upload a Web Shell to a Web Server.This issue affects User Management: from n/a through 1.1." + }, + { + "lang": "es", + "value": "La vulnerabilidad de carga sin restricciones de archivos con tipos peligrosos en WPExperts User Management permite cargar un shell web a un servidor web. Este problema afecta a User Management: desde n/a hasta 1.1." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52404.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52404.json index 49913c24a28..5313695bc98 100644 --- a/CVE-2024/CVE-2024-524xx/CVE-2024-52404.json +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52404.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52404", "sourceIdentifier": "audit@patchstack.com", "published": "2024-11-16T22:15:05.587", - "lastModified": "2024-11-16T22:15:05.587", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unrestricted Upload of File with Dangerous Type vulnerability in Bigfive CF7 Reply Manager.This issue affects CF7 Reply Manager: from n/a through 1.2.3." + }, + { + "lang": "es", + "value": "Vulnerabilidad de carga sin restricciones de archivos con tipo peligroso en Bigfive CF7 Reply Manager. Este problema afecta a CF7 Reply Manager: desde n/a hasta 1.2.3." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52405.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52405.json index f57843c488c..8f40e4e6eec 100644 --- a/CVE-2024/CVE-2024-524xx/CVE-2024-52405.json +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52405.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52405", "sourceIdentifier": "audit@patchstack.com", "published": "2024-11-16T22:15:05.800", - "lastModified": "2024-11-16T22:15:05.800", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unrestricted Upload of File with Dangerous Type vulnerability in Bikram Joshi B-Banner Slider allows Upload a Web Shell to a Web Server.This issue affects B-Banner Slider: from n/a through 1.1." + }, + { + "lang": "es", + "value": "La vulnerabilidad de carga sin restricciones de archivos con tipo peligroso en Bikram Joshi B-Banner Slider permite cargar un shell web a un servidor web. Este problema afecta a B-Banner Slider: desde n/a hasta 1.1." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52406.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52406.json index 9c2c2eab730..858e4a9f725 100644 --- a/CVE-2024/CVE-2024-524xx/CVE-2024-52406.json +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52406.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52406", "sourceIdentifier": "audit@patchstack.com", "published": "2024-11-16T22:15:06.010", - "lastModified": "2024-11-16T22:15:06.010", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unrestricted Upload of File with Dangerous Type vulnerability in Wibergs Web CSV to html allows Upload a Web Shell to a Web Server.This issue affects CSV to html: from n/a through 3.04." + }, + { + "lang": "es", + "value": "La vulnerabilidad de carga sin restricciones de archivos con tipo peligroso en Wibergs Web CSV a HTML permite cargar un shell web a un servidor web. Este problema afecta a CSV a HTML: desde n/a hasta 3.04." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52407.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52407.json index ccb8fc4fb88..1b21eb23417 100644 --- a/CVE-2024/CVE-2024-524xx/CVE-2024-52407.json +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52407.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52407", "sourceIdentifier": "audit@patchstack.com", "published": "2024-11-16T22:15:06.230", - "lastModified": "2024-11-16T22:15:06.230", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unrestricted Upload of File with Dangerous Type vulnerability in codeSavory BasePress Migration Tools allows Upload a Web Shell to a Web Server.This issue affects BasePress Migration Tools: from n/a through 1.0.0." + }, + { + "lang": "es", + "value": "Vulnerabilidad de carga sin restricciones de archivos con tipo peligroso en codeSavory BasePress Migration Tools permite cargar un shell web a un servidor web. Este problema afecta a BasePress Migration Tools: desde n/a hasta 1.0.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52408.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52408.json index 52b99458853..d4837cb5306 100644 --- a/CVE-2024/CVE-2024-524xx/CVE-2024-52408.json +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52408.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52408", "sourceIdentifier": "audit@patchstack.com", "published": "2024-11-16T22:15:06.453", - "lastModified": "2024-11-16T22:15:06.453", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unrestricted Upload of File with Dangerous Type vulnerability in Team PushAssist Push Notifications for WordPress by PushAssist allows Upload a Web Shell to a Web Server.This issue affects Push Notifications for WordPress by PushAssist: from n/a through 3.0.8." + }, + { + "lang": "es", + "value": "Vulnerabilidad de carga sin restricciones de archivos con tipo peligroso en Team PushAssist Push Notifications for WordPress de PushAssist permite cargar un Web Shell a un servidor web. Este problema afecta a Push Notifications for WordPress de PushAssist: desde n/a hasta 3.0.8." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52409.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52409.json index 27d63b1e09d..457fa6966a9 100644 --- a/CVE-2024/CVE-2024-524xx/CVE-2024-52409.json +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52409.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52409", "sourceIdentifier": "audit@patchstack.com", "published": "2024-11-16T22:15:06.653", - "lastModified": "2024-11-16T22:15:06.653", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Deserialization of Untrusted Data vulnerability in Phan An AJAX Random Posts allows Object Injection.This issue affects AJAX Random Posts: from n/a through 0.3.3." + }, + { + "lang": "es", + "value": "La vulnerabilidad de deserializaci\u00f3n de datos no confiables en Phan An AJAX Random Posts permite la inyecci\u00f3n de objetos. Este problema afecta a AJAX Random Posts: desde n/a hasta 0.3.3." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52410.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52410.json index a60245c6c0b..c810e53f5fe 100644 --- a/CVE-2024/CVE-2024-524xx/CVE-2024-52410.json +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52410.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52410", "sourceIdentifier": "audit@patchstack.com", "published": "2024-11-16T22:15:06.877", - "lastModified": "2024-11-16T22:15:06.877", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Deserialization of Untrusted Data vulnerability in Phoenixheart Referrer Detector allows Object Injection.This issue affects Referrer Detector: from n/a through 4.2.1.0." + }, + { + "lang": "es", + "value": "La vulnerabilidad de deserializaci\u00f3n de datos no confiables en Phoenixheart Referrer Detector permite la inyecci\u00f3n de objetos. Este problema afecta a Referrer Detector: desde n/a hasta 4.2.1.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52411.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52411.json index e6e99767f28..c42fc22b3e7 100644 --- a/CVE-2024/CVE-2024-524xx/CVE-2024-52411.json +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52411.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52411", "sourceIdentifier": "audit@patchstack.com", "published": "2024-11-16T22:15:07.080", - "lastModified": "2024-11-16T22:15:07.080", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Deserialization of Untrusted Data vulnerability in Flowcraft UX Design Studio Advanced Personalization allows Object Injection.This issue affects Advanced Personalization: from n/a through 1.1.2." + }, + { + "lang": "es", + "value": "La vulnerabilidad de deserializaci\u00f3n de datos no confiables en Flowcraft UX Design Studio Advanced Personality permite la inyecci\u00f3n de objetos. Este problema afecta a Advanced Personality: desde n/a hasta 1.1.2." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52412.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52412.json index 374f38f4bfc..94aeabac9b8 100644 --- a/CVE-2024/CVE-2024-524xx/CVE-2024-52412.json +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52412.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52412", "sourceIdentifier": "audit@patchstack.com", "published": "2024-11-16T22:15:07.293", - "lastModified": "2024-11-16T22:15:07.293", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Deserialization of Untrusted Data vulnerability in Stephen Cui Xin allows Object Injection.This issue affects Xin: from n/a through 1.0.8.1." + }, + { + "lang": "es", + "value": "La vulnerabilidad de deserializaci\u00f3n de datos no confiables en Stephen Cui Xin permite la inyecci\u00f3n de objetos. Este problema afecta a Xin: desde n/a hasta 1.0.8.1." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52413.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52413.json index e4db1fc7d8b..655f75cb3c2 100644 --- a/CVE-2024/CVE-2024-524xx/CVE-2024-52413.json +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52413.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52413", "sourceIdentifier": "audit@patchstack.com", "published": "2024-11-16T22:15:07.510", - "lastModified": "2024-11-16T22:15:07.510", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Deserialization of Untrusted Data vulnerability in DMC Airin Blog allows Object Injection.This issue affects Airin Blog: from n/a through 1.6.1." + }, + { + "lang": "es", + "value": "La vulnerabilidad de deserializaci\u00f3n de datos no confiables en DMC Airin Blog permite la inyecci\u00f3n de objetos. Este problema afecta a Airin Blog: desde n/a hasta 1.6.1." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52414.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52414.json index 480b9cc9d4d..bac6e9b11b7 100644 --- a/CVE-2024/CVE-2024-524xx/CVE-2024-52414.json +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52414.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52414", "sourceIdentifier": "audit@patchstack.com", "published": "2024-11-16T22:15:07.730", - "lastModified": "2024-11-16T22:15:07.730", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Deserialization of Untrusted Data vulnerability in Anthony Carbon WDES Responsive Mobile Menu allows Object Injection.This issue affects WDES Responsive Mobile Menu: from n/a through 5.3.18." + }, + { + "lang": "es", + "value": "La vulnerabilidad de deserializaci\u00f3n de datos no confiables en Anthony Carbon WDES Responsive Mobile Menu permite la inyecci\u00f3n de objetos. Este problema afecta al men\u00fa m\u00f3vil adaptable WDES: desde n/a hasta 5.3.18." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52415.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52415.json index 61f1b6e4d4e..f9ce8685ebb 100644 --- a/CVE-2024/CVE-2024-524xx/CVE-2024-52415.json +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52415.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52415", "sourceIdentifier": "audit@patchstack.com", "published": "2024-11-16T22:15:07.943", - "lastModified": "2024-11-16T22:15:07.943", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cross-Site Request Forgery (CSRF) vulnerability in Skpstorm SK WP Settings Backup allows Object Injection.This issue affects SK WP Settings Backup: from n/a through 1.0." + }, + { + "lang": "es", + "value": "La vulnerabilidad de Cross-Site Request Forgery (CSRF) en Skpstorm SK WP Settings Backup permite la inyecci\u00f3n de objetos. Este problema afecta a SK WP Settings Backup: desde n/a hasta 1.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52416.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52416.json index 62e289d608a..32c9dadf18b 100644 --- a/CVE-2024/CVE-2024-524xx/CVE-2024-52416.json +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52416.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52416", "sourceIdentifier": "audit@patchstack.com", "published": "2024-11-16T22:15:08.160", - "lastModified": "2024-11-16T22:15:08.160", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Missing Authorization vulnerability in Eugen Bobrowski Debug Tool allows Upload a Web Shell to a Web Server.This issue affects Debug Tool: from n/a through 2.2." + }, + { + "lang": "es", + "value": "La vulnerabilidad de autorizaci\u00f3n faltante en Eugen Bobrowski Debug Tool permite cargar un shell web a un servidor web. Este problema afecta a la herramienta de depuraci\u00f3n: desde n/a hasta 2.2." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52419.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52419.json index 37f44e2b50e..3c92cf214bb 100644 --- a/CVE-2024/CVE-2024-524xx/CVE-2024-52419.json +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52419.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52419", "sourceIdentifier": "audit@patchstack.com", "published": "2024-11-18T16:15:25.687", - "lastModified": "2024-11-18T16:15:25.687", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Clipboard Team Copy Anything to Clipboard allows Stored XSS.This issue affects Copy Anything to Clipboard: from n/a through 4.0.3." + }, + { + "lang": "es", + "value": "Vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web (XSS o 'Cross-site Scripting') en Clipboard Team Copy Anything to Clipboard permite XSS almacenado. Este problema afecta a Copy Anything to Clipboard: desde n/a hasta 4.0.3." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52422.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52422.json index db35d274e10..cb0d9e445f0 100644 --- a/CVE-2024/CVE-2024-524xx/CVE-2024-52422.json +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52422.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52422", "sourceIdentifier": "audit@patchstack.com", "published": "2024-11-18T16:15:25.933", - "lastModified": "2024-11-18T16:15:25.933", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Terry Lin WP Githuber MD allows Stored XSS.This issue affects WP Githuber MD: from n/a through 1.16.3." + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web (XSS o 'Cross-site Scripting') en Terry Lin WP Githuber MD permite XSS almacenado. Este problema afecta a WP Githuber MD: desde n/a hasta 1.16.3." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52423.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52423.json index 326fb8b1521..e9513ce4155 100644 --- a/CVE-2024/CVE-2024-524xx/CVE-2024-52423.json +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52423.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52423", "sourceIdentifier": "audit@patchstack.com", "published": "2024-11-18T16:15:26.160", - "lastModified": "2024-11-18T16:15:26.160", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themify Themify Builder allows Stored XSS.This issue affects Themify Builder: from n/a through 7.6.3." + }, + { + "lang": "es", + "value": "Vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web (XSS o 'Cross-site Scripting') en Themify Themify Builder permite XSS almacenado. Este problema afecta a Themify Builder: desde n/a hasta 7.6.3." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52424.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52424.json index 1a974bd6a77..b4956a80c6b 100644 --- a/CVE-2024/CVE-2024-524xx/CVE-2024-52424.json +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52424.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52424", "sourceIdentifier": "audit@patchstack.com", "published": "2024-11-18T16:15:26.380", - "lastModified": "2024-11-18T16:15:26.380", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cross-Site Request Forgery (CSRF) vulnerability in Suresh Kumar wp-login customizer allows Stored XSS.This issue affects wp-login customizer: from n/a through 1.0." + }, + { + "lang": "es", + "value": "La vulnerabilidad de Cross-Site Request Forgery (CSRF) en Suresh Kumar wp-login customizer permite XSS almacenado. Este problema afecta al personalizador wp-login: desde n/a hasta 1.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52425.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52425.json index 37f1c7c2c9a..969319828f2 100644 --- a/CVE-2024/CVE-2024-524xx/CVE-2024-52425.json +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52425.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52425", "sourceIdentifier": "audit@patchstack.com", "published": "2024-11-18T16:15:26.600", - "lastModified": "2024-11-18T16:15:26.600", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Urchenko Drozd \u2013 Addons for Elementor allows Stored XSS.This issue affects Drozd \u2013 Addons for Elementor: from n/a through 1.1.1." + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web (XSS o 'Cross-site Scripting') en Urchenko Drozd \u2013 Addons for Elementor permite XSS almacenado. Este problema afecta a Drozd \u2013 Addons for Elementor: desde n/a hasta 1.1.1." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52426.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52426.json index 1403504b38b..5a85207a469 100644 --- a/CVE-2024/CVE-2024-524xx/CVE-2024-52426.json +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52426.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52426", "sourceIdentifier": "audit@patchstack.com", "published": "2024-11-18T16:15:26.830", - "lastModified": "2024-11-18T16:15:26.830", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Linear Oy Linear linear allows DOM-Based XSS.This issue affects Linear: from n/a through 2.7.11." + }, + { + "lang": "es", + "value": "Vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web (XSS o 'Cross-site Scripting') en Linear Oy Linear permite XSS basado en DOM. Este problema afecta a Linear: desde n/a hasta 2.7.11." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52427.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52427.json index 113df36f54d..016262c27e8 100644 --- a/CVE-2024/CVE-2024-524xx/CVE-2024-52427.json +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52427.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52427", "sourceIdentifier": "audit@patchstack.com", "published": "2024-11-18T15:15:06.657", - "lastModified": "2024-11-18T15:15:06.657", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Saso Nikolov Event Tickets with Ticket Scanner allows Server Side Include (SSI) Injection.This issue affects Event Tickets with Ticket Scanner: from n/a through 2.3.11." + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de elementos especiales utilizados en un motor de plantillas en Saso Nikolov Event Tickets con Ticket Scanner permite la inyecci\u00f3n de Server Side Include (SSI). Este problema afecta a Event Tickets con Ticket Scanner: desde n/a hasta 2.3.11." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52428.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52428.json index fe817746229..783e70d2ac1 100644 --- a/CVE-2024/CVE-2024-524xx/CVE-2024-52428.json +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52428.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52428", "sourceIdentifier": "audit@patchstack.com", "published": "2024-11-18T15:15:06.923", - "lastModified": "2024-11-18T15:15:06.923", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Scripteo Ads Booster by Ads Pro allows PHP Local File Inclusion.This issue affects Ads Booster by Ads Pro: from n/a through 1.12." + }, + { + "lang": "es", + "value": "La vulnerabilidad de control inadecuado del nombre de archivo para la declaraci\u00f3n Include/Require en el programa PHP ('Inclusi\u00f3n de archivo remoto PHP') en Scripteo Ads Booster de Ads Pro permite la inclusi\u00f3n de archivos locales PHP. Este problema afecta a Ads Booster de Ads Pro: desde n/a hasta 1.12." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52429.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52429.json index 3b28698a68d..3cf32c0ec65 100644 --- a/CVE-2024/CVE-2024-524xx/CVE-2024-52429.json +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52429.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52429", "sourceIdentifier": "audit@patchstack.com", "published": "2024-11-18T15:15:07.277", - "lastModified": "2024-11-18T15:15:07.277", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unrestricted Upload of File with Dangerous Type vulnerability in Anton Hoelstad WP Quick Setup allows Upload a Web Shell to a Web Server.This issue affects WP Quick Setup: from n/a through 2.0." + }, + { + "lang": "es", + "value": "La vulnerabilidad de carga sin restricciones de archivos con tipo peligroso en Anton Hoelstad WP Quick Setup permite cargar un shell web a un servidor web. Este problema afecta a WP Quick Setup: desde n/a hasta 2.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52430.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52430.json index 6f2b95cf5df..003fa1dd1d6 100644 --- a/CVE-2024/CVE-2024-524xx/CVE-2024-52430.json +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52430.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52430", "sourceIdentifier": "audit@patchstack.com", "published": "2024-11-18T15:15:07.490", - "lastModified": "2024-11-18T15:15:07.490", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Deserialization of Untrusted Data vulnerability in Lis Lis Video Gallery allows Object Injection.This issue affects Lis Video Gallery: from n/a through 0.2.1." + }, + { + "lang": "es", + "value": "La vulnerabilidad de deserializaci\u00f3n de datos no confiables en Lis Lis Video Gallery permite la inyecci\u00f3n de objetos. Este problema afecta a Lis Video Gallery: desde n/a hasta 0.2.1." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52431.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52431.json index e876831a2f3..b82ab91c0d4 100644 --- a/CVE-2024/CVE-2024-524xx/CVE-2024-52431.json +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52431.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52431", "sourceIdentifier": "audit@patchstack.com", "published": "2024-11-18T15:15:07.707", - "lastModified": "2024-11-18T15:15:07.707", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Pressaholic WordPress Video Robot - The Ultimate Video Importer allows SQL Injection.This issue affects WordPress Video Robot - The Ultimate Video Importer: from n/a through 1.20.0." + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de elementos especiales utilizados en un comando SQL ('Inyecci\u00f3n SQL') en Pressaholic WordPress Video Robot - The Ultimate Video Importer permite la inyecci\u00f3n SQL. Este problema afecta a WordPress Video Robot - The Ultimate Video Importer: desde n/a hasta 1.20.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52432.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52432.json index d1fabe56484..cb110823e93 100644 --- a/CVE-2024/CVE-2024-524xx/CVE-2024-52432.json +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52432.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52432", "sourceIdentifier": "audit@patchstack.com", "published": "2024-11-18T15:15:07.923", - "lastModified": "2024-11-18T15:15:07.923", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Deserialization of Untrusted Data vulnerability in NIX Solutions Ltd NIX Anti-Spam Light allows Object Injection.This issue affects NIX Anti-Spam Light: from n/a through 0.0.4." + }, + { + "lang": "es", + "value": "Vulnerabilidad de deserializaci\u00f3n de datos no confiables en NIX Solutions Ltd NIX Anti-Spam Light permite la inyecci\u00f3n de objetos. Este problema afecta a NIX Anti-Spam Light: desde n/a hasta 0.0.4." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52433.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52433.json index 2c69ab96cdf..d686318416c 100644 --- a/CVE-2024/CVE-2024-524xx/CVE-2024-52433.json +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52433.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52433", "sourceIdentifier": "audit@patchstack.com", "published": "2024-11-18T15:15:08.130", - "lastModified": "2024-11-18T15:15:08.130", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Deserialization of Untrusted Data vulnerability in Mindstien Technologies My Geo Posts Free allows Object Injection.This issue affects My Geo Posts Free: from n/a through 1.2." + }, + { + "lang": "es", + "value": "La vulnerabilidad de deserializaci\u00f3n de datos no confiables en My Geo Posts Free de Mindstien Technologies permite la inyecci\u00f3n de objetos. Este problema afecta a My Geo Posts Free: desde n/a hasta 1.2." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52434.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52434.json index 829f8013cf1..3271f47cedb 100644 --- a/CVE-2024/CVE-2024-524xx/CVE-2024-52434.json +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52434.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52434", "sourceIdentifier": "audit@patchstack.com", "published": "2024-11-18T15:15:08.340", - "lastModified": "2024-11-18T15:15:08.340", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Supsystic Popup by Supsystic allows Command Injection.This issue affects Popup by Supsystic: from n/a through 1.10.29." + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de elementos especiales utilizados en un motor de plantillas en Supsystic Popup de Supsystic permite la inyecci\u00f3n de comandos. Este problema afecta a Popup de Supsystic: desde n/a hasta 1.10.29." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52435.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52435.json index f3da86147c6..3b4581e1721 100644 --- a/CVE-2024/CVE-2024-524xx/CVE-2024-52435.json +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52435.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52435", "sourceIdentifier": "audit@patchstack.com", "published": "2024-11-18T15:15:08.543", - "lastModified": "2024-11-18T15:15:08.543", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in W3 Eden, Inc. Premium Packages allows SQL Injection.This issue affects Premium Packages: from n/a through 5.9.3." + }, + { + "lang": "es", + "value": "Vulnerabilidad de neutralizaci\u00f3n incorrecta de elementos especiales utilizados en un comando SQL ('Inyecci\u00f3n SQL') en W3 Eden, Inc. Premium Packages permiten la inyecci\u00f3n SQL. Este problema afecta a los paquetes premium: desde n/a hasta 5.9.3." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52436.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52436.json index e1aa94f42c8..bac539bcd0c 100644 --- a/CVE-2024/CVE-2024-524xx/CVE-2024-52436.json +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52436.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52436", "sourceIdentifier": "audit@patchstack.com", "published": "2024-11-18T15:15:08.773", - "lastModified": "2024-11-18T15:15:08.773", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Post SMTP allows Blind SQL Injection.This issue affects Post SMTP: from n/a through 2.9.9." + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de elementos especiales utilizados en un comando SQL ('Inyecci\u00f3n SQL') en Post SMTP permite la inyecci\u00f3n SQL ciega. Este problema afecta a Post SMTP: desde n/a hasta 2.9.9." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52507.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52507.json index d0b13ddd118..8a044e4d72a 100644 --- a/CVE-2024/CVE-2024-525xx/CVE-2024-52507.json +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52507.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52507", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T18:15:28.847", - "lastModified": "2024-11-15T18:15:28.847", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Nextcloud Tables allows users to to create tables with individual columns. The information which Table (numeric ID) is shared with which groups and users and the respective permissions was not limited to affected users. It is recommended that the Nextcloud Tables app is upgraded to 0.8.1." + }, + { + "lang": "es", + "value": "Nextcloud Tables permite a los usuarios crear tablas con columnas individuales. La informaci\u00f3n sobre qu\u00e9 tabla (ID num\u00e9rica) se comparte con qu\u00e9 grupos y usuarios y los permisos respectivos no se limita a los usuarios afectados. Se recomienda que la aplicaci\u00f3n Nextcloud Tables se actualice a la versi\u00f3n 0.8.1." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52508.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52508.json index 07f569e3651..74ab086addc 100644 --- a/CVE-2024/CVE-2024-525xx/CVE-2024-52508.json +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52508.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52508", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T18:15:29.060", - "lastModified": "2024-11-15T18:15:29.060", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. When a user is trying to set up a mail account with an email address like user@example.tld that does not support auto configuration, and an attacker managed to register autoconfig.tld, the used email details would be send to the server of the attacker. It is recommended that the Nextcloud Mail app is upgraded to 1.14.6, 1.15.4, 2.2.11, 3.6.3, 3.7.7 or 4.0.0." + }, + { + "lang": "es", + "value": "Nextcloud Mail es la aplicaci\u00f3n de correo de Nextcloud, una plataforma de productividad alojada en servidores propios. Cuando un usuario intenta configurar una cuenta de correo con una direcci\u00f3n de correo electr\u00f3nico como user@example.tld que no admite la configuraci\u00f3n autom\u00e1tica, y un atacante logra registrar autoconfig.tld, los detalles de correo electr\u00f3nico utilizados se env\u00edan al servidor del atacante. Se recomienda que la aplicaci\u00f3n Nextcloud Mail se actualice a 1.14.6, 1.15.4, 2.2.11, 3.6.3, 3.7.7 o 4.0.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52509.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52509.json index c1f923a3f2a..aa591a66f8f 100644 --- a/CVE-2024/CVE-2024-525xx/CVE-2024-52509.json +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52509.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52509", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T18:15:29.280", - "lastModified": "2024-11-15T18:15:29.280", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. The Nextcloud mail app incorrectly allowed attaching shared files without download permissions as attachments. This allowed users to send them the files to themselves and then downloading it from their mail clients. It is recommended that the Nextcloud Mail is upgraded to 2.2.10, 3.6.2 or 3.7.2." + }, + { + "lang": "es", + "value": "Nextcloud Mail es la aplicaci\u00f3n de correo de Nextcloud, una plataforma de productividad alojada en servidores propios. La aplicaci\u00f3n de correo de Nextcloud permit\u00eda por error adjuntar archivos compartidos sin permisos de descarga como archivos adjuntos. Esto permit\u00eda a los usuarios enviarse los archivos a s\u00ed mismos y luego descargarlos desde sus clientes de correo. Se recomienda actualizar Nextcloud Mail a la versi\u00f3n 2.2.10, 3.6.2 o 3.7.2." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52510.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52510.json index 04b8539b1c4..ad0903ed78a 100644 --- a/CVE-2024/CVE-2024-525xx/CVE-2024-52510.json +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52510.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52510", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T18:15:29.497", - "lastModified": "2024-11-15T18:15:29.497", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. The Desktop client did not stop with an error but allowed by-passing the signature validation, if a manipulated server sends an empty initial signature. It is recommended that the Nextcloud Desktop client is upgraded to 3.14.2 or later." + }, + { + "lang": "es", + "value": "Nextcloud Desktop Client es una herramienta para sincronizar archivos del servidor de Nextcloud con su ordenador. El cliente de escritorio no se deten\u00eda con un error, sino que permit\u00eda eludir la validaci\u00f3n de la firma si un servidor manipulado enviaba una firma inicial vac\u00eda. Se recomienda que el cliente de escritorio de Nextcloud se actualice a la versi\u00f3n 3.14.2 o posterior." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52511.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52511.json index 90c52b64b88..b91d9d4128b 100644 --- a/CVE-2024/CVE-2024-525xx/CVE-2024-52511.json +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52511.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52511", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T18:15:29.717", - "lastModified": "2024-11-15T18:15:29.717", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Nextcloud Tables allows users to to create tables with individual columns. By directly specifying the ID of a table or view, a malicious user could blindly insert new rows into tables they have no access to. It is recommended that the Nextcloud Tables is upgraded to 0.8.0." + }, + { + "lang": "es", + "value": "Nextcloud Tables permite a los usuarios crear tablas con columnas individuales. Al especificar directamente el ID de una tabla o vista, un usuario malintencionado podr\u00eda insertar ciegamente nuevas filas en tablas a las que no tiene acceso. Se recomienda actualizar Nextcloud Tables a la versi\u00f3n 0.8.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52512.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52512.json index 66e721413d9..86d29a2d551 100644 --- a/CVE-2024/CVE-2024-525xx/CVE-2024-52512.json +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52512.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52512", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T18:15:29.933", - "lastModified": "2024-11-15T18:15:29.933", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "user_oidc app is an OpenID Connect user backend for Nextcloud. A malicious user could send a malformed login link that would redirect the user to a provided URL after successfully authenticating. It is recommended that the Nextcloud User OIDC app is upgraded to 6.1.0." + }, + { + "lang": "es", + "value": "La aplicaci\u00f3n user_oidc es un backend de usuario de OpenID Connect para Nextcloud. Un usuario malintencionado podr\u00eda enviar un enlace de inicio de sesi\u00f3n mal formado que redirigir\u00eda al usuario a una URL proporcionada despu\u00e9s de autenticarse correctamente. Se recomienda que la aplicaci\u00f3n User OIDC de Nextcloud se actualice a la versi\u00f3n 6.1.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52513.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52513.json index 6a3a6d65bb5..2b833a1d5d8 100644 --- a/CVE-2024/CVE-2024-525xx/CVE-2024-52513.json +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52513.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52513", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T18:15:30.157", - "lastModified": "2024-11-15T18:15:30.157", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Nextcloud Server is a self hosted personal cloud system. After receiving a \"Files drop\" or \"Password protected\" share link a malicious user was able to download attachments that are referenced in Text files without providing the password. It is recommended that the Nextcloud Server is upgraded to 28.0.11, 29.0.8 or 30.0.1 and Nextcloud Enterprise Server is upgraded to 25.0.13.13, 26.0.13.9, 27.1.11.9, 28.0.11, 29.0.8 or 30.0.1." + }, + { + "lang": "es", + "value": "Nextcloud Server es un sistema de nube personal alojado por uno mismo. Despu\u00e9s de recibir un enlace para compartir con el mensaje \"Files drop\" o \"Password protected\", un usuario malintencionado pudo descargar archivos adjuntos a los que se hace referencia en archivos de texto sin proporcionar la contrase\u00f1a. Se recomienda actualizar Nextcloud Server a 28.0.11, 29.0.8 o 30.0.1 y Nextcloud Enterprise Server a 25.0.13.13, 26.0.13.9, 27.1.11.9, 28.0.11, 29.0.8 o 30.0.1." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52514.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52514.json index 9359537658e..77c40717807 100644 --- a/CVE-2024/CVE-2024-525xx/CVE-2024-52514.json +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52514.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52514", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T18:15:30.370", - "lastModified": "2024-11-15T18:15:30.370", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Nextcloud Server is a self hosted personal cloud system. After a user received a share with some files inside being blocked by the files access control, the user would still be able to copy the intermediate folder inside Nextcloud allowing them to afterwards potentially access the blocked files depending on the user access control rules. It is recommended that the Nextcloud Server is upgraded to 27.1.9, 28.0.5 or 29.0.0 and Nextcloud Enterprise Server is upgraded to 21.0.9.18, 22.2.10.23, 23.0.12.18, 24.0.12.14, 25.0.13.9, 26.0.13.3, 27.1.9, 28.0.5 or 29.0.0." + }, + { + "lang": "es", + "value": "Nextcloud Server es un sistema de nube personal alojado por uno mismo. Despu\u00e9s de que un usuario reciba un recurso compartido con algunos archivos dentro que est\u00e1n bloqueados por el control de acceso a archivos, el usuario a\u00fan podr\u00e1 copiar la carpeta intermedia dentro de Nextcloud, lo que le permitir\u00e1 acceder potencialmente a los archivos bloqueados despu\u00e9s, seg\u00fan las reglas de control de acceso del usuario. Se recomienda que Nextcloud Server se actualice a 27.1.9, 28.0.5 o 29.0.0 y que Nextcloud Enterprise Server se actualice a 21.0.9.18, 22.2.10.23, 23.0.12.18, 24.0.12.14, 25.0.13.9, 26.0.13.3, 27.1.9, 28.0.5 o 29.0.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52515.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52515.json index 9a3a98427ac..8e46c5f9b1e 100644 --- a/CVE-2024/CVE-2024-525xx/CVE-2024-52515.json +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52515.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52515", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T17:15:20.837", - "lastModified": "2024-11-15T17:15:20.837", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Nextcloud Server is a self hosted personal cloud system. After an admin enables the default-disabled SVG preview provider, a malicious user could upload a manipulated SVG file referencing paths. If the file would exist the preview of the SVG would preview the other file instead. It is recommended that the Nextcloud Server is upgraded to 27.1.10, 28.0.6 or 29.0.1 and Nextcloud Enterprise Server is upgraded to 24.0.12.15, 25.0.13.10, 26.0.13.4, 27.1.10, 28.0.6 or 29.0.1." + }, + { + "lang": "es", + "value": "Nextcloud Server es un sistema de nube personal alojado por uno mismo. Despu\u00e9s de que un administrador habilite el proveedor de vista previa SVG deshabilitado por defecto, un usuario malintencionado podr\u00eda cargar un archivo SVG manipulado que haga referencia a rutas. Si el archivo existiera, la vista previa del SVG mostrar\u00eda una vista previa del otro archivo en su lugar. Se recomienda que Nextcloud Server se actualice a 27.1.10, 28.0.6 o 29.0.1 y que Nextcloud Enterprise Server se actualice a 24.0.12.15, 25.0.13.10, 26.0.13.4, 27.1.10, 28.0.6 o 29.0.1." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52516.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52516.json index db9afdc8014..e9013ccbb3d 100644 --- a/CVE-2024/CVE-2024-525xx/CVE-2024-52516.json +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52516.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52516", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T17:15:21.070", - "lastModified": "2024-11-15T17:15:21.070", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Nextcloud Server is a self hosted personal cloud system. When a server is configured to only allow sharing with users that are in ones own groups, after a user was removed from a group, previously shared items were not unshared. It is recommended that the Nextcloud Server is upgraded to 22.2.11 or 23.0.11 or 24.0.6 and Nextcloud Enterprise Server is upgraded to 22.2.11 or 23.0.11 or 24.0.6." + }, + { + "lang": "es", + "value": "Nextcloud Server es un sistema de nube personal alojado por uno mismo. Cuando un servidor est\u00e1 configurado para permitir compartir \u00fanicamente con usuarios que est\u00e1n en sus propios grupos, despu\u00e9s de que un usuario se haya eliminado de un grupo, los elementos compartidos anteriormente no se han dejado de compartir. Se recomienda que Nextcloud Server se actualice a 22.2.11 o 23.0.11 o 24.0.6 y que Nextcloud Enterprise Server se actualice a 22.2.11 o 23.0.11 o 24.0.6." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52517.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52517.json index 108e9fe2186..87fdf338e3a 100644 --- a/CVE-2024/CVE-2024-525xx/CVE-2024-52517.json +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52517.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52517", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T17:15:21.297", - "lastModified": "2024-11-15T17:15:21.297", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Nextcloud Server is a self hosted personal cloud system. After storing \"Global credentials\" on the server, the API returns them and adds them into the frontend again, allowing to read them in plain text when an attacker already has access to an active session of a user. It is recommended that the Nextcloud Server is upgraded to 28.0.11, 29.0.8 or 30.0.1 and Nextcloud Enterprise Server is upgraded to 25.0.13.13, 26.0.13.9, 27.1.11.9, 28.0.11, 29.0.8 or 30.0.1." + }, + { + "lang": "es", + "value": "Nextcloud Server es un sistema de nube personal alojado por el usuario. Despu\u00e9s de almacenar las \"credenciales globales\" en el servidor, la API las devuelve y las agrega nuevamente al frontend, lo que permite leerlas en texto plano cuando un atacante ya tiene acceso a una sesi\u00f3n activa de un usuario. Se recomienda actualizar Nextcloud Server a 28.0.11, 29.0.8 o 30.0.1 y Nextcloud Enterprise Server a 25.0.13.13, 26.0.13.9, 27.1.11.9, 28.0.11, 29.0.8 o 30.0.1." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52518.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52518.json index d5293e31544..2a01f50562b 100644 --- a/CVE-2024/CVE-2024-525xx/CVE-2024-52518.json +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52518.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52518", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T17:15:21.543", - "lastModified": "2024-11-15T17:15:21.543", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Nextcloud Server is a self hosted personal cloud system. After an attacker got access to the session of a user or administrator, the attacker would be able to create, change or delete external storages without having to confirm the password. It is recommended that the Nextcloud Server is upgraded to 28.0.12, 29.0.9 or 30.0.2." + }, + { + "lang": "es", + "value": "Nextcloud Server es un sistema de nube personal alojado por el usuario. Una vez que un atacante obtiene acceso a la sesi\u00f3n de un usuario o administrador, puede crear, cambiar o eliminar almacenamientos externos sin tener que confirmar la contrase\u00f1a. Se recomienda actualizar Nextcloud Server a 28.0.12, 29.0.9 o 30.0.2." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52519.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52519.json index 5ee1708c2a3..18fe63da96a 100644 --- a/CVE-2024/CVE-2024-525xx/CVE-2024-52519.json +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52519.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52519", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T17:15:21.843", - "lastModified": "2024-11-15T17:15:21.843", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Nextcloud Server is a self hosted personal cloud system. The OAuth2 client secrets were stored in a recoverable way, so that an attacker that got access to a backup of the database and the Nextcloud config file, would be able to decrypt them. It is recommended that the Nextcloud Server is upgraded to 28.0.10 or 29.0.7 and Nextcloud Enterprise Server is upgraded to 27.1.11.8, 28.0.10 or 29.0.7." + }, + { + "lang": "es", + "value": "Nextcloud Server es un sistema de nube personal alojado por el usuario. Los secretos del cliente OAuth2 se almacenaron de forma recuperable, de modo que un atacante que tuviera acceso a una copia de seguridad de la base de datos y al archivo de configuraci\u00f3n de Nextcloud pudiera descifrarlos. Se recomienda actualizar Nextcloud Server a 28.0.10 o 29.0.7 y Nextcloud Enterprise Server a 27.1.11.8, 28.0.10 o 29.0.7." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52520.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52520.json index 7e8eeba6e7f..4233d5d7019 100644 --- a/CVE-2024/CVE-2024-525xx/CVE-2024-52520.json +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52520.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52520", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T17:15:22.200", - "lastModified": "2024-11-15T17:35:16.007", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Nextcloud Server is a self hosted personal cloud system. Due to a pre-flighted HEAD request, the link reference provider could be tricked into downloading bigger websites than intended, to find open-graph data. It is recommended that the Nextcloud Server is upgraded to 28.0.10 or 29.0.7 and Nextcloud Enterprise Server is upgraded to 27.1.11.8, 28.0.10 or 29.0.7." + }, + { + "lang": "es", + "value": "Nextcloud Server es un sistema de nube personal alojado por uno mismo. Debido a una solicitud HEAD preprogramada, el proveedor de referencia de enlaces podr\u00eda verse enga\u00f1ado y descargar sitios web m\u00e1s grandes de lo previsto para encontrar datos de gr\u00e1ficos abiertos. Se recomienda actualizar Nextcloud Server a 28.0.10 o 29.0.7 y Nextcloud Enterprise Server a 27.1.11.8, 28.0.10 o 29.0.7." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52521.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52521.json index b504b54ae3a..e98ffc61028 100644 --- a/CVE-2024/CVE-2024-525xx/CVE-2024-52521.json +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52521.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52521", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T17:15:22.580", - "lastModified": "2024-11-15T17:15:22.580", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Nextcloud Server is a self hosted personal cloud system. MD5 hashes were used to check background jobs for their uniqueness. This increased the chances of a background job with arguments falsely being identified as already existing and not be queued for execution. By changing the Hash to SHA256 the probability was heavily decreased. It is recommended that the Nextcloud Server is upgraded to 28.0.10, 29.0.7 or 30.0.0." + }, + { + "lang": "es", + "value": "Nextcloud Server es un sistema de nube personal alojado por uno mismo. Se utilizaron hashes MD5 para comprobar la unicidad de los trabajos en segundo plano. Esto aument\u00f3 las posibilidades de que un trabajo en segundo plano con argumentos se identificara err\u00f3neamente como ya existente y no se pusiera en cola para su ejecuci\u00f3n. Al cambiar el hash a SHA256, la probabilidad se redujo considerablemente. Se recomienda que el servidor Nextcloud se actualice a 28.0.10, 29.0.7 o 30.0.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52522.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52522.json index d6c54f6f329..442be5b2560 100644 --- a/CVE-2024/CVE-2024-525xx/CVE-2024-52522.json +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52522.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52522", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T18:15:30.643", - "lastModified": "2024-11-15T19:35:18.670", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Rclone is a command-line program to sync files and directories to and from different cloud storage providers. Insecure handling of symlinks with --links and --metadata in rclone while copying to local disk allows unprivileged users to indirectly modify ownership and permissions on symlink target files when a superuser or privileged process performs a copy. This vulnerability could enable privilege escalation and unauthorized access to critical system files, compromising system integrity, confidentiality, and availability. This vulnerability is fixed in 1.68.2." + }, + { + "lang": "es", + "value": "Rclone es un programa de l\u00ednea de comandos para sincronizar archivos y directorios desde y hacia diferentes proveedores de almacenamiento en la nube. El manejo inseguro de enlaces simb\u00f3licos con --links y --metadata en rclone mientras se copia al disco local permite a los usuarios sin privilegios modificar indirectamente la propiedad y los permisos en los archivos de destino de los enlaces simb\u00f3licos cuando un superusuario o un proceso privilegiado realiza una copia. Esta vulnerabilidad podr\u00eda permitir la escalada de privilegios y el acceso no autorizado a archivos cr\u00edticos del sistema, lo que compromete la integridad, la confidencialidad y la disponibilidad del sistema. Esta vulnerabilidad se corrigi\u00f3 en la versi\u00f3n 1.68.2." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52523.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52523.json index cfeb4bc5fe1..eeb2bc23f90 100644 --- a/CVE-2024/CVE-2024-525xx/CVE-2024-52523.json +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52523.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52523", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T17:15:22.870", - "lastModified": "2024-11-15T17:35:16.820", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Nextcloud Server is a self hosted personal cloud system. After setting up a user or administrator defined external storage with fixed credentials, the API returns them and adds them into the frontend again, allowing to read them in plain text when an attacker already has access to an active session of a user. It is recommended that the Nextcloud Server is upgraded to 28.0.12, 29.0.9 or 30.0.2 and Nextcloud Enterprise Server is upgraded to 25.0.13.14, 26.0.13.10, 27.1.11.10, 28.0.12, 29.0.9 or 30.0.2." + }, + { + "lang": "es", + "value": "Nextcloud Server es un sistema de nube personal alojado por el usuario. Despu\u00e9s de configurar un almacenamiento externo definido por el usuario o el administrador con credenciales fijas, la API las devuelve y las agrega nuevamente al frontend, lo que permite leerlas en texto plano cuando un atacante ya tiene acceso a una sesi\u00f3n activa de un usuario. Se recomienda actualizar Nextcloud Server a 28.0.12, 29.0.9 o 30.0.2 y Nextcloud Enterprise Server a 25.0.13.14, 26.0.13.10, 27.1.11.10, 28.0.12, 29.0.9 o 30.0.2." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52525.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52525.json index 70695d8c400..4c643278512 100644 --- a/CVE-2024/CVE-2024-525xx/CVE-2024-52525.json +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52525.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52525", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T17:15:23.150", - "lastModified": "2024-11-15T17:15:23.150", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Nextcloud Server is a self hosted personal cloud system. Under certain conditions the password of a user was stored unencrypted in the session data. The session data is encrypted before being saved in the session storage (Redis or disk), but it would allow a malicious process that gains access to the memory of the PHP process, to get access to the cleartext password of the user. It is recommended that the Nextcloud Server is upgraded to 28.0.12, 29.0.9 or 30.0.2." + }, + { + "lang": "es", + "value": "Nextcloud Server es un sistema de nube personal alojado por el usuario. En determinadas circunstancias, la contrase\u00f1a de un usuario se almacenaba sin cifrar en los datos de la sesi\u00f3n. Los datos de la sesi\u00f3n se cifran antes de guardarse en el almacenamiento de la sesi\u00f3n (Redis o disco), pero esto permitir\u00eda que un proceso malicioso que obtenga acceso a la memoria del proceso PHP obtenga acceso a la contrase\u00f1a en texto plano del usuario. Se recomienda actualizar Nextcloud Server a 28.0.12, 29.0.9 o 30.0.2." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52526.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52526.json index 13b7cc577eb..228aee21c86 100644 --- a/CVE-2024/CVE-2024-525xx/CVE-2024-52526.json +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52526.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52526", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T16:15:38.107", - "lastModified": "2024-11-15T16:15:38.107", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the \"Services\" tab of the Device page allows authenticated users to inject arbitrary JavaScript through the \"descr\" parameter when adding a service to a device. This vulnerability could result in the execution of malicious code in the context of other users' sessions, potentially compromising their accounts and enabling unauthorized actions. This vulnerability is fixed in 24.10.0." + }, + { + "lang": "es", + "value": "LibreNMS es un sistema de monitoreo de red de c\u00f3digo abierto basado en PHP/MySQL/SNMP. Una vulnerabilidad de cross site scripting (XSS) almacenado en la pesta\u00f1a \"Servicios\" de la p\u00e1gina del dispositivo permite a los usuarios autenticados inyectar c\u00f3digo JavaScript arbitrario a trav\u00e9s del par\u00e1metro \"descr\" al agregar un servicio a un dispositivo. Esta vulnerabilidad podr\u00eda resultar en la ejecuci\u00f3n de c\u00f3digo malicioso en el contexto de las sesiones de otros usuarios, lo que podr\u00eda comprometer sus cuentas y permitir acciones no autorizadas. Esta vulnerabilidad se solucion\u00f3 en la versi\u00f3n 24.10.0." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52528.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52528.json index 561b511616e..3fd69c26ca0 100644 --- a/CVE-2024/CVE-2024-525xx/CVE-2024-52528.json +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52528.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52528", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-15T17:15:23.400", - "lastModified": "2024-11-15T17:15:23.400", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Budget Control Gateway acts as an entry point for incoming requests and routes them to the appropriate microservices for Budget Control. Budget Control Gateway does not properly validate auth tokens, which allows attackers to bypass intended restrictions. This vulnerability is fixed in 1.5.2." + }, + { + "lang": "es", + "value": "Budget Control Gateway act\u00faa como un punto de entrada para las solicitudes entrantes y las dirige a los microservicios adecuados para Budget Control. Budget Control Gateway no valida correctamente los tokens de autenticaci\u00f3n, lo que permite a los atacantes eludir las restricciones previstas. Esta vulnerabilidad se solucion\u00f3 en la versi\u00f3n 1.5.2." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52555.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52555.json index bbceeba1c9a..a156339feaf 100644 --- a/CVE-2024/CVE-2024-525xx/CVE-2024-52555.json +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52555.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52555", "sourceIdentifier": "cve@jetbrains.com", "published": "2024-11-15T16:15:38.340", - "lastModified": "2024-11-15T16:15:38.340", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:56.587", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In JetBrains WebStorm before 2024.3 code execution in Untrusted Project mode was possible via type definitions installer script" + }, + { + "lang": "es", + "value": "En JetBrains WebStorm anterior a la versi\u00f3n 2024.3, la ejecuci\u00f3n de c\u00f3digo en modo de proyecto no confiable era posible a trav\u00e9s del script de instalaci\u00f3n de definiciones de tipo" } ], "metrics": { diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52565.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52565.json index d61e220139b..0cee5db668c 100644 --- a/CVE-2024/CVE-2024-525xx/CVE-2024-52565.json +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52565.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52565", "sourceIdentifier": "productcert@siemens.com", "published": "2024-11-18T16:15:27.020", - "lastModified": "2024-11-18T16:15:27.020", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted WRL file.\r\nThis could allow an attacker to execute code in the context of the current process. (ZDI-CAN-24231)" + }, + { + "lang": "es", + "value": "Se ha identificado una vulnerabilidad en Tecnomatix Plant Simulation V2302 (todas las versiones anteriores a V2302.0018) y Tecnomatix Plant Simulation V2404 (todas las versiones anteriores a V2404.0007). Las aplicaciones afectadas contienen una vulnerabilidad de escritura fuera de los l\u00edmites al analizar un archivo WRL especialmente manipulado. Esto podr\u00eda permitir que un atacante ejecute c\u00f3digo en el contexto del proceso actual. (ZDI-CAN-24231)" } ], "metrics": { diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52566.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52566.json index f83d56d9fd2..12b8ec7c383 100644 --- a/CVE-2024/CVE-2024-525xx/CVE-2024-52566.json +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52566.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52566", "sourceIdentifier": "productcert@siemens.com", "published": "2024-11-18T16:15:27.287", - "lastModified": "2024-11-18T16:15:27.287", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted WRL file.\r\nThis could allow an attacker to execute code in the context of the current process. (ZDI-CAN-24233)" + }, + { + "lang": "es", + "value": "Se ha identificado una vulnerabilidad en Tecnomatix Plant Simulation V2302 (todas las versiones anteriores a V2302.0018) y Tecnomatix Plant Simulation V2404 (todas las versiones anteriores a V2404.0007). Las aplicaciones afectadas contienen una vulnerabilidad de escritura fuera de los l\u00edmites al analizar un archivo WRL especialmente manipulado. Esto podr\u00eda permitir que un atacante ejecute c\u00f3digo en el contexto del proceso actual. (ZDI-CAN-24233)" } ], "metrics": { diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52567.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52567.json index c7b44e9af3d..8e430341316 100644 --- a/CVE-2024/CVE-2024-525xx/CVE-2024-52567.json +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52567.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52567", "sourceIdentifier": "productcert@siemens.com", "published": "2024-11-18T16:15:27.537", - "lastModified": "2024-11-18T16:15:27.537", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted WRL files.\r\nThis could allow an attacker to execute code in the context of the current process. (ZDI-CAN-24237)" + }, + { + "lang": "es", + "value": "Se ha identificado una vulnerabilidad en Tecnomatix Plant Simulation V2302 (todas las versiones anteriores a V2302.0018) y Tecnomatix Plant Simulation V2404 (todas las versiones anteriores a V2404.0007). Las aplicaciones afectadas contienen una lectura fuera de los l\u00edmites m\u00e1s all\u00e1 del final de una estructura asignada mientras se analizan archivos WRL especialmente manipulados. Esto podr\u00eda permitir que un atacante ejecute c\u00f3digo en el contexto del proceso actual. (ZDI-CAN-24237)" } ], "metrics": { diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52568.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52568.json index 4da2085ca5f..2d7b3abda3a 100644 --- a/CVE-2024/CVE-2024-525xx/CVE-2024-52568.json +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52568.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52568", "sourceIdentifier": "productcert@siemens.com", "published": "2024-11-18T16:15:27.773", - "lastModified": "2024-11-18T16:15:27.773", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain a use-after-free vulnerability that could be triggered while parsing specially crafted WRL files.\r\nAn attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-24244)" + }, + { + "lang": "es", + "value": "Se ha identificado una vulnerabilidad en Tecnomatix Plant Simulation V2302 (todas las versiones anteriores a V2302.0018) y Tecnomatix Plant Simulation V2404 (todas las versiones anteriores a V2404.0007). Las aplicaciones afectadas contienen una vulnerabilidad de use-after-free que podr\u00eda activarse al analizar archivos WRL especialmente manipulados. Un atacante podr\u00eda aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. (ZDI-CAN-24244)" } ], "metrics": { diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52569.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52569.json index 82a37241ae9..99b09b36b27 100644 --- a/CVE-2024/CVE-2024-525xx/CVE-2024-52569.json +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52569.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52569", "sourceIdentifier": "productcert@siemens.com", "published": "2024-11-18T16:15:28.063", - "lastModified": "2024-11-18T16:15:28.063", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted WRL file.\r\nThis could allow an attacker to execute code in the context of the current process. (ZDI-CAN-24260)" + }, + { + "lang": "es", + "value": "Se ha identificado una vulnerabilidad en Tecnomatix Plant Simulation V2302 (todas las versiones anteriores a V2302.0018) y Tecnomatix Plant Simulation V2404 (todas las versiones anteriores a V2404.0007). Las aplicaciones afectadas contienen una vulnerabilidad de escritura fuera de los l\u00edmites al analizar un archivo WRL especialmente manipulado. Esto podr\u00eda permitir que un atacante ejecute c\u00f3digo en el contexto del proceso actual. (ZDI-CAN-24260)" } ], "metrics": { diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52570.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52570.json index 96c6130da20..9b672f0dfd4 100644 --- a/CVE-2024/CVE-2024-525xx/CVE-2024-52570.json +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52570.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52570", "sourceIdentifier": "productcert@siemens.com", "published": "2024-11-18T16:15:28.300", - "lastModified": "2024-11-18T16:15:28.300", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted WRL file.\r\nThis could allow an attacker to execute code in the context of the current process. (ZDI-CAN-24365)" + }, + { + "lang": "es", + "value": "Se ha identificado una vulnerabilidad en Tecnomatix Plant Simulation V2302 (todas las versiones anteriores a V2302.0018) y Tecnomatix Plant Simulation V2404 (todas las versiones anteriores a V2404.0007). Las aplicaciones afectadas contienen una vulnerabilidad de escritura fuera de los l\u00edmites al analizar un archivo WRL especialmente manipulado. Esto podr\u00eda permitir que un atacante ejecute c\u00f3digo en el contexto del proceso actual. (ZDI-CAN-24365)" } ], "metrics": { diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52571.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52571.json index a732380b849..46984fd965c 100644 --- a/CVE-2024/CVE-2024-525xx/CVE-2024-52571.json +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52571.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52571", "sourceIdentifier": "productcert@siemens.com", "published": "2024-11-18T16:15:28.533", - "lastModified": "2024-11-18T16:15:28.533", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted WRL file.\r\nThis could allow an attacker to execute code in the context of the current process. (ZDI-CAN-24485)" + }, + { + "lang": "es", + "value": "Se ha identificado una vulnerabilidad en Tecnomatix Plant Simulation V2302 (todas las versiones anteriores a V2302.0018) y Tecnomatix Plant Simulation V2404 (todas las versiones anteriores a V2404.0007). Las aplicaciones afectadas contienen una vulnerabilidad de escritura fuera de los l\u00edmites al analizar un archivo WRL especialmente manipulado. Esto podr\u00eda permitir que un atacante ejecute c\u00f3digo en el contexto del proceso actual. (ZDI-CAN-24485)" } ], "metrics": { diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52572.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52572.json index 3fd199b1691..a556273e6f2 100644 --- a/CVE-2024/CVE-2024-525xx/CVE-2024-52572.json +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52572.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52572", "sourceIdentifier": "productcert@siemens.com", "published": "2024-11-18T16:15:28.767", - "lastModified": "2024-11-18T16:15:28.767", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain a stack based overflow vulnerability while parsing specially crafted WRL files.\r\nThis could allow an attacker to execute code in the context of the current process. (ZDI-CAN-24486)" + }, + { + "lang": "es", + "value": "Se ha identificado una vulnerabilidad en Tecnomatix Plant Simulation V2302 (todas las versiones anteriores a V2302.0018) y Tecnomatix Plant Simulation V2404 (todas las versiones anteriores a V2404.0007). Las aplicaciones afectadas contienen una vulnerabilidad de desbordamiento de pila al analizar archivos WRL especialmente manipulados. Esto podr\u00eda permitir que un atacante ejecute c\u00f3digo en el contexto del proceso actual. (ZDI-CAN-24486)" } ], "metrics": { diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52573.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52573.json index 3091f28dfe1..f40df900c0b 100644 --- a/CVE-2024/CVE-2024-525xx/CVE-2024-52573.json +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52573.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52573", "sourceIdentifier": "productcert@siemens.com", "published": "2024-11-18T16:15:29.110", - "lastModified": "2024-11-18T16:15:29.110", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted WRL file.\r\nThis could allow an attacker to execute code in the context of the current process. (ZDI-CAN-24521)" + }, + { + "lang": "es", + "value": "Se ha identificado una vulnerabilidad en Tecnomatix Plant Simulation V2302 (todas las versiones anteriores a V2302.0018) y Tecnomatix Plant Simulation V2404 (todas las versiones anteriores a V2404.0007). Las aplicaciones afectadas contienen una vulnerabilidad de escritura fuera de los l\u00edmites al analizar un archivo WRL especialmente manipulado. Esto podr\u00eda permitir que un atacante ejecute c\u00f3digo en el contexto del proceso actual. (ZDI-CAN-24521)" } ], "metrics": { diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52574.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52574.json index de37914de38..2e5ce5fc12f 100644 --- a/CVE-2024/CVE-2024-525xx/CVE-2024-52574.json +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52574.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52574", "sourceIdentifier": "productcert@siemens.com", "published": "2024-11-18T16:15:29.400", - "lastModified": "2024-11-18T16:15:29.400", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted WRL files.\r\nThis could allow an attacker to execute code in the context of the current process. (ZDI-CAN-24543)" + }, + { + "lang": "es", + "value": "Se ha identificado una vulnerabilidad en Tecnomatix Plant Simulation V2302 (todas las versiones anteriores a V2302.0018) y Tecnomatix Plant Simulation V2404 (todas las versiones anteriores a V2404.0007). Las aplicaciones afectadas contienen una lectura fuera de los l\u00edmites m\u00e1s all\u00e1 del final de una estructura asignada mientras se analizan archivos WRL especialmente manipulados. Esto podr\u00eda permitir que un atacante ejecute c\u00f3digo en el contexto del proceso actual. (ZDI-CAN-24543)" } ], "metrics": { diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52867.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52867.json index f7d1d4545d5..cb76f995091 100644 --- a/CVE-2024/CVE-2024-528xx/CVE-2024-52867.json +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52867.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52867", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-17T03:15:04.003", - "lastModified": "2024-11-17T03:15:04.003", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "guix-daemon in GNU Guix before 5ab3c4c allows privilege escalation because build outputs are accessible by local users before file metadata concerns (e.g., for setuid and setgid programs) are properly addressed. The vulnerability can be remediated within the product via certain pull, reconfigure, and restart actions. Both 5ab3c4c and 5582241 are needed to resolve the vulnerability." + }, + { + "lang": "es", + "value": "guix-daemon en GNU Guix anterior a 5ab3c4c permite la escalada de privilegios porque los usuarios locales pueden acceder a los resultados de la compilaci\u00f3n antes de que se resuelvan adecuadamente los problemas de metadatos de archivos (por ejemplo, para programas setuid y setgid). La vulnerabilidad se puede remediar dentro del producto mediante ciertas acciones de extracci\u00f3n, reconfiguraci\u00f3n y reinicio. Se necesitan tanto 5ab3c4c como 5582241 para resolver la vulnerabilidad." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52871.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52871.json index 07eba030431..70b7cea825b 100644 --- a/CVE-2024/CVE-2024-528xx/CVE-2024-52871.json +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52871.json @@ -2,16 +2,43 @@ "id": "CVE-2024-52871", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-17T04:15:03.973", - "lastModified": "2024-11-17T04:15:03.973", - "vulnStatus": "Received", + "lastModified": "2024-11-18T18:35:09.027", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Flagsmith before 2.134.1, it is possible to bypass the ALLOW_REGISTRATION_WITHOUT_INVITE setting." + }, + { + "lang": "es", + "value": "En Flagsmith anterior a 2.134.1, es posible omitir la configuraci\u00f3n ALLOW_REGISTRATION_WITHOUT_INVITE." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, "references": [ { "url": "https://github.com/Flagsmith/flagsmith/compare/v2.134.0...v2.134.1", diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52872.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52872.json index a4e77c9eab3..d362959984c 100644 --- a/CVE-2024/CVE-2024-528xx/CVE-2024-52872.json +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52872.json @@ -2,16 +2,43 @@ "id": "CVE-2024-52872", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-17T04:15:04.047", - "lastModified": "2024-11-17T04:15:04.047", - "vulnStatus": "Received", + "lastModified": "2024-11-18T18:35:09.270", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Flagsmith before 2.134.1, the get_document endpoint is not correctly protected by permissions." + }, + { + "lang": "es", + "value": "En Flagsmith anterior a 2.134.1, el endpoint get_document no est\u00e1 protegido correctamente por permisos." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, "references": [ { "url": "https://github.com/Flagsmith/flagsmith/compare/v2.134.0...v2.134.1", diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52876.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52876.json index 29e675e4379..e5b79eaaabe 100644 --- a/CVE-2024/CVE-2024-528xx/CVE-2024-52876.json +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52876.json @@ -2,16 +2,55 @@ "id": "CVE-2024-52876", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-17T05:15:04.760", - "lastModified": "2024-11-17T05:15:04.760", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:35:08.900", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Holy Stone Remote ID Module HSRID01, firmware distributed with the Drone Go2 mobile application before 1.1.8, allows unauthenticated \"remote power off\" actions (in broadcast mode) via multiple read operations on the ASTM Remote ID (0xFFFA) GATT." + }, + { + "lang": "es", + "value": "El m\u00f3dulo de identificaci\u00f3n remota Holy Stone HSRID01, firmware distribuido con la aplicaci\u00f3n m\u00f3vil Drone Go2 anterior a la versi\u00f3n 1.1.8, permite acciones de \"apagado remoto\" no autenticadas (en modo de transmisi\u00f3n) a trav\u00e9s de m\u00faltiples operaciones de lectura en el GATT de identificaci\u00f3n remota ASTM (0xFFFA)." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://coalfire.com/the-coalfire-blog/holy-stone-remote-id-vulnerability-disclosure", diff --git a/CVE-2024/CVE-2024-529xx/CVE-2024-52912.json b/CVE-2024/CVE-2024-529xx/CVE-2024-52912.json index 3be7dbf4bc8..fa5d045b6cc 100644 --- a/CVE-2024/CVE-2024-529xx/CVE-2024-52912.json +++ b/CVE-2024/CVE-2024-529xx/CVE-2024-52912.json @@ -2,8 +2,8 @@ "id": "CVE-2024-52912", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-18T04:15:04.443", - "lastModified": "2024-11-18T16:35:14.273", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-529xx/CVE-2024-52913.json b/CVE-2024/CVE-2024-529xx/CVE-2024-52913.json index 64152a3107c..79c85b01266 100644 --- a/CVE-2024/CVE-2024-529xx/CVE-2024-52913.json +++ b/CVE-2024/CVE-2024-529xx/CVE-2024-52913.json @@ -2,8 +2,8 @@ "id": "CVE-2024-52913", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-18T04:15:04.500", - "lastModified": "2024-11-18T16:35:15.113", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-529xx/CVE-2024-52914.json b/CVE-2024/CVE-2024-529xx/CVE-2024-52914.json index 86bb7951c1c..ca8d0281d96 100644 --- a/CVE-2024/CVE-2024-529xx/CVE-2024-52914.json +++ b/CVE-2024/CVE-2024-529xx/CVE-2024-52914.json @@ -2,8 +2,8 @@ "id": "CVE-2024-52914", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-18T04:15:04.567", - "lastModified": "2024-11-18T16:35:16.680", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-529xx/CVE-2024-52915.json b/CVE-2024/CVE-2024-529xx/CVE-2024-52915.json index d4aaef99cf4..623dcbce779 100644 --- a/CVE-2024/CVE-2024-529xx/CVE-2024-52915.json +++ b/CVE-2024/CVE-2024-529xx/CVE-2024-52915.json @@ -2,8 +2,8 @@ "id": "CVE-2024-52915", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-18T04:15:04.633", - "lastModified": "2024-11-18T16:35:17.807", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-529xx/CVE-2024-52916.json b/CVE-2024/CVE-2024-529xx/CVE-2024-52916.json index 1245625a5f4..bda8516db00 100644 --- a/CVE-2024/CVE-2024-529xx/CVE-2024-52916.json +++ b/CVE-2024/CVE-2024-529xx/CVE-2024-52916.json @@ -2,8 +2,8 @@ "id": "CVE-2024-52916", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-18T04:15:04.697", - "lastModified": "2024-11-18T16:35:18.907", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-529xx/CVE-2024-52917.json b/CVE-2024/CVE-2024-529xx/CVE-2024-52917.json index d91ec0b1b40..070d1db99b4 100644 --- a/CVE-2024/CVE-2024-529xx/CVE-2024-52917.json +++ b/CVE-2024/CVE-2024-529xx/CVE-2024-52917.json @@ -2,8 +2,8 @@ "id": "CVE-2024-52917", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-18T04:15:04.760", - "lastModified": "2024-11-18T16:35:19.943", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-529xx/CVE-2024-52918.json b/CVE-2024/CVE-2024-529xx/CVE-2024-52918.json index 55e13451a52..cd6b2c9ccff 100644 --- a/CVE-2024/CVE-2024-529xx/CVE-2024-52918.json +++ b/CVE-2024/CVE-2024-529xx/CVE-2024-52918.json @@ -2,8 +2,8 @@ "id": "CVE-2024-52918", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-18T04:15:04.823", - "lastModified": "2024-11-18T16:35:20.793", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-529xx/CVE-2024-52919.json b/CVE-2024/CVE-2024-529xx/CVE-2024-52919.json index e9ccd929fd2..1bd6f01cdc7 100644 --- a/CVE-2024/CVE-2024-529xx/CVE-2024-52919.json +++ b/CVE-2024/CVE-2024-529xx/CVE-2024-52919.json @@ -2,8 +2,8 @@ "id": "CVE-2024-52919", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-18T04:15:04.890", - "lastModified": "2024-11-18T16:35:21.600", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-529xx/CVE-2024-52920.json b/CVE-2024/CVE-2024-529xx/CVE-2024-52920.json index bc73c98a20f..b76821cfe5d 100644 --- a/CVE-2024/CVE-2024-529xx/CVE-2024-52920.json +++ b/CVE-2024/CVE-2024-529xx/CVE-2024-52920.json @@ -2,8 +2,8 @@ "id": "CVE-2024-52920", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-18T04:15:04.960", - "lastModified": "2024-11-18T16:35:22.413", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-529xx/CVE-2024-52921.json b/CVE-2024/CVE-2024-529xx/CVE-2024-52921.json index 8d69125b646..1683204dcef 100644 --- a/CVE-2024/CVE-2024-529xx/CVE-2024-52921.json +++ b/CVE-2024/CVE-2024-529xx/CVE-2024-52921.json @@ -2,8 +2,8 @@ "id": "CVE-2024-52921", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-18T04:15:05.023", - "lastModified": "2024-11-18T16:35:23.227", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-529xx/CVE-2024-52922.json b/CVE-2024/CVE-2024-529xx/CVE-2024-52922.json index db16d90ae72..ace47d6eff8 100644 --- a/CVE-2024/CVE-2024-529xx/CVE-2024-52922.json +++ b/CVE-2024/CVE-2024-529xx/CVE-2024-52922.json @@ -2,16 +2,43 @@ "id": "CVE-2024-52922", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-18T04:15:05.083", - "lastModified": "2024-11-18T04:15:05.083", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:35:09.720", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Bitcoin Core before 25.1, an attacker can cause a node to not download the latest block, because there can be minutes of delay when an announcing peer stalls instead of complying with the peer-to-peer protocol specification." + }, + { + "lang": "es", + "value": "En Bitcoin Core anterior a la versi\u00f3n 25.1, un atacante puede provocar que un nodo no descargue el \u00faltimo bloque, porque puede haber minutos de retraso cuando un nodo que lo anuncia se detiene en lugar de cumplir con la especificaci\u00f3n del protocolo peer-to-peer." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.5 + } + ] + }, "references": [ { "url": "https://bitcoincore.org/en/2024/11/05/cb-stall-hindering-propagation/", diff --git a/CVE-2024/CVE-2024-529xx/CVE-2024-52926.json b/CVE-2024/CVE-2024-529xx/CVE-2024-52926.json index 56f96834fcf..a1d4be75b86 100644 --- a/CVE-2024/CVE-2024-529xx/CVE-2024-52926.json +++ b/CVE-2024/CVE-2024-529xx/CVE-2024-52926.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52926", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-18T04:15:05.140", - "lastModified": "2024-11-18T04:15:05.140", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:35:09.930", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Delinea Privilege Manager before 12.0.2 mishandles the security of the Windows agent." + }, + { + "lang": "es", + "value": "Delinea Privilege Manager anterior a la versi\u00f3n 12.0.2 gestiona incorrectamente la seguridad del agente de Windows." } ], "metrics": { @@ -35,6 +39,18 @@ } ] }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-276" + } + ] + } + ], "references": [ { "url": "https://docs.delinea.com/online-help/privilege-manager/release-notes/12.0.2-combined.htm", diff --git a/CVE-2024/CVE-2024-529xx/CVE-2024-52940.json b/CVE-2024/CVE-2024-529xx/CVE-2024-52940.json index bbb557f0bbc..a1c1cbed77a 100644 --- a/CVE-2024/CVE-2024-529xx/CVE-2024-52940.json +++ b/CVE-2024/CVE-2024-529xx/CVE-2024-52940.json @@ -2,8 +2,8 @@ "id": "CVE-2024-52940", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-18T05:15:05.200", - "lastModified": "2024-11-18T16:35:24.040", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-529xx/CVE-2024-52941.json b/CVE-2024/CVE-2024-529xx/CVE-2024-52941.json index 624ba24235a..69d744bb739 100644 --- a/CVE-2024/CVE-2024-529xx/CVE-2024-52941.json +++ b/CVE-2024/CVE-2024-529xx/CVE-2024-52941.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52941", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-18T06:15:05.283", - "lastModified": "2024-11-18T16:35:24.863", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in Veritas Enterprise Vault before 15.1 UPD882911, ZDI-CAN-24695. It allows an authenticated remote attacker to inject a parameter into an HTTP request, allowing for Cross-Site Scripting (XSS) while viewing archived content. This could reflect back to an authenticated user without sanitization if executed by that user." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en Veritas Enterprise Vault anterior a la versi\u00f3n 15.1 UPD882911, ZDI-CAN-24695. Permite que un atacante remoto autenticado inyecte un par\u00e1metro en una solicitud HTTP, lo que permite la ejecuci\u00f3n de cross site scripting (XSS) mientras se visualiza contenido archivado. Esto podr\u00eda reflejarse en un usuario autenticado sin desinfecci\u00f3n si ese usuario lo ejecuta." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-529xx/CVE-2024-52942.json b/CVE-2024/CVE-2024-529xx/CVE-2024-52942.json index cdbed1bf8e6..ef41bf5aeb4 100644 --- a/CVE-2024/CVE-2024-529xx/CVE-2024-52942.json +++ b/CVE-2024/CVE-2024-529xx/CVE-2024-52942.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52942", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-18T06:15:05.543", - "lastModified": "2024-11-18T16:35:25.583", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in Veritas Enterprise Vault before 15.1 UPD882911, ZDI-CAN-24696. It allows an authenticated remote attacker to inject a parameter into an HTTP request, allowing for Cross-Site Scripting (XSS) while viewing archived content. This could reflect back to an authenticated user without sanitization if executed by that user." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en Veritas Enterprise Vault anterior a la versi\u00f3n 15.1 UPD882911, ZDI-CAN-24696. Permite que un atacante remoto autenticado inyecte un par\u00e1metro en una solicitud HTTP, lo que permite la ejecuci\u00f3n de cross site scripting (XSS) mientras se visualiza contenido archivado. Esto podr\u00eda reflejarse en un usuario autenticado sin desinfecci\u00f3n si lo ejecuta ese usuario." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-529xx/CVE-2024-52943.json b/CVE-2024/CVE-2024-529xx/CVE-2024-52943.json index 7163429e2e4..7e2bc0f81d1 100644 --- a/CVE-2024/CVE-2024-529xx/CVE-2024-52943.json +++ b/CVE-2024/CVE-2024-529xx/CVE-2024-52943.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52943", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-18T06:15:05.793", - "lastModified": "2024-11-18T16:35:26.300", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in Veritas Enterprise Vault before 15.1 UPD882911, ZDI-CAN-24697. It allows an authenticated remote attacker to inject a parameter into an HTTP request, allowing for Cross-Site Scripting (XSS) while viewing archived content. This could reflect back to an authenticated user without sanitization if executed by that user." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en Veritas Enterprise Vault anterior a la versi\u00f3n 15.1 UPD882911, ZDI-CAN-24697. Permite que un atacante remoto autenticado inyecte un par\u00e1metro en una solicitud HTTP, lo que permite la ejecuci\u00f3n de cross site scripting (XSS) mientras se visualiza contenido archivado. Esto podr\u00eda reflejarse en un usuario autenticado sin desinfecci\u00f3n si lo ejecuta ese usuario." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-529xx/CVE-2024-52944.json b/CVE-2024/CVE-2024-529xx/CVE-2024-52944.json index b8ca7499a1f..c67fd92bb17 100644 --- a/CVE-2024/CVE-2024-529xx/CVE-2024-52944.json +++ b/CVE-2024/CVE-2024-529xx/CVE-2024-52944.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52944", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-18T06:15:06.017", - "lastModified": "2024-11-18T06:15:06.017", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in Veritas Enterprise Vault before 15.1 UPD882911, ZDI-CAN-24698. It allows an authenticated remote attacker to inject a parameter into an HTTP request, allowing for Cross-Site Scripting while viewing archived content. This could reflect back to an authenticated user without sanitization if executed by that user." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en Veritas Enterprise Vault anterior a la versi\u00f3n 15.1 UPD882911, ZDI-CAN-24698. Permite que un atacante remoto autenticado inyecte un par\u00e1metro en una solicitud HTTP, lo que permite la ejecuci\u00f3n de cross site scripting mientras se visualiza contenido archivado. Esto podr\u00eda reflejarse en un usuario autenticado sin desinfecci\u00f3n si lo ejecuta ese usuario." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-529xx/CVE-2024-52945.json b/CVE-2024/CVE-2024-529xx/CVE-2024-52945.json index 0415d5902ec..f03c8834239 100644 --- a/CVE-2024/CVE-2024-529xx/CVE-2024-52945.json +++ b/CVE-2024/CVE-2024-529xx/CVE-2024-52945.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52945", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-18T06:15:06.250", - "lastModified": "2024-11-18T06:15:06.250", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in Veritas NetBackup before 10.5. This only applies to NetBackup components running on a Windows Operating System. If a user executes specific NetBackup commands or an attacker uses social engineering techniques to impel the user to execute the commands, a malicious DLL could be loaded, resulting in execution of the attacker's code in the user's security context." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en Veritas NetBackup anterior a la versi\u00f3n 10.5. Esto solo se aplica a los componentes de NetBackup que se ejecutan en un sistema operativo Windows. Si un usuario ejecuta comandos espec\u00edficos de NetBackup o un atacante utiliza t\u00e9cnicas de ingenier\u00eda social para obligar al usuario a ejecutar los comandos, se podr\u00eda cargar una DLL maliciosa, lo que provocar\u00eda la ejecuci\u00f3n del c\u00f3digo del atacante en el contexto de seguridad del usuario." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-529xx/CVE-2024-52946.json b/CVE-2024/CVE-2024-529xx/CVE-2024-52946.json index f46a94ad0bd..70588f979ea 100644 --- a/CVE-2024/CVE-2024-529xx/CVE-2024-52946.json +++ b/CVE-2024/CVE-2024-529xx/CVE-2024-52946.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52946", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-18T06:15:06.460", - "lastModified": "2024-11-18T06:15:06.460", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in LemonLDAP::NG before 2.20.1. An Improper Check during session refresh allows an authenticated user to raise their authentication level if the admin configured an \"Adaptative authentication rule\" with an increment instead of an absolute value." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en LemonLDAP::NG antes de la versi\u00f3n 2.20.1. Una comprobaci\u00f3n incorrecta durante la actualizaci\u00f3n de la sesi\u00f3n permite que un usuario autenticado aumente su nivel de autenticaci\u00f3n si el administrador configur\u00f3 una \"regla de autenticaci\u00f3n adaptativa\" con un incremento en lugar de un valor absoluto." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-529xx/CVE-2024-52947.json b/CVE-2024/CVE-2024-529xx/CVE-2024-52947.json index e9fb65be83b..d5baa4ef90a 100644 --- a/CVE-2024/CVE-2024-529xx/CVE-2024-52947.json +++ b/CVE-2024/CVE-2024-529xx/CVE-2024-52947.json @@ -2,16 +2,55 @@ "id": "CVE-2024-52947", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-18T06:15:06.530", - "lastModified": "2024-11-18T06:15:06.530", - "vulnStatus": "Received", + "lastModified": "2024-11-18T18:35:09.517", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A cross-site scripting (XSS) vulnerability in LemonLDAP::NG before 2.20.1 allows remote attackers to inject arbitrary web script or HTML via the url parameter of the upgrade session confirmation page (upgradeSession / forceUpgrade) if the \"Upgrade session\" plugin has been enabled by an admin" + }, + { + "lang": "es", + "value": "Una vulnerabilidad de cross site scripting (XSS) en LemonLDAP::NG anterior a 2.20.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s del par\u00e1metro URL de la p\u00e1gina de confirmaci\u00f3n de la sesi\u00f3n de actualizaci\u00f3n (upgradeSession / forceUpgrade) si el complemento \"Actualizar sesi\u00f3n\" ha sido habilitado por un administrador." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/3257", diff --git a/CVE-2024/CVE-2024-66xx/CVE-2024-6628.json b/CVE-2024/CVE-2024-66xx/CVE-2024-6628.json index 9b76f407bc1..7920481169e 100644 --- a/CVE-2024/CVE-2024-66xx/CVE-2024-6628.json +++ b/CVE-2024/CVE-2024-66xx/CVE-2024-6628.json @@ -2,13 +2,17 @@ "id": "CVE-2024-6628", "sourceIdentifier": "security@wordfence.com", "published": "2024-11-16T04:15:06.370", - "lastModified": "2024-11-16T04:15:06.370", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The EleForms \u2013 All In One Form Integration including DB for Elementor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.9.9.9. This is due to missing or incorrect nonce validation when deleting form submissions. This makes it possible for unauthenticated attackers to delete form submissions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento EleForms \u2013 All In One Form Integration including DB for Elementor para WordPress es vulnerable a Cross-Site Request Forgery en todas las versiones hasta la 2.9.9.9 incluida. Esto se debe a la falta o la validaci\u00f3n incorrecta de nonce al eliminar los env\u00edos de formularios. Esto hace posible que atacantes no autenticados eliminen los env\u00edos de formularios a trav\u00e9s de una solicitud falsificada, siempre que puedan enga\u00f1ar a un administrador del sitio para que realice una acci\u00f3n como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-72xx/CVE-2024-7295.json b/CVE-2024/CVE-2024-72xx/CVE-2024-7295.json index 9f48ef8f967..857a0f23caa 100644 --- a/CVE-2024/CVE-2024-72xx/CVE-2024-7295.json +++ b/CVE-2024/CVE-2024-72xx/CVE-2024-7295.json @@ -2,8 +2,8 @@ "id": "CVE-2024-7295", "sourceIdentifier": "security@progress.com", "published": "2024-11-13T16:15:20.960", - "lastModified": "2024-11-13T17:01:16.850", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-11-18T17:41:49.787", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.2, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.5, + "impactScore": 3.6 + }, { "source": "security@progress.com", "type": "Secondary", @@ -51,10 +71,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:progress:telerik_report_server:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.3.24.1112", + "matchCriteriaId": "584D7CE9-ED26-49FA-A27F-B3B171A86AB0" + } + ] + } + ] + } + ], "references": [ { "url": "https://docs.telerik.com/report-server/knowledge-base/encryption-weakness-cve-2024-7295", - "source": "security@progress.com" + "source": "security@progress.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-80xx/CVE-2024-8049.json b/CVE-2024/CVE-2024-80xx/CVE-2024-8049.json index cb6b888b045..b03630c4a5a 100644 --- a/CVE-2024/CVE-2024-80xx/CVE-2024-8049.json +++ b/CVE-2024/CVE-2024-80xx/CVE-2024-8049.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8049", "sourceIdentifier": "security@progress.com", "published": "2024-11-13T16:15:21.237", - "lastModified": "2024-11-13T17:01:16.850", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-11-18T17:46:38.177", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "security@progress.com", "type": "Secondary", @@ -41,8 +61,18 @@ }, "weaknesses": [ { - "source": "security@progress.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, + { + "source": "security@progress.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +81,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:progress:telerik_document_processing_libraries:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2024.4.1106", + "matchCriteriaId": "580C36CB-2EBF-4E01-93AB-59AA270FA449" + } + ] + } + ] + } + ], "references": [ { "url": "https://docs.telerik.com/devtools/document-processing/knowledge-base/excessive-allocation-cve-2024-8049", - "source": "security@progress.com" + "source": "security@progress.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-87xx/CVE-2024-8781.json b/CVE-2024/CVE-2024-87xx/CVE-2024-8781.json index e3a4bc70507..67ca35fdd17 100644 --- a/CVE-2024/CVE-2024-87xx/CVE-2024-8781.json +++ b/CVE-2024/CVE-2024-87xx/CVE-2024-8781.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8781", "sourceIdentifier": "iletisim@usom.gov.tr", "published": "2024-11-18T14:15:05.730", - "lastModified": "2024-11-18T14:15:05.730", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Execution with Unnecessary Privileges, : Improper Protection of Alternate Path vulnerability in TR7 Application Security Platform (ASP) allows Privilege Escalation, -Privilege Abuse.This issue affects Application Security Platform (ASP): v1.4.25.188." + }, + { + "lang": "es", + "value": "Ejecuci\u00f3n con privilegios innecesarios: la vulnerabilidad de protecci\u00f3n inadecuada de ruta alternativa en TR7 Application Security Platform (ASP) permite la escalada de privilegios y el abuso de privilegios. Este problema afecta a Application Security Platform (ASP): v1.4.25.188." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-88xx/CVE-2024-8856.json b/CVE-2024/CVE-2024-88xx/CVE-2024-8856.json index ba7d375ce85..c8d82c9a616 100644 --- a/CVE-2024/CVE-2024-88xx/CVE-2024-8856.json +++ b/CVE-2024/CVE-2024-88xx/CVE-2024-8856.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8856", "sourceIdentifier": "security@wordfence.com", "published": "2024-11-16T05:15:13.920", - "lastModified": "2024-11-16T05:15:13.920", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Backup and Staging by WP Time Capsule plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the the UploadHandler.php file and no direct file access prevention in all versions up to, and including, 1.22.21. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible." + }, + { + "lang": "es", + "value": "El complemento Backup and Staging de WP Time Capsule para WordPress es vulnerable a la carga de archivos arbitrarios debido a la falta de validaci\u00f3n del tipo de archivo en el archivo UploadHandler.php y a la falta de prevenci\u00f3n de acceso directo a archivos en todas las versiones hasta la 1.22.21 incluida. Esto permite que atacantes no autenticados carguen archivos arbitrarios en el servidor del sitio afectado, lo que puede hacer posible la ejecuci\u00f3n remota de c\u00f3digo." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-88xx/CVE-2024-8873.json b/CVE-2024/CVE-2024-88xx/CVE-2024-8873.json index eecc22b0908..8ac32a30a4d 100644 --- a/CVE-2024/CVE-2024-88xx/CVE-2024-8873.json +++ b/CVE-2024/CVE-2024-88xx/CVE-2024-8873.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8873", "sourceIdentifier": "security@wordfence.com", "published": "2024-11-16T04:15:06.593", - "lastModified": "2024-11-16T04:15:06.593", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The PeproDev WooCommerce Receipt Uploader plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.6.9. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento PeproDev WooCommerce Receipt Uploader para WordPress es vulnerable a Cross-Site Scripting Reflejado debido al uso de add_query_arg sin el escape adecuado en la URL en todas las versiones hasta la 2.6.9 incluida. Esto hace posible que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-91xx/CVE-2024-9192.json b/CVE-2024/CVE-2024-91xx/CVE-2024-9192.json index 074e22dac5b..2cf20b10da8 100644 --- a/CVE-2024/CVE-2024-91xx/CVE-2024-9192.json +++ b/CVE-2024/CVE-2024-91xx/CVE-2024-9192.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9192", "sourceIdentifier": "security@wordfence.com", "published": "2024-11-16T04:15:06.813", - "lastModified": "2024-11-16T04:15:06.813", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The WordPress Video Robot - The Ultimate Video Importer plugin for WordPress is vulnerable to privilege escalation due to insufficient validation on user meta that can be updated in the wpvr_rate_request_result() function in all versions up to, and including, 1.20.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to update their user meta on a WordPress site. This can be leveraged to update their capabilities to that of an administrator." + }, + { + "lang": "es", + "value": "El complemento WordPress Video Robot - The Ultimate Video Importer para WordPress es vulnerable a la escalada de privilegios debido a una validaci\u00f3n insuficiente de los metadatos de usuario que se pueden actualizar en la funci\u00f3n wpvr_rate_request_result() en todas las versiones hasta la 1.20.0 incluida. Esto permite que atacantes autenticados, con acceso de nivel de suscriptor y superior, actualicen sus metadatos de usuario en un sitio de WordPress. Esto se puede aprovechar para actualizar sus capacidades a las de un administrador." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-93xx/CVE-2024-9386.json b/CVE-2024/CVE-2024-93xx/CVE-2024-9386.json index 85251fecb1b..cecd9e0a8d1 100644 --- a/CVE-2024/CVE-2024-93xx/CVE-2024-9386.json +++ b/CVE-2024/CVE-2024-93xx/CVE-2024-9386.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9386", "sourceIdentifier": "security@wordfence.com", "published": "2024-11-16T04:15:07.030", - "lastModified": "2024-11-16T04:15:07.030", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Exclusive Divi \u2013 Divi Preloader, Modules for Divi & Extra Theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file." + }, + { + "lang": "es", + "value": "El complemento Exclusive Divi \u2013 Divi Preloader, Modules for Divi & Extra Theme para WordPress es vulnerable a cross site scripting almacenado a trav\u00e9s de cargas de archivos SVG en todas las versiones hasta la 1.4 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes autenticados, con acceso de nivel de autor o superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda al archivo SVG." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-94xx/CVE-2024-9474.json b/CVE-2024/CVE-2024-94xx/CVE-2024-9474.json index e21996655ad..bf57cecf2e7 100644 --- a/CVE-2024/CVE-2024-94xx/CVE-2024-9474.json +++ b/CVE-2024/CVE-2024-94xx/CVE-2024-9474.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9474", "sourceIdentifier": "psirt@paloaltonetworks.com", "published": "2024-11-18T16:15:29.780", - "lastModified": "2024-11-18T16:15:29.780", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to the management web interface to perform actions on the firewall with root privileges.\n\nCloud NGFW and Prisma Access are not impacted by this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de escalada de privilegios en el software PAN-OS de Palo Alto Networks permite que un administrador de PAN-OS con acceso a la interfaz web de administraci\u00f3n realice acciones en el firewall con privilegios de superusuario. Cloud NGFW y Prisma Access no se ven afectados por esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-95xx/CVE-2024-9500.json b/CVE-2024/CVE-2024-95xx/CVE-2024-9500.json index 0a6d8325e77..2ff50cb322d 100644 --- a/CVE-2024/CVE-2024-95xx/CVE-2024-9500.json +++ b/CVE-2024/CVE-2024-95xx/CVE-2024-9500.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9500", "sourceIdentifier": "psirt@autodesk.com", "published": "2024-11-15T22:15:16.580", - "lastModified": "2024-11-15T22:15:16.580", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A maliciously crafted DLL file when placed in temporary files and folders that are leveraged by the Autodesk Installer could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to insecure privilege management." + }, + { + "lang": "es", + "value": "Un archivo DLL manipulado con fines malintencionados, cuando se coloca en archivos y carpetas temporales aprovechados por el instalador de Autodesk, podr\u00eda provocar una escalada de privilegios a NT AUTHORITY/SYSTEM debido a una administraci\u00f3n de privilegios insegura." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-95xx/CVE-2024-9526.json b/CVE-2024/CVE-2024-95xx/CVE-2024-9526.json index de6dcc3e267..9afabebb507 100644 --- a/CVE-2024/CVE-2024-95xx/CVE-2024-9526.json +++ b/CVE-2024/CVE-2024-95xx/CVE-2024-9526.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9526", "sourceIdentifier": "cve-coordination@google.com", "published": "2024-11-18T14:15:05.873", - "lastModified": "2024-11-18T14:15:05.873", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "There exists a stored XSS Vulnerability in Kubeflow Pipeline View web UI.\u00a0The Kubeflow Web UI allows to create new pipelines. When creating a new pipeline, it is possible to add a description. The description field allows html tags, which are not filtered properly. Leading to a stored XSS. We recommend upgrading past commit\u00a0930c35f1c543998e60e8d648ce93185c9b5dbe8d" + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de XSS almacenada en la interfaz web de Kubeflow Pipeline View. La interfaz web de Kubeflow permite crear nuevas canalizaciones. Al crear una nueva canalizaci\u00f3n, es posible agregar una descripci\u00f3n. El campo de descripci\u00f3n permite etiquetas HTML, que no se filtran correctamente. Esto genera un XSS almacenado. Recomendamos actualizar la versi\u00f3n anterior a el commit 930c35f1c543998e60e8d648ce93185c9b5dbe8d" } ], "metrics": { diff --git a/CVE-2024/CVE-2024-96xx/CVE-2024-9615.json b/CVE-2024/CVE-2024-96xx/CVE-2024-9615.json index 219077dd6e1..4aeaebe9908 100644 --- a/CVE-2024/CVE-2024-96xx/CVE-2024-9615.json +++ b/CVE-2024/CVE-2024-96xx/CVE-2024-9615.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9615", "sourceIdentifier": "security@wordfence.com", "published": "2024-11-16T04:15:07.253", - "lastModified": "2024-11-16T04:15:07.253", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The BulkPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 0.3.5. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento BulkPress para WordPress es vulnerable a ataques Cross-Site Scripting reflejado debido al uso de add_query_arg sin el escape adecuado en la URL en todas las versiones hasta la 0.3.5 incluida. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n como hacer clic en un enlace." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9839.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9839.json index 96db3d0a9df..68e1f553802 100644 --- a/CVE-2024/CVE-2024-98xx/CVE-2024-9839.json +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9839.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9839", "sourceIdentifier": "security@wordfence.com", "published": "2024-11-16T04:15:07.467", - "lastModified": "2024-11-16T04:15:07.467", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The The Uix Slideshow plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.6.5. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes." + }, + { + "lang": "es", + "value": "El complemento The Uix Slideshow para WordPress es vulnerable a la ejecuci\u00f3n de c\u00f3digos cortos arbitrarios en todas las versiones hasta la 1.6.5 incluida. Esto se debe a que el software permite a los usuarios ejecutar una acci\u00f3n que no valida correctamente un valor antes de ejecutar do_shortcode. Esto hace posible que atacantes no autenticados ejecuten c\u00f3digos cortos arbitrarios." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9849.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9849.json index 749a8312b48..0fc9d95cc66 100644 --- a/CVE-2024/CVE-2024-98xx/CVE-2024-9849.json +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9849.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9849", "sourceIdentifier": "security@wordfence.com", "published": "2024-11-16T04:15:07.673", - "lastModified": "2024-11-16T04:15:07.673", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The 3D FlipBook, PDF Viewer, PDF Embedder \u2013 Real 3D FlipBook WordPress Plugin plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'r3dfb_save_thumbnail_callback' function in all versions up to, and including, 4.6. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible." + }, + { + "lang": "es", + "value": "El complemento 3D FlipBook, PDF Viewer, PDF Embedder \u2013 Real 3D FlipBook WordPress Plugin para WordPress es vulnerable a la carga de archivos arbitrarios debido a la falta de validaci\u00f3n del tipo de archivo en la funci\u00f3n 'r3dfb_save_thumbnail_callback' en todas las versiones hasta la 4.6 incluida. Esto hace posible que atacantes autenticados, con acceso de nivel de autor y superior, carguen archivos arbitrarios en el servidor del sitio afectado, lo que puede hacer posible la ejecuci\u00f3n remota de c\u00f3digo." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9850.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9850.json index 946d8309718..ed975fe2fc5 100644 --- a/CVE-2024/CVE-2024-98xx/CVE-2024-9850.json +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9850.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9850", "sourceIdentifier": "security@wordfence.com", "published": "2024-11-16T04:15:07.890", - "lastModified": "2024-11-16T04:15:07.890", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The SVG Case Study plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file." + }, + { + "lang": "es", + "value": "El complemento SVG Case Study para WordPress es vulnerable a cross site scripting almacenado a trav\u00e9s de cargas de archivos SVG en todas las versiones hasta la 1.0 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes autenticados, con acceso de nivel de autor y superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda al archivo SVG." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9887.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9887.json index 367ebf62607..b4508a0ed19 100644 --- a/CVE-2024/CVE-2024-98xx/CVE-2024-9887.json +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9887.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9887", "sourceIdentifier": "security@wordfence.com", "published": "2024-11-16T10:15:05.020", - "lastModified": "2024-11-16T10:15:05.020", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Login using WordPress Users ( WP as SAML IDP ) plugin for WordPress is vulnerable to time-based SQL Injection via the \u2018id\u2019 parameter in all versions up to, and including, 1.15.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database." + }, + { + "lang": "es", + "value": "El complemento Login using WordPress Users (WP as SAML IDP) para WordPress es vulnerable a la inyecci\u00f3n SQL basada en tiempo a trav\u00e9s del par\u00e1metro 'id' en todas las versiones hasta la 1.15.6 incluida, debido a un escape insuficiente en el par\u00e1metro proporcionado por el usuario y a la falta de preparaci\u00f3n suficiente en la consulta SQL existente. Esto hace posible que los atacantes autenticados, con acceso de nivel de administrador y superior, agreguen consultas SQL adicionales a las consultas ya existentes que se pueden usar para extraer informaci\u00f3n confidencial de la base de datos." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9935.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9935.json index 7b34a4214c4..909f48448f1 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9935.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9935.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9935", "sourceIdentifier": "security@wordfence.com", "published": "2024-11-16T04:15:08.103", - "lastModified": "2024-11-16T04:15:08.103", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The PDF Generator Addon for Elementor Page Builder plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.7.5 via the rtw_pgaepb_dwnld_pdf() function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information." + }, + { + "lang": "es", + "value": "El complemento PDF Generator Addon para Elementor Page Builder para WordPress es vulnerable a Path Traversal en todas las versiones hasta la 1.7.5 incluida a trav\u00e9s de la funci\u00f3n rtw_pgaepb_dwnld_pdf(). Esto permite que atacantes no autenticados lean el contenido de archivos arbitrarios en el servidor, que pueden contener informaci\u00f3n confidencial." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9938.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9938.json index cd69773e360..2b71ace3298 100644 --- a/CVE-2024/CVE-2024-99xx/CVE-2024-9938.json +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9938.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9938", "sourceIdentifier": "security@wordfence.com", "published": "2024-11-16T04:15:08.313", - "lastModified": "2024-11-16T04:15:08.313", - "vulnStatus": "Received", + "lastModified": "2024-11-18T17:11:17.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Bounce Handler MailPoet 3 plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.3.21 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento Bounce Handler MailPoet 3 para WordPress es vulnerable a cross site scripting reflejado a trav\u00e9s del par\u00e1metro 'page' en todas las versiones hasta la 1.3.21 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n, como hacer clic en un enlace." } ], "metrics": { diff --git a/README.md b/README.md index 19910f0ae01..eb194a788bf 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-11-18T17:00:19.742228+00:00 +2024-11-18T19:00:29.543584+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-11-18T16:55:08.183000+00:00 +2024-11-18T19:00:03.487000+00:00 ``` ### Last Data Feed Release @@ -33,69 +33,55 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -270209 +270220 ``` ### CVEs added in the last Commit -Recently added CVEs: `57` +Recently added CVEs: `11` -- [CVE-2024-52423](CVE-2024/CVE-2024-524xx/CVE-2024-52423.json) (`2024-11-18T16:15:26.160`) -- [CVE-2024-52424](CVE-2024/CVE-2024-524xx/CVE-2024-52424.json) (`2024-11-18T16:15:26.380`) -- [CVE-2024-52425](CVE-2024/CVE-2024-524xx/CVE-2024-52425.json) (`2024-11-18T16:15:26.600`) -- [CVE-2024-52426](CVE-2024/CVE-2024-524xx/CVE-2024-52426.json) (`2024-11-18T16:15:26.830`) -- [CVE-2024-52427](CVE-2024/CVE-2024-524xx/CVE-2024-52427.json) (`2024-11-18T15:15:06.657`) -- [CVE-2024-52428](CVE-2024/CVE-2024-524xx/CVE-2024-52428.json) (`2024-11-18T15:15:06.923`) -- [CVE-2024-52429](CVE-2024/CVE-2024-524xx/CVE-2024-52429.json) (`2024-11-18T15:15:07.277`) -- [CVE-2024-52430](CVE-2024/CVE-2024-524xx/CVE-2024-52430.json) (`2024-11-18T15:15:07.490`) -- [CVE-2024-52431](CVE-2024/CVE-2024-524xx/CVE-2024-52431.json) (`2024-11-18T15:15:07.707`) -- [CVE-2024-52432](CVE-2024/CVE-2024-524xx/CVE-2024-52432.json) (`2024-11-18T15:15:07.923`) -- [CVE-2024-52433](CVE-2024/CVE-2024-524xx/CVE-2024-52433.json) (`2024-11-18T15:15:08.130`) -- [CVE-2024-52434](CVE-2024/CVE-2024-524xx/CVE-2024-52434.json) (`2024-11-18T15:15:08.340`) -- [CVE-2024-52435](CVE-2024/CVE-2024-524xx/CVE-2024-52435.json) (`2024-11-18T15:15:08.543`) -- [CVE-2024-52436](CVE-2024/CVE-2024-524xx/CVE-2024-52436.json) (`2024-11-18T15:15:08.773`) -- [CVE-2024-52565](CVE-2024/CVE-2024-525xx/CVE-2024-52565.json) (`2024-11-18T16:15:27.020`) -- [CVE-2024-52566](CVE-2024/CVE-2024-525xx/CVE-2024-52566.json) (`2024-11-18T16:15:27.287`) -- [CVE-2024-52567](CVE-2024/CVE-2024-525xx/CVE-2024-52567.json) (`2024-11-18T16:15:27.537`) -- [CVE-2024-52568](CVE-2024/CVE-2024-525xx/CVE-2024-52568.json) (`2024-11-18T16:15:27.773`) -- [CVE-2024-52569](CVE-2024/CVE-2024-525xx/CVE-2024-52569.json) (`2024-11-18T16:15:28.063`) -- [CVE-2024-52570](CVE-2024/CVE-2024-525xx/CVE-2024-52570.json) (`2024-11-18T16:15:28.300`) -- [CVE-2024-52571](CVE-2024/CVE-2024-525xx/CVE-2024-52571.json) (`2024-11-18T16:15:28.533`) -- [CVE-2024-52572](CVE-2024/CVE-2024-525xx/CVE-2024-52572.json) (`2024-11-18T16:15:28.767`) -- [CVE-2024-52573](CVE-2024/CVE-2024-525xx/CVE-2024-52573.json) (`2024-11-18T16:15:29.110`) -- [CVE-2024-52574](CVE-2024/CVE-2024-525xx/CVE-2024-52574.json) (`2024-11-18T16:15:29.400`) -- [CVE-2024-9474](CVE-2024/CVE-2024-94xx/CVE-2024-9474.json) (`2024-11-18T16:15:29.780`) +- [CVE-2020-26066](CVE-2020/CVE-2020-260xx/CVE-2020-26066.json) (`2024-11-18T17:15:09.437`) +- [CVE-2020-26067](CVE-2020/CVE-2020-260xx/CVE-2020-26067.json) (`2024-11-18T17:15:09.757`) +- [CVE-2023-49952](CVE-2023/CVE-2023-499xx/CVE-2023-49952.json) (`2024-11-18T18:15:05.927`) +- [CVE-2024-10390](CVE-2024/CVE-2024-103xx/CVE-2024-10390.json) (`2024-11-18T17:15:10.897`) +- [CVE-2024-43416](CVE-2024/CVE-2024-434xx/CVE-2024-43416.json) (`2024-11-18T17:15:11.220`) +- [CVE-2024-44756](CVE-2024/CVE-2024-447xx/CVE-2024-44756.json) (`2024-11-18T17:15:11.450`) +- [CVE-2024-44757](CVE-2024/CVE-2024-447xx/CVE-2024-44757.json) (`2024-11-18T17:15:11.510`) +- [CVE-2024-47533](CVE-2024/CVE-2024-475xx/CVE-2024-47533.json) (`2024-11-18T17:15:11.563`) +- [CVE-2024-47820](CVE-2024/CVE-2024-478xx/CVE-2024-47820.json) (`2024-11-18T17:15:11.777`) +- [CVE-2024-47873](CVE-2024/CVE-2024-478xx/CVE-2024-47873.json) (`2024-11-18T17:15:11.973`) +- [CVE-2024-48292](CVE-2024/CVE-2024-482xx/CVE-2024-48292.json) (`2024-11-18T18:15:06.260`) ### CVEs modified in the last Commit -Recently modified CVEs: `83` +Recently modified CVEs: `407` -- [CVE-2024-51157](CVE-2024/CVE-2024-511xx/CVE-2024-51157.json) (`2024-11-18T15:35:13.060`) -- [CVE-2024-51586](CVE-2024/CVE-2024-515xx/CVE-2024-51586.json) (`2024-11-18T16:45:30.550`) -- [CVE-2024-51590](CVE-2024/CVE-2024-515xx/CVE-2024-51590.json) (`2024-11-18T16:44:27.333`) -- [CVE-2024-51593](CVE-2024/CVE-2024-515xx/CVE-2024-51593.json) (`2024-11-18T16:42:06.290`) -- [CVE-2024-51598](CVE-2024/CVE-2024-515xx/CVE-2024-51598.json) (`2024-11-18T16:37:58.447`) -- [CVE-2024-51663](CVE-2024/CVE-2024-516xx/CVE-2024-51663.json) (`2024-11-18T16:54:02.457`) -- [CVE-2024-51664](CVE-2024/CVE-2024-516xx/CVE-2024-51664.json) (`2024-11-18T16:55:08.183`) -- [CVE-2024-51668](CVE-2024/CVE-2024-516xx/CVE-2024-51668.json) (`2024-11-18T16:51:31.227`) -- [CVE-2024-52316](CVE-2024/CVE-2024-523xx/CVE-2024-52316.json) (`2024-11-18T15:35:14.030`) -- [CVE-2024-52317](CVE-2024/CVE-2024-523xx/CVE-2024-52317.json) (`2024-11-18T15:35:14.303`) -- [CVE-2024-52318](CVE-2024/CVE-2024-523xx/CVE-2024-52318.json) (`2024-11-18T15:35:15.203`) -- [CVE-2024-52912](CVE-2024/CVE-2024-529xx/CVE-2024-52912.json) (`2024-11-18T16:35:14.273`) -- [CVE-2024-52913](CVE-2024/CVE-2024-529xx/CVE-2024-52913.json) (`2024-11-18T16:35:15.113`) -- [CVE-2024-52914](CVE-2024/CVE-2024-529xx/CVE-2024-52914.json) (`2024-11-18T16:35:16.680`) -- [CVE-2024-52915](CVE-2024/CVE-2024-529xx/CVE-2024-52915.json) (`2024-11-18T16:35:17.807`) -- [CVE-2024-52916](CVE-2024/CVE-2024-529xx/CVE-2024-52916.json) (`2024-11-18T16:35:18.907`) -- [CVE-2024-52917](CVE-2024/CVE-2024-529xx/CVE-2024-52917.json) (`2024-11-18T16:35:19.943`) -- [CVE-2024-52918](CVE-2024/CVE-2024-529xx/CVE-2024-52918.json) (`2024-11-18T16:35:20.793`) -- [CVE-2024-52919](CVE-2024/CVE-2024-529xx/CVE-2024-52919.json) (`2024-11-18T16:35:21.600`) -- [CVE-2024-52920](CVE-2024/CVE-2024-529xx/CVE-2024-52920.json) (`2024-11-18T16:35:22.413`) -- [CVE-2024-52921](CVE-2024/CVE-2024-529xx/CVE-2024-52921.json) (`2024-11-18T16:35:23.227`) -- [CVE-2024-52940](CVE-2024/CVE-2024-529xx/CVE-2024-52940.json) (`2024-11-18T16:35:24.040`) -- [CVE-2024-52941](CVE-2024/CVE-2024-529xx/CVE-2024-52941.json) (`2024-11-18T16:35:24.863`) -- [CVE-2024-52942](CVE-2024/CVE-2024-529xx/CVE-2024-52942.json) (`2024-11-18T16:35:25.583`) -- [CVE-2024-52943](CVE-2024/CVE-2024-529xx/CVE-2024-52943.json) (`2024-11-18T16:35:26.300`) +- [CVE-2024-52941](CVE-2024/CVE-2024-529xx/CVE-2024-52941.json) (`2024-11-18T17:11:17.393`) +- [CVE-2024-52942](CVE-2024/CVE-2024-529xx/CVE-2024-52942.json) (`2024-11-18T17:11:17.393`) +- [CVE-2024-52943](CVE-2024/CVE-2024-529xx/CVE-2024-52943.json) (`2024-11-18T17:11:17.393`) +- [CVE-2024-52944](CVE-2024/CVE-2024-529xx/CVE-2024-52944.json) (`2024-11-18T17:11:17.393`) +- [CVE-2024-52945](CVE-2024/CVE-2024-529xx/CVE-2024-52945.json) (`2024-11-18T17:11:17.393`) +- [CVE-2024-52946](CVE-2024/CVE-2024-529xx/CVE-2024-52946.json) (`2024-11-18T17:11:17.393`) +- [CVE-2024-52947](CVE-2024/CVE-2024-529xx/CVE-2024-52947.json) (`2024-11-18T18:35:09.517`) +- [CVE-2024-6628](CVE-2024/CVE-2024-66xx/CVE-2024-6628.json) (`2024-11-18T17:11:17.393`) +- [CVE-2024-7295](CVE-2024/CVE-2024-72xx/CVE-2024-7295.json) (`2024-11-18T17:41:49.787`) +- [CVE-2024-8049](CVE-2024/CVE-2024-80xx/CVE-2024-8049.json) (`2024-11-18T17:46:38.177`) +- [CVE-2024-8781](CVE-2024/CVE-2024-87xx/CVE-2024-8781.json) (`2024-11-18T17:11:17.393`) +- [CVE-2024-8856](CVE-2024/CVE-2024-88xx/CVE-2024-8856.json) (`2024-11-18T17:11:17.393`) +- [CVE-2024-8873](CVE-2024/CVE-2024-88xx/CVE-2024-8873.json) (`2024-11-18T17:11:17.393`) +- [CVE-2024-9192](CVE-2024/CVE-2024-91xx/CVE-2024-9192.json) (`2024-11-18T17:11:17.393`) +- [CVE-2024-9386](CVE-2024/CVE-2024-93xx/CVE-2024-9386.json) (`2024-11-18T17:11:17.393`) +- [CVE-2024-9474](CVE-2024/CVE-2024-94xx/CVE-2024-9474.json) (`2024-11-18T17:11:17.393`) +- [CVE-2024-9500](CVE-2024/CVE-2024-95xx/CVE-2024-9500.json) (`2024-11-18T17:11:17.393`) +- [CVE-2024-9526](CVE-2024/CVE-2024-95xx/CVE-2024-9526.json) (`2024-11-18T17:11:17.393`) +- [CVE-2024-9615](CVE-2024/CVE-2024-96xx/CVE-2024-9615.json) (`2024-11-18T17:11:17.393`) +- [CVE-2024-9839](CVE-2024/CVE-2024-98xx/CVE-2024-9839.json) (`2024-11-18T17:11:17.393`) +- [CVE-2024-9849](CVE-2024/CVE-2024-98xx/CVE-2024-9849.json) (`2024-11-18T17:11:17.393`) +- [CVE-2024-9850](CVE-2024/CVE-2024-98xx/CVE-2024-9850.json) (`2024-11-18T17:11:17.393`) +- [CVE-2024-9887](CVE-2024/CVE-2024-98xx/CVE-2024-9887.json) (`2024-11-18T17:11:17.393`) +- [CVE-2024-9935](CVE-2024/CVE-2024-99xx/CVE-2024-9935.json) (`2024-11-18T17:11:17.393`) +- [CVE-2024-9938](CVE-2024/CVE-2024-99xx/CVE-2024-9938.json) (`2024-11-18T17:11:17.393`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 6c694633605..e80718d255f 100644 --- a/_state.csv +++ b/_state.csv @@ -75498,7 +75498,7 @@ CVE-2015-20108,0,0,21da06c49057dd628ef555452e3e9bd810c2450fa7d89f7f653876999915b CVE-2015-20109,0,0,9cb8da9ecb3bce418797f531c05f0e93aa193a8d4c42b668e720979e9cf4c4f7,2023-07-31T19:15:15.193000 CVE-2015-2011,0,0,61d60065c4d9a27a384562d47157e7d17ec4b69637c71c6e03f9186b07f9e836,2015-10-05T20:45:49.797000 CVE-2015-20110,0,0,0445d6d0ca3138e608d8dea02eca2c4821b24b60f5f7348cc113799dfc998f69,2023-11-08T17:39:35.023000 -CVE-2015-20111,0,0,1386c28c18b4228695f39f9ffcdca786b0b23bb3b24ac1df4cdfce89baee7b8a,2024-11-18T04:15:03.987000 +CVE-2015-20111,0,1,3ad79fba5cb9ad747cc7e6690f73016b91be45f00ec15df1e8d859510137df0c,2024-11-18T17:35:00.977000 CVE-2015-2012,0,0,b091328ea1ba25cebffe83d6058517f77080ce9c044b54ff169eaf8f318d73b2,2016-12-06T02:59:34.630000 CVE-2015-2013,0,0,d834046f9b7c5715d0be7ef9a360a1f6cc2c0ec8e4c3bd252ca65ceaf10ca9bd,2016-12-22T02:59:36.050000 CVE-2015-2014,0,0,70b4f3199eb352fb008fb7bfd415a14be72c3527ffc3e270eea366da5763a2c4,2019-10-16T12:40:30.513000 @@ -97056,13 +97056,13 @@ CVE-2017-13304,0,0,bc01bf9619a2ed9e9969de4c65bf442a5fec6030e332a0ad95cf9c9671c48 CVE-2017-13305,0,0,2acce61b5781c64283da81f61da07d2eadea1d7bd22b7b38dbaaa4a20fc64699,2019-10-03T00:03:26.223000 CVE-2017-13306,0,0,423f74da95b3c89ac4494a0b8267dc23743708bc4de0a0cc92f3a3c6e2cdbb52,2019-10-03T00:03:26.223000 CVE-2017-13307,0,0,e83357c9230d3ea5a0100316af468cc9cffb10b590fc6474a2652e4724796965,2019-10-03T00:03:26.223000 -CVE-2017-13309,0,0,2e22442e912c5fb731ed83c3f96ba1a742154503347e7ab20f5d5707587891a4,2024-11-15T21:35:00.833000 +CVE-2017-13309,0,1,491cd9f7b41a6bb9dabc0009989d6e787b291b96b83a3c335f7bb247a54fd391,2024-11-18T17:11:56.587000 CVE-2017-1331,0,0,fbfa6b4058c65afc0dadcb6abf2b300b566ab5bd4820053710fa36c8414eaba4,2017-08-09T12:43:53.857000 -CVE-2017-13310,0,0,033b3b63ed77c79d7314fc6565fc5c81260f38803d345358a3676942601fa56b,2024-11-15T22:15:14.177000 -CVE-2017-13311,0,0,44c0edcb53250bc42089f6ccc93c1af6528c9b857753cba11b459a79ba25c682,2024-11-15T22:15:14.240000 -CVE-2017-13312,0,0,e34a6fa4f383f164b91264bc4bdfb4a4368f6c80074f8a18574b28d7e93a0d8b,2024-11-15T22:15:14.300000 -CVE-2017-13313,0,0,c49dc9ddc0a7110bc63ef52a03d676f2216066756e3b2d280089ba7dc6b8e5d5,2024-11-15T22:15:14.373000 -CVE-2017-13314,0,0,76ea800f4d2ed2a18d3ca10f332fb088665ffa85b184df9396944a5b6c20f3c1,2024-11-15T22:15:14.440000 +CVE-2017-13310,0,1,ce5d5d0144d27d0c152dcf2d0a14c2de82217b009894ba3718d993208d2695f5,2024-11-18T17:11:56.587000 +CVE-2017-13311,0,1,ef29872b5c74a8fdce3835bfeeee51a10190cccc30135b0dd02f413b37d7bfb4,2024-11-18T17:11:56.587000 +CVE-2017-13312,0,1,341acd1f29824d27667da2d51a5097bca3ea48c03574c9031db93205af5bc5ea,2024-11-18T17:11:56.587000 +CVE-2017-13313,0,1,ab7dd02cb9e6c4caccb7bc4e1543e83c4ab14f4d075f0865d34b82227ae6479a,2024-11-18T17:11:56.587000 +CVE-2017-13314,0,1,172c46525901902599df22b71e6e0ed50cad6803b92c51596c1ca7804d1172ab,2024-11-18T17:11:56.587000 CVE-2017-1332,0,0,784a9ee8c3796f2a11ff24e95ae95a08508911f60f6ead21d91e6503f5824554,2017-08-03T15:46:39.147000 CVE-2017-1333,0,0,3ec8913dbfad3ccab38e891f6e15f9a0101bb53e4d210c158476cd692803a999,2017-11-16T17:13:42.270000 CVE-2017-1334,0,0,406b3dd86a0e9fb2c9a541dafaa2903ce89044fcfe05700f9700b783b2647a7d,2017-10-10T15:07:22.713000 @@ -138429,7 +138429,7 @@ CVE-2019-25217,0,0,30c2571b4837240b6da6c51001318f4e94ce56e8b309a54c15bcaa6ac6286 CVE-2019-25218,0,0,21c49c97c651fc97c66cf571583cc6d3b9dbe9aac07bb039252027c58d0caa37,2024-10-30T21:18:08.167000 CVE-2019-25219,0,0,c0661fefcab12f624a8e90ae1fecb5c0217e7a2ecb68ecb3cfdaf3aa46c317ec,2024-11-01T12:57:35.843000 CVE-2019-2522,0,0,438e5228ba492857a388b8016b2219394ce3508b8a36f1f8aede8ea3eeec2072,2020-08-24T17:37:01.140000 -CVE-2019-25220,0,0,19e034043d8e903af9715bbd02524d646613f700a33c40a30976219842755e57,2024-11-18T04:15:04.107000 +CVE-2019-25220,0,1,1a6c9d209d8e123de251edaa309be094e5fac64c7c621742c182285d2a522c28,2024-11-18T17:35:01.780000 CVE-2019-2523,0,0,4a0e4915f05e6fa4b1849fafb208e6fb024214d6840b1c8202b1873b064ed383,2020-08-24T17:37:01.140000 CVE-2019-2524,0,0,bee2c79f8df3b71e86ab52db9d5dee51c63979ccd70534be30c64d8fa54a9384,2020-08-24T17:37:01.140000 CVE-2019-2525,0,0,50acd94d676e609a5e4bb6ec79d969df7d635700b8568337f59b3718fd26dc20,2020-08-24T17:37:01.140000 @@ -154962,7 +154962,7 @@ CVE-2020-25717,0,0,149319e10c38e9a4c91d0628f99ce17c315e0ff3d960b0aa9440bbca6bd7e CVE-2020-25718,0,0,4fcdf31667a93b0a33aab6c5caea3cdf724f60b0871b7c2bb870d1692d0a5a79,2023-09-17T09:15:08.857000 CVE-2020-25719,0,0,80bfdae239ff665ce31865dc57c6c62d7cb31c0301252b6e7aa958e3c39a83cb,2023-09-17T09:15:08.963000 CVE-2020-2572,0,0,574927e82ffad63af84791d4ab277b51783c7cd85ef833309de29be7813dd471,2022-01-04T16:43:17.657000 -CVE-2020-25720,0,0,47626f4666ffb4d8339ea3281119f6d42d70f5e41ec044b9db4a7a650070d813,2024-11-17T11:15:04.320000 +CVE-2020-25720,0,1,6214a492c72bcce96c1584bb1dd77b7497d0a4d6273ea1342a3e3663fcd6cb27,2024-11-18T17:11:17.393000 CVE-2020-25721,0,0,6c345f86d6172abcb1b963616e053097b2257a3a22e6d919b0765a60d3d164db,2023-09-17T09:15:09.077000 CVE-2020-25722,0,0,d5f8bc962426c9ca61592635e6d830ce8a7c59633860b7e32e7db3014f05cc97,2023-09-17T09:15:09.193000 CVE-2020-25723,0,0,27535e24d34125ba14984e2cac35979cf45150792e547fdd4b97205d31a4b55d,2022-09-30T19:19:34.610000 @@ -155179,17 +155179,19 @@ CVE-2020-26052,0,0,a07ae9c9df8aed0b10b33ac6419abbd81faedddd00d694b9b2be4bd052a39 CVE-2020-26053,0,0,7c7f74e869b26ac6fddfe010b02541c7f47338a10762619f17be95bfa6d71909,2023-11-07T03:20:28.813000 CVE-2020-2606,0,0,525b8acfb481411ccc0f174e56a0273af30bbf2d9f2b6a85fec1411f99070c9a,2022-04-29T14:54:42.183000 CVE-2020-26061,0,0,eba06bbf4664d07dc50f78db70d85029e20095294f2f7e4f3b5c3856d0f5688a,2021-07-21T11:39:23.747000 -CVE-2020-26062,1,1,6ac27361a2c4af8418483d64490d03bec461e03750ca1d4f7e83a6f4692325cc,2024-11-18T16:15:05.170000 -CVE-2020-26063,1,1,c71123b29798e6950a8ff5d2aea43abceb602916d7b0eba2fcf8212f4ccb8f60,2024-11-18T16:15:05.460000 +CVE-2020-26062,0,1,1243babc4c1c67da6f25ad6d906d8444b2fb1144a4b1539b1032835a26430c7e,2024-11-18T17:11:17.393000 +CVE-2020-26063,0,1,90285498833f10e7e4cbe61bf42bd8113f67b9ca91e7abe04e8f4039e8927db3,2024-11-18T17:11:17.393000 CVE-2020-26064,0,0,695928ebd20ca0ecda3f135501ea1d07b664c6398012314fc05c32000cf83c95,2024-01-25T17:15:13.730000 CVE-2020-26065,0,0,9b66946512c60f0953b887f0ddd115f660f88e661cb4d4d8847b1599fa9759fb,2024-01-25T17:15:14.010000 +CVE-2020-26066,1,1,0a0380a4ef77e66c55b496e65a77f1d52e009553dbc079d7cdf8c916eae5ff8a,2024-11-18T17:15:09.437000 +CVE-2020-26067,1,1,4ef93011c6fc26901ed578a0deecf93d76f07a67fbe6dd3f94e4296186e106f1,2024-11-18T17:15:09.757000 CVE-2020-26068,0,0,b31c43a3584b8e5b2724f7f3b13c81dee7cbb9072d097f7471f77f92bc118e9b,2023-11-07T03:20:28.877000 CVE-2020-2607,0,0,f16383735a6aecdfb7ccf3e9137cd9d624fbabe121f8dc8a7e6412a81fe969ec,2022-04-29T14:54:53.110000 CVE-2020-26070,0,0,64a022b667acf4b556447a34b4e6ffd0037dcd6a02c7e9126dcc0c6fef8ee6c5,2023-11-07T03:20:29.040000 -CVE-2020-26071,1,1,fa0ea8d82d1b9d2e856eab6b447db58db6bb510499af63d77b70304b884947bc,2024-11-18T16:15:05.710000 +CVE-2020-26071,0,1,c41ad66c285e4dfb642d781c769a966b949b6628f50656550b1cb2f90b7e9650,2024-11-18T17:11:17.393000 CVE-2020-26072,0,0,cf092625bd1f72f4ad74375f716d1f8a7ea124364e756f37ad9c3cb956960edf,2020-11-25T19:13:51.127000 -CVE-2020-26073,1,1,ef11ed45c9eaaa21e6ce1a6a554a18a7b1c82921ca89e47c31f0b34e7e6576e4,2024-11-18T16:15:05.947000 -CVE-2020-26074,1,1,4268ade33eeb0bbb56586d68ab531438f049b2ef5822ec46bb9a0671f57f06c3,2024-11-18T16:15:06.170000 +CVE-2020-26073,0,1,61dd45780ed42cbf6cf1bc21641723dbf5aedd6ede5f6b6736990bdfaf01cfa7,2024-11-18T17:11:17.393000 +CVE-2020-26074,0,1,dc8824ce1825c6db1db88421dc0a90a8ad015f4a8655106357723c4b896ad2d8,2024-11-18T17:11:17.393000 CVE-2020-26075,0,0,5ba19911cfccdb0b55a8d479ea6f04a891a3766fe22b0d2edb9e5a3cfa8a51d8,2020-11-25T19:25:45.490000 CVE-2020-26076,0,0,6d77c171f4efa0d4c85939ad41961848c0baa8614ba2a221227f9c435a8ad01e,2020-11-28T20:36:52.107000 CVE-2020-26077,0,0,a6d7aef7b8ab0111094ca9374c4d392cbd654c3dd7964b902ed47cea686c8ac3,2020-11-25T17:48:03.443000 @@ -155974,7 +155976,7 @@ CVE-2020-2712,0,0,877b40b3e2bc13d79ccdfb5572d5f9cb685dd5fa6fc951aa2941e9cef698c9 CVE-2020-27121,0,0,b0180b5382b180c621f805dd81fbeb285a8f4a65835edea0c9b5bfdaf6cfec55,2023-11-07T03:20:47.470000 CVE-2020-27122,0,0,bd0fd9bd9b716f4af786ec55634bb57321f198d69bc8d166abf39ef21f227c8c,2020-11-20T16:51:25.437000 CVE-2020-27123,0,0,c20884058d9a510b5de2ce60db329ec5035ed828198f26077d1cac42646bba79,2023-11-07T03:20:47.650000 -CVE-2020-27124,1,1,85879ccb4996fc74c4b0ec6aa5800bb409155121e60cdd565204a7f0603acffc,2024-11-18T16:15:06.397000 +CVE-2020-27124,0,1,6ed9831c30c19926605815a943741b228264c7465a1e5c27cc8ac369d870150a,2024-11-18T17:11:17.393000 CVE-2020-27125,0,0,32d5df89894af515616c0513731458b77a5dc1d6464a83397b11397a7a8b265b,2023-11-07T03:20:47.807000 CVE-2020-27126,0,0,4dab6dfc14d6cb8758947cd066e690c2a89957975b783cfd8e32fb31d00f0e23,2023-11-07T03:20:47.970000 CVE-2020-27127,0,0,c05bfc76df14d76c89d996b04315ea8b6dcd067dd15e3faf025b670f1831adca,2023-11-07T03:20:48.163000 @@ -157950,7 +157952,7 @@ CVE-2020-3416,0,0,c3160ebc280c11e34e6656fcd98bc414ffd93d397bf1047c66aa198811af58 CVE-2020-3417,0,0,0bce31ba32ea9315d49c0c0d5f33d4b196bb9bbe9e3d06e7d3d78dd6efeaba88,2023-11-07T03:22:41.223000 CVE-2020-3418,0,0,97de2d9b1618fe024bb7946d7a6fb2534d522b489416bdba10179321ead51331,2021-08-06T18:57:08.053000 CVE-2020-3419,0,0,c12e3825ce5b905fda16f811c42c566e853fb0e2142f37d4417b9debcb113bad,2023-11-07T03:22:41.467000 -CVE-2020-3420,1,1,fb052141998389706f273068383bd39f98ea3926695082a4dc79e8c10abb7c56,2024-11-18T16:15:06.630000 +CVE-2020-3420,0,1,692d270285401240368362344ed825a3400e3dab352aab8c72b5f8c1ce764b54,2024-11-18T17:11:17.393000 CVE-2020-3421,0,0,ba0233dff4d2a5b761956182b29729309eba955c46c6aa5bbda8dfe3ce422172,2023-11-07T03:22:41.670000 CVE-2020-3422,0,0,9598c1ed15b5f85992b1da43caa1fef9056074dc3912858a657710e94df97b74,2023-05-22T18:57:24.750000 CVE-2020-3423,0,0,4a137255d7b78a6fa1145c26ca0da1d7a1e0c9c1c94cd9b91b22e21a5c961081,2023-11-07T03:22:41.860000 @@ -157960,7 +157962,7 @@ CVE-2020-3427,0,0,112a9e43fcdbb25b3343b99c51e4f8f06673e9baf58efa9540a2dd588c2ea1 CVE-2020-3428,0,0,cfdaba74d7f899f3f843dd8c12b427c82eba73839e66d14ad70ca6a540f97275,2023-05-22T18:57:24.750000 CVE-2020-3429,0,0,178db1b0b08f4fcaa05cede3de16745e53449147839f00a31c1e7cbd69667851,2021-08-06T19:03:16.813000 CVE-2020-3430,0,0,70a8b81d2f33c4a65c291522487faaf46965c003d49a8ee14f3a8082ddd4fc71,2023-11-07T03:22:42.457000 -CVE-2020-3431,1,1,cd125d3eea06fa245002c1de936f80243b57b136191b8af0cd75ffc48c2edd78,2024-11-18T16:15:06.897000 +CVE-2020-3431,0,1,05fa307eb0b35c882e7c61a102fdb83235664b2db3d6ab21a740ea50bbdf3bca,2024-11-18T17:11:17.393000 CVE-2020-3433,0,0,3b06a9d2e8ef57e126e735879ff9ca23b1992c90afe9ea757e8d229c41a50c53,2024-06-28T13:56:43.943000 CVE-2020-3434,0,0,ea05b0a501f6f4d895471aad21b0cacf00354490e1635db9730def03823ea427,2023-11-07T03:22:42.793000 CVE-2020-3435,0,0,46b4adae8183929cde4a1d7bc58810f86b89abf114ff534d2b1e8a96a37ae426,2023-11-07T03:22:42.963000 @@ -158163,7 +158165,7 @@ CVE-2020-35243,0,0,34e7f96910087c9ffe2793bb21efb175ed3cd5e18044bd755a51b4e4f4de2 CVE-2020-35244,0,0,3902ecf6edd019b5dd9e32f069bdd396d0241c0aa7296e94c0050fc4662b56f3,2020-12-29T20:19:25.150000 CVE-2020-35245,0,0,3f4156d0e7aa089aef1462c6dec953adb03eab594015e6ce6ec42eff381c3b4e,2020-12-29T20:14:45.633000 CVE-2020-35249,0,0,ec7bd9bbad761cd00127148d13868c623dd8e36200b95033fa427ca3bfdc17cf,2021-11-03T01:43:30.673000 -CVE-2020-3525,1,1,6de5750d39ff6a84e4525063e266579ab794a7ef4caeff68c14795727874fc22,2024-11-18T16:15:07.127000 +CVE-2020-3525,0,1,1a3733fce6f9eeeaf3617777b7975cb3d79c9b265260af116ad4ac12c0cf6bfe,2024-11-18T17:35:05.240000 CVE-2020-35252,0,0,c9864b0c08ff44d3b6a12a047256be3453631c766d04313d7e4c18a58ecf07a7,2020-12-23T20:18:39.557000 CVE-2020-35257,0,0,428fff52645584fd3da00450f464f9fea6f07b07d9091488b56a04c08c8056f7,2023-11-07T03:21:53.853000 CVE-2020-35259,0,0,5a73a66e5aabfa93d670cdb2ada20d3dd60d9f8357bb9343366839914ee5fdd9,2023-11-07T03:21:53.900000 @@ -158192,7 +158194,7 @@ CVE-2020-3531,0,0,d987cd64baac03651b8dd696df5be3acea7cc37f727fff17934a1a1df7ae52 CVE-2020-35310,0,0,1d2d893793cc2e3fc93b8251bfa436dba6d8953efb49989492dd75cb5b7e1677,2023-11-07T03:21:54.030000 CVE-2020-35313,0,0,6cbb70b83b146052ef9a0f7493cef63280e7b9d72e92d409d78c51c0c85c57f7,2021-04-23T21:18:21 CVE-2020-35314,0,0,8edff9b7c38ff1a147c69fa46d76d4e3eda485398a28adfc9172fb4ef97b9363,2021-06-01T20:34:58.733000 -CVE-2020-3532,1,1,ac8244c9578abdb02c8c251f5c8468fe827b9f7e69b892c2615e8de3ea997bcd,2024-11-18T16:15:07.367000 +CVE-2020-3532,0,1,a0d92e021dc6ab4e84cb94d1e5c39d7507ae4ee9d8e59ef7c2f6a1a92d8a6dcf,2024-11-18T17:11:17.393000 CVE-2020-35326,0,0,086c5752580cc3cea705d41f64fdcc7e023f1e3210817c731141cb8815ac346f,2023-01-25T19:32:04.047000 CVE-2020-35327,0,0,0286113bc6fd47c4f8106f687f5c6d4679dbfe1824c508b8cb4142003a722993,2021-03-10T20:58:27.273000 CVE-2020-35328,0,0,095aa227393fdf552415e14d3b5eff942292ac9071403af50c2efe312a2adb66,2021-03-04T21:44:45.227000 @@ -158218,12 +158220,12 @@ CVE-2020-35370,0,0,83b8fb1082d6a16ecef000da2e1567406fb37ad78b52005e1b91e35b3a29c CVE-2020-35373,0,0,601c2c24e850a7f2c55e7592205df7252a9ce2bb1877818b37479a9b9edd912d,2024-02-14T01:17:43.863000 CVE-2020-35376,0,0,b4566d696f3c7772ce0b72c3be363c6393d45b5d7f72cb4318bfcba9b4f3a6da,2023-11-07T03:21:54.200000 CVE-2020-35378,0,0,147e245daf3b62749f0d2d2646b7a7a07af6a6145b9caa1f910b63dc2cf34235,2020-12-14T21:21:22.667000 -CVE-2020-3538,1,1,50bb2d23483e31fff0b112543aee364634ee2d043af3ff70269a38f555041145,2024-11-18T16:15:07.660000 +CVE-2020-3538,0,1,c571b2177a9a076ef09e041de64d4e7df7ecbc02139c9806228da7d3ad339b04,2024-11-18T17:11:17.393000 CVE-2020-35380,0,0,77679992049dd27edbdc0fe4c9cedf999a82763f3da3505d0e945343a6466415,2020-12-17T20:45:19.083000 CVE-2020-35381,0,0,bc62dfb2d1cee82d765c831ef7cbdf60846ee5ed06019bf61d45518b1ea0c750,2023-11-07T03:21:54.267000 CVE-2020-35382,0,0,d28c91d6a2842de7ba1a798e2529222efa235e70038ebfb8abb77ff2fcdade5d,2020-12-14T21:30:21.100000 CVE-2020-35388,0,0,2a4faf38d13016b175d75aa5e165c8eea3cc81ee6dc4c446ec3820d21bc91761,2020-12-29T17:35:38.583000 -CVE-2020-3539,1,1,680726ae797f2fb3159d4436ac593720768ff42b08b7d097bded1ed5e018ee86,2024-11-18T16:15:07.880000 +CVE-2020-3539,0,1,3e8b2d0065f90bcc8570f12a8b6362482311dcfe12207ae3eaadb9e2240e2382,2024-11-18T17:11:17.393000 CVE-2020-35391,0,0,97dc2aaf96dec4c190362e2e8353f974807847fb0886657398d3f0a574ecda11,2023-11-07T03:21:54.343000 CVE-2020-35395,0,0,060b9e663410bbd39fccd9d97a61df6273675d9a54e0622238ce714d2e58acb5,2020-12-16T21:10:45.507000 CVE-2020-35396,0,0,90ec6477d1e9de5dd6b799c307bb339025a98ccc0b1727227a87277577356244,2020-12-16T20:30:30.510000 @@ -158273,7 +158275,7 @@ CVE-2020-35476,0,0,db8f184781439fafd8912a611b64d170ab60e3c603e4a6485d47d0ecac3cb CVE-2020-35477,0,0,a682cf750c7000c53b911716c22ffd8b214f6105b6756dd0e66b0806f2089d2e,2023-11-07T03:21:55.070000 CVE-2020-35478,0,0,4377660fd6d56b14348e7c05363ba70f4636727e5f793e9c88b272cada67d848,2023-11-07T03:21:55.150000 CVE-2020-35479,0,0,b222e7e72d38b69b049736f70a4decd6c091496cefcd8b1206cfbed404c13826,2023-11-07T03:21:55.227000 -CVE-2020-3548,1,1,c1b01f97f7d61bb493345e83b08f637d2dc7aa5e62642afa1abb61794c104582,2024-11-18T16:15:08.100000 +CVE-2020-3548,0,1,356dc9d44a2515e99757e7e784e5f592e05c33d7ec2db2899cfec17a503fb7a6,2024-11-18T17:11:17.393000 CVE-2020-35480,0,0,35620f7c3d6baf7d49e2b4e4b85df1d9afe6d5c59ff7dd7ea16bc7d6ba8a2b78,2023-11-07T03:21:55.303000 CVE-2020-35481,0,0,25529bae7d88d6ce90cbea1255d6034e83781c37d7b68714b7426697b1605677,2021-02-05T20:15:24.293000 CVE-2020-35482,0,0,00e274245694f8fc82a5bf640828072eade4dc9b76c32b6eb81531c8f77041d3,2021-02-04T19:42:27.730000 @@ -165599,7 +165601,7 @@ CVE-2021-1128,0,0,b73adf56eea0448d2dc8957c2d4685ac584965b01ebbb0fd63d25ad32ca18b CVE-2021-1129,0,0,e35c9e46f4d88612d4745a666bf86aaafba3b1de9ea361a0160fd7c1ee9d13c7,2023-11-07T03:27:27.770000 CVE-2021-1130,0,0,9a1293938e40569ec65b61b505e1e1b437e79c392f2f778b6f263860c147517d,2023-11-07T03:27:27.950000 CVE-2021-1131,0,0,888c7a3753cbe656caf55dffa177ee583a592cb49a90d2fb79abc99b7bc18713,2023-11-07T03:27:28.110000 -CVE-2021-1132,1,1,f8eba224a60e2d9d8116fb457a36722415e6e4347b93ef4adb69cc3041fc9e8e,2024-11-18T16:15:08.343000 +CVE-2021-1132,0,1,2e3b6cf4d6acd69a92318c3d04bd2ff8c13efc07dfc63c4c254f0a779ca941cc,2024-11-18T17:11:17.393000 CVE-2021-1133,0,0,7636a759e42342c5292c4db697a0407109722369911ea9c3defed35a308818b6,2023-11-07T03:27:28.270000 CVE-2021-1134,0,0,782837573abe396ed35de75e6a848c38b5fe09256474400f58534eb1983ee5b4,2021-07-02T15:34:48.493000 CVE-2021-1135,0,0,43e053627154f197d50b85648f0b0619c5d7cddff16f2ba1b28eac888a4baca5,2023-11-07T03:27:28.467000 @@ -165699,9 +165701,9 @@ CVE-2021-1228,0,0,edfadddf9ef009c088379b10c90dd83b82f146e89b9069b83b153450cfd9c1 CVE-2021-1229,0,0,e3fbf91cf4b60acc6e572f356088ba6bc8471519472467b8875ee2399377fdc8,2023-11-07T03:27:45.160000 CVE-2021-1230,0,0,0c00a6c1319a1d1fd605f49028b74b5f75cd5abe35d01b56d55dd04d5444b790,2023-11-07T03:27:45.377000 CVE-2021-1231,0,0,1cc284e4eddf1bd96d6e280e53b5f8f770fe394faf03c7356a3099da5feee9f7,2023-11-07T03:27:45.573000 -CVE-2021-1232,1,1,0bcf5a47c5c0fb64c725d608fe69844200aea8eced752ffd07939f41f737e8b5,2024-11-18T16:15:08.567000 +CVE-2021-1232,0,1,0f6a2d6e36ba0bac8e1c11af3b94d8820840581214adad0c5235df27589e92db,2024-11-18T17:11:17.393000 CVE-2021-1233,0,0,9851e50c87302c9eb77d95b30ae9d923775f230312041d2bd67936329ea38246,2023-10-06T16:24:48.993000 -CVE-2021-1234,1,1,daea391bb9fc68247f7b3799087bf37a3c34c5dd3bb9407107197e4796fc2d0b,2024-11-18T16:15:08.813000 +CVE-2021-1234,0,1,26f636a068712ae96aea727d0392a1fb3c31b525391743eb19bf40b6735da0f0,2024-11-18T17:11:17.393000 CVE-2021-1235,0,0,51e39173d03dbd8704ef7dd872e07caf5e65b90e6f1d3c675d952203931b99bb,2021-01-27T20:47:20.633000 CVE-2021-1236,0,0,b9b42429b079ac869ae6567e9de37c8a4dcdf350fb8837e7c84dee49b13af870,2023-05-22T18:57:24.750000 CVE-2021-1237,0,0,a30c61a48af897528f0bafbc9f542ee0b5e0211050e588ca4e1194655f347360,2023-11-07T03:27:45.790000 @@ -165752,7 +165754,7 @@ CVE-2021-1281,0,0,425e7a6e7aa4cd156c3964d8e38a6b40e3254112ab1f37210be662d6c9f2fd CVE-2021-1282,0,0,e24e7290f39a87cd7490f94b6f90a60211a1a5473e62aa8bd2eb29b4bd484598,2023-11-07T03:27:52.047000 CVE-2021-1283,0,0,b7528855e910c21ea5f5fab79bd60a9e90df3ed2356c305d9851da986a04a82b,2023-11-07T03:27:52.227000 CVE-2021-1284,0,0,05dc87ff7d22f146257b2839c67f913320007a439f42c81377ca088dee2b194f,2023-11-07T03:27:52.397000 -CVE-2021-1285,1,1,c64cc1cfcb0db6c60c1ab12bfdc137eca09de6c47244344d0d6de4f2d8aae514,2024-11-18T16:15:09.087000 +CVE-2021-1285,0,1,64c93f96f066465eb94bc42ba63e95ccf1330dd6636124d86fb64e71c775bfa7,2024-11-18T17:11:17.393000 CVE-2021-1286,0,0,24d85d7f89f9f74929fa86c32f636925c0d39c5e4c6d0c24888e162d0dfa5d5a,2023-11-07T03:27:52.637000 CVE-2021-1287,0,0,7eef7e2db3708b22be9d34c2e543123a34f56929b735e64c5b28fe3523f25238,2023-11-07T03:27:52.810000 CVE-2021-1288,0,0,89325ac7b25c50f14c8b8a1238e6c2b3c2e8444281e83b13dc170916c31c92a2,2023-11-07T03:27:52.997000 @@ -165846,7 +165848,7 @@ CVE-2021-1375,0,0,fce3255f4f2d3447aada6559cc4ab0533ac482a8ecb5571bae9e4fbd33fcb3 CVE-2021-1376,0,0,c184718a18958a62e23a6e4f494fdb62ca386c78543810057c8ea091794e7b93,2021-03-30T14:34:54.303000 CVE-2021-1377,0,0,17625f23a13fecf553bd149a507860f9bca842264ec80e8001811a1c653cd6dc,2023-11-07T03:28:08.260000 CVE-2021-1378,0,0,1f14397d99d6ea8a3e3d653d03b22431a3ad376aeda598c097f0aaf468ac6090,2023-11-07T03:28:08.503000 -CVE-2021-1379,1,1,5b45ca85b7bd8360fb35f6b1adc760815bb6f56c103563bd7744139dea623c5d,2024-11-18T16:15:09.310000 +CVE-2021-1379,0,1,5cc3d5f7b72858c60d68179470114ace1873490af542e7afe642a8a5c88ced3a,2024-11-18T17:11:17.393000 CVE-2021-1380,0,0,895abc19efacd50dd8c4befb636c4c749bfb9426764e790db09201cfb04d5430,2023-11-07T03:28:08.687000 CVE-2021-1381,0,0,9d930fdaf59233c40c0e97cf2da565598eba00ce9b74ae6c8ec48f11d94578f5,2023-11-07T03:28:08.867000 CVE-2021-1382,0,0,475e9f46d48ace7c83f67c79794486c7fd03c08e10da509b711e9b65fb82fc77,2023-11-07T03:28:09.047000 @@ -165877,7 +165879,7 @@ CVE-2021-1406,0,0,2be4d235c20e613eb6bc554fd74edbdde6ac1e420fdf2d98ae4405cf614d13 CVE-2021-1407,0,0,b21a049dc1cb8b92aef492af6a2d378d8ccca7c42198c80e6184f5e66780b9af,2023-11-07T03:28:13.893000 CVE-2021-1408,0,0,90c5cc90c1e75d340eecddd331f2d70ce0676c66f803b2030547a072a7df034f,2023-11-07T03:28:14.063000 CVE-2021-1409,0,0,60e01e05cc314e268b0191fcdbe3fd7b29299ea52b48e5e7d03b6831a81f77b8,2023-11-07T03:28:14.253000 -CVE-2021-1410,1,1,4674252d4413b3cbe9c269fe68cebb6976e26273019a3606dbe77fec4834b116,2024-11-18T16:15:09.553000 +CVE-2021-1410,0,1,d2a4cfdf996f02306a90c474fb44f8d87ead599c15f625eb3e2d37878dd59feb,2024-11-18T17:11:17.393000 CVE-2021-1411,0,0,110d553b83283b07b7455cf697e4f6cb972f29779b41c0e710d1ba9983c8097e,2023-11-07T03:28:14.433000 CVE-2021-1412,0,0,4f32f9b9a2841afdd806b31fe1271433dd55110857fe172ed644d31ce1967f84,2023-11-07T03:28:14.643000 CVE-2021-1413,0,0,8d8354196a68de35d8fd89f112d7790257d38e6cc3b85ead5df8b7c5827244cc,2023-11-07T03:28:14.820000 @@ -165891,8 +165893,8 @@ CVE-2021-1420,0,0,e12797d2794378bfc6df02415930cd0b7c60a75324da866fe358f7950dc8f7 CVE-2021-1421,0,0,7b928d17adcf0e839e221a962d8b9fb2e922bcd12abcee998ab15458ab7c92fd,2023-11-07T03:28:16.357000 CVE-2021-1422,0,0,f215d7f2eac60c50491f1999b16afc3eb29e1917e48f80b8ff2ea5e0998fcc9a,2023-11-07T03:28:16.533000 CVE-2021-1423,0,0,63322d2e7c43f7460ba94f80ff4b760e8526e54732425a034de84bef9aa524bc,2023-11-07T03:28:16.720000 -CVE-2021-1424,1,1,266cd431d58b3ceb1b086e18074c7e0b05f755587acf9a2629485ad261f7e2a4,2024-11-18T16:15:09.823000 -CVE-2021-1425,1,1,e31f9f573767a7d035f9f5651a089355ea29e0c800aaa48c95e2667a98d3084f,2024-11-18T16:15:10.180000 +CVE-2021-1424,0,1,72eab122673e7dbd4b77682710339ed4d120179601600a35b301ffbf8cc28251,2024-11-18T17:15:10.423000 +CVE-2021-1425,0,1,2104e12e193e9063e471ee2f0da78f748214bbc566c4d7d38c4e89f988a44056,2024-11-18T17:11:17.393000 CVE-2021-1426,0,0,ebe9ca018dd46681ce0078914b420957fcca639848f71401e5a58069aa613d0d,2023-11-07T03:28:16.900000 CVE-2021-1427,0,0,f16182235d58cf27e7b8738ce57f0a50c063b7261887b3554fd7712eec5a40f7,2023-11-07T03:28:17.087000 CVE-2021-1428,0,0,490ed46414aa08c341191dc5c92ecfb39bb8270923c4717b644ce938785ad0ad,2023-11-07T03:28:17.243000 @@ -165907,11 +165909,11 @@ CVE-2021-1436,0,0,0c08055943c2c8c511702e946e2aa2d48324b6bbcd7e69d5ca562c6a389104 CVE-2021-1437,0,0,86763f5db28948eb3b869558beae4bdfd9a07d03bc01a7781597b5ebccf61945,2023-11-07T03:28:18.740000 CVE-2021-1438,0,0,b654c09ac116369b6063ae87256adb7e11a55f964fd45e01ba178d30aec59c19,2023-11-07T03:28:18.920000 CVE-2021-1439,0,0,1ed649cc05f4b47442f4db1aa8c8af2d881f223b313d796adbc38c40e8677545,2023-11-07T03:28:19.093000 -CVE-2021-1440,1,1,f33e68f17539dc6bb2c8f931d51dbbde52850cfe249a931056b23a649be1d014,2024-11-18T16:15:10.400000 +CVE-2021-1440,0,1,67e130d016086f17ee29e0c4fe16e9958df612ffe942aece1caefa2c10e580e8,2024-11-18T17:11:17.393000 CVE-2021-1441,0,0,453c620e41a59b11025c2e222648f061783051bb1a143596fc432561606ce311,2023-11-07T03:28:19.263000 CVE-2021-1442,0,0,86e705333e456a35320dadcbd4afb56556626ce8cc943e8c2c3105788239c4f2,2021-03-30T18:24:08.240000 CVE-2021-1443,0,0,0fcd37106fded36c7310cd0a9765c8a79de255d08a1f6df047a6ad34ef274891,2023-11-07T03:28:19.460000 -CVE-2021-1444,1,1,dd451470a24c626a6fca8c7e5a377294c7f1e40f783acf7419dd199832162e72,2024-11-18T16:15:10.627000 +CVE-2021-1444,0,1,5a491ee744a5d192b95e6568b3d88cebb5ee3aeb6d42c3eaa8dd9042cca70d5b,2024-11-18T17:11:17.393000 CVE-2021-1445,0,0,0db9d6473611caddf4a43338826c826815d95ca820469d07c3998fa008c844a3,2023-11-07T03:28:19.637000 CVE-2021-1446,0,0,6beb3f5f28e4343a8647941ab756c0ed43df261f409c35b621d88eafec916c8c,2023-11-07T03:28:19.810000 CVE-2021-1447,0,0,2dc25827eba1f2a2801d96ac6e664e81e9aba39f800e4e936f31469820e7db2d,2023-11-07T03:28:20.010000 @@ -165928,16 +165930,16 @@ CVE-2021-1457,0,0,05257c54e232315057982275f043e8ba48103e3ab51bdfa1f97592929ce1d6 CVE-2021-1458,0,0,263d7494ed4bb1b0a3432ebf81af384e2ec6ecfdaed8077bd168e517083debae,2023-11-07T03:28:21.700000 CVE-2021-1459,0,0,56b2fc01d86da20d71515cb6213cc91e2ec296f51bc138bcb5820738f8e3248e,2023-11-07T03:28:21.880000 CVE-2021-1460,0,0,47be0f201f45cd0b8ceb48b3499e1efa0d43c1877b8142245b65f7263a024596,2023-11-07T03:28:22.057000 -CVE-2021-1461,1,1,faa2514940d9fbd5aecb5eca5f0ce090007e39a77a53dcecee259c6789f264f6,2024-11-18T16:15:10.850000 -CVE-2021-1462,1,1,df0e245e85d144d5ae2596bd065ad96f1b51df58e260743d0f34d97a61ca0985,2024-11-18T16:15:11.087000 +CVE-2021-1461,0,1,31fc24e7e56ce27b652c14f1512ae01e55874dcc0d10bb1c7cbe884401a7efee,2024-11-18T17:11:17.393000 +CVE-2021-1462,0,1,0b2a7f7b0fa9ede8f11f38f939334293821b37c76470485c962c54bc8b24e11a,2024-11-18T17:11:17.393000 CVE-2021-1463,0,0,ffc195d1166bc0d6787fdfc0cec2580a3b2a53f31d28fce59ec0c8b46d296b2b,2023-11-07T03:28:22.227000 -CVE-2021-1464,0,0,69edcf99fca42452877c7d99e0481d6c6243b3bf0d342c9185950d620f44722b,2024-11-15T17:15:07.350000 -CVE-2021-1465,1,1,d8fb4e8a517abcf1108069e05d4581926c0df703cd39f244ce8dd3dc78baf3df,2024-11-18T16:15:11.350000 -CVE-2021-1466,0,0,144b47122f71eb87a6dfc75681d4034620a616551c642a5d0941c7094143eeb3,2024-11-15T17:15:07.670000 +CVE-2021-1464,0,1,f0b8b5da6d1de59ff30b91f6812bdfd96e402312c4179cae54813fbe9bc081c6,2024-11-18T17:11:56.587000 +CVE-2021-1465,0,1,cbd84ab2da50e556eb62756e9da2e9a8f5dbacb5847d6bf85c8c9b8ade4d0f87,2024-11-18T17:11:17.393000 +CVE-2021-1466,0,1,7c860a5cd36cb3ec9a960c2f9add6e7f983a5aabd1d1f16bc0eca4fbbd7f1a95,2024-11-18T17:11:56.587000 CVE-2021-1467,0,0,16d0ae18a4d2970e8bc1800d9eb7f8e62737768f457e02f2477f0502b07369d4,2023-11-07T03:28:22.400000 CVE-2021-1468,0,0,b25464624e6ccf5128973d4bf048ad5c527411837ef5d1b126d3a376b7afb008,2023-11-07T03:28:22.600000 CVE-2021-1469,0,0,bd141bfbb413c72f4175f3d230bbd06d7b95d511ced58c2fb5e5d84b94e51c9c,2023-11-07T03:28:22.787000 -CVE-2021-1470,0,0,2e6e28520ccceb170365b941f3bfbe4d6f793cf1fa9fc71d2f2fe07f0ee4a45c,2024-11-15T17:35:11.340000 +CVE-2021-1470,0,1,b2e4cb37c2cfaaaacabd1fd999d2513bbf38856c2f8244494d89e5fd71ccee3d,2024-11-18T17:11:56.587000 CVE-2021-1471,0,0,2ed8200049e51b6d7c3a7000c469f7d473f831b4dc4eb802e8c6662692462f3a,2023-11-07T03:28:22.960000 CVE-2021-1472,0,0,741c86b32193afd497d137042e32b87a97a950d8b7a1bbce814fd37a18694853,2023-11-07T03:28:23.127000 CVE-2021-1473,0,0,06e55996caf568e77ab9f88592bfa7a6c84580fd7dd89d962ac6095e3bd0c8fb,2023-11-07T03:28:23.327000 @@ -165948,20 +165950,20 @@ CVE-2021-1477,0,0,ce4b0e06660cc36e91f4b739c1de03794220cace0d4f46d2d7ab91a8a91d7b CVE-2021-1478,0,0,0a73c19d88561a03362db2711e06d63404108331636a97fd3769648c3609667c,2023-11-07T03:28:24.250000 CVE-2021-1479,0,0,03206262a2ad10b36e2bd9a6c464f6ff92d82ba06c821de662f3258be81971ca,2023-11-07T03:28:24.437000 CVE-2021-1480,0,0,fa4d61c697b5eb46a2c0e7b6a4f78ef1ae9eca007d7b580c9d9d852aeb21a0f6,2023-11-07T03:28:24.607000 -CVE-2021-1481,0,0,b21a88f00dea192a0875ee705b85d0561e70266c1ccfc14aa3a403328a05a470,2024-11-15T17:15:08.277000 -CVE-2021-1482,0,0,0476c0df73ef662b2b6f0f2840b91c04fbe05790f1471aeeffc90edfd16d31fe,2024-11-15T17:15:08.530000 -CVE-2021-1483,0,0,cc1f0eab0f727d87a84bffa706316af41e2f9ebaadc9122759ef823e64b19443,2024-11-15T17:15:08.760000 -CVE-2021-1484,0,0,ed06f966ff1a17a8d14eed009e5c0700b7e04a831af0ed038d2e9250c28441df,2024-11-15T17:15:08.983000 +CVE-2021-1481,0,1,ddb1f6e04e0f76bc6ab6cb0aa32c04a987284cecfefd847946520e0f4483bdc5,2024-11-18T17:11:56.587000 +CVE-2021-1482,0,1,f7734287593f1b4cbbf43afcdb6fcb37d8052bdff6d24b02a81a1bc70e8e4cf4,2024-11-18T17:11:56.587000 +CVE-2021-1483,0,1,9ae1031d310d67a9bdd4cb105ffa132b9b2fdc9018055f2ef03b905dd8537119,2024-11-18T17:11:56.587000 +CVE-2021-1484,0,1,485268902ab8fd641bcfc8f674f68d3fc7fed7b42ec2d6ccdfe32c1530bdab9e,2024-11-18T17:11:56.587000 CVE-2021-1485,0,0,e4890f167b9430fa6559ddd87381a3e2cd7e165f9f9f713ee68aac837d657b8b,2023-11-07T03:28:24.777000 CVE-2021-1486,0,0,51c76d642672f3d43e8e0ec81b52ff874d878e9e6c2d81aa10deb18a80a13b94,2023-11-07T03:28:24.957000 CVE-2021-1487,0,0,88a69f88b70ea4d8163acbb4d132f134525cadf0fc0263d65a3fa79cb9c41927,2023-11-07T03:28:25.120000 CVE-2021-1488,0,0,8d507186241cf4ca8f136368d17565793565f1cbc266a9c9ada2ff6df3e9f97f,2023-11-07T03:28:25.300000 CVE-2021-1489,0,0,1df7ed8ed63ef77a936f8562cbeb8c0b409103fa24faf53519ceab2c50fddc15,2021-05-09T02:41:29.470000 CVE-2021-1490,0,0,d83f13a770baa445700cb222e2ffaf188dbb98ae0e300164d2ae22136186da73,2023-11-07T03:28:25.480000 -CVE-2021-1491,0,0,1702cfcf21275fe33c8397437163bb99c396169ee42615c32ad7c8c80c1d42f8,2024-11-15T17:15:09.220000 +CVE-2021-1491,0,1,fc60fa4aba9e7cbaf86244b9b020f17be83886934f5de1bc6bf0d0f3f20e6cca,2024-11-18T17:11:56.587000 CVE-2021-1492,0,0,a69047622f80854df4ebb0282bbd625633a27bc29349c6dd23618cf9df0f72be,2021-03-27T03:29:38.427000 CVE-2021-1493,0,0,1972fe993c347c9cea2e8eb1cb5110425f1d779b9b88aa05049e99c9a0ad82af,2023-11-07T03:28:25.657000 -CVE-2021-1494,0,0,1f7b59aff15d7824f0ab33957eaca5131f497f08823befcd6c909de7471bd189,2024-11-15T17:15:09.423000 +CVE-2021-1494,0,1,a30672879dcf11a9d4d91300e27887b03b95fce6fd021d75111ecac9ae059317,2024-11-18T17:11:56.587000 CVE-2021-1495,0,0,dc2985faadbc016aaf69732c00934b0bfe0e76ad4afb876f2b4d3c9fce405acd,2023-11-07T03:28:25.833000 CVE-2021-1496,0,0,8500d9350f301c5993471cace6bdea0ff38e1db7d30046ec6244f4d3b6c4fbb0,2023-11-07T03:28:26.017000 CVE-2021-1497,0,0,7aff829bd7102e7218ed7977e28442b8bd5c83b225095b13fe23f759d2a734f0,2024-07-25T17:32:35.267000 @@ -178044,10 +178046,10 @@ CVE-2021-34746,0,0,5f1c9f950c5a7bdfb338a415b4f605c55da56a39232c402eddadf135d38b2 CVE-2021-34748,0,0,827d9e9dc0a23e7dfa19a7e36199b1eb91cf2be59987763b3d8d77aa72a9c62c,2023-11-07T03:36:18.053000 CVE-2021-34749,0,0,ac11e1c4f7cbb25a3e55c8936c31bd39a324d277bdb8c816e5f8460000095de2,2023-11-07T03:36:18.510000 CVE-2021-3475,0,0,11f13dc2193da9f811eb73ebe62f9b8e02d1bb42f041a704fb956e47200bb4d0,2023-02-03T23:53:29.553000 -CVE-2021-34750,0,0,5be5097f0b46c08acb3b10bf1e03ca6590d854c0a993075c16cc5a3f97e40534,2024-11-15T17:15:09.657000 -CVE-2021-34751,0,0,0d4ba3c4b24daac7b0de0220a70f9e2e04faa7cdd39553de5621a704a2e7abfa,2024-11-15T17:15:09.883000 -CVE-2021-34752,0,0,73e1ee213770bf47ac96b0028a6af3d273ec66f6096cba730774d655805a4fb8,2024-11-15T17:15:10.097000 -CVE-2021-34753,0,0,c9a6e295f9b82d0d7806f07a38b273f27c21d7a1b084d96ad869445d730dbee9,2024-11-15T17:15:10.303000 +CVE-2021-34750,0,1,e036ea141ab3d8d4d8ee856ed378fc8136db2193f19e7776ae8ca8da21690c12,2024-11-18T17:11:56.587000 +CVE-2021-34751,0,1,834757ab889836d6b1176c67661470eee933c6a08c336a9bdbfbb55e7361859e,2024-11-18T17:11:56.587000 +CVE-2021-34752,0,1,dad8ac30fd946b057bf11e93b8bb48c497dcf75e9681aa536b4ec49c380b69b9,2024-11-18T17:11:56.587000 +CVE-2021-34753,0,1,a48a12768939e698465ebfae54bcb672fbe046fac18f1aa93549408349f1d58f,2024-11-18T17:11:56.587000 CVE-2021-34754,0,0,78316189d4816d16fbe2300d25329a00a2aa7a4fe282f57f3ba65151b9a8f75c,2023-11-07T03:36:18.717000 CVE-2021-34755,0,0,d847d28e5b0f9b3ea8e438a851e6118ab2f5fcc6b5efe4d3db27453d24cda1a0,2023-11-07T03:36:18.923000 CVE-2021-34756,0,0,a8bb35a7b253afd1195ba525bf5832d6023c4c71dfbcc9876714da89cd83c081,2023-11-07T03:36:19.103000 @@ -179932,7 +179934,7 @@ CVE-2021-37416,0,0,2e6268d3c4aec7d053473a27b3499f3c904bb8afa46207b20648c1d9d3251 CVE-2021-37417,0,0,0af7afec4419ac71323dbe19fcafecf8b5620734ea16d7bba48e8df850d31058,2022-07-12T17:42:04.277000 CVE-2021-37418,0,0,146b4ef0e7964748fbc25b1e94686917c4647a3307c5708e67798876e0feddf4,2023-11-07T03:36:57.323000 CVE-2021-37419,0,0,9464053d73f212e534a6909af63b44d1c351a4729e973af190457c0a1d02f2c9,2022-03-18T20:43:55.713000 -CVE-2021-3742,0,1,a47643b0ecd90a4a22309618a200637649d0c1a40d4f586857b1d98cf81f9b50,2024-11-18T15:35:00.667000 +CVE-2021-3742,0,0,a47643b0ecd90a4a22309618a200637649d0c1a40d4f586857b1d98cf81f9b50,2024-11-18T15:35:00.667000 CVE-2021-37420,0,0,b52aa49c12ed23f5fc454663899c9e989f90752f3b6225dd6ef1f0904854480f,2022-07-12T17:42:04.277000 CVE-2021-37421,0,0,72a802fc9066861ac62eb2ef177ad824c7c5b2ea14bb5783b3fe6f6887532709,2022-07-12T17:42:04.277000 CVE-2021-37422,0,0,04c08c63b243212678162abf332587426643acf6f890ec905ee35d9fbe2fb7d5,2021-09-17T18:11:03.127000 @@ -180652,7 +180654,7 @@ CVE-2021-38376,0,0,d4485ca92681558168e0fd9a80da3a4ca7d974684f50f50f1dbd03a5e1f21 CVE-2021-38377,0,0,48443da60f90ac4652bc515c5c3f88029b2bd62277bc482a3739e4f453b49065,2022-07-12T17:42:04.277000 CVE-2021-38378,0,0,432e746fcb98480b06b83fac0fe9649e434fa56a8d7663d16931ad26e7f975bd,2022-07-12T17:42:04.277000 CVE-2021-38379,0,0,b8dbd9bba6856ef42bc651ecfafd71af15e01cfb8b87f0442cabe4efd9091d1e,2021-11-04T13:37:43.773000 -CVE-2021-3838,0,1,df8411524ca90e9699cf70d047681b57e8ae84756a155d8ef5cb2d4075b873b4,2024-11-18T15:35:01.380000 +CVE-2021-3838,0,0,df8411524ca90e9699cf70d047681b57e8ae84756a155d8ef5cb2d4075b873b4,2024-11-18T15:35:01.380000 CVE-2021-38380,0,0,966a303a4461fc8fabdefd21a52860a9a0545818ea34433392a6e6db9ea93c3d,2023-11-07T03:37:24.547000 CVE-2021-38381,0,0,f90987e628b6ca7ec620183d6ef4cd28fb101753b7f8f85a6534a6827c2cc9bb,2023-11-07T03:37:24.610000 CVE-2021-38382,0,0,56aeb4bbf5aec265fc686978fb16984a29124462e10ec9d950e4eb086e18c989,2023-11-07T03:37:24.670000 @@ -181173,7 +181175,7 @@ CVE-2021-39016,0,0,88d7422235623a2db52d08ccbb930b8332e62a309f55b1a0bb58ad6b4c307 CVE-2021-39017,0,0,43da2de1e5021798d5e2da169cbabdb2f1ea3bc804f6e06fdd5bba1a80d8bbae,2023-08-08T14:22:24.967000 CVE-2021-39018,0,0,ccad4b84b3066dd393e4dd8123dc7a6269ea1c28676cd9811de926207c38696c,2022-07-18T19:27:57.433000 CVE-2021-39019,0,0,469fabcf38af6844701fed49a6e80d48722d455ad28af8536243f61e3be90191,2022-07-18T19:18:23.533000 -CVE-2021-3902,0,1,58e86e3d39b9aab6397309783470cb70ec58b241abea607985f0183600df9127,2024-11-18T15:35:01.797000 +CVE-2021-3902,0,0,58e86e3d39b9aab6397309783470cb70ec58b241abea607985f0183600df9127,2024-11-18T15:35:01.797000 CVE-2021-39020,0,0,f8a046ed21eb98ee1f2ce9e6feab22d062faea367e7e86b10085c29b6de05cd6,2022-05-13T17:16:25.233000 CVE-2021-39021,0,0,c20de8bb5efb66e3ec217f01f9525cf7c58f1792615ff1990e77c2bd1881bc03,2022-03-24T16:02:52.140000 CVE-2021-39022,0,0,12f9551c868b6c453d5c84008020f3db65f37eb2f4891591958baa35af27c010,2022-03-22T13:43:39.510000 @@ -190173,16 +190175,16 @@ CVE-2022-20622,0,0,21f8864443a2ef64c107280614b898e9b5d4c9e8c77661acad69cff2f1a46 CVE-2022-20623,0,0,7c797f2b6141740b167d12f60757b1cdad545053d3150326da5778540cb57a02,2023-11-07T03:42:28.110000 CVE-2022-20624,0,0,3c70791dc122586abc481fbd7bb7216723c3e6d202f07e63cbb1e6162b35f5fa,2023-11-07T03:42:28.307000 CVE-2022-20625,0,0,b2289228f7d56d599a0cac3cd2984eb7943c96e01df0e18df0052f01f8d4a9e0,2023-11-07T03:42:28.523000 -CVE-2022-20626,0,0,71d7034560b3981ea3bd3ba6ca05c8a821b253c0fd58e019fbe642ed9e598ccb,2024-11-15T16:15:19.287000 +CVE-2022-20626,0,1,c71f0d838e11d83bd9d6c19cf6e6a3a9a215f11f564fdd686362d81cda770331,2024-11-18T17:11:56.587000 CVE-2022-20627,0,0,61e6aaadc7256ae597e1358157a3f8a7ca5c65ceb03de865f99c00b8cc067e76,2023-11-07T03:42:28.730000 CVE-2022-20628,0,0,2d913383575108b406c6fd7f6d7b27f7042313f3ec94ec4b865b29c23ff51516,2023-11-07T03:42:28.940000 CVE-2022-20629,0,0,349b8459f865e323293bf05068ff9de40ca8c8ffdf8aa26427123369090292d1,2023-11-07T03:42:29.150000 CVE-2022-2063,0,0,d062d780a00017fb43c5ea9093ff0ade157df72419b34c1782bda4532983613e,2022-06-22T15:15:56.310000 CVE-2022-20630,0,0,13b8dfdcba520d48f3edc38534d08ff817268f168eafce0c2fa806a535bf598b,2023-11-07T03:42:29.340000 -CVE-2022-20631,0,0,e7f1fe229b50433969790eff74efa4aae4b10defefdad753b836d39da4042706,2024-11-15T16:15:19.527000 -CVE-2022-20632,0,0,092f04c16c87003ff0331633a2abc962051fbc319803b3a3b3ed638c10f500c7,2024-11-15T17:15:10.583000 -CVE-2022-20633,0,0,84a931f94c69649be41e63c6c98a1073baebf4e9533cbc9297879cf6cb491e23,2024-11-15T17:15:10.820000 -CVE-2022-20634,0,0,48c40b6618c9373d684cf71f1c386b2094b7fd260584dffa83cb52e6f13c9c85,2024-11-15T16:15:19.747000 +CVE-2022-20631,0,1,63b80dca2e1e547d6ece862797ebcbc2d36815559c0c64203dfaaefb8c0d96f6,2024-11-18T17:11:56.587000 +CVE-2022-20632,0,1,bb13ba5028e32f5d8d736716718674b1030e3478585ba1d999fa8bdffa8666ac,2024-11-18T17:11:56.587000 +CVE-2022-20633,0,1,e510179c77f50ff004a3d31bf80292bc342ee1305430d35ee7ccb3bb01b73d7c,2024-11-18T17:11:56.587000 +CVE-2022-20634,0,1,7ddf4acf797191e362ceb54fd2522020c69e1f68d4371c97301231a597e28b6e,2024-11-18T17:11:56.587000 CVE-2022-20635,0,0,312537bfc7fadc3f4a5ae453076f673da67ee7fd6d6c549bd850db6bbd3634f5,2023-11-07T03:42:29.527000 CVE-2022-20636,0,0,cb1e137161d1f8bb5eb5658fe185dcf66aa86cbb228fbedff5a38969384418c1,2023-11-07T03:42:29.713000 CVE-2022-20637,0,0,6c706a8e39f723ce20951f46cff7c8db43813cd9854833ae35aa389e314d6648,2023-11-07T03:42:29.910000 @@ -190197,24 +190199,24 @@ CVE-2022-20644,0,0,0b78bd45d6c626c7de60e88864441db476f08a5174dd41f6637b7edccc7f2 CVE-2022-20645,0,0,160c71f81c35d36d8616f55bb4461f93f9d6e0502c187926122b382be552fc94,2023-11-07T03:42:31.427000 CVE-2022-20646,0,0,ef0f3bd90058a0fbc8ce4e9e70856731466565eb44005ab60f710d7413f85873,2023-11-07T03:42:31.623000 CVE-2022-20647,0,0,d692c23c3d73e41484cc8829c6fef8bb7f01eaadabaa22a077af57a682a118b8,2023-11-07T03:42:31.810000 -CVE-2022-20648,0,0,562f23b1937d127df3ea41a2276f5e7197ae5ed5a0fa8cb86fcea1b92269b63d,2024-11-15T16:15:19.983000 -CVE-2022-20649,0,0,8155ccf997bad476539f5908278a9fb6af22a844515ebeff02b78573f25b19cc,2024-11-15T16:15:20.247000 +CVE-2022-20648,0,1,4c94c517c1e5b75ad012cd66270a795148ad471e3f38673e90b9cd88d5027de1,2024-11-18T17:11:56.587000 +CVE-2022-20649,0,1,f7b7ebe128b243ba04db72e93f51ef159450fe3977f182b741a3207652109ab4,2024-11-18T17:11:56.587000 CVE-2022-2065,0,0,571960ee80a382ed580e7d50315d006024f880324c003ffed0bd463503bb2a8a,2022-06-22T16:20:27.387000 CVE-2022-20650,0,0,390d5d5a31497df0829ae3a8fc18eb7f62e12fd0be6f7fb4d5181ea2eae9bff8,2023-11-07T03:42:31.993000 CVE-2022-20651,0,0,d94f842526344890878ca96e31695d88f10dc06979f9c817f5f2aba7d6da3f9d,2023-11-07T03:42:32.200000 -CVE-2022-20652,0,0,f09523846e227026ee68c0eb35b1818ad786a9eddbdedfddee4965b8ae83736d,2024-11-15T16:15:20.520000 +CVE-2022-20652,0,1,a6483412d309641ce7d3c7d5ba287467bd5ee166e3f243f384d322e9a10938f0,2024-11-18T17:11:56.587000 CVE-2022-20653,0,0,970fcc0d6442596100c16b68df05f9dad01eb21b28dfd29c61acafe7da6b8ed4,2023-11-07T03:42:32.423000 -CVE-2022-20654,0,0,6d5ad5888c06146b87ff8b655e3550807cdbee3f61d9fe4b625555b16f4a4d67,2024-11-15T16:15:20.767000 -CVE-2022-20655,0,0,8f64410d345cab96b82fbe57818b3d1e3d9a6ea1a40fe710503a24b34cd3534c,2024-11-15T16:15:20.987000 -CVE-2022-20656,0,0,94d0d175330b07bdd1dd64cfefab5a80bd81f2f0a1fbb504960830adc92aaeeb,2024-11-15T16:15:21.237000 -CVE-2022-20657,0,0,7baaace96e123a6345b4bb4abaa834dde9cfba9ca99b0ed993ff6964c5a74a33,2024-11-15T16:15:21.473000 +CVE-2022-20654,0,1,2e76cf55ef51e8bfdafa05321848da31ee66180bb8115a1248df09c64c06ba34,2024-11-18T17:11:56.587000 +CVE-2022-20655,0,1,53ffc1ee2188a2a2665f313ed15c1ae81052d5085eaf1e561b51bf18766c161c,2024-11-18T17:11:56.587000 +CVE-2022-20656,0,1,90817f0f259b6199c5da7630dfac188425930b6266520b86bb9e7061690b0635,2024-11-18T17:11:56.587000 +CVE-2022-20657,0,1,b413d74428cb12cc88c9db6c76d9e13796bc2ae61a8705aff8c91bcc3e7e987b,2024-11-18T17:11:56.587000 CVE-2022-20658,0,0,774a5dde9c2ecf972fc765622b6d0329acd4851f27b3d1ab2d6b2cbfc1ac03cd,2023-11-07T03:42:32.603000 CVE-2022-20659,0,0,3fd61ea02c1112c94dc17c417ca780e8ee231b8cf54650606f53f7fde39a0294,2023-11-07T03:42:32.800000 CVE-2022-2066,0,0,568eafb08191ec2a4e1a7f2d0ecaf78921ed93b231ddacd6663ad37debc4f4d6,2022-06-22T16:21:24.417000 CVE-2022-20660,0,0,25e35575d22740895f29ecfa5b6f10e97e537332cd507b8a5a02cfdb0a151c82,2023-11-07T03:42:33 CVE-2022-20661,0,0,ebbc5bdda270769928f447c068a18170348fd8ac2a4054e266807c3234e50017,2023-11-07T03:42:33.230000 CVE-2022-20662,0,0,fb11ce878bd9e5767617bbb14056b29a23c7fb6e26be8d2cdbb2091ddaa1a1bf,2023-11-07T03:42:33.423000 -CVE-2022-20663,0,0,36394921b0dcdb60ecef258e3301f4f1586711911ece1d2d90660247854d0552,2024-11-15T16:15:21.693000 +CVE-2022-20663,0,1,ec73cd9efc0e77f2a9c161a9e2a337c652e023692d2021896961484f75348583,2024-11-18T17:11:56.587000 CVE-2022-20664,0,0,be14e0a88f9bd5873e4e7d83da3f9a1ae1ddad4b757d0073bdb5b8e0e8b0b849,2023-11-07T03:42:33.617000 CVE-2022-20665,0,0,65ea883e8571a97a65aa5035f73402c0028f57d383f6bc792038f719cc5b4623,2023-11-07T03:42:33.803000 CVE-2022-20666,0,0,554438e89eef0f5407fb469b9bc4b48cb7fd326de5225a6475b70540a51c7fc5,2023-11-07T03:42:33.990000 @@ -190238,7 +190240,7 @@ CVE-2022-20681,0,0,8ce88ca30f33ba86a2d4adc3dd9bbad9d36c51fccd8d2b3acc49b78d941ac CVE-2022-20682,0,0,25a7eb9330f70ef9976d6c55d4569af37b05abd1af56d00ee24736136c649e0c,2023-11-07T03:42:37.030000 CVE-2022-20683,0,0,a354d3c0e5b0f24befc71439adf6bbcbde0e7e37e1c93f2b570b32d1492672af,2023-11-07T03:42:37.410000 CVE-2022-20684,0,0,ace0be60e7c6730ba3570013e8fe871c4b55baaaeff74811edd07de64469e799,2023-11-07T03:42:37.597000 -CVE-2022-20685,0,0,bd96f0d54eae7ff5d0ea140707a16b5191f28fb92f723d510b739e1db809af63,2024-11-15T16:15:21.910000 +CVE-2022-20685,0,1,3b0e4eb4b96affeac3e3b28a8771c2f95d6bd2f2cb685472525c8715f57e50f9,2024-11-18T17:11:56.587000 CVE-2022-20686,0,0,63471bf91a63f74f5bc4dc22960373a5446fe8fcf9d0734fbd1b5b92fd83f77b,2024-01-25T17:15:14.263000 CVE-2022-20687,0,0,c86852782558780f02ecbadae1910d7d3d8aa5808e760b8d6bee105b7473f89d,2024-01-25T17:15:14.410000 CVE-2022-20688,0,0,349b788ecdc733c67c5b8c538600b2022545072f056bfdf0f4685151c41347d6,2024-01-25T17:15:14.540000 @@ -190327,7 +190329,7 @@ CVE-2022-20762,0,0,288f61e6fd65ba791a1a7db2c5f51d79a13328f1955ce01c53ef82ffdb7b8 CVE-2022-20763,0,0,e6700aed27706764408fa6238a5bbf832a8e2d16b381788d9bafcb2d443e7342,2023-11-07T03:42:52.870000 CVE-2022-20764,0,0,9d232eabbd0c2be2319c5539459914b198378ecb409a966ef5a73adbeb491896,2023-11-07T03:42:53.053000 CVE-2022-20765,0,0,61b2c3dbcaea45db7f3243431662ba7c2881cbdb7a5d7d6956de355f8ab882d9,2023-11-07T03:42:53.240000 -CVE-2022-20766,0,0,11eade385af401c66fba3bea146972bc7aaa61ec2923546c24dc6a13d120ab95,2024-11-15T16:15:22.133000 +CVE-2022-20766,0,1,ca27de1b73af42ccd3ba05cdbbfe62d873e137c6880b263fe4367cde1648f063,2024-11-18T17:11:56.587000 CVE-2022-20767,0,0,bf3e408f2ddb577255f2a65ca0d92afecbfac86b6c268999a1d91a15bb935a65,2023-11-07T03:42:53.413000 CVE-2022-20768,0,0,b31df78e6f7a1690a0e6dc9026760925463d8c56c3c89a6df70005c95c07a8b4,2023-11-07T03:42:53.597000 CVE-2022-20769,0,0,9b39cf5519304df5f8eb08403777d95fd8d0b56cec10c7963730515e4701a15c,2023-11-07T03:42:53.770000 @@ -190357,7 +190359,7 @@ CVE-2022-2079,0,0,960f06c13a414a3705d83f5387631ce2fc7a4df365ebb43e16e4f2c0a1119b CVE-2022-20790,0,0,8dfe9c0790bcdd9e5d24c882a8764e4f3efe0ffb7dfafa8ed6588c86d8874174,2023-11-07T03:42:57.763000 CVE-2022-20791,0,0,0a0d06758ea5b6a8a0bfa7e93734af692de69e6ae62272ab0563b7dca0259a54,2023-11-07T03:42:57.940000 CVE-2022-20792,0,0,9d31518fb1ecca5bf2eef7cab0f72d7aed9df73b04ddb2aa2f1a47344b6e4d20,2023-10-01T11:15:10.490000 -CVE-2022-20793,0,0,d42474ba7afc1fa88b1811e630c9cc232b04180956634328a3450ec92af25992,2024-11-15T16:15:22.370000 +CVE-2022-20793,0,1,14ef6af5412878e72d4474f76fa1a8c5a43da42b1178fdda7f3244f6009e6569,2024-11-18T17:11:56.587000 CVE-2022-20794,0,0,db18b8afc597f4f3ca2303342cd61b95263cdf62a8397bee6efeefd72db9573f,2023-11-07T03:42:58.150000 CVE-2022-20795,0,0,401cda8a7f1773e7dc44867691432480a43fc9bb2bb011a5642d8e138d4bbbef,2023-11-07T03:42:58.327000 CVE-2022-20796,0,0,d10c97adcc8041fe2197f037ec61ff1033fc25e78b803756d801f9e39c0f073a,2023-11-07T03:42:58.520000 @@ -190380,7 +190382,7 @@ CVE-2022-20810,0,0,d465eef9b8b49f6cfb2d6bafb33fa2e371f9e6acad1c0018859266ef98cb7 CVE-2022-20811,0,0,894662974debbe90d9048d04c2e89055d5abb1a4cf1c1d40eeea299833ae5fe9,2023-11-07T03:43:01.097000 CVE-2022-20812,0,0,ab77d59c65b8c3b8fa22769a2502e274cfb97592b7f62e8f7e615979b1069764,2023-11-07T03:43:01.317000 CVE-2022-20813,0,0,41ff039ab407da2aee799c0e1f824d1a5aed4332ff899eff1c4f22e18add2aca,2023-11-07T03:43:01.517000 -CVE-2022-20814,0,0,4b020eca98f138c140408118b3e94914dfba654ad75c0f917c759c799a7f932b,2024-11-15T22:15:14.747000 +CVE-2022-20814,0,1,1fea27dce28e9d18d9d384718dde097bad6d545fd6da74500911b425c90e0cb7,2024-11-18T17:11:56.587000 CVE-2022-20815,0,0,3b286a33cd412277cd07ecc33c3a88fe24589d1bb8e68df238991b9f13826a97,2023-11-07T03:43:01.693000 CVE-2022-20816,0,0,f11ccbdc893ee80f99212c658d510a9d68a3c1dc64cf17744fc0ba52a820c978,2023-11-07T03:43:01.880000 CVE-2022-20817,0,0,d44f2aa7ff7acf966547c59d8fb64b08a5a1dc81ddb4d70dbf3284d5da7cd837,2023-11-07T03:43:02.067000 @@ -190413,16 +190415,16 @@ CVE-2022-20841,0,0,e14c27fc3061f8b1830c57f8e521b083f3ab7f22e5a692520de69b6b21ca5 CVE-2022-20842,0,0,1d7d4435c2ef9a46ba9809bda8eab515ed9c7fc8e795761c86bc8df5d0a73cb5,2023-11-07T03:43:06.253000 CVE-2022-20843,0,0,6316d53e796b332df867738f37e3f529db0c0e2177960556c25cdb7820dae231,2024-01-25T17:15:17.370000 CVE-2022-20844,0,0,b1a64b1a4c5d7dcc8860c07126d6ed58b168d65f2b142dae84529b201148addd,2023-11-07T03:43:06.533000 -CVE-2022-20845,0,0,31837f57a193b5de7f66c9b5307ced859f47e302726debf13e0c26ba2cb2ff84,2024-11-15T16:15:22.913000 -CVE-2022-20846,0,0,b266aef901830297af5ceb0ec26b4641fcef2dbd86d472d6ec9fb62c386bb1ca,2024-11-15T17:15:11.147000 +CVE-2022-20845,0,1,4eb9f488f4fbda040e832f60949661ddc89d0724e8dde35e4c01cc9290744d90,2024-11-18T17:11:56.587000 +CVE-2022-20846,0,1,14328d93f3557fdc60a466ce8aca813ccb6aff82a630434d0dc1eccaeff0a15f,2024-11-18T17:11:56.587000 CVE-2022-20847,0,0,d21ac3e78f416486eced7fa6cfc95babac837c7da6572789bb1ab30b56b84e30,2023-11-07T03:43:06.717000 CVE-2022-20848,0,0,6856ea2a34bbbf446a21aebecd96700714cd1b28252f9d8d45fbb3b93186ddbf,2023-11-07T03:43:06.903000 -CVE-2022-20849,0,0,d0b7b0f488f1e88d4c0d5b5c4f1d0d1788625fb8a626a15634326e38180e40c3,2024-11-15T16:15:23.327000 +CVE-2022-20849,0,1,e6616d10970585921aac28165554c5cecb717f880d073a8a47c48bcd67bb817c,2024-11-18T17:11:56.587000 CVE-2022-2085,0,0,f4cc97e054d518a1b8e57be5dd18f72a26616e2d14ce992571496bd5c70179fd,2023-09-17T07:15:07.477000 CVE-2022-20850,0,0,24d532a63709c9c79d292d9ed54926b717811f58afab7f6b996c677a1adbd1d6,2023-11-07T03:43:07.130000 CVE-2022-20851,0,0,2e7bafafa01d45a84d4b2a8c580c4c75362d932b722c85590bceb09f3183033d,2023-11-07T03:43:07.323000 CVE-2022-20852,0,0,1bdd9d0b9d69398e7edb0f874a3fffa56b7b8b47091299d08b5674ce44cb70b3,2023-11-07T03:43:07.543000 -CVE-2022-20853,0,0,4e2aa3c2ab3b57418dc6f78d60a93e0308d1f0dd505f9ecdfa4e1881453e3373,2024-11-15T16:15:23.540000 +CVE-2022-20853,0,1,ebb27d75790193f86837babf3a58698b7e08969e6c1175874197e001103afcc2,2024-11-18T17:11:56.587000 CVE-2022-20854,0,0,1a05af98dc8d2ef15178eb96b0b76560c3e4cb96313975c5ea578841c47c60c1,2024-01-25T17:15:17.553000 CVE-2022-20855,0,0,9f6f93783492963335ac892a343dd4cdacef454e1b9b7dce8584d27bdc95e2a6,2023-11-07T03:43:07.853000 CVE-2022-20856,0,0,868e5ad39f52bfd78d3e7385f0e52869ec525ec684dde7ef1c1c7286d1dd3549,2023-11-07T03:43:08.077000 @@ -190442,7 +190444,7 @@ CVE-2022-20868,0,0,4640e0357abedaa6546d966462561149d797bdbab2bbadadef49344d3fd11 CVE-2022-20869,0,0,8887b091e307a2f88853ff131574b445d6e7f0597cb704fb6a7c61e6418f8a49,2023-11-07T03:43:10.317000 CVE-2022-2087,0,0,fda9e6cd2c392bb72803e7dbda3914e31ca3ca5df0dd6e23a58310711305f386,2022-06-23T20:18:52.003000 CVE-2022-20870,0,0,6f92229442f62bfb5da21fcb7695aab7bb0921406738dfb31ff76b5d6bb0dcdd,2023-11-07T03:43:10.497000 -CVE-2022-20871,0,0,c0532d5e751d14eba9b12dbc2b35817cb13c35611c95884f40f9e516900fb05e,2024-11-15T16:15:23.757000 +CVE-2022-20871,0,1,53d7a98113549d06e666a8340154515d9778c2b7dae902236baf918cdb9b6d92,2024-11-18T17:11:56.587000 CVE-2022-20872,0,0,1945a4dcb7945d859a19d40da445928f2094af2529e1e70a83a3bd202f8c41ee,2024-01-25T17:15:18.350000 CVE-2022-20873,0,0,d8bf430445adaf3263b8acd5192c1bd1d0db328031972aa64cfb0f60a4b16104,2023-11-07T03:43:10.800000 CVE-2022-20874,0,0,0e01d51ac565010ffd696d15a51e5ae7cc5c44445885b94d7f0d2d506e5aa9d1,2023-11-07T03:43:10.993000 @@ -190508,7 +190510,7 @@ CVE-2022-20928,0,0,b4bd8b7eb9845a5dea83e785fb8c3899d259ad181c9b176e8422c105f318b CVE-2022-20929,0,0,9f8c5dc9e36cc6b7f4e13cb5e0133b8ef9c8d1c97757a2f523c4c08c6c4607c4,2024-01-25T17:15:19.680000 CVE-2022-2093,0,0,f9b6c46d92ed3a273479f0aac6b074690a25c899c0a81056db6bb170ebe3407a,2022-07-15T21:04:01.350000 CVE-2022-20930,0,0,b8872f19944e1a2247dfb95b6faf0c0e7eaa3d2f18cea7fdfefae7f7900b33c7,2023-11-07T03:43:20.913000 -CVE-2022-20931,0,0,e5fb10462a81b13c06dd06c488845db7d743f391aacd2eb72f311a695bbf6842,2024-11-15T16:15:23.967000 +CVE-2022-20931,0,1,01831f721794f8ff362a80099ec91af74930b5e400b1b21c033963ab86b14681,2024-11-18T17:11:56.587000 CVE-2022-20932,0,0,7c4fcd146ede3d6f7ba677a46479a351e54f0aa5e1d73606f8df1118caa068ff,2024-01-25T17:15:19.803000 CVE-2022-20933,0,0,1e3f8165b47aa08c2f85f22683a82391e523ba4b3d0e0e05c77690809d7d71d4,2023-11-07T03:43:21.230000 CVE-2022-20934,0,0,3eca5a2d3b359874a263a3a14b4a938cd00d4932f8daa7be0579a8c705e9bdc8,2024-01-25T17:15:19.910000 @@ -190516,7 +190518,7 @@ CVE-2022-20935,0,0,c6cd0d5563c829bcad9fdec873f413150075b70909f2cdd7967e28a06c665 CVE-2022-20936,0,0,79a4d834423e5e48bbc06de76ac7d3473907bd3fa94c8bdf1610226472c24195,2024-01-25T17:15:20.170000 CVE-2022-20937,0,0,8e5b375c4457ca31958f4afc7ba467afb9b666e17cd09da694c6761da19c3374,2024-01-25T17:15:20.310000 CVE-2022-20938,0,0,0716f27fa0cadcc725b3df26d6c7e6466d6941bf89479f43ef098c881ea48696,2024-01-25T17:15:20.443000 -CVE-2022-20939,0,0,e07cbe365a6e87f2c336d694baaf775b629f4d76606c9e96fda3e9aa795547b0,2024-11-15T16:15:24.200000 +CVE-2022-20939,0,1,2f2513b90ae7c95b2ba46c7772f8e87d75d55b85ac80959ef1d76715a3966d81,2024-11-18T17:11:56.587000 CVE-2022-2094,0,0,aa8e90b78fb16ce790f2711a054b3e1e1aff3fd1748a249ad1a0e41c3a136bb8,2023-11-07T03:46:12.680000 CVE-2022-20940,0,0,af53884143c8285046170dd4e82cf6cbdd440ae613a8d35ce9164ebe27f7d939,2024-01-25T17:15:20.583000 CVE-2022-20941,0,0,71446826ba7b5ebf325cbe0c4e0c055414ee6e18ba4a0637ac686f9ae7cb72c3,2024-01-25T17:15:20.713000 @@ -190526,7 +190528,7 @@ CVE-2022-20944,0,0,d58bd4035167d677f318709b4ebea617d8d18c861ba0013d9b503a3010875 CVE-2022-20945,0,0,9ac7c9cd20a7de1d05f991eb10d16d7f1862b368e5a43a2c5aa867e25e186258,2023-11-07T03:43:22.547000 CVE-2022-20946,0,0,b0ea2682a6374774770e0bcbde525c8be07755eccbfc5b7daca4813803d1ed24,2024-01-25T17:15:21.187000 CVE-2022-20947,0,0,bc3e0c6e94591d9afa8eb56626954db5e7a8bf9b8f24b857429895e836356bb1,2024-01-25T17:15:21.303000 -CVE-2022-20948,0,0,228c80ec66473cd1e93ed08690f05a2f53bf644debb790097de9e597079ad5a2,2024-11-15T16:15:24.427000 +CVE-2022-20948,0,1,61713b2c1a9d7ff3a3ffa25e571153b5f5e22c9d64c040b188183277b41da770,2024-11-18T17:11:56.587000 CVE-2022-20949,0,0,0c27a247c22579ca4e19d2d036bd7af81f0fba76711a1a7a70435d0fa406e580,2024-01-25T17:15:21.460000 CVE-2022-2095,0,0,3c251989bea580be837ba52fc5502217dfec5c99671ae55c970e8f7da9e0ae82,2022-08-11T15:01:36.410000 CVE-2022-20950,0,0,a1584a6de4bec827872a5671921aa2b3aac3dc26894b0a2f83afd677eb9cc1d3,2024-01-25T17:15:21.597000 @@ -195416,7 +195418,7 @@ CVE-2022-26488,0,0,30e8b210169bf2b21f305fa4fbce4e10c03964241bbe5ec36dfc80c2cb677 CVE-2022-26490,0,0,ad732672911862501975a92fefdecfd3b5cce24c7ca2710e76de80c9447fa566,2023-11-07T03:45:01.100000 CVE-2022-26491,0,0,632704e955fd52da8c4c052f534555694213331aeed8f9f41fcb5e01016d6cb3,2022-06-09T19:01:16.593000 CVE-2022-26493,0,0,19cdb73382fe59ca85691dba836316ae60eb1a71f4b8960f5bce7a51b272821a,2022-07-03T19:15:08.023000 -CVE-2022-26494,0,0,1cdd3d0e7c39ff93f80b85d5273c105f1792af282002920505dee307ccf9fd09,2022-03-28T17:18:35.420000 +CVE-2022-26494,0,1,d09846c7cecfc444a5667b9f093236f5fd32dc0d8e7c946ab2c248b53555f97d,2024-11-18T17:15:10.723000 CVE-2022-26495,0,0,ff34a5f98b5f23c9fa91814d1feddc05f57a68812133c497a259c6bcedd93f0d,2024-02-04T11:15:08.227000 CVE-2022-26496,0,0,b114d6f72f432545ebf0a9c5b9541a9b46149a14173cb18a01b2ddf3cf0e067a,2024-02-04T11:15:09.087000 CVE-2022-26497,0,0,83c0115aad75b11f5cec170eb06f6a1cffab7ef722b40d50443445dd1d6f403b,2023-05-04T17:15:12.210000 @@ -213497,7 +213499,7 @@ CVE-2023-0652,0,0,891b5f0517427e04e802283aabe8b265b95f264e057972b96ba712c6ef311a CVE-2023-0654,0,0,8af80398f4d178d9c21eef8680e6f5ac28552bb52f870b7508ea4cc55cf2a9de,2023-09-01T14:43:59.927000 CVE-2023-0655,0,0,c0529df7abe18f1c3024805ad66739486967932627828e15b994b97b9ed4c636,2023-02-22T17:54:06.287000 CVE-2023-0656,0,0,ab2a77ae292496a851365b2e23c214ad7f3d3dd3cb6667b54dba51033130ace5,2023-03-10T21:04:31.397000 -CVE-2023-0657,0,0,03f7b268199dfbcf17d5e0bc3dc3cc06444260a72ccd6db953d44ff12b695f64,2024-11-17T11:15:05.300000 +CVE-2023-0657,0,1,cdd92ce8b854717868be6a13157ea3426364252ad9f7ff2276fb0ac3e9915937,2024-11-18T17:11:17.393000 CVE-2023-0658,0,0,a9351866338334430d01e83be08524097e8d7d13933af2e87670cdaa12a0b18b,2024-05-17T02:17:28.483000 CVE-2023-0659,0,0,f8675986a1b6246156cef644b132dd08b5c1e9e4c2d1e4affd3e6ad6ca06c572,2024-05-17T02:17:28.730000 CVE-2023-0660,0,0,072fe77cf0c0d79a652cfd8907e16280825af85ed24be1a2ad15c998e5467214,2023-11-07T04:01:08.683000 @@ -214225,7 +214227,7 @@ CVE-2023-1415,0,0,1e1434a56aaa3bcd701e910a28cc02dada54d35527fe2766ef00ccb840cbb8 CVE-2023-1416,0,0,1fb3956a7244c92e489ba48a1f07132042e607d4ea6755c5af436120354fa942,2024-05-17T02:18:04.353000 CVE-2023-1417,0,0,98da967360b93ba784cb9be10117165bca60dd585d51b5de1ff2354de4a97e32,2023-04-12T19:22:43.647000 CVE-2023-1418,0,0,7eee0b67f5cbdd7d1bbedbc9f9295de789b5d7c96c750efeb25d3e2d83b82018,2024-05-17T02:18:04.497000 -CVE-2023-1419,0,0,a5ccfb17f02a5f38242823713181ecf5a9e01db6e4517cb569066961e1186a36,2024-11-17T11:15:05.593000 +CVE-2023-1419,0,1,e4a23d220f2bf35b482e50d49aa3f701b081885a4a54aa4231ef20a303c453fd,2024-11-18T17:11:17.393000 CVE-2023-1420,0,0,3e2fa4e8957d1d0f31848a30598bef74396fbdc2c05f156505e4c7498bf8d638,2023-11-07T04:03:33.830000 CVE-2023-1421,0,0,272f49e54bf5009e628eaca8fabd1e4f0a7d8a92fd1191665c5b1de660bd8756,2023-03-21T15:26:57.867000 CVE-2023-1424,0,0,1f1dde7c1926ab06d7a00cba12553eb9540f584becdaf8993f204f01366e482f,2023-07-07T04:15:10.070000 @@ -214778,7 +214780,7 @@ CVE-2023-1999,0,0,83389713b72fbb33f0448bb5b017209184e6ccef0d6519c942437609b0d8d1 CVE-2023-2000,0,0,8cd3accd68d360d71369e55670660f98528dc3de89fec28ade37ccac2b39579a,2023-05-09T16:31:00.540000 CVE-2023-20002,0,0,ff13495a0460fbbacc056e6923313814b51b36acd21f7c9330f556a50e5a03b3,2024-01-25T17:15:23.817000 CVE-2023-20003,0,0,8fe26b3bec3529a10e55876a22ec60b9ee58198c132d4ff5edf36301727ae87b,2023-11-07T04:05:41.743000 -CVE-2023-20004,0,0,b8b8bb895d1c0ffae6c7a94554cf6f58305da8062a3b0cc143d9c959768e78e9,2024-11-15T16:15:24.657000 +CVE-2023-20004,0,1,a311010652f6f214938ecd255f2586af8565ae60d0429a9acc52c6f7d2d457b7,2024-11-18T17:11:56.587000 CVE-2023-20005,0,0,e6f8b8b85fb6df871de6707dd09891ba34946e80382eb4a813f86c4405f5b2e8,2024-01-25T17:15:23.923000 CVE-2023-20006,0,0,622425150ebc1a2988c05bbaea651c7a6ed670ba7f0e101f079ee845f25f6c12,2024-01-25T17:15:24.040000 CVE-2023-20007,0,0,1e7c88b95bdcf2290facf5bbacd178b32fa5b1d81010bee0a06d65a221ba36af,2024-01-25T17:15:24.170000 @@ -214813,10 +214815,10 @@ CVE-2023-20032,0,0,0fee7d5743a2e252d59b0ededb2008bac10fa1267c3289a466f3942175317 CVE-2023-20033,0,0,bd6288e791dfb3c89867f4824e1ee919aae061f3e96f787678743266c88dcf23,2024-01-25T17:15:26.057000 CVE-2023-20034,0,0,afd24b3dbdd5e84fb716ee5384c251e519b4b7ebccb7a61a644c5b76dafe5b5b,2024-01-25T17:15:26.360000 CVE-2023-20035,0,0,bf990679f6d153aa28516a84b9951dc45b406e82f1842f688d0df62730227192,2023-11-07T04:05:49.507000 -CVE-2023-20036,0,0,916e6764f208248dc43a0b22f54d555c1ce314abeb0e390cc5c0ab5ae85d622e,2024-11-15T16:15:24.950000 +CVE-2023-20036,0,1,f13e177a559cff9450df4276c3c2c9415a09887b57f8dbe35ae40be82f75318b,2024-11-18T17:11:56.587000 CVE-2023-20037,0,0,c2914760d5e410f5261b59e565cefb8d4f1ad623014e2dd1e8cb5eb583c1e599,2024-01-25T17:15:26.570000 CVE-2023-20038,0,0,57f68a49cbd3aba16d00a0b70502d11657968cc0f76448d9c73d428db9623a97,2024-01-25T17:15:26.670000 -CVE-2023-20039,0,0,d65c08ea066f3359ebb27749600ec14b5f90b5612ef5e69d2cf14f12a603e408,2024-11-15T16:15:25.157000 +CVE-2023-20039,0,1,0e9bfdbbc5bbc25fd181ddf6e6b47ae821cd84ea6c00f48178632f43adacacb2,2024-11-18T17:11:56.587000 CVE-2023-2004,0,0,43f7bc74ef9fcd317532bd3537b64c658f91f5edb3bbc6123888b6bcd27ec49a,2023-11-07T04:11:40.947000 CVE-2023-20040,0,0,0922a655363fa1ec544d5405a43843e57a5d1d552046d1047b53c5b382f2b45c,2024-01-25T17:15:26.757000 CVE-2023-20041,0,0,fd5755bac85a4f3c718b0f1eb74d0c569a2cc18341d3c265f8df5cf4be80a077,2024-01-25T17:15:26.853000 @@ -214839,7 +214841,7 @@ CVE-2023-20057,0,0,043792f5aee16aeaeb4241db65fe08863eb4a3d25ab39d0568d5bffb0a156 CVE-2023-20058,0,0,ad815c14d82ee176555edb6a4e2052d61f7ea3f63365c395b0328bebd76c78c0,2024-01-25T17:15:28.070000 CVE-2023-20059,0,0,b99d0f72dcc000eb953ace65e13282c926b8d14b4c6816adcddee8cc0dd72692,2023-11-07T04:05:53.953000 CVE-2023-2006,0,0,576ccd01f75cc25728924f4ed5e26d8b930bd4477bce9be56dd71bf07e1c6057,2023-08-25T15:23:55.877000 -CVE-2023-20060,0,0,4fe227273b5e34e9cbc20e8fc1a831f4459e6cc67c0f6ea42c5c4cf1a0dfdf59,2024-11-15T16:15:25.357000 +CVE-2023-20060,0,1,c67986883996852d88af5987af227a2f3dc42d84d8a7c2cfcc7446611a61af89,2024-11-18T17:11:56.587000 CVE-2023-20061,0,0,2ec24e7f0c8bcf98f0de0b7378a7de0b9009080959b3f6e60b70d985f8c0253b,2023-11-07T04:05:54.383000 CVE-2023-20062,0,0,74adefadccfa785110e4e05f634c8688933a1b2a514cb692712de49e45b87ba6,2023-11-07T04:05:54.797000 CVE-2023-20063,0,0,ab9aa4a035ed2a1055c8eae268aa7b6b803ad113e479a4dca4e69fb32738c3a9,2024-10-23T17:15:13.320000 @@ -214872,11 +214874,11 @@ CVE-2023-20087,0,0,133c6492751092d6c28ab324bb58a12f819bd773f8708e73bfb29f97a2be8 CVE-2023-20088,0,0,705f2ea50f1d59a2e3ad7ebc85510dd9d8de6350673ed4bdfd84da5ef77c6e04,2023-11-07T04:06:01.113000 CVE-2023-20089,0,0,984606cfab01f8b8da767b529c591d341f255333dd5307e8011a8533079438b1,2023-11-07T04:06:01.503000 CVE-2023-2009,0,0,f993c356b46fc35d0cbf9d2c6587ae24636f78445d0fc0982a31ae802aada552,2023-11-07T04:11:41.033000 -CVE-2023-20090,0,0,7d8ed5165f13ce8abe5c92710ba00fc6627539c932bfceefcd559e7d5c2d9c0c,2024-11-15T16:15:25.560000 -CVE-2023-20091,0,0,7957d54a758c97d56ea8f39938f86e458704a25f7e6f0d0392c890dc728d5579,2024-11-15T16:15:25.770000 -CVE-2023-20092,0,0,c4563a1f3434466be4aea0d7227c50c30aa74a790971fa8ffe4531c50241f35f,2024-11-15T16:15:25.980000 -CVE-2023-20093,0,0,300b01ffe6545980e2d5e8da2c4875c20bcc800d9dad4aca9740acdc9fbd769b,2024-11-15T16:15:26.187000 -CVE-2023-20094,0,0,c772b82858adcd41613402d4f19b1e84a24c9a0c5be417184c8d0d17eedefdc1,2024-11-15T16:15:26.390000 +CVE-2023-20090,0,1,bdc9b2ae81ef9c0b8ba978e0cb74f964fa9e501d5b4a8ae4fa76cbb7a2b63efd,2024-11-18T17:11:56.587000 +CVE-2023-20091,0,1,0466cfec3e68ad974a65cc9f6bd8b5676591f8c55352cdfd824af2d6b5c29487,2024-11-18T17:11:56.587000 +CVE-2023-20092,0,1,f19f301862ca65d3b8ad6cb53c8247bc9a4f2e6ba9c7bf1a592517cf24e92fde,2024-11-18T17:11:56.587000 +CVE-2023-20093,0,1,8629a68e4210cd9aea1f4610446cabcd1183e8f65c638cb77fa734921d8ec187,2024-11-18T17:11:56.587000 +CVE-2023-20094,0,1,575f147d63e1f6cf42f96cf6d6e410b17b0b525c76d22f0d6a07ab4ab795d23c,2024-11-18T17:11:56.587000 CVE-2023-20095,0,0,c1d39625b73fc4114d101d356e72bcbfa28ba08de7f2dbc09ec224218c1f83e0,2024-01-25T17:15:29.320000 CVE-2023-20096,0,0,5ec9d92a3c53d239a4bea6ac652028ebc9a4f75c4f12a87c04a0f5b9d268f7d1,2023-11-07T04:06:01.853000 CVE-2023-20097,0,0,0f1b759fa19d9d1fbf0d1fb932575fa350688fd85c697d74def63c42805ec83a,2023-11-07T04:06:02.180000 @@ -214907,7 +214909,7 @@ CVE-2023-20121,0,0,358dbca94d32e6dcf0b3104823aa6eef27bbc41a499c165775feefef3dd70 CVE-2023-20122,0,0,7c9e16c7a0ee316d150ed9cf383eca40d39459afaa779ec2d9350f20bcf1e719,2023-11-07T04:06:06.620000 CVE-2023-20123,0,0,1938d04db810293056039009697e32a6b0e0e894259a64bf86651878bc0084e4,2023-11-07T04:06:06.960000 CVE-2023-20124,0,0,e83f8aaae6cd3d65ff2154227681c9318ae0e3b7070056480e66eb5d3b4ab066,2023-11-07T04:06:07.280000 -CVE-2023-20125,0,0,4d3ece80bb2bc98d6b9179f7ff626afd566df172ea9eac0084c18d7ae4849bdd,2024-11-15T15:15:05.347000 +CVE-2023-20125,0,1,1af861b384186611b2e57c9541fd7755295c84ed7d4db317c29699702beee9b2,2024-11-18T17:11:56.587000 CVE-2023-20126,0,0,f839d079229ba6c1e694033f3ce70a9f46e6c8795d13d51bd2484856d9f0674a,2023-11-07T04:06:07.613000 CVE-2023-20127,0,0,5dd1b97bf22fd06bfdbb3184f8e0d784536bbcfd9846484be1e70c5dfc0a2bdf,2023-11-07T04:06:07.933000 CVE-2023-20128,0,0,84d58c0ee921e563d643445e5800ae3cd231b79ec1aa65fe75f6d6b469342bc7,2023-11-07T04:06:08.293000 @@ -214939,7 +214941,7 @@ CVE-2023-20150,0,0,94ea55c7c3cf20c73cbf1b524abac3dc9bbcc065627308840f1663af75b5b CVE-2023-20151,0,0,88742a817c2df6fdace33e29b508ea48e1e2e1dc833b2f75c7b254b36e99152c,2023-11-07T04:06:15.360000 CVE-2023-20152,0,0,b285aade6162740e6dd931c919008308d719b96b4e7dc41373d9b5d41f9dc560,2023-11-07T04:06:15.710000 CVE-2023-20153,0,0,ae7f889caea069cd7690b5f9920f78358d15337fff658fe3de0d3daef91d68f0,2023-11-07T04:06:16.027000 -CVE-2023-20154,0,0,4d0a0d038c8b5442778ad17b85c37cdb9cd722940a6cd558087f26d17561d095,2024-11-15T15:15:05.697000 +CVE-2023-20154,0,1,5046f7b29e3e025addc7fac72063adbd1885c0fc7a6b8265aa782706f47be977,2024-11-18T17:11:56.587000 CVE-2023-20155,0,0,33b71951116186ed9605c91d855e2b68ba331011dda75495bb098ec5b6e270bb,2024-01-25T17:15:31.683000 CVE-2023-20156,0,0,ea0e130fec2d57b54bae7e81d6b74b3374f2cc6170c056dd2fc367148eca7107,2023-11-07T04:06:16.423000 CVE-2023-20157,0,0,bbdecebb32e3e6b666e8da5d3dee094804414044129700721a781dd8705107e8,2023-11-07T04:06:16.923000 @@ -229917,9 +229919,9 @@ CVE-2023-39172,0,0,5d1f3f2b677b0a85af1f0e1718122f63379f727c5f55286cdaefc4f2cdf31 CVE-2023-39173,0,0,94988e678dfa2aa507f7074d6091cd6c6a4eec57d4e8fabf0754fee84b8e4907,2023-08-01T01:02:33.797000 CVE-2023-39174,0,0,c6d2e823a977d91e23e51acd8d719844156eb21bb7500fe830b5bef64c5b8759,2023-08-01T01:10:49.157000 CVE-2023-39175,0,0,bc456592ae9ac6c2adcc5162a962f99df7fdd9b829de4a2da8a4cbf033cf9c8e,2023-08-01T01:08:48.417000 -CVE-2023-39176,0,0,aa563df238200eb898c9484b61b6445b97e9c0ed2befabe3252028130688420b,2024-11-18T10:15:04.667000 -CVE-2023-39179,0,0,80222f972e2daa94434b13860108378b7ce180e0683db0fb066e37927d819acd,2024-11-18T10:15:04.980000 -CVE-2023-39180,0,1,c4fcfd20619d0100c8cc176e17ba2fc79a4a9f561608ec0e6641b28050002556,2024-11-18T15:35:02.397000 +CVE-2023-39176,0,1,b74c7c3c707a0e3cd824487246bd2f6c130fefb300754ae1bfa332207a5fcb28,2024-11-18T17:11:17.393000 +CVE-2023-39179,0,1,4d0c375ebc67831f34475f5d32c2fcd76d50d572c9c9f764b94b918ec20838c8,2024-11-18T17:11:17.393000 +CVE-2023-39180,0,1,9ce0d63541200240c51fd3b4a61dbef25b8b5e44cf15e8e931300d964d148f91,2024-11-18T17:11:17.393000 CVE-2023-39181,0,0,5779a7e12127c05426caed1b79cbad0420f35a50b8e5299eea089f21f74c95df,2023-08-10T15:56:38.890000 CVE-2023-39182,0,0,55a8ec3c40df58e32d7c6d55926b018855a6b6f54a0171e66bfc574495807417,2023-08-10T16:02:54.477000 CVE-2023-39183,0,0,964d0db7c48d041c6935cc07d25789a2cd8767124a64f3f9f2f3583c72690437,2023-08-10T16:04:10.890000 @@ -232914,7 +232916,7 @@ CVE-2023-43088,0,0,1bcc8062ffd3a569b684f5bdb2deeb83dbc9782e0b97bd40bf51a16e6aee5 CVE-2023-43089,0,0,82b96be59664b0f130a5f964790dcedbda411613ce4d203ebbc130e41d3ad92f,2023-12-06T18:38:41.917000 CVE-2023-4309,0,0,637a076a59c3d63abe4402c20b47ecc0697772659e66983f2675fea3b4085d69,2024-08-02T08:15:19.200000 CVE-2023-43090,0,0,507461cef9ce19e274dc5453485eda8431b038cbbad75c2eb7bbbb63602d39d5,2024-07-03T01:41:35.037000 -CVE-2023-43091,0,0,17e8f1e567cbffc3c422c08c213bf9506ee88bff46c7c389cc1c1e4db4a601a4,2024-11-17T13:15:14.140000 +CVE-2023-43091,0,1,224840c6f79e7280523812dff82dd391f34be7b8dc1dd5e955a79219d2fc2549,2024-11-18T17:11:17.393000 CVE-2023-4310,0,0,1b1adb58d63314665f18d053d615476b413810f350d5bb1ad0152094912d089e,2023-11-07T04:22:27.147000 CVE-2023-43102,0,0,1d80eb856942edc0bbd07760d7c792204b3e1d8791acdeae6bbda6a5e6421a03,2023-12-12T17:11:13.437000 CVE-2023-43103,0,0,02cc311fd3e65d752bab4fd46bec20f1f2f662769fcf10d36541efcb49db41d3,2023-12-12T17:10:33.093000 @@ -235103,7 +235105,7 @@ CVE-2023-46386,0,0,f5a6abc5631de2f0b96aff5ba16773085fad569f18e9dfd63719fba22041e CVE-2023-46387,0,0,27fbccd77ddad367cb1d1d1e3ee5156988356671e28e1a4a1f90b6e8bcda3cc8,2024-09-20T17:15:14.407000 CVE-2023-46388,0,0,32e9bc4dc613bc5ba692d45f8824029210febacac23bfdc795b568336d032d93,2024-09-20T17:15:14.493000 CVE-2023-46389,0,0,34df8f198cac35d680ab3b2e4348b71ee99804ab293e9b3de1be2078eba7acac,2024-09-20T17:15:14.580000 -CVE-2023-4639,0,0,b1df3d38c23a57f66185409c793d95c5495386a5b28dd75760594f78ae0129a1,2024-11-17T11:15:05.840000 +CVE-2023-4639,0,1,1adc8684f6b72b8c1ea5d48792839daddb8e8f91766a28e95bea7333f204a2fd,2024-11-18T17:11:17.393000 CVE-2023-46393,0,0,ddccba58ba518df9c7b69b1f4bedd8c88454a3b9557da36fba8ad9c40f0bdd93,2024-09-12T15:35:42.627000 CVE-2023-46394,0,0,a4de4800ba9072f54d1bc0271928ac028c9cbec6c3baa0f74abcd72cfb575146,2023-11-03T21:34:46.077000 CVE-2023-46396,0,0,74f481bd37b42e6c5810d0851c91d8d9d55975de01fc2eeba4f5140ada061430,2023-11-02T15:03:59.683000 @@ -237671,6 +237673,7 @@ CVE-2023-49948,0,0,622d9877751c0fa8476e6eb6ccc5c249d44e758cb56060b3304a0ce82f6c3 CVE-2023-49949,0,0,1dc65feedc7312a850dd1c1186247ca09a75a8ee1c325a4190092bc71db83437,2024-01-04T17:32:10.933000 CVE-2023-4995,0,0,840d09cb8136711cfe5ecb29c665b6962cd70cccd1b93ffc2baa91d722a31a59,2023-11-07T04:23:17.390000 CVE-2023-49950,0,0,66cd1b1f7e3e23c0144a8871a6842f9873670fe0ad92e9d833ed9c626bc2d8ee,2024-02-13T00:42:06.777000 +CVE-2023-49952,1,1,92ae5f5a26ca344cd43f699ec7810925c5d2d6842777a716f253e9f544c4d788,2024-11-18T18:15:05.927000 CVE-2023-49954,0,0,5f2dd99d2d2c5535eeb8bba62a2016b84ef33eebb943b9df4f5ddb0db1b1410d,2024-01-03T22:32:37.550000 CVE-2023-49955,0,0,cbf9c53c0bb64b06b75bdbba368b6a283ee8d6496dcad41687ecb7908881f040,2023-12-13T15:20:11.417000 CVE-2023-49956,0,0,3a870fcbca81b4abff15e228414f86cd1d698ffd0c027bfafed8702887aef856,2023-12-13T15:14:46.320000 @@ -240595,7 +240598,7 @@ CVE-2023-6105,0,0,82435afa25eb7550d0e45ccbf0eba9061b370409fae39d8090a99844af1a15 CVE-2023-6106,0,0,ae91015644451dfca9c79cc801f41a8f42f29bbb36bdfedf4a0231658f4cb3a9,2023-11-14T00:15:09.157000 CVE-2023-6107,0,0,e811d92eba6ac3deb110f0cf4cc81f419a250d458faa228969121b465199206c,2023-11-14T00:15:09.193000 CVE-2023-6109,0,0,a744b3064096685c694a02401e0433f531812ac3fb3fd9d6e9f0d5115e399cc3,2023-11-20T17:44:03.723000 -CVE-2023-6110,0,0,27b73f15e61a18c006880d39e7c283ba3dcc7f9b7f8b2857752189c1578a32b3,2024-11-17T11:15:06.097000 +CVE-2023-6110,0,1,4781a92ae56ed6a77cf2e81811d5e470d32de6a73044b8adcbb1ccb627c00fd9,2024-11-18T17:11:17.393000 CVE-2023-6111,0,0,47cd61f7586b016ccc4fffdba30d6fdbb7a21baf1123d9b978442365f2b434d6,2024-08-27T15:10:01.897000 CVE-2023-6112,0,0,b8d1d79eb6ef2513ba0ef61ffb8f237ee6a6b925021c5d5a8bf64d39fa9a231d,2024-01-31T17:15:22.707000 CVE-2023-6113,0,0,40596376e95b50f33f80c119c844af68d86e0219e8c6355bb1d5865e23549a46,2024-01-08T19:05:26.813000 @@ -241636,7 +241639,7 @@ CVE-2024-0008,0,0,899bae3dea0b6932a6d046356f47764b32f025595d0eef60d8e0e433b2b040 CVE-2024-0009,0,0,31a37345511ab8f9e782cdcb9d09dfe3dad4751b5c25ab7a9b1c5c74d0c64c05,2024-02-15T06:23:39.303000 CVE-2024-0010,0,0,0619a8beffc460e406861d5436887a98d4820a4ca409aea20f604a00879fcec0,2024-02-15T06:23:39.303000 CVE-2024-0011,0,0,871bd2790e1644ed9a3dece6c89b7131ea036c72c23f82726bf2a5f6003f50ac,2024-02-15T06:23:39.303000 -CVE-2024-0012,1,1,8c030c3d83b71435ab782c5e6322192a684add6528960980887b9972a630da1a,2024-11-18T16:15:11.683000 +CVE-2024-0012,0,1,23f9780125acddd13a52f45d78a63127c606b9f8c92f0982f201bc082130159e,2024-11-18T17:11:17.393000 CVE-2024-0014,0,0,57b1d977bcf36a4089ab5ef9c9905bf2b69a9e66b00e8c3e91bd20eccc0f8b75,2024-08-26T18:35:03.770000 CVE-2024-0015,0,0,00e8b369d8c884be684dc161c3d8d59320e06337f56989191711b768cfe02c9b,2024-08-28T17:35:03.353000 CVE-2024-0016,0,0,07b99aa38f7f021ca30f24587ae8679400297ca98f5e8da8ccc928cbae430ba9,2024-10-31T15:35:18.640000 @@ -242340,7 +242343,7 @@ CVE-2024-0789,0,0,dd4dfae2cf9c1e14c885c435e4946684b1e28fce4e56958a0b475f730b1ce5 CVE-2024-0790,0,0,faf5037c158d063c7d3783eeaaf8baa8e520d90b8a2f56f0b34167c00c86529b,2024-02-13T19:42:38.757000 CVE-2024-0791,0,0,28d871b810a01f2865479d915af9f02c4315b0a78f02b99ea63400d030e61fc8,2024-02-13T19:42:31.100000 CVE-2024-0792,0,0,3c897030a6440dcf51b98af86df6699fa962819d4910e41908f270c3687602d0,2024-02-29T13:49:29.390000 -CVE-2024-0793,0,0,adcc0c95ccca5318628bc7afb47da2ea143a6359ca556d46dcd6c11fca469bcc,2024-11-17T11:15:06.340000 +CVE-2024-0793,0,1,d75a249d9ebd53db9f135279b54d1ef3310568b9d643929b7f54749a49e3355d,2024-11-18T17:11:17.393000 CVE-2024-0794,0,0,451b27d3eb454db9d290b4a2f293eb851536ecc1d0b989ae2abb82140dd13376,2024-10-28T20:35:08.940000 CVE-2024-0795,0,0,13010a14cfca4ba438be4e16640f7a529befbeebc81d68239fbd69b9ad51ad0d,2024-03-04T13:58:23.447000 CVE-2024-0796,0,0,47bbb6139c910015cde726e99b527ba76bd0402c41cea9a56768d6bf5dbdbf2f,2024-02-13T19:40:50.223000 @@ -242546,9 +242549,9 @@ CVE-2024-10011,0,0,c65457aada34faaf1e6c0516da2186c923ac9223c52e8a5eff532b0491439 CVE-2024-10012,0,0,13c20134ea832a7b95ab898ab9021a9f374e744934eca377144513ffc3bea6de,2024-11-13T17:01:16.850000 CVE-2024-10013,0,0,150380629cadd91e1419b390054706248e094bc83d2d65ff4cc4925c01c9a39b,2024-11-13T17:01:16.850000 CVE-2024-10014,0,0,e8d1f2b2bcba8c55790a5ab025cb991579911523f1b20331581610c1fd5c2ad1,2024-10-29T16:58:48.127000 -CVE-2024-10015,0,0,70dc3b2727f3910f7f7a99ff0c189d7d7039fa7de102929ecdeeeabf432ff6a3,2024-11-16T04:15:03.917000 +CVE-2024-10015,0,1,05b1313ab000acc8548a205f7073fdd3392fd5050460479d71298d8f7bda371f,2024-11-18T17:11:17.393000 CVE-2024-10016,0,0,21d0091eaff7fe7567d1651c36c431401391330eaae7a5e6c3e21a28cc10ea9f,2024-10-25T12:56:07.750000 -CVE-2024-10017,0,0,1e847cf266d63cabc9b3bdd895a69c0378b751fd03669cc24089f827f43ce7f0,2024-11-16T04:15:04.157000 +CVE-2024-10017,0,1,2bd1c4177807562d194b5e59f0c030df795ba0be87145eb973360eee9b6ec150,2024-11-18T17:11:17.393000 CVE-2024-10018,0,0,2aa14605c63d984e9b2fdfd4b3872cd3e6ce36a0ab239799435cd07454bf385f,2024-10-16T18:35:03.460000 CVE-2024-1002,0,0,da9ff0a1d838ebe2cbec1ae9defbaf7310d6b3493363163f0389be14aee69800,2024-05-17T02:35:09.013000 CVE-2024-10020,0,0,c44d1c89edd3801ef291a0f848d86a1c66ea7576e27fe16a82b93decb52b59a3,2024-11-08T21:19:58.813000 @@ -242631,7 +242634,7 @@ CVE-2024-10140,0,0,ec9d51c2fc14eea2e4cdb7aa8f8bd180db2ec005ceca8608d4d081404a2e2 CVE-2024-10141,0,0,1a2024f75553982bce647b93dbf2bff672eefec5950fa457467c64b98f6e45c7,2024-10-23T20:27:09.370000 CVE-2024-10142,0,0,f8d897c68f0699e753bf4964aa75eec3baa1d06414695c8d5256c262c45a3b84,2024-10-22T18:11:20.450000 CVE-2024-10146,0,0,a05479823dc9b244c9d3c6072656889f63716e15bd862616259d6ac79eca877a,2024-11-15T13:58:08.913000 -CVE-2024-10147,0,0,02ae9cdddfe93d87ba05a4db8b9f48c28d2bd14b124fda54c4555822c392c460,2024-11-16T04:15:04.370000 +CVE-2024-10147,0,1,9da97401c1c16b64bcc6edf500dfcfa4169049bd090b073d910e1d647644abc6,2024-11-18T17:11:17.393000 CVE-2024-10148,0,0,83c51017fcaad8303b49e241d62740cf9ee14ff3b98ac6e60e27203bec158551,2024-11-06T16:02:22.120000 CVE-2024-1015,0,0,5516b1d1af5a9d3814b8a6e102d3692fcdb9c463b2e2645787afdcb157946f20,2024-02-02T02:04:13.267000 CVE-2024-10150,0,0,980e5c556ba92cfe6f78a7c5edf14225adf63d1f935caa703239c8f6c3933115,2024-11-05T17:47:35.353000 @@ -242706,7 +242709,7 @@ CVE-2024-10250,0,0,8accb693817c35c7e4f9fa710076ead819720d8653e5052fbeeec31b3a5b4 CVE-2024-1026,0,0,e127bb5d00442b36eed0e6ff6513a3a42c45706876a3a5f2167365447fb898e7,2024-05-17T02:35:11.320000 CVE-2024-10260,0,0,244e865d9a1607c34ef78b8cc10fe9d865d0e00b89c6d7074ea26acb40607ce7,2024-11-15T13:58:08.913000 CVE-2024-10261,0,0,c0bacd51f8c13c6f93273b74702fb7ce7659bc324c7b90c6cfb500b131b8dd02,2024-11-12T13:56:24.513000 -CVE-2024-10262,0,0,f9f22937d91b073fff1b0a278c7133a44319369451c79667699bb3958d6aeda4,2024-11-16T04:15:04.587000 +CVE-2024-10262,0,1,b25951f7fcc5631ad4155b91ad809e634024513fda623a2bac7141bab57d5f97,2024-11-18T17:11:17.393000 CVE-2024-10263,0,0,d8274159492686a2b3c754959bfc4509f9c9201a502006a3dee5515647626798,2024-11-08T15:59:41.633000 CVE-2024-10265,0,0,f3110d4f544093035d0a9b2f7bbeb2aefd9a822ae90a8974b8e692b012c9f1eb,2024-11-14T15:17:47.947000 CVE-2024-10266,0,0,c93db2a67de792a64ad3b8f3ae10accf6f21ac600e94cc18aca994ed95268502,2024-10-29T14:34:04.427000 @@ -242800,6 +242803,7 @@ CVE-2024-10386,0,0,92094aeb70b25026044a453c13f522af4eb391b2229044481dc021518acdc CVE-2024-10387,0,0,5a1f42d28f618e614b5301c0b94be55a535432bf7194e0692256ccf6aa332018,2024-11-05T20:05:55.323000 CVE-2024-10389,0,0,5c3e383a622dd2c962c1328ad97e7119997516337f3c204f5e02dea9bf077b56,2024-11-04T18:50:05.607000 CVE-2024-1039,0,0,823ba846a6d7c1759f085b54cf23829cdbadd28135927175e007d2b5df85a6ad,2024-02-07T14:09:47.017000 +CVE-2024-10390,1,1,0f765d0806cdf9196d329bdcf23025ca64b02fa3979afe4c4c743c1ebcd10d41,2024-11-18T17:15:10.897000 CVE-2024-10392,0,0,6e1e37299a52c0d29351f7b918b5ce63e7a851a7204714ad635a0d36b7f4f628,2024-11-01T12:57:03.417000 CVE-2024-10394,0,0,4035dfc5a5bcf296734e398f64f1bd6d0cad9615950c5c863b2c2a3b361b6828,2024-11-15T13:58:08.913000 CVE-2024-10396,0,0,eea82678934a4b6027473b74cdd3b7d449ff1d094dd2f74343b30dcc0b4b3531,2024-11-15T13:58:08.913000 @@ -242898,8 +242902,8 @@ CVE-2024-10526,0,0,0fa46d8ccf5c219359a0535980da66887fa2b5cd7efbd75d68b15fd2b882e CVE-2024-10529,0,0,9539d9165463c4ef6062f503e118501e5313e51d190262ed2198af5f2a5dc85d,2024-11-18T14:59:15.043000 CVE-2024-1053,0,0,3d9e5b8218feb39348551f4e96f20fbacd04f2b39830165bb00a553a3d3c5ccf,2024-02-22T19:07:27.197000 CVE-2024-10530,0,0,e3e8a5aa8af87ef0e63a2252d7fc1dd4e05e13d53a5214a349201baf61c39609,2024-11-18T14:59:30.173000 -CVE-2024-10531,0,1,df38d7e5a1658b1a8b93a62cc54b1bd8d1c78902bdfb878f57607636df4c49c4,2024-11-18T15:02:30.197000 -CVE-2024-10533,0,0,74ef37a599912b5086a41dd08113d34c5b498ce14043f9595827a5922b8b41f9,2024-11-16T04:15:04.810000 +CVE-2024-10531,0,0,df38d7e5a1658b1a8b93a62cc54b1bd8d1c78902bdfb878f57607636df4c49c4,2024-11-18T15:02:30.197000 +CVE-2024-10533,0,1,35a7fd73bfde94a3103388e15b75b22ba0ac33a9bb79fa208f6f239c184606b0,2024-11-18T17:11:17.393000 CVE-2024-10534,0,0,df761b6d87b593c42e2ec312a2991a8ebb6274d59b353fff12911b0bdc63befd,2024-11-15T13:58:08.913000 CVE-2024-10535,0,0,14a566633b856f0bcfd07185d246772590c919ba8cb5a244786d38adaffa8830,2024-11-08T21:19:27.540000 CVE-2024-10538,0,0,4258e87072a64a27fee35a0841a3c5095b5fad35eea820564ce6eaffa01f0137,2024-11-14T13:27:00.400000 @@ -242926,7 +242930,7 @@ CVE-2024-10586,0,0,f1f769b86eb6d000daef591c5f367193d87a3d50622221457cbf9ad14bf94 CVE-2024-10588,0,0,c2bcaed6fe7b435f43e9c22f77453914df70e3466f4c66fa7dbe7829c2fb6e04,2024-11-12T13:56:24.513000 CVE-2024-10589,0,0,a6d8f39b47e9cb3150ad138c8d50791b37f1119d54a24371f819b9a1d868ac19,2024-11-12T13:56:24.513000 CVE-2024-1059,0,0,76d1b9b40438f497b680a6494941e57752e942263b38e7996980a78bf67b658a,2024-02-05T20:50:26.783000 -CVE-2024-10592,0,0,4ff30468b778c3d1e779bb8859c5a3613879480963961ae22ccf4603cd0f0553,2024-11-16T10:15:04.173000 +CVE-2024-10592,0,1,82eb1465293009355ad2977978701d550c554554fb81b9dd18c03b54fea9e7cd,2024-11-18T17:11:17.393000 CVE-2024-10593,0,0,f7379b4d068aa0d123148395906d8116a453176503efd9b12d38908f2f73671f,2024-11-13T17:01:16.850000 CVE-2024-10594,0,0,015abb205f2a621c92b02e8c535085d082f03901ef52c99004ce024df21aac90,2024-11-05T17:05:10.533000 CVE-2024-10595,0,0,d179e6b790ca43e523540de6b39a763d6d0e5ba29d81ee639fa2f43517880b37,2024-11-01T20:57:26.027000 @@ -242947,7 +242951,7 @@ CVE-2024-10610,0,0,39ff58e58bdcf75e3e8c03a2b4b1c3b2a5c2d7bd78fc63a26bd4d9751953d CVE-2024-10611,0,0,a2e197a2634c3719c00e010cebb23e6742ac97a5ebd505ee23fbc3b4078405dc,2024-11-05T16:20:27.870000 CVE-2024-10612,0,0,8a019e4c5cfd87a9242e23262c0d7cf92c05b49db3af57ed4d0cdb675d149829,2024-11-05T16:20:43.557000 CVE-2024-10613,0,0,cf7a9ca601b82e80521072beb85e104ce0b058b58f3f13f424885beb372f68e8,2024-11-05T16:20:53.430000 -CVE-2024-10614,0,0,24c971ccd683223e15476ac3ee7a1f088eaa677ff9bd282bfefc2615a2d88286,2024-11-16T06:15:07.470000 +CVE-2024-10614,0,1,d60546c89b859771f99f4585bf047eea73b4e3fafd7659641a24f7a80cee53cc,2024-11-18T17:11:17.393000 CVE-2024-10615,0,0,d468c3c695fbdb8cb7cc6c7db0c7407baccd7e1d70755b08b6bc3f2aa94d8de1,2024-11-04T16:45:15.873000 CVE-2024-10616,0,0,94f55ed4bd0faf50e0891f64e2b5ea20ec640d29892974759f9c3551daa23321,2024-11-04T16:44:56 CVE-2024-10617,0,0,48b23a1a9f67b2d6b1e5c5b67deed264e7e8de26c1992ee93609edc3bcb03f73,2024-11-04T16:44:40.280000 @@ -242963,7 +242967,7 @@ CVE-2024-10629,0,0,bb59b60bfa1622bcae883688f4abb2da03db797536cb98faa56cd5444bad0 CVE-2024-1063,0,0,74a897918202555ab7dea6b1737e329d32a036051a3381cf0244644b537611c7,2024-02-05T18:25:57.167000 CVE-2024-1064,0,0,f25346ba7587521e1585b34f9b82a63a0a8099891451ea7215e7704632eec54a,2024-02-12T18:42:14.777000 CVE-2024-10640,0,0,ac7ef83b735eb08b750b4180f25c0a9a90933cf1f06dab6672ff07257389aab2,2024-11-12T13:56:24.513000 -CVE-2024-10645,0,0,805cbd7e8cc299a9befea2ef97b8448fb82eaad96927bff62208424acdd355c2,2024-11-16T09:15:04.037000 +CVE-2024-10645,0,1,daa1804e7e3f85f72981a918bd36f6ac86e9f938828b0b7461ae7f04b75e3d27,2024-11-18T17:11:17.393000 CVE-2024-10647,0,0,d9ba6608fa541fc383d43441f89db693ddba6534bf6884ce75536f94bd98d4ae,2024-11-08T21:20:50.847000 CVE-2024-1065,0,0,6b929e111558868b0121ca43ebc298de03b6cbdcab98142e875670ec0e17e759,2024-07-03T01:44:57.727000 CVE-2024-10651,0,0,27e099c503dc290e7aac94cd4c1c6b71240bd597597b5702eaef779ee4808c6c,2024-11-01T12:57:03.417000 @@ -242989,7 +242993,7 @@ CVE-2024-10674,0,0,d16f584849190e67ddd9b044fe809cc53716f0604b4d903c0b675313c791d CVE-2024-10676,0,0,c4d26028c65dae8ee24a6ae71fbafbbbdf2f434e1b4ee4c7591876108357a5b0,2024-11-12T13:56:24.513000 CVE-2024-1068,0,0,affccf40ed47a318eb2ecd8e307c56fa640a43f94e3b3e8b50a778ab4a9c998f,2024-08-26T19:35:04.287000 CVE-2024-10683,0,0,81b5edc9806b9d41a626cf134b47e67b5d64e10aaf06aa6e2f1151e4509d5dd6,2024-11-12T13:56:24.513000 -CVE-2024-10684,0,1,b85c7de6b850f9f6fa924663653093a088927ba9544123a6c6da8464be6e3906,2024-11-18T15:03:08.437000 +CVE-2024-10684,0,0,b85c7de6b850f9f6fa924663653093a088927ba9544123a6c6da8464be6e3906,2024-11-18T15:03:08.437000 CVE-2024-10685,0,0,1d5e3517448dda5f262310078551ab26523509e6a1746aada937566f5315b2a6,2024-11-14T19:40:14.953000 CVE-2024-10686,0,0,fcdad82b29385ae50029c826386214a0438adfef3126687e07ca7cc6d49750a6,2024-11-14T18:15:17.943000 CVE-2024-10687,0,0,2d74811f2fc6d3aaef423135ea18016bd4a20ce3a927ba94efb8aa3eac4c5b2f,2024-11-08T15:26:52.523000 @@ -243011,7 +243015,7 @@ CVE-2024-10711,0,0,667b67eedaf55d76b13f0d67159b73016c214e768164f9d0df569a4659871 CVE-2024-10715,0,0,a0586864202123c788b39c9152d7bb58a990061badde7177b34380925db28d59,2024-11-08T20:25:37.380000 CVE-2024-10717,0,0,15bf585ae057ebcf6ec6298dedd5d0b0b84d2a3f7b0625f84537e2f339a063a0,2024-11-13T17:01:16.850000 CVE-2024-1072,0,0,d1340477909607c729b87fb4231ec3eb5b83c947dd2f9537edfb72049dfc44f6,2024-02-13T19:44:28.620000 -CVE-2024-10728,0,0,210dafcceac1da7e73529ab7672de39255c239e625c92fe1709fd956ee5baaa5,2024-11-16T05:15:12.510000 +CVE-2024-10728,0,1,d63611d9b35ef25e3339ce61319937e82fe061367061d14bd65df1fb29db59cf,2024-11-18T17:11:17.393000 CVE-2024-1073,0,0,39b7dc528198b2afbafa91161478b052efb2c858a3c417cf6368bfe809460c5d,2024-02-07T20:56:30.313000 CVE-2024-10730,0,0,8808b0788cc1226811ed98f049f4208abdd990eebdc310df0fd93dc6dcaba5d0,2024-11-04T16:42:33.607000 CVE-2024-10731,0,0,93de8ba16d95746d2c9a168c7c655af07635c6e59127c536c13182d794a3dcbf,2024-11-04T16:43:04.747000 @@ -243057,13 +243061,13 @@ CVE-2024-10770,0,0,0f5897dd9aba481faece95da66f5bd3d6a2ccff92cbfd04ce22fd4f1ffbf1 CVE-2024-10778,0,0,079913d9652b6f58f66290bfdff6b3da5883740d014ac44b1539fe6c742670ea,2024-11-13T17:01:16.850000 CVE-2024-10779,0,0,03484221afac3766470b5ced8d3332eee24d28c027104d12405179c89d30afec,2024-11-12T13:56:24.513000 CVE-2024-1078,0,0,88568fa2f20f5ea8de25fda48576808429bbc616448df571a879f056db565620,2024-02-14T18:39:51.437000 -CVE-2024-10786,0,0,2a9250e1f2f7a703a7a5670c0e0486dd6631065dd8688ee2f8f1a0c3eedb61df,2024-11-16T03:15:14.433000 +CVE-2024-10786,0,1,a76f656d6635ceb4e91d9df4d3549e3d377ef91a9f4fadf29676d949614dad8b,2024-11-18T17:11:17.393000 CVE-2024-1079,0,0,0a964f4e43e1a2d85a40a4753c5354fe293facf65d0ebcc06031e68ccad95a0f,2024-02-14T19:33:09.977000 CVE-2024-10790,0,0,c5195852541315ac22dd1b614848e72547c3a099e7858697bb9ee4c86225d43f,2024-11-12T13:55:21.227000 CVE-2024-10791,0,0,a1ab37f8c195110cb663fc7e474028527dca661a169201c0160b30306fac4c75,2024-11-06T15:05:38.240000 CVE-2024-10793,0,0,849ac0ebf38dc14a8de5efdfa21bed57d99ba8cf0f5c0cd846b144396d51ad4c,2024-11-15T13:58:08.913000 CVE-2024-10794,0,0,990e73a12d2666bd3fad2efb1281964d2189bbaa2e95112b72149dc1a8399a47,2024-11-13T17:01:16.850000 -CVE-2024-10795,0,0,f04956a924e77c8afcc500001bdeeb428700f836ad1f1c436af30a4edeca8687,2024-11-16T03:15:14.737000 +CVE-2024-10795,0,1,f56188914f3ab678226eff75300691366c848cbd45b4ee5ef0058792d43ba284,2024-11-18T17:11:17.393000 CVE-2024-1080,0,0,9acdbacec5fb31283e62a6d3f1b1bde4de3af0ce021840a5a12a8cd06719b667,2024-03-13T18:16:18.563000 CVE-2024-10800,0,0,fb8e6ea9cb7f5838daa314a39d21e1e54fbb9eab7af4f73cc8a245f78af7556e,2024-11-13T17:01:16.850000 CVE-2024-10801,0,0,3a88e665dce12d6cd350c00c6be6179e940c16e7a45bcfb9cfdce8ce89fd3527,2024-11-12T13:56:24.513000 @@ -243100,16 +243104,16 @@ CVE-2024-10852,0,0,f6b203b7b939235aa255ffed248e8cf068dd3b791229b609e430feca6cc83 CVE-2024-10853,0,0,02830723c1cfc34942045c33ee361ea42546311dacb0cff9be0a3634be59c448,2024-11-13T17:01:16.850000 CVE-2024-10854,0,0,15cfe2e17b56db5e0c11761ae38ecac4069d0ddad2bb05d2f72a443bc2fa6485,2024-11-13T17:01:16.850000 CVE-2024-1086,0,0,3e819e2fff80149e3f377751fd1fb28a52f8791d9e5d08990c549613b15214b2,2024-08-14T19:41:08.673000 -CVE-2024-10861,0,0,76bf5c2b2132d82acc916e8125e3d0b8704e1f317b0e3905711081f5768a8d5d,2024-11-16T03:15:14.967000 +CVE-2024-10861,0,1,0e475116cbc916b1684eb819921303de89576e8768786550a96cf2c67b7dbecb,2024-11-18T17:11:17.393000 CVE-2024-1087,0,0,9751a2fe52b8f14e0fc1c9d86ee656c42465ba61ef03201895b6c1868f5679fd,2024-01-31T13:15:11.030000 CVE-2024-10871,0,0,68bab79b21893b436f4ab4e6d9a6ec3633c42e31b376d40213e506317551e1bb,2024-11-12T13:56:24.513000 -CVE-2024-10875,0,0,a40be6cb8b26974e10105a0d65cd7cde1b0077dec20d54efe5fbf528393f6bd8,2024-11-16T04:15:05.040000 +CVE-2024-10875,0,1,f25d99b636c46f59305dd89e678091362bb421c122afe8c605690d8f28fedaa5,2024-11-18T17:11:17.393000 CVE-2024-10876,0,0,bbf9ae62b029e2f20c90d639924bd19ca16772574bbaf6f19776b0310de3890f,2024-11-12T13:56:24.513000 CVE-2024-10877,0,0,6810956c657226900e229ce822592489c5a84819a35920ec22d1da0843174d84,2024-11-13T17:01:16.850000 CVE-2024-1088,0,0,7487e11aa2518f6cc93d89dd95a39f5c8d6e4a1b2567cf073eed09f7df78257a,2024-03-05T13:41:01.900000 CVE-2024-10882,0,0,d50cca8abf620c67a958717eb4d933afb7abd51207b4b48e13771e9f1de70410,2024-11-13T17:01:16.850000 -CVE-2024-10883,0,0,8a0561aefa8368472498ad46c635211a38184779ff08533d6711fd81c99a4e9c,2024-11-16T04:15:05.263000 -CVE-2024-10884,0,0,589288bbb930ed3ad97630a4d79a0063e96d3d25756b3c1592e9a17b5cb440b0,2024-11-16T04:15:05.477000 +CVE-2024-10883,0,1,591fb34dd03e0d1e5f0e5dcf7a5df450cfd7ed4e0c6fa74361f3a75f2590a9a6,2024-11-18T17:11:17.393000 +CVE-2024-10884,0,1,af8d0f69b33cc9c8b5f395f0e60a6b7ec1fd0ec15994d8ada3cc1ff2f49e0e48,2024-11-18T17:11:17.393000 CVE-2024-10887,0,0,6f1c620112f0531885feb58bf605da1bdf3e2be3ee69e7f92d5d01d446076f44,2024-11-13T17:01:16.850000 CVE-2024-1089,0,0,9442709e929187c1b992d082c3eaeec9226480f80fc28198e3a73f4a684640d5,2024-02-29T13:49:29.390000 CVE-2024-10897,0,0,a06583b49e979e6c2e08d66a731da16126991a206b79119172b9152aecec155d,2024-11-15T13:58:08.913000 @@ -243130,7 +243134,7 @@ CVE-2024-10926,0,0,d4b8448490b176d20ac7d5dd5d9abfb0445d0f8f33211ac22e460a561e976 CVE-2024-10927,0,0,89d2896b297590d0b070dc2d6fc3af12d21eeade74b7d5af5a8c30243a174669,2024-11-08T19:01:25.633000 CVE-2024-10928,0,0,d7b9ae13d8f86fa638d0e1d42acef5c90ca0f7e31aac0a4c1ed2473457ce5298,2024-11-08T19:01:25.633000 CVE-2024-1093,0,0,de7ad9b72d87a55cf339c2dc774b7bea1d33bb68e3b932a439fb6fd6a0ef5b53,2024-03-05T13:41:01.900000 -CVE-2024-10934,0,0,a69e8c368cd0afb57664ae3d4f2c76ada6a2cb886a8cd15572bdb8a5a3aba87d,2024-11-15T20:15:17.620000 +CVE-2024-10934,0,1,f60a07deaf666cea5de4e92244d84e71b893bfd0f1ab972caa5337b18183f411,2024-11-18T17:11:56.587000 CVE-2024-1094,0,0,e9e492360318e20689e515fe6138ed3b8630e834f4abf2efeafd987f7e7b2dc6,2024-06-17T12:42:04.623000 CVE-2024-10941,0,0,13c9aa5648736117eddcc05b7c7bbd41bd256da81c39332a1bd9e9e846bf4626,2024-11-08T19:01:25.633000 CVE-2024-10943,0,0,0ccd8432f0f0e1492058026cc01938e6138a4fa1c4553945683b272d10510561,2024-11-13T17:01:58.603000 @@ -243162,10 +243166,10 @@ CVE-2024-10987,0,0,3d92aa33c7cd82b5da2d8627d31a00cc6f3627f00f3b6f252e968a08d3bf8 CVE-2024-10988,0,0,6d214b682ab0622d06c1c4f694c05924f3acdece53f5429fbbce41d026ca23b5,2024-11-13T00:59:17.867000 CVE-2024-10989,0,0,1b4f905eda4958eac87015d8dbff6168d0e3098d937762941916947c71256edc,2024-11-13T00:59:42.403000 CVE-2024-1099,0,0,60fc16226818d332b7b359f2f2234cb026357af6ad05031d156ab3f490bb4021,2024-05-17T02:35:14.133000 -CVE-2024-10990,0,0,6a10ddd21afec926ace36545d1c9e984738b6ea30e52d2522fac31da403a3b05,2024-11-08T19:01:03.880000 -CVE-2024-10991,0,0,e57295838ecd1670d4fe14d7945fe7c3da732066791e84b5b7389c6a195881d7,2024-11-08T19:01:03.880000 -CVE-2024-10993,0,0,7206cf6142982e85355f271e8aa716072abf4161e0799aa2f6e97fb5c15d5fbc,2024-11-08T19:01:03.880000 -CVE-2024-10994,0,0,bb671e509513a2c6397bcf7eedd3395cb15ec032b2149050a0421bf7ae205cbb,2024-11-08T19:01:03.880000 +CVE-2024-10990,0,1,1ba7b247c50542acd0437e639146cbbe8088cdfcc428486a90dd34a7e4fd8277,2024-11-18T18:42:26.973000 +CVE-2024-10991,0,1,fb2ae28f553d249139f4edcc891f42f52e8e7908e76e15fef4fa77792334b0eb,2024-11-18T18:41:42.597000 +CVE-2024-10993,0,1,93c07ffbdac4369acafb877f46c86701c71777368be9f9a2d400e51aa7681a04,2024-11-18T18:41:21.927000 +CVE-2024-10994,0,1,86825ba29bdf48ed63c65c4265cc0d94ab87c75c4fad444cdab718b5e840c251,2024-11-18T18:41:06.630000 CVE-2024-10995,0,0,0039b708eaf356bdd3026a467dff8b15f99cb5620149fa8f01160fd1078f6ed3,2024-11-13T01:00:57.873000 CVE-2024-10996,0,0,89248f706ed3af37a1fd9ad09eaccf188804bc8f3d25b2957099405fa0af3f03,2024-11-13T01:03:05.833000 CVE-2024-10997,0,0,17bb04b8e503cf00e71c65154e5342a332a1b8eb7d8a3add7203d54e7972c55f,2024-11-13T01:03:14.830000 @@ -243176,15 +243180,15 @@ CVE-2024-11000,0,0,a7e8d5385c553ca345a72fc5358bdef9d69bb9b3c3980e31af7a0cfb92d81 CVE-2024-11004,0,0,ae81cd254161ae2b32edcbdeb3c8b9257e0a408bd5a5695d4038ccc9e5adaac9,2024-11-13T17:01:58.603000 CVE-2024-11005,0,0,18600e5d1e147dc33df6674b63d788b55c4a385ff97d609bb37b926f35b08fad,2024-11-13T17:01:58.603000 CVE-2024-11006,0,0,061dbbb4d5e160bf001f7720eb41186dcf120f20d17fa119f965812b96c1ebfa,2024-11-13T17:01:58.603000 -CVE-2024-11007,0,1,739b4480808aaf35beb15593b539eb1864eda053bfdf0d68bd7e2f6002d0197b,2024-11-18T15:08:22.883000 +CVE-2024-11007,0,0,739b4480808aaf35beb15593b539eb1864eda053bfdf0d68bd7e2f6002d0197b,2024-11-18T15:08:22.883000 CVE-2024-11016,0,0,d24a4ef547b8db93612dd948add59f18f08d5f729dd643b0e0ee56cabc76c4d5,2024-11-14T21:53:49.530000 -CVE-2024-11017,0,0,615d13f4614fb6189004494f6f7bcc0196d98191fb1c6c5582606270a0f1f5ce,2024-11-12T13:55:21.227000 -CVE-2024-11018,0,0,67e2bdeaae57fbd6c74bb8768664499e1b600050abb1f3c70030429c7d4a1a43,2024-11-12T13:55:21.227000 -CVE-2024-11019,0,0,06c9591e4e5c6d656b8baab894d6c2f87e1056846bc80e098fe357c2552727e9,2024-11-12T13:55:21.227000 +CVE-2024-11017,0,1,ab5b812ba875ac414948341726ed7477cbf933e4e3125c9e1588639952afa8fb,2024-11-18T18:47:19.347000 +CVE-2024-11018,0,1,d8e9fe6756681329230c9b8926201f074068758f36b1a3228317fe149366f559,2024-11-18T18:59:01.513000 +CVE-2024-11019,0,1,6604c210a97cc053c22ce6d13cc0dc17ae5bad1195d1bb4d86b14fe4426efdf1,2024-11-18T18:59:24.527000 CVE-2024-1102,0,0,0928bf44049eedf97e0b54e5fbfa6f0206fb5c0a5ae4e275eff0db0e3aa685dd,2024-10-16T15:15:15.150000 -CVE-2024-11020,0,0,963165b309d98fa5de51d6a8811a97c5874fd64e0767359ebe01a6a8b627fb39,2024-11-12T13:55:21.227000 -CVE-2024-11021,0,0,4d0c567ca6da32cdf6e4235111bcf9fdb7e328dc15e30ef740c5a8d047e64dcf,2024-11-12T13:55:21.227000 -CVE-2024-11023,0,1,9e37aad0616c088340996391674fad007c134f5bca246cb5de4faa1ad7507ac3,2024-11-18T15:35:03.307000 +CVE-2024-11020,0,1,d8da56d08b04c1b6283579c38861d54ff29b7503469ff5458753549fabf50559,2024-11-18T18:59:39.293000 +CVE-2024-11021,0,1,5330750d11b3fde718ec5c3eb7f0a1e1a342a8ecd281acc88c611cccbde0d765,2024-11-18T19:00:03.487000 +CVE-2024-11023,0,1,2473f75aeae9518b2cbff4e6006b6c4d1b296463725df83234e5d555adc056df,2024-11-18T17:11:17.393000 CVE-2024-11026,0,0,5bad097199e56ffd1f4b7755738c2445dc243d6c7a33468e0f417dfbc0b75e4b,2024-11-12T13:56:54.483000 CVE-2024-11028,0,0,a5fce876a39d3e00d472044131a8d336932258a82ff3a02e40bb7ab1cc37c8ff,2024-11-13T17:01:16.850000 CVE-2024-1103,0,0,7224a9abc8ad2624b19754063e5e3f1dd278d487bc1541d6b3a3ae6b5907a9fc,2024-05-17T02:35:14.273000 @@ -243213,23 +243217,23 @@ CVE-2024-11067,0,0,56467501c947edd55cd4613fd2ef381247159c27f7d35a83af06c94b6a86a CVE-2024-11068,0,0,f7e9062074774d089c911b3e1747ffd8f63444b7d0cb3b7ce8ded4e6fed69b57,2024-11-15T18:24:25.127000 CVE-2024-1107,0,0,7fae6df9cdce298be180c2cb6d3dacceb0e976e847fc87cce19a7d73f37dfe2b,2024-09-16T19:08:27.840000 CVE-2024-11070,0,0,3b497257d1d87e8089d11256275eff956cb64bd2c8e5b58c0672dafc5015efdc,2024-11-12T13:55:21.227000 -CVE-2024-11073,0,0,0baad1d4803fdff2b57bd935b549a58b6cd907bc6e84a7f0d647097524cc062a,2024-11-12T13:55:21.227000 +CVE-2024-11073,0,1,ef922d07a39eeb6c1fcac9a877724098fbbee23a8a49829a797889d4fd66dae6,2024-11-18T17:21:19.557000 CVE-2024-11074,0,0,c7750b58e84d96425502da7e4796f4a1eb10b1d5fe8862bb87f009301db1cc6f,2024-11-14T19:06:54.750000 CVE-2024-11076,0,0,69ee715ef78401e705669ce150a70ba620de69a2c6f89189a55ec0bcea2e068a,2024-11-14T19:14:26.717000 CVE-2024-11077,0,0,017b8d255e80754134e620d058a9d65876d81581be37ad0ebd6cdd417d3b7ba9,2024-11-14T18:57:17.743000 CVE-2024-11078,0,0,d133c6201a7de964272170f882ab0586a90d59fac96ab8e0ce223d3687fb9309,2024-11-12T13:55:21.227000 CVE-2024-11079,0,0,d1a710289b6254268300773c7c9b113893f43edc23893d87d06dbeefe81deb1d,2024-11-12T13:55:21.227000 CVE-2024-1108,0,0,72e8aa7ee320c630f0cd3020b574b902dcf572a1d2888f0afb29692e74e18247,2024-02-22T19:07:37.840000 -CVE-2024-11085,0,0,3714cf171c585b8314cf08084e272628e69703f9efbbf242b101005f7ba6b37e,2024-11-16T04:15:05.700000 +CVE-2024-11085,0,1,36aaba845c0a90c554661f4023115a3f46c67d2a691dfc21b49793447a4b6d8f,2024-11-18T17:11:17.393000 CVE-2024-1109,0,0,54a246b33f975a42367e7b2f8f64c59b5c20293302ad365ae743bbdf357522c9,2024-02-10T04:13:21.610000 -CVE-2024-11092,0,0,1313d4869973ed54bb8685b2e5e0fe24bbbd0c015c50d19d79737edf0039c8e0,2024-11-16T04:15:05.917000 -CVE-2024-11094,0,0,1af90163b7c393665e01968753df0efd008c1deb9f5e38b253a0af7f9a52a550,2024-11-16T10:15:04.737000 +CVE-2024-11092,0,1,e9f7e804f043cae81931fc37547f9a5b6c886cc0c38e1290ab1e0b94e6cf7e70,2024-11-18T17:11:17.393000 +CVE-2024-11094,0,1,96d31b5c75c99258f7a77fadd259d6f2363d98a6ce11e212a75b9e3f71f6de55,2024-11-18T17:11:17.393000 CVE-2024-11096,0,0,c3ff544a53c1563b81fded1ba3057d9b03d9b4212c24283ee7f8f621c81cae5e,2024-11-12T13:55:21.227000 CVE-2024-11097,0,0,42c24fe7e0f8ce5adf3737634dc818886f4840c68e0d42aa533b9f6a8bbe1a75,2024-11-14T15:14:40.767000 CVE-2024-11099,0,0,b02ba7425ae521b4e61975a45bff8e8ecb52a8a9c6c1cb2a6953e7ebe403b20e,2024-11-14T14:37:45.570000 CVE-2024-1110,0,0,2a7a998b7b1ccd0c64d40f28b7bfefdfe0681031ac010f23e86b81b22a7f4df6,2024-02-10T04:13:13.260000 -CVE-2024-11100,0,0,c492dc436c5e7b0bafe38365cc0f5202d40cfdc5e0c2327c30b822de79afcadd,2024-11-12T13:55:21.227000 -CVE-2024-11101,0,0,a2b85a410a212ab95b03a0a6c633679b89052f56b8c74d4fa60b641fe5c20a93,2024-11-12T13:55:21.227000 +CVE-2024-11100,0,1,f07ccb7cc897bda2a057cc3519e9430aab72a4403683b1022f65cd547ed95dbc,2024-11-18T18:52:35.447000 +CVE-2024-11101,0,1,fecf553128f4638268fa024e6276f5cc2ebbf852720cc0f4771411ed72cdced8,2024-11-18T18:57:28.193000 CVE-2024-11102,0,0,460c291b099a678065bd11e1bbf8bd3fff3f3d6e3ee0d55ca5f7bdf40e5eda3d,2024-11-12T13:55:21.227000 CVE-2024-1111,0,0,f15445887f26214e7eb2759298bdfed96c32a982bdf7c3d908e39f1fc291a984,2024-05-17T02:35:14.527000 CVE-2024-11110,0,0,000ef0a836163547344d61057e2afa4f64e5f9dd83ad5df47d28cb2d74707a89,2024-11-13T17:01:16.850000 @@ -243240,7 +243244,7 @@ CVE-2024-11114,0,0,cd01d1bd20c9f5296f8555c25686c350ab1ac500a391941ac565270e9d172 CVE-2024-11115,0,0,6752a3f15fe7742272035ac5069774108f37f03dae8259d5e310243c06e07004,2024-11-13T17:01:16.850000 CVE-2024-11116,0,0,50b6a7b0baae7d93d967770820ad4acb1265e0c8d7e355f7414e720fb7141658,2024-11-13T17:01:16.850000 CVE-2024-11117,0,0,44ab0c5f984ce9aed4e52f00adac2e7b146a348c1dbadd3cdaa1ba5594ee10da,2024-11-13T17:01:16.850000 -CVE-2024-11118,0,0,7c9f78372f7ad6970dc53a89be532a4affd50f91251ef2a11ebe226665ee2679,2024-11-16T04:15:06.140000 +CVE-2024-11118,0,1,3cb9dc4e6bf92f2b2e528e62858236fed3c3ca228a01d299464afefceafe42e1,2024-11-18T17:11:17.393000 CVE-2024-1112,0,0,a074043c8f95f29514c3f59ea2279c09f17d99731ab21d34b196cbe82c1cf23d,2024-02-09T14:34:41.827000 CVE-2024-11120,0,0,368b83ae5902e34b0c550f99a9e3cbb6abf3210b2f6a699d61899ee63a5aa2ff,2024-11-15T13:58:08.913000 CVE-2024-11121,0,0,f1b88a6c44030f80112660a393b156d9c1cd2da4af92bd0d72b008c5bbe51631,2024-11-12T16:15:20.770000 @@ -243255,7 +243259,7 @@ CVE-2024-11130,0,0,15b63aa205de6a4f54c182b134585f269cb8266092a000bd91d13bef5e0da CVE-2024-11136,0,0,24240577f7b850705f8148f1e2257c636c3b9dc696f019566c5d55e0511cc8a2,2024-11-15T13:58:08.913000 CVE-2024-11138,0,0,7b0edb369e2d9df427aea00759a3991acb4ee32080a1e83cba9502f5a7a362f2,2024-11-13T17:01:58.603000 CVE-2024-1114,0,0,4ba1cd03fbc35862ac6b2ce79da50122dd303ea22f4f4a45a352ffb5be12a8ee,2024-05-17T02:35:14.777000 -CVE-2024-11143,0,1,96ffaa2455664e18d60b42605835ada70f7b0d6d8faec6d0bfd534d22c653ec3,2024-11-18T15:03:56.927000 +CVE-2024-11143,0,0,96ffaa2455664e18d60b42605835ada70f7b0d6d8faec6d0bfd534d22c653ec3,2024-11-18T15:03:56.927000 CVE-2024-1115,0,0,4dae9d3d8bef65fab3d547368288cc3126446be18b7fc740123f9a96bd6241e2,2024-05-17T02:35:14.880000 CVE-2024-11150,0,0,3e3c713e3eaad09aa014087e1c0cf6ec0a3f52a733d6f796982bf46a36311d42,2024-11-13T17:01:16.850000 CVE-2024-11159,0,0,acc315ccca82d4dda8527171d6a7ed0296dd6177834223afd6bc1a7bd47506e8,2024-11-13T17:01:16.850000 @@ -243265,7 +243269,7 @@ CVE-2024-11168,0,0,5e610ba56b770f0c45b8e5f1da8a18409af80ecc6fd32d397017d56ba5ace CVE-2024-1117,0,0,0eff4d8f06fdd3645727772834638be79e19128758cbe94b2a8e7a297167b8d0,2024-05-17T02:35:15.090000 CVE-2024-11175,0,0,a70e7384355b41e57dbae42f60548787ddcd5e64369094201d6e3104c030e304,2024-11-15T22:50:48.817000 CVE-2024-1118,0,0,6c399aaded9e96cfac900ecbd30e202d5a6a42d5625667c3de9725b65dc62fc3,2024-02-10T04:13:01.030000 -CVE-2024-11182,0,1,43e4e2251d845a1f0d31bd2b62102b26d7d278b2b068b2f8e9e82735945af2ae,2024-11-18T15:35:03.553000 +CVE-2024-11182,0,0,43e4e2251d845a1f0d31bd2b62102b26d7d278b2b068b2f8e9e82735945af2ae,2024-11-18T15:35:03.553000 CVE-2024-1119,0,0,5426bc48e63724893c52e881a8535fb7954cf4e6383fc287bdb9896410f7d3a0,2024-03-20T13:00:16.367000 CVE-2024-11193,0,0,a70708fa48dd67ba3a86a48525d6b9656d6da3b4be924e80c673ce5d9c638eff,2024-11-15T14:00:09.720000 CVE-2024-1120,0,0,4ae965ad3da5f8a3235e6e58dd82dd504b21e474d229ae465351f9f2ed6318d2,2024-03-01T14:04:04.827000 @@ -243280,7 +243284,7 @@ CVE-2024-11212,0,0,43e01b89fe14437dd38553215518a345f9b4f3c5a332d84f096e358f79ffd CVE-2024-11213,0,0,ee77e6ceb60ab1d90b798383d9261a2a203dfc92f44de28084954782c85c360a,2024-11-15T13:58:08.913000 CVE-2024-11214,0,0,0aa99902e65dc6c03e1ca05b11000c9116be8bf762f91cf55a9d960757e4b1b5,2024-11-15T13:58:08.913000 CVE-2024-11215,0,0,fb8a71cad5204690d7fc24b1c1787d6360fda1c469df5e0270b5ef3894a4902a,2024-11-15T13:58:08.913000 -CVE-2024-11217,0,0,5fc631148be96815ae3dccb931ec54e2a397e3be9cc132b7c1b1194566441529,2024-11-15T21:15:06.543000 +CVE-2024-11217,0,1,5d4ed802680b391d1dbfc3e3b561791ea824d61f478d755424e831d8c9d2195c,2024-11-18T17:11:56.587000 CVE-2024-1122,0,0,0daea6a9b881beb2ea9e563443c7905c114cf68ea1093ef9f6fd6cdf2c48aad7,2024-02-15T19:17:26.630000 CVE-2024-1123,0,0,b973e4c54de6f241a32cf221a70e04068421d86df4d000867b2228a54e55ef35,2024-03-11T01:32:39.697000 CVE-2024-11237,0,0,14e448a6a8c58bda6358b06dade390c2a1921b884cc94a3ba12fc6ad79696644,2024-11-15T13:58:08.913000 @@ -243288,43 +243292,43 @@ CVE-2024-11238,0,0,5db87c5bb65e54461cba31fd593252a458b17b662806ea71f4893354fc621 CVE-2024-11239,0,0,0d5b6cda1664accc0af1c108062fd42bbd179a23c8ad147606d87b4c697bd0ff,2024-11-15T14:23:55.747000 CVE-2024-1124,0,0,913ac2351f43d83be68411d873bf568715eb455fa7fe6219a9189bc1238726a9,2024-03-11T01:32:39.697000 CVE-2024-11240,0,0,93637d2306a8d43a17d83278050b9edbdf92fa9a36ba40ce0cf8eee6e495f689,2024-11-15T14:23:55.747000 -CVE-2024-11241,0,0,5adf62031ef29f2a6aff64af13c8577879fdb0eeb5c43426a2053134c8e9a63b,2024-11-15T15:15:06.003000 -CVE-2024-11242,0,0,b664b9f9ca5ef78a8f76c90b02dcb3e79e313f2513ec5d029d7980fcef3095d0,2024-11-15T15:15:06.280000 -CVE-2024-11243,0,0,07cdde05767a6c078a6880e496b4fc9b8dfe250fb9a8764bfb93c7dd52756f43,2024-11-15T15:15:06.557000 -CVE-2024-11244,0,0,eb8845955460a34ff0f05caa9bffc40321db9bab2c0d6c5ab4b0b8a45f110b8d,2024-11-15T16:15:32.790000 -CVE-2024-11245,0,0,1d3c3963003f652e39ad70e62873c3ce61143e6efc282e684e7f3305765b976f,2024-11-15T16:15:33.153000 -CVE-2024-11246,0,0,03623f9d2973a20ed102a61231dd48a6ec42601438415081c5e6186dd1e755c3,2024-11-15T16:15:33.593000 -CVE-2024-11247,0,0,bce8b608709ee2f34f26a7ac0361a1afd401bbabed86d1e5122b198d8d891745,2024-11-15T17:15:19.237000 -CVE-2024-11248,0,0,05f63ae886ce8e4f4f6c9c95a9d19bf2bcd71685909c7308e46e3edf7854f64c,2024-11-15T17:15:19.580000 +CVE-2024-11241,0,1,89a43b7ea914041a6f59db91c5557f8d5d759fd281e085f89e9191527fb126cb,2024-11-18T17:11:56.587000 +CVE-2024-11242,0,1,1118fbe40870c73d892fa7961109d02efc9eea6f6992fd659082a2270dd53e3e,2024-11-18T17:11:56.587000 +CVE-2024-11243,0,1,0ff1388c8ef64f270cffe8331915ccacdb089ce7746995fcf71ad3772e821364,2024-11-18T17:11:56.587000 +CVE-2024-11244,0,1,7ddefaa41e9ccb977d7c85039db793bbdf53d3725f9912f40eac2a4aaf17a727,2024-11-18T17:11:56.587000 +CVE-2024-11245,0,1,29f44cb172625fff08f5e77fefde944c87d3d58c7aadda73adcfd106f2856643,2024-11-18T17:11:56.587000 +CVE-2024-11246,0,1,fc4921d438ebd3fd188ca2ff821c79198283500fed96f617ac0353e98fc4be48,2024-11-18T17:11:56.587000 +CVE-2024-11247,0,1,138c6af7a110e9125004396fdc85220916d0a3bcf25cde8be044cbf49f3c8725,2024-11-18T17:11:56.587000 +CVE-2024-11248,0,1,65a0a60cdb523b713ad57e4f0d6cccdce7b431410a62e13c807116862df17b4d,2024-11-18T17:11:56.587000 CVE-2024-1125,0,0,f1d015036f4cdda32f03ba210c93a8838e991a1e1d168cce1bd81d56428097c5,2024-03-11T01:32:39.697000 -CVE-2024-11250,0,0,8b0e6334f9dcad2b90092c4673840dfd4d860cb1e6e6f8d5be015dbe688bf885,2024-11-15T18:15:26.280000 -CVE-2024-11251,0,0,e3365cd5b35beffead202860ed23ac651fd05ceb4020ebe0e15542749f7995ad,2024-11-15T18:15:26.653000 -CVE-2024-11256,0,0,a200740b98546397555a7010cd472bb40574fc7bd60c8575d49577892414e623,2024-11-15T20:15:17.957000 -CVE-2024-11257,0,0,ec4480984683bf3b8eebcd3579b1969108cf413555e22eb0ff85eb2e036f9f3b,2024-11-15T20:15:18.253000 -CVE-2024-11258,0,0,6e1f232e48a40af52ebee8cbe965f07a9117e4136a41242b3cd57c4adb465599,2024-11-15T20:15:18.523000 -CVE-2024-11259,0,0,26858f27f49adbee1bd63f6e54c6c9a5a54b03d28b7660f6c7e83b128f88a6cc,2024-11-15T20:15:18.797000 +CVE-2024-11250,0,1,b4820e7b4c32719c1293f43a37edd055a8fc217b09b6b40bc790c864314ccbee,2024-11-18T17:11:56.587000 +CVE-2024-11251,0,1,9ac244f132ebb74fe7dc564429d4c9f6a76eead3d9d81e83ddd43f46265382d0,2024-11-18T17:11:56.587000 +CVE-2024-11256,0,1,955e93d3c5cff42905a75fd9c8ae54ae663d2cd7ad6d24349569b86caf930055,2024-11-18T17:11:56.587000 +CVE-2024-11257,0,1,cf7736ebd0026d147acfac188921b8e936588f40bd7f3d7875e807b8cef3fd54,2024-11-18T17:11:56.587000 +CVE-2024-11258,0,1,e30507aa8242aa0f1ed2fe1dfd56ad60eb57bf6d6e4c0538334f61f4407fa2da,2024-11-18T17:11:56.587000 +CVE-2024-11259,0,1,900e1c2dcf6854dca03bb6e3a3ebddb74e3caae99c0db9f84d209be0a7757209,2024-11-18T17:11:56.587000 CVE-2024-1126,0,0,719cb9688eaad755b04db0e390abb1a9b0b6a5e25f632a929e6736322faf9c06,2024-03-13T18:16:18.563000 -CVE-2024-11261,0,0,d4990e22cfca44a02294d76909efed0131cd57bb247733c65dc562d3ac47a1b4,2024-11-15T22:15:14.970000 -CVE-2024-11262,0,0,8e83f941745be1d781825ca12decab5f6ac9284154d3bd23afe22c24c447097b,2024-11-15T23:15:10.270000 -CVE-2024-11263,0,0,2b3eb9a451d35657787d8d3e78990763a21a9328ac813ebbb0468f592a74c09f,2024-11-15T23:15:10.557000 +CVE-2024-11261,0,1,03149363d80a7f7d2ba3cb3b58f89eedadeed254dd34f2f03686fd1f44616896,2024-11-18T17:11:56.587000 +CVE-2024-11262,0,1,5bda125849c583f0ebaa29ca4d26cf0dcf9667997688ed2241531b87cb595dbb,2024-11-18T17:11:17.393000 +CVE-2024-11263,0,1,6a1ac9d3a12801a9f848747b946a0ac459e1982e45197319659c04e5ba98bfce,2024-11-18T17:11:17.393000 CVE-2024-1127,0,0,fc004f13d69dd65990588f481257d3c8dd60a3804cfac37ac389768e5b88f08c,2024-03-13T18:16:18.563000 CVE-2024-1128,0,0,de5352d9c421a908307277eb7da3f5f6fcfc08a095ea033ab740d4804aa5ccea,2024-02-29T13:49:29.390000 CVE-2024-1129,0,0,bb6d36851ed2d72741a575302302ac57d511f2bf349c6ca7db7385fd53c3529a,2024-02-29T13:49:29.390000 CVE-2024-1130,0,0,19461582000c347e1c07ca83a1d00e23feee8e20532d52fc093ba50686691b5b,2024-02-29T13:49:29.390000 -CVE-2024-11303,0,0,9da6acbc13b8b94f12460b376e430401cf7dc7201a4560e3f86e7a663c5de78e,2024-11-18T14:15:04.963000 -CVE-2024-11304,1,1,0ebe85cb7126f33024892f8e4152c3168cbcf0c601c7b0d0b9d96a563bc5125e,2024-11-18T15:15:05.663000 -CVE-2024-11305,0,0,5328a95bbf7e662e12a857ef5dea77eab4ecc316fb4f536e8772e1db4fed63e6,2024-11-18T01:15:16.307000 -CVE-2024-11306,0,0,f77aaaa67be9242d576d27dffde714b37bfb854f091ee9b96d0ca7ce4c9e08c4,2024-11-18T02:15:15.577000 -CVE-2024-11308,0,0,7e0a566461a1a25058b504b1b076a10b434fc2fde4d7646a8b9f4bf31fc5a5d5,2024-11-18T06:15:04.263000 -CVE-2024-11309,0,0,9411965c35ece716f8c90dd545a21d618e8ac858b01683f6ff41a9045699a6fe,2024-11-18T06:15:04.673000 -CVE-2024-11310,0,0,2d4d611d5e61ee3d47de293865eca5b79be60453c907c37cedc531a8bacc72a0,2024-11-18T06:15:04.987000 -CVE-2024-11311,0,0,47f486cfaf2f8e67141b65904d6812610644729332839ae7b425a509d1ee80a1,2024-11-18T07:15:13.063000 -CVE-2024-11312,0,0,71db06e2a096f0449f94df279bc5cb863b993686028b0aa9e878b169c9d8d472,2024-11-18T07:15:14.903000 -CVE-2024-11313,0,0,890f011cbf9b34450e7704907c25d098bdda5249e8660c02c0f3a68f1c57debc,2024-11-18T07:15:15.420000 -CVE-2024-11314,0,0,77b62bdc6299b6d60a12b7a7152852e6fe05a08406e9a701a9a1af91def37fef,2024-11-18T07:15:15.993000 -CVE-2024-11315,0,0,cc9ed50e7db63318901354c8ed077ff950a09534cf38b4d91deb60ae50f13e1d,2024-11-18T07:15:16.673000 -CVE-2024-11318,0,0,c8d49187a5efe2783469b03b708c4e2e5613cc8fbe66c94c34d585263b5d3164,2024-11-18T14:15:05.233000 -CVE-2024-11319,0,1,03535002bb7861c8dfa29a1f50005884bae7a36a487f8342041e970c5f3ac585,2024-11-18T15:35:04.247000 +CVE-2024-11303,0,1,9a7b9cae0b372cb4b98a9231cfc4f16e7c249eea5ffb75fac7627cc81c7942c9,2024-11-18T17:11:17.393000 +CVE-2024-11304,0,1,22a6a21de6b849517c1b7fe4848b5ad6f5a6501b987b4e9deeeaa72b581b93e9,2024-11-18T17:11:17.393000 +CVE-2024-11305,0,1,84bf85793dd2f7e730f28343594540d39fad7d3215d7e392bc21ef5e70fc3306,2024-11-18T17:11:17.393000 +CVE-2024-11306,0,1,f96161b1705d1a04826829d256bacb8fbd4c72fb30642fc50a3d8ff6dcf71d2f,2024-11-18T17:11:17.393000 +CVE-2024-11308,0,1,d2b75fc6bcf14f70074b54d7ad2a2a59e0f782184adde5a6f275e3bc52b96e14,2024-11-18T17:11:17.393000 +CVE-2024-11309,0,1,0dacc122d147e3df11428e86d831dbe472aba05630f9e5aac582138f9468e73b,2024-11-18T17:11:17.393000 +CVE-2024-11310,0,1,0359eb5c6a6ce253c5c0ffae5d54d8d1c5ced690bb9612efd6dc0eb74fc98e38,2024-11-18T17:11:17.393000 +CVE-2024-11311,0,1,ee0ec3ba815a26c9b4525f27a985b5f6133dab5024de331fb7eb5fb6c5e6ce2d,2024-11-18T17:11:17.393000 +CVE-2024-11312,0,1,5ab2aaee43eb13d0eb145c40d82f559d30b82f5324f13150d24127b7de4934f0,2024-11-18T17:11:17.393000 +CVE-2024-11313,0,1,53f6d870fb2b566376144eec19fd000dcd1bbd56287bcfae6e64830305fb2178,2024-11-18T17:11:17.393000 +CVE-2024-11314,0,1,fd61a9a66be641c7049e49341e5fdeb338e9cb7eca6b01cbdfb607612f91e206,2024-11-18T17:11:17.393000 +CVE-2024-11315,0,1,6b86b9992261d4d3decee865ca7eb6d2eb680713a5739af8b2abb878a6176443,2024-11-18T17:11:17.393000 +CVE-2024-11318,0,1,9febe7cf088687dfbeb6d2d8f74590e0f8059ffca33de9b68ad34437f87d2118,2024-11-18T17:11:17.393000 +CVE-2024-11319,0,1,18c7ff655c51b7d411dffcaaa233052ab9a57102746d3e3dff83135d350dbcdf,2024-11-18T17:11:17.393000 CVE-2024-1132,0,0,3de6e62885ac8497a4c1d8f4950ebedc171b13b33dfedd6a9eea9ae164fd993a,2024-07-03T01:45:01.507000 CVE-2024-1133,0,0,b8b851364368259dd533f1c71b437f741276dcf99770b03558b5d9cd5d3f095a,2024-02-29T13:49:29.390000 CVE-2024-1134,0,0,92ca7b611a6a52333e888fa3a581b5dbc5c29b22a5e7e62eb553cb40e2cb6d77,2024-05-24T13:03:05.093000 @@ -244412,7 +244416,7 @@ CVE-2024-20369,0,0,e23910e4adf6ac7fe444b246c85eb12e2e56e7b12054f1339b9256c8ec4ec CVE-2024-20370,0,0,9c8d802e115773847851e6a87a7c6331398027635ff6abdb8c313a21d8306cc9,2024-10-25T12:56:36.827000 CVE-2024-20371,0,0,5b763c21f0dad7933d07cd6f6f6dc5ca9ec50c488ae19c36eb22a1fb95a945ae,2024-11-06T18:17:17.287000 CVE-2024-20372,0,0,feaf3b98a24bdcf61707d881e5427a56c3f9e9ebde0774029fc1bd7580a0df31,2024-11-05T16:04:41.993000 -CVE-2024-20373,0,0,a2c2841c5e75e2098b2545a81c3463193dde584ae470f938c5f5d2013afd2a94,2024-11-15T15:15:06.823000 +CVE-2024-20373,0,1,f6c48a0754e8fa9a0e8b637b4fe5bfe906eb1ae7e4fb1907e2e4fbbca8eed479,2024-11-18T17:11:56.587000 CVE-2024-20374,0,0,e0c9fc3f494f29ebf625a888aaf98651649c668b7d5475f4297a0435038e214e,2024-10-25T12:56:36.827000 CVE-2024-20375,0,0,a4ae364a987d406a5046b71b718fe2e5ce4da208cd9db67ac24eb19997b1276b,2024-08-21T17:24:59.627000 CVE-2024-20376,0,0,616e740c2ab9d6be811f96c68e43db8bad88fc7cef9833f2acf95234fb3cc478,2024-05-01T19:50:25.633000 @@ -245895,7 +245899,7 @@ CVE-2024-22062,0,0,cc06929fe5df33d033a09c6d5b184881dcbf0939fe62637d4555c345e1a11 CVE-2024-22064,0,0,4ab6f1fd7aac8f5f705eb95fc6fb847518aebb95babd98d77adf15137fe26c27,2024-05-14T16:13:02.773000 CVE-2024-22065,0,0,0787c7694397a7c698dcdd055072a6446d70ea428a21429fa1b1a63fb95542eb,2024-10-29T14:34:04.427000 CVE-2024-22066,0,0,04a1f5193e3d1cd4c2ff5e8b00e85bd78f3fa88fdda81531a689089e114ff7c4,2024-11-08T14:31:32.933000 -CVE-2024-22067,0,0,0df063e4cfb4727625a4769f0e9465766089f4a68a4efbd16211cd7af62d0a5f,2024-11-18T07:15:17.370000 +CVE-2024-22067,0,1,f79f28f84f48acb33da29bd3e2ebd6e3697be250bf1da04b69aadc6baa7a0ed2,2024-11-18T17:11:17.393000 CVE-2024-22068,0,0,0d00619c52fbf410991eb6fb75db8e695c1b871ad9ed5a9a9a67d1976582dc23,2024-10-10T12:51:56.987000 CVE-2024-22069,0,0,4264d807f7b5f6c2c545419e352dc9886522b6dff10818d72b9f5fb46c144466,2024-08-20T17:22:39.500000 CVE-2024-2207,0,0,8ee5e243bdeb55079a285867c41b1d92102261a83307cfe5423cbfee70a33969,2024-11-13T17:01:16.850000 @@ -246581,7 +246585,7 @@ CVE-2024-23158,0,0,7c083896ae118c56bbbf5e942c8384ee2397bcd81ab6e0a549fde13b2ebb5 CVE-2024-23159,0,0,4caf10c46ce8846c250a24031e5b623ee32b37adaf5a74b6dad704236bf3795e,2024-07-03T01:47:36.637000 CVE-2024-2316,0,0,b886d554fbb39a8ab156ebbf04afa7dff2abe542e80901fe75a178728a777e10,2024-05-17T02:38:09.927000 CVE-2024-23168,0,0,6aa4882ac31311673d7105c255a4a4ab30277fc82315f262184f5cb226bf109c,2024-08-19T13:00:23.117000 -CVE-2024-23169,0,0,86d9a411adfc5d5e78823636989ccd9b5f9a1a73ce3bad11071cb87abb452677,2024-11-15T19:35:06.473000 +CVE-2024-23169,0,1,886c75a24b65c9a439e6d8c77ac2257cb1695b40b560a6565a6fbd68a135f631,2024-11-18T17:11:56.587000 CVE-2024-2317,0,0,8e30ab648286b0ea978301e5a5beda2d9abdf16065d34269cbb1824bfad23955,2024-05-17T02:38:10.027000 CVE-2024-23170,0,0,2d2c8288a6a12ddbc7a1710ba6e09b64e14fe785fb79b86b20a944c1ecfef869,2024-02-22T03:15:08.297000 CVE-2024-23171,0,0,f88bf803a0c4fbc4509407858b9247c6d4fbb766b717bcd811063458329b2ee7,2024-01-18T20:23:45.707000 @@ -247486,23 +247490,23 @@ CVE-2024-24407,0,0,544874ccd7bf190605b1eed09e8dcc374c7eae5526ea68f4038bca85f79c4 CVE-2024-24409,0,0,dd8ff08f29b98b9528fdb2ee83855d6758a702d939ff7172a903f50f6071724d,2024-11-13T20:35:44.963000 CVE-2024-2441,0,0,748a7ac4d6ed599dc743b338d434f4fac66b4e81d9dc4afe98a976de37bf668f,2024-05-14T16:13:02.773000 CVE-2024-2442,0,0,da6587851d777a7caecc3fd36ba9b67242261a5b34dedee058c0f959b1280fc4,2024-03-20T13:00:16.367000 -CVE-2024-24425,0,0,b79517c27ddfb3c4c52c5ca4ea61f362c75eacb33ebe01e56666d4d2fb194390,2024-11-15T19:15:05.927000 -CVE-2024-24426,0,0,5f954247619c9506a09635317daea1739d1f7955f5146ab2cb8f96063ec13093,2024-11-15T19:15:06.057000 +CVE-2024-24425,0,1,b4730201248fe264b339a24f6348a19ce78d978e0a5b8d640c2e1ad6cc8d6fb8,2024-11-18T17:11:56.587000 +CVE-2024-24426,0,1,6166038340ada8fcc560b6807a8903fc1dd95abcef765f5426db322c486b2805,2024-11-18T17:11:56.587000 CVE-2024-2443,0,0,a8bbe87eac8a41399b1d0d3a72e714355872c34062df72f2bddd7214646f509e,2024-03-21T12:58:51.093000 -CVE-2024-24431,0,0,33c3bed5d3c5dd2cfbf9ccc66ea2d21c879c3bd4ff0a62e3b54ee65f0375a267,2024-11-15T19:15:06.137000 +CVE-2024-24431,0,1,4a17e71430d299dc76b10f523b5bf34391f8435e621178a2d658fb28da0e4b0c,2024-11-18T17:11:56.587000 CVE-2024-2444,0,0,4077967648b87af230c120a80abe8a1c3709647ab561500ac246716e12815b1b,2024-08-08T21:35:09.480000 -CVE-2024-24446,0,0,56ab657fc72d4fff5cf76366c6733408e4b9f7a136a9f7dfa1a5f6f154ba8704,2024-11-15T19:15:06.220000 -CVE-2024-24447,0,0,bed5865bf9df39f19158b1764a9e5edb678bc0fe4341cd3f77db348a92e140c1,2024-11-15T21:35:05.520000 -CVE-2024-24449,0,0,c1cedd05172c4efc6df6d5d561bf0d004bf06abec1c0e01707406c0e914ff17f,2024-11-15T18:15:27.013000 +CVE-2024-24446,0,1,7a3e9d3096ae556b5fce11b556f977799464fe3e3cdc801c611587981b7e1979,2024-11-18T17:11:56.587000 +CVE-2024-24447,0,1,68577331a6f4e1af2736b20dbfd3e5dfc70e89a5bafd5ffca69920501cd70cdc,2024-11-18T17:11:56.587000 +CVE-2024-24449,0,1,94b7ee356157654696700a54119a618cf19e3221e75d922aef2eb2814a7e238a,2024-11-18T17:11:56.587000 CVE-2024-2445,0,0,4580fbdabeda1a44cff89d119283db83c12561dfbbac9584647c19bac102f840,2024-03-15T12:53:06.423000 -CVE-2024-24450,0,0,6a0b7b5ded00a8277fb325c1ecc37cd7ec612b58b513eed9797faafbeb200188,2024-11-15T21:35:06.360000 -CVE-2024-24452,0,0,f554e44a498c2268e0d196c5da5a7fb8302b221c9b89212e7c8e96e50d4e9b19,2024-11-15T21:35:07.200000 -CVE-2024-24453,0,0,405c556fbf8ff483c12e07c7fba52c38ab8a10d1e07527abda70d703786bad4b,2024-11-15T21:35:08.027000 -CVE-2024-24454,0,0,f85db7d99e3be955f6d96a83bd1e7a20170f3336fd080420781742869359006f,2024-11-15T21:35:08.870000 -CVE-2024-24455,0,0,410a255356df7aff732df54be2049904da6422e8e99f1ad0db89a5197543ac98,2024-11-15T21:35:09.713000 -CVE-2024-24457,0,0,578ce80f141b484680b203c3b49ce9adcd1af314734d32a4aa6eb0cc6063b37f,2024-11-15T21:35:10.550000 -CVE-2024-24458,0,0,7abaea1d736032318a78e812634f5db8f94df4be5ba869e92e4c42f608e5ee24,2024-11-15T21:35:11.383000 -CVE-2024-24459,0,0,899a825774254570132f41a8ac87ea2b2a4bc87f29bb72beb342d6064c62a294,2024-11-15T21:35:12.210000 +CVE-2024-24450,0,1,390d4f5ce7626fbcfad34af0fc653541b705484563fee9cdc21d7a5f37a2063e,2024-11-18T17:11:56.587000 +CVE-2024-24452,0,1,215c34bc5144b82ae2422378a4e24e5a234549a60097442b2418405ce8d77af4,2024-11-18T17:11:56.587000 +CVE-2024-24453,0,1,74fc5f7ad4a79f6e23da99cbb40db86db72b0623dffffc047290dad944f21f35,2024-11-18T17:11:56.587000 +CVE-2024-24454,0,1,966300309f6d742821aa760b841cc96d3404d01a30abd4d614e352e0b42d75cf,2024-11-18T17:11:56.587000 +CVE-2024-24455,0,1,733a32a45e834e0acb87510e3e13b18967b205a2132f3499a296cb62cfc5963c,2024-11-18T17:11:56.587000 +CVE-2024-24457,0,1,f05284897931238b56453701d0aac893afe32bdfa724d4657b46f02d58398db8,2024-11-18T17:11:56.587000 +CVE-2024-24458,0,1,d7a92c379f097315b0df675e7de9768ba9c0d41edcb91b817303459e7364cf7b,2024-11-18T17:11:56.587000 +CVE-2024-24459,0,1,c256ddbcf78055c5f28068a0d88089b6fd68e1959d9f56731f9efe187c5da3db,2024-11-18T17:11:56.587000 CVE-2024-2446,0,0,ef51f957632ec98e360c50fa0db196c0f3cfe0183f1093005f40b796022ec810,2024-03-15T12:53:06.423000 CVE-2024-24468,0,0,bbac026196c9a5e8ca29f54a8d36ba3e229b24779335db2752c28502233c74ac,2024-02-07T22:03:09.897000 CVE-2024-24469,0,0,118364649006ddd6dd7a0282a82463969addbea3b241460c52f60a3b25b50f38,2024-08-26T19:35:10.113000 @@ -249935,10 +249939,10 @@ CVE-2024-27521,0,0,142655bf7422b3c81bdc37fb7ef4329756d07238f339af47f3bda39ff16ed CVE-2024-27524,0,0,08e4bd6ccc21c266f96d6111b83d7d95158b2c7ca600162e7e70631b4fc240b9,2024-11-04T20:35:04.913000 CVE-2024-27525,0,0,e06f7e0695efcbe9bfa15a3ac23251ff54875c477a75b737778895eddfe51566,2024-11-04T20:35:05.800000 CVE-2024-27527,0,0,561071f55bf39a5eae90c6ffa4f2a2bf64edcd1946d8640c93068818852a00d5,2024-11-13T21:35:05.767000 -CVE-2024-27528,0,1,684946450688e414ae8a0e60d1b11cba358ae04d632db84749b9fabb05d89c8c,2024-11-18T15:35:04.500000 -CVE-2024-27529,0,1,6f2f1e63a4b9dd375f7852c59b4a3b6a624c209c9335fb0779107f3a745cefa3,2024-11-18T15:35:05.340000 +CVE-2024-27528,0,0,684946450688e414ae8a0e60d1b11cba358ae04d632db84749b9fabb05d89c8c,2024-11-18T15:35:04.500000 +CVE-2024-27529,0,0,6f2f1e63a4b9dd375f7852c59b4a3b6a624c209c9335fb0779107f3a745cefa3,2024-11-18T15:35:05.340000 CVE-2024-2753,0,0,49ae39425f6531deb039d8727a759281a000c2c0b8058f4a13a0491f93794534,2024-08-30T22:15:06.227000 -CVE-2024-27530,0,1,c97aacf77b892ac56a4dc1aa81533416df2a035271ce715380578673eab043c3,2024-11-18T15:35:06.170000 +CVE-2024-27530,0,0,c97aacf77b892ac56a4dc1aa81533416df2a035271ce715380578673eab043c3,2024-11-18T15:35:06.170000 CVE-2024-27532,0,0,33108dad0c7ee7bb8522025ebca4a44eac30b0fdc3bf3f3af35b25e37a41b55f,2024-11-12T13:56:54.483000 CVE-2024-27536,0,0,c377b0d21fbb5c7de68c4946896ec2f8ec67ef0d39bad02515cbb41c44d1bebd,2024-04-23T22:15:07.037000 CVE-2024-27537,0,0,3cbe9bcef09fe4fba870050d9e0c130363a525b398fa9371487301911d20249d,2024-04-23T22:15:07.087000 @@ -250323,7 +250327,7 @@ CVE-2024-28052,0,0,c15d25a82fbb807832ff1bc94dd565bcc8e771a56ab0af0e3e3891fe636a1 CVE-2024-28053,0,0,c6161d8eec33d0d4874e655333f8b3d42189dbff5254c952286bcd697b2efc85,2024-03-15T12:53:06.423000 CVE-2024-28054,0,0,42bd8bafc554125a5c189382c84c5d77dd5214fa492ad959b0494172465d0aa0,2024-03-23T03:15:11.510000 CVE-2024-28056,0,0,c35a08b2cbca4e8b19728715e17e817ce4b19045fe6d73162e692c29df0fb231,2024-08-15T19:35:07.857000 -CVE-2024-28058,1,1,5c0f05ce0ed7cfc6789c4082c032ffd2fea28b85b8d3b0f49e9d3771a52b9e97,2024-11-18T15:15:05.843000 +CVE-2024-28058,0,1,bcb1ba5dfda6e81d3873ff914c920460c2878c943799c5d1c956f210d65108a7,2024-11-18T17:11:17.393000 CVE-2024-2806,0,0,d5f508ca75cb9f6fa1405297772fa31ca59b69e9c9f039686470ebea3a3dfe0a,2024-05-17T02:38:30.940000 CVE-2024-28060,0,0,749ab409791184ab9b217e9bb8a98b7497dfd8e9ca8e8b87425c211be02834c2,2024-05-29T13:02:09.280000 CVE-2024-28061,0,0,0da8d5a46b5a84ef03a399421122389044f0b8af2c6bbfd8c56d0b659ead8cad,2024-11-01T20:35:10.410000 @@ -254116,7 +254120,7 @@ CVE-2024-33332,0,0,d4616ec3d8fa6c2d14a3b8584e4c2b0a6bdaf97d03584623852ed717f43b9 CVE-2024-33335,0,0,a6cf66b4ab082555dd66294d501cc06d5dc2570dbd2ca86fdaeca4a73e9bd728,2024-07-03T01:57:53.270000 CVE-2024-33338,0,0,dc64e17746d1abab607747c6889c78b7b366c3abba84bde17473f7cc02765f3e,2024-11-06T22:35:06.803000 CVE-2024-33339,0,0,1bca262a290e7823541ac5c56ca607cb8f0a9af8877c53f0a0d3e60cf0f91403,2024-04-29T05:15:06.340000 -CVE-2024-3334,0,0,690229517d403dc25b1c35a49447814b209ca70fdd0de341b8228c12814872aa,2024-11-15T20:15:19.910000 +CVE-2024-3334,0,1,143af60e9499645371e8753102a669923cf7f5a015d63b94328db3de8003de7f,2024-11-18T17:11:56.587000 CVE-2024-33342,0,0,060ace50da8b3f05ba7f67da31443071368333e101cc3fb61992e65c8481798b,2024-07-03T01:57:54.047000 CVE-2024-33343,0,0,0403ccc83281b5ef39242fa2607cb174a7fbc97f1fc5833b8133765daf81f98a,2024-07-03T01:57:54.823000 CVE-2024-33344,0,0,d3440b7441a8ba175b025336c345037d972b6caba49539eb2fcd5ae07cc7e54c,2024-07-03T01:57:55.620000 @@ -254392,7 +254396,7 @@ CVE-2024-33696,0,0,8adc0db7b8cce33b994e835fa3f282e25f1f4ef5644a2aed7cd50d800fe73 CVE-2024-33697,0,0,4a571113caa6ccf495d29be30608c42f9dddf9084d1562bed260e698c04aae88,2024-04-26T15:32:22.523000 CVE-2024-33698,0,0,80f9728a007b76bec9e55fcababf9ce2d8cb5c11944f565f0d36feef068c4511,2024-11-12T13:15:07.653000 CVE-2024-33699,0,0,81b1f37e6f990294e3d0e58469f3ce075096d2792432fa2b41bba58241b973e9,2024-11-08T17:09:29.790000 -CVE-2024-3370,0,1,020e6a4428c9d697bab005e8ce8d542679f3c7059d1793a65aa6d28314cfb774,2024-11-18T15:35:10.060000 +CVE-2024-3370,0,1,1cc2c9f18a80bc4020ac54cd412bb6e2f270faba5df14e45282d2b75dc16385e,2024-11-18T17:11:17.393000 CVE-2024-33700,0,0,800096d409fd3a2a3a42bcca491373284624d5b7e93ac5ccde5cb0263c58657d,2024-11-08T17:06:16.147000 CVE-2024-3371,0,0,d2e6ea20ce5eb692a4e48c27aedae40a56c8f7db204eed4d633cbd78a04f68c4,2024-04-26T15:15:49.357000 CVE-2024-3372,0,0,a196d1e45ccce196e4deb1ea2387c2fe4f6bf89b27a8a7cd4be5ebcd31c9a0db,2024-05-14T19:17:55.627000 @@ -254424,7 +254428,7 @@ CVE-2024-33786,0,0,4c34eaaeb6404bd11728362ca0ccaf1f06d8896bfaa0a8e30f5a7055f9db9 CVE-2024-33787,0,0,c79d3756f20fa8608bd38338556aeaa798aa21ec0e9c3dffe176487918ad4adc,2024-08-06T15:35:13.693000 CVE-2024-33788,0,0,db496e414e9eacb69df835d7ad8cccbd3f6da6b6998f07eaab69cafc694fe336,2024-07-03T01:58:47 CVE-2024-33789,0,0,1b705f261bdfdb3c7c0384a6685c74908e5e41969953d5575683a1d41efd63d5,2024-07-03T01:58:47.770000 -CVE-2024-3379,0,1,d47e51a4e3de73b79c4c139f8c725df94042956f212de1ca635c2c94a5e5992d,2024-11-18T16:35:03.197000 +CVE-2024-3379,0,0,d47e51a4e3de73b79c4c139f8c725df94042956f212de1ca635c2c94a5e5992d,2024-11-18T16:35:03.197000 CVE-2024-33791,0,0,4a99a46cc9bc13330a58a77df6070e766b5a533f0015633cf295877892d64b94,2024-07-03T01:58:48.567000 CVE-2024-33792,0,0,7c7c9a5cdc3e6c8c82320ec108a0ab3708c01bb96dfb27d34785495a231c6066,2024-07-03T01:58:49.357000 CVE-2024-33793,0,0,657ddfb93c384e79c20456942320d557ebaeb8c427e62d4fba5eb78b0e45cbc0,2024-07-03T01:58:50.130000 @@ -255377,11 +255381,11 @@ CVE-2024-34995,0,0,c5ae887edb3d68f5b17625c821aa1f4eef9c82bfd086996cef9a6f896adae CVE-2024-34997,0,0,5fbdf010972a8268fd5a9463e95189eba51629c3cae1b641fade25965bb6360c,2024-08-27T15:35:16.800000 CVE-2024-3500,0,0,65f7cd29cdae6ff6308db5dac7c1e408d4ae13919a645c3f45d14d5a6eb829b1,2024-05-02T18:00:37.360000 CVE-2024-35009,0,0,3fe7a6685d547c8f13c78e6aa6b52334336d0dbec9afe2301a9c305ba9814939,2024-08-08T15:35:12.080000 -CVE-2024-3501,0,1,ce8024ca1053c5b49eacc4afc2f5ea059327fb5a952e6dfa1ac835cd61cacc02,2024-11-18T16:35:03.523000 +CVE-2024-3501,0,0,ce8024ca1053c5b49eacc4afc2f5ea059327fb5a952e6dfa1ac835cd61cacc02,2024-11-18T16:35:03.523000 CVE-2024-35010,0,0,6e4b79d2c02224bc0070ffd30b8ebbf9821b5f9a967abd7e45b682dfed020dc3,2024-08-20T14:35:18.007000 CVE-2024-35011,0,0,20c56ae7701ad2e917dd6b2ccceeffea8e94a8ddd9a2b2ca02beb893f0a0b7e1,2024-08-19T17:35:16.943000 CVE-2024-35012,0,0,c8bd09796e971cbd360d6bb5909687d1917c7ee2369b2a3730c7a0355d3c5511,2024-07-03T02:01:12.127000 -CVE-2024-3502,0,1,23129de5f948decb1cb9b7e191dd4a8dc744f0940e392a69120e1554c79fd17d,2024-11-18T16:35:03.850000 +CVE-2024-3502,0,0,23129de5f948decb1cb9b7e191dd4a8dc744f0940e392a69120e1554c79fd17d,2024-11-18T16:35:03.850000 CVE-2024-35039,0,0,16789b799d84c4b57ca393e0c1f64a27f89bdf5208029185a91c381dd5f853e1,2024-07-03T02:01:12.907000 CVE-2024-3504,0,0,e2de0e6f69991c8d2671ce35086e9faed799d2b484a27eddaabccf584b0c7ea8,2024-10-09T15:27:06.437000 CVE-2024-35048,0,0,7d2e40c430e02cb68d065988844aba370a92c807c6984a33499abbf4ef502def,2024-07-03T02:01:13.607000 @@ -255626,11 +255630,11 @@ CVE-2024-35401,0,0,e20c7deeda0300f83b1078cc4b3716ac7ed24c4deff40921468ca6f87181f CVE-2024-35403,0,0,4d9a98843a184aa3f7fed28ea2e26cfcf04b1cff379a69b2f7e72017e9a927ab,2024-07-03T02:01:44.377000 CVE-2024-35409,0,0,c1e09f17fc040d1a54c6ca919b4e6df91e3a03195ff96673036c48a4d8f8f539,2024-08-20T15:35:15.637000 CVE-2024-3541,0,0,14abae851d976e531eb89e36d00e68f1b4222a58cf78e09467f8f13cc823ff73,2024-05-17T02:40:00.373000 -CVE-2024-35410,0,1,52671e43e1c98458ff052108b26bb6efc4b640d270a72c17011f8f9bb7bf5922,2024-11-18T15:35:06.910000 -CVE-2024-35418,0,1,381932b4d565644b8a31b6be16605f8633f195d7cc6d282ad1c81ad730a8c88a,2024-11-18T15:35:07.790000 +CVE-2024-35410,0,0,52671e43e1c98458ff052108b26bb6efc4b640d270a72c17011f8f9bb7bf5922,2024-11-18T15:35:06.910000 +CVE-2024-35418,0,0,381932b4d565644b8a31b6be16605f8633f195d7cc6d282ad1c81ad730a8c88a,2024-11-18T15:35:07.790000 CVE-2024-35419,0,0,77ead0780a68b696ac114e0cafe1c352c44b6817832d7b710fb85987af543cdc,2024-11-12T16:35:09.570000 CVE-2024-3542,0,0,5a8537177eac38ffc4c0459430c529ffd4234d4390bfe331be843583f4e31e36,2024-06-26T18:15:15.750000 -CVE-2024-35420,0,1,0d0b01a3d569270d8acec8b01619e9099dbd6673e118b59864f36647656f85b5,2024-11-18T15:35:09.067000 +CVE-2024-35420,0,0,0d0b01a3d569270d8acec8b01619e9099dbd6673e118b59864f36647656f85b5,2024-11-18T15:35:09.067000 CVE-2024-35421,0,0,352e363e5c883c2c66505e433f951e8999b219db6cbd6293c4bdd2f64e99938a,2024-11-12T16:35:10.447000 CVE-2024-35422,0,0,1241ed0ebb5f391f2364e38fffd979f9b99255d936a154e4d0a9366f235ba4b3,2024-11-12T16:35:14.203000 CVE-2024-35423,0,0,33eb9412472842bd71735d54f4c85e836f85667840484c5493e4d718f535e52a,2024-11-12T16:35:15.027000 @@ -256943,7 +256947,7 @@ CVE-2024-37151,0,0,8369ee3c4d467fa86763a95ad47c05c55ab1bf8ab2582315661b340a8d9a5 CVE-2024-37152,0,0,ac6f3acf11b3a1f516e05266cf8046e8001605f3fd121de5700d8dfd6dcff917,2024-09-18T12:51:04.430000 CVE-2024-37153,0,0,9f4424de0035ce52fbc12758883da96bd3d6274fe3ec25134b2ea0b426063640,2024-10-15T19:40:12.917000 CVE-2024-37154,0,0,dd0ccf9a2b9c80e8d5e5d3b5ee95b70b33aa0e3330c8531821fb592ab05146b2,2024-10-15T19:43:51.117000 -CVE-2024-37155,1,1,b6f432a06d7e3263c8fb3a36f2e291289944fea84428f03a1d9f3dbb5a9987a1,2024-11-18T15:15:06.210000 +CVE-2024-37155,0,1,03a225c6163a512a818c4ee102497c2e71a3d3e150e8d78865c64005253dfb93,2024-11-18T17:11:17.393000 CVE-2024-37156,0,0,a4629359601329a252e33b03a4ccc833dd9e2ce7a4a6bb980b335d8342668158,2024-10-09T15:08:29.647000 CVE-2024-37157,0,0,a07622f963d285fd9e3dcfe8c8c66929285017ffcec83ca71975fa9dd7c880ca,2024-09-18T13:50:23.367000 CVE-2024-37158,0,0,d89015f3d5c7061659d9d0607cd8f932d19692ba0c53081aaf8195c4a3e4e008,2024-06-20T12:44:22.977000 @@ -257158,7 +257162,7 @@ CVE-2024-37391,0,0,e99f92be626b4b841a6b299b2728912f45fefbd409010bfee05135471d62a CVE-2024-37392,0,0,aacf1862268af2cdf1c4491d7b5ae4c041bcfa60748ed52139bf258567ef92c9,2024-10-27T14:35:09.803000 CVE-2024-37393,0,0,b93d796f3c4283b87dfd22c20f36a8116f582a381c44650f39c5ea43e6b806f2,2024-07-03T02:04:18.707000 CVE-2024-37397,0,0,7fbcc51c6b175128d4a712387aaad70ff152c7c1c439f81c942699a1e4599add,2024-09-13T16:35:09.630000 -CVE-2024-37398,0,1,d014b7eb9a15e5e3eb9081a631750734a91337406ca89540557d8e0fe4675904,2024-11-18T15:23:23.543000 +CVE-2024-37398,0,0,d014b7eb9a15e5e3eb9081a631750734a91337406ca89540557d8e0fe4675904,2024-11-18T15:23:23.543000 CVE-2024-37399,0,0,308e730bcc199d112d6cfe8bdbdbf7120fa96451bfff020b7962dbf1afddf5e4,2024-08-15T17:31:49.067000 CVE-2024-3740,0,0,cf4cd6bcfe639a4f771a19ddc36f820864da86f0d9d9f91c68694d8633fab251,2024-05-17T02:40:06.170000 CVE-2024-37400,0,0,fd4f533eac30efcd3f16887561cfe66601f6740f751d3f8ba2c9c44e9b1a623f,2024-11-13T17:35:04.687000 @@ -257753,7 +257757,7 @@ CVE-2024-3820,0,0,8985e7d1e7aecc5fe081b43705d723ec0ca067093ca4a65f30dd280cab8408 CVE-2024-38200,0,0,d566a27ccd0b19f8229e9b6ce0a19c6b80662cfcd111693b799cdefa30455084,2024-08-13T18:15:29.720000 CVE-2024-38201,0,0,53005100dd7a84f045f26370f955e41247a7f9394ca3dbb51556ee597d1af3a2,2024-08-15T20:30:00.737000 CVE-2024-38202,0,0,d8ddfa5317ca7a8f5c085e0bd9baf44e75fb52705e1273330d4eed88c0e41067,2024-10-16T02:15:05.713000 -CVE-2024-38203,0,0,f2203846d3d31de72a5072d7596e16464f5e3bc43bf6165d50b28b77de7408e8,2024-11-13T17:01:58.603000 +CVE-2024-38203,0,1,3ba74220890d3165f6d8f7bc50a1ccb7dfaa101ff196bc770df5f3083eb188f2,2024-11-18T18:23:07.743000 CVE-2024-38204,0,0,9cc89ba83302b9bd215e463218ee1cc7be153f8e1ca4eb483b926bd28092eec5,2024-11-08T15:34:14.467000 CVE-2024-38206,0,0,159422281702f43b217eea303b5c7354ebb2179d51ac658c6c0c018b5ec16a40,2024-08-14T00:15:08.213000 CVE-2024-38207,0,0,48fecb3171f70b225df97b5c11256a860a73d4f7fff133be4c81b71e774668c7,2024-09-19T22:15:05.710000 @@ -257894,7 +257898,7 @@ CVE-2024-38367,0,0,ef3b5309f2c711755f4bc1341d871d57dcb340a68f69961e0160dca4bb6dc CVE-2024-38368,0,0,2f8143f8d00d367476eddebe8b3c5595b38d7c9548f03fa31bf0b2530474a056,2024-09-18T15:23:00.507000 CVE-2024-38369,0,0,8244568cb54133bd4b7c000807714a4126c5f985c9bed4f8d225a3d939b43204,2024-06-26T14:47:05.077000 CVE-2024-3837,0,0,83b07e73fbcd3bdc07d74ecd9200ace8bc3f655fb5ef786e0fb5447a3f989592,2024-07-03T02:06:37.303000 -CVE-2024-38370,0,0,2a7739a42ac119a79a6d88cdf8eaf101f5e8cf352457db3797f21dc353940baf,2024-11-15T22:15:15.317000 +CVE-2024-38370,0,1,2dbe3463214436a2a9f00e0266b5f99a62603e6378b6c514d2bc3fafcb22a5f3,2024-11-18T17:11:56.587000 CVE-2024-38371,0,0,89525bd0cac36f8169b7c7660aac33ce1fe77dbe859f180f5d0a019c34cd3913,2024-07-01T12:37:24.220000 CVE-2024-38372,0,0,3d54cf49c69f5dcfca10b8ed801434d5b29c7aa6896635c0f913f2cd2b718834,2024-07-09T18:19:14.047000 CVE-2024-38373,0,0,871cf732e8d89daf91760031051bd3f20f88f5dad720fab8628df5921c7be18f,2024-06-26T15:02:05.100000 @@ -258317,7 +258321,7 @@ CVE-2024-3882,0,0,8cf286ca42c3a62eccb821d9ac0678dabad594eee248c127390ddaf169987d CVE-2024-38820,0,0,50758758d32f5bb9d0664ab5254e279459d398846823826c47d2a8b01a7200dc,2024-11-05T21:35:09.393000 CVE-2024-38821,0,0,bb251b2231aa5ec8776de9aee89d7b4c729d7a41bc68ac186fa12d01aa093b81,2024-10-28T13:58:09.230000 CVE-2024-38826,0,0,d2dc3bc0b0f77945ea4b1900d4b45fc9041d9a4783cdeb176eb488aedabdfbeb,2024-11-12T13:55:21.227000 -CVE-2024-38828,0,0,7a9334885cb0985de2254595b4efa0f6b1f0200d2341d7d4f7731bcfb54ab030,2024-11-18T04:15:04.233000 +CVE-2024-38828,0,1,0c8d1b5128144a8d7d124f30bfb82a89e19f39cd304dc10431ed647af64ddcb3,2024-11-18T17:11:17.393000 CVE-2024-3883,0,0,e6bda202b9fd54c10f25f29dd8ae0cebb83b1538aee636944c2fd66bf4045fff,2024-05-02T13:27:25.103000 CVE-2024-3885,0,0,9b28a2ee85edfe77753e71858fb1438bd68a9b6ee299843f3a5752cca4753d01,2024-05-02T18:00:37.360000 CVE-2024-38856,0,0,cf2c30abb1c3c3e6b03acfa253b7bd98efa464ab76b49fddc2034ce3ce8a3be1,2024-08-28T16:15:58.043000 @@ -258926,7 +258930,7 @@ CVE-2024-39720,0,0,d0abcb66b33d9eb5538e2c3f6b1c0a5ec90e4231fb92eae0b5bdb3698a665 CVE-2024-39721,0,0,a53f4a408292484f4e31830b23f4d1e9fa44faea82210aef0c3385e6a6ce66da,2024-11-01T16:35:24.357000 CVE-2024-39722,0,0,08a96543a5db4fbd3fecc413584aca3682c28f3fb47ec14ffd29adb20a7fbede,2024-11-01T15:35:17.693000 CVE-2024-39723,0,0,003097d794792a3e1194202f71608927b35e402887d5f5ddf07d35b5dd183916,2024-07-11T14:54:10.243000 -CVE-2024-39726,0,0,0a5e81dbde3fa950422b79a0538ab8807c0f94b1a9dbcb7c4da57d86278a1408,2024-11-15T17:15:19.983000 +CVE-2024-39726,0,1,debd0f8a224a4f45183dee702109e91b92744cba6c3b0f6c5587e19d74456388,2024-11-18T17:11:56.587000 CVE-2024-39728,0,0,fba26233ce0c4692619efffa132c45bfb836485ad2132e6f2e6d7ce0ec6f97d0,2024-07-16T13:57:37.203000 CVE-2024-39729,0,0,bfb0ee29aaef980e2b91ef648868f4c0e36729a7e019c3fc9d2073fdf0f8ba3f,2024-07-16T14:02:53.577000 CVE-2024-3973,0,0,1e562721e06ec34010a875bed42bd8dd124b3449743c9a2acf9ba1a2336534dd,2024-08-07T15:17:46.717000 @@ -259312,7 +259316,7 @@ CVE-2024-40633,0,0,cb8b1e46d2fb0350ee65397b524eda33b035785c4ff54d8f631326909af07 CVE-2024-40634,0,0,f0b1b04d49b6a98a87295b9d83a3ab2b8cbfe90c15ea00701d78a02066d0251e,2024-07-24T12:55:13.223000 CVE-2024-40636,0,0,98744b954b3d196b3f10d684008952126f958b809a4f56d792514a1180b74df0,2024-07-18T12:28:43.707000 CVE-2024-40637,0,0,8f01e513c3194bcf30056752321b26e2f21549acaed31b1fc0f5890d359b45ae,2024-07-19T14:37:17.863000 -CVE-2024-40638,0,0,db82f6838b27a691b85a6743c128cbf9ff57d7ead1ca3f936302168cd35bcc6b,2024-11-15T18:15:27.457000 +CVE-2024-40638,0,1,cac3c8f94c450984efe035de620b20a0a227df5898eb7b0aaefee9af5ae90a88,2024-11-18T17:11:56.587000 CVE-2024-40639,0,0,8bbb50b2a25542a9b7af4d56fa6e5b2d2c32a2fc32f95961ce4984af08c80bab,2024-07-17T20:15:06.603000 CVE-2024-4064,0,0,3a1a40467a64f04bfa80ae5c066454b06b4092014a9e47cc1a50eb6eb22d315c,2024-05-17T02:40:14.223000 CVE-2024-40640,0,0,7e1f28a17873c57850e387e604bc4923eccdf39126e84bd67e6dd03b6e2f6417,2024-07-18T12:28:43.707000 @@ -259760,7 +259764,7 @@ CVE-2024-41143,0,0,e8899d473fa3a8ea11660d6f2ba88aff617e29347ef6b002447e4155241e1 CVE-2024-41144,0,0,a99ced5ff39791199789f8b7404cf70d5ada3bff5c6dc65a7803cc1121e905e5,2024-09-04T17:25:48.123000 CVE-2024-4115,0,0,89bc89df66a101d446d6568b359dec67345256fa579984420e2e2fe7ea4994ac,2024-06-04T19:20:29.937000 CVE-2024-41150,0,0,f29e18c57230cbc3b76f00f0b7fe1001f55bb08bda82442884bf5072f9726b00,2024-08-27T14:35:09.013000 -CVE-2024-41151,0,1,433e59e3d1a295fa75cf194a270eed460d96149649f776978d81b487e9be661a,2024-11-18T15:35:10.290000 +CVE-2024-41151,0,1,83c870b64bd13b34d92e777b5a6ddc4ae15bc7b99f3f9858a151401c3673202e,2024-11-18T17:11:17.393000 CVE-2024-41153,0,0,dafb89be97200d81ac5d60fe35f2a445ceac861b85bb58f78c85df804ae27889,2024-10-31T14:37:48.533000 CVE-2024-41156,0,0,c0093084afabf89304f87b01eeae3792e9c6bc73b0c168ddc8c792fe08c67a19,2024-10-31T14:49:39.800000 CVE-2024-41157,0,0,7a282611d45c2fbb6f2dc936e4617dedd23e7f4d2ca4cbf354d2844aba4fb55d,2024-09-04T16:30:40.737000 @@ -260013,8 +260017,8 @@ CVE-2024-41674,0,0,e673b8205e82a534b9a977608e67254dbf60c56054d2121630b866936cabb CVE-2024-41675,0,0,99d7bb404b6db7a620ac267d34a06ef7dcdda9c80bdd1ecb6c741290a9b47f60,2024-08-23T17:07:28.247000 CVE-2024-41676,0,0,f8c727903895dd3f774fa8fafadf4d13b194d23bd32750d21228bccd7e3862a1,2024-08-23T13:44:42.487000 CVE-2024-41677,0,0,350177b79949244cfbc185c5f18aee412a8902a49d36a53e1d4b50536f1effd5,2024-08-12T18:51:29.497000 -CVE-2024-41678,0,0,43bfd773fe0f389d4d2972065648cf80c04ab4504b31ed9b2e85f880173045d0,2024-11-15T18:15:27.720000 -CVE-2024-41679,0,0,30895d98a21b1efa39db3dfa62b7834f7f6581bb6d111c2b0d0989f68a696495,2024-11-15T19:15:06.527000 +CVE-2024-41678,0,1,f75f0254e97d75af873f121dda9c20cc187ced74f64a91fbf1680105b77be88a,2024-11-18T17:11:56.587000 +CVE-2024-41679,0,1,637bed3c85c866e78785f18f4d0736c1a7b381cb64466af914d675db8a707d1b,2024-11-18T17:11:56.587000 CVE-2024-4168,0,0,7f4f833c88738c683a47d814a058bf8a730868170937a9aca799097bc79bf22f,2024-06-04T19:20:31.690000 CVE-2024-41681,0,0,6dfdc16b96a5715c67e93e3b8e76db2de56f823b305a3ba2f49e1e9df8ebee6d,2024-08-14T18:37:06.540000 CVE-2024-41682,0,0,b98500d64915be62a0e5e2d6d50336319231d8c45c711d39d83e7568c61fc3c7,2024-08-14T18:37:24.413000 @@ -260087,8 +260091,8 @@ CVE-2024-4176,0,0,2a1e283cc95c7d3d47b09f457f96512613ab4fb1878e9b333c02ce78f75d83 CVE-2024-4177,0,0,e1d6d87dc8ef62b0d8de94cfe98a875b1cbd39c3640e8e02d8d5a4e8bb3cca88,2024-06-11T17:53:13.710000 CVE-2024-41773,0,0,73b68ae1e3819b7d1bac9bdaf38a7a90512524d32ae7dfbb950bef5b99d479bb,2024-08-26T18:33:07.997000 CVE-2024-41774,0,0,efcbfdf7ce18fcd97c6ecc860adabe2a80f23f77068d5d032fbe380664ccfbc3,2024-08-24T11:15:05.670000 -CVE-2024-41784,0,0,4b9bce87b99a4cb8633adeca46d5c13b7e94312b7a819f69309d37321034c793,2024-11-15T16:15:34.240000 -CVE-2024-41785,0,0,acdd00f5f60c3a57c055b3330660e51341a71d97fcd9840019eb93d619819ff9,2024-11-15T15:15:07.047000 +CVE-2024-41784,0,1,5fc6951c75d6283f66bb0ac59ed75c07ae4781461c6d985f4211d4d21a88721d,2024-11-18T17:11:56.587000 +CVE-2024-41785,0,1,da47a1916cf1b10014edcaabaa2e2bd599b3d785ebf02c8852bcdaa044613044,2024-11-18T17:11:56.587000 CVE-2024-41798,0,0,0376144119ee906fa3756a5ffda1af85d3678e11ad2cbd0913fd4be38d98ecf1,2024-10-10T12:56:30.817000 CVE-2024-41799,0,0,7695f1ee4025235dd7412142131ce8d75a7b17a18d3cf669cff383f93f7dba19,2024-07-29T16:21:52.517000 CVE-2024-4180,0,0,89f84993baa10ab5b41ed58678b5b9e31ff190980a67ee18130266156f7434fc,2024-06-04T16:57:41.053000 @@ -260239,15 +260243,15 @@ CVE-2024-41961,0,0,3c3cbde88cd825de8bae83de9e23bceebed48c0b620332721ebe0297499b9 CVE-2024-41962,0,0,db50354a8566471f488ea803a7a6894035b73491a2359165637f817d330c25eb,2024-08-16T16:34:48.873000 CVE-2024-41964,0,0,54621a6adee825c0636e7afd8773c219e1650b44db222dda2ec93364b11574bb,2024-09-06T22:56:18.010000 CVE-2024-41965,0,0,2d1c3b12d760b98aa2eaba7bc040a10a4b90c52e44f9dfa32fdcb4160559d799,2024-08-09T14:09:32.507000 -CVE-2024-41967,0,0,184e0f2ba651c36a054866910b0eb27e9f356f1dc19e4cc3cc69170f7684a3f6,2024-11-18T09:15:05.150000 -CVE-2024-41968,0,0,d53797c226739a273870d4357b7038db28e813f5b27527044d2f13ae864304d1,2024-11-18T09:15:05.410000 -CVE-2024-41969,0,0,7dc6266ab9626a4c38828c6835444366d20b2710b43478972117e8e83cb7a2fd,2024-11-18T09:15:05.637000 +CVE-2024-41967,0,1,ddfc07e0bfba6fd1e4f642303fde05ae77322a3c8e8e0c4cccdadf4901364420,2024-11-18T17:11:17.393000 +CVE-2024-41968,0,1,231ff18cede077703474ea0dcb7d92f427e0977100e65990fc7f1b64e0d356f6,2024-11-18T17:11:17.393000 +CVE-2024-41969,0,1,0a93d61b8f09709a0cf3165b811c4dea2269c5a5135b68f03fdab9d80d2c257b,2024-11-18T17:11:17.393000 CVE-2024-4197,0,0,45da0b07f911473fe59b939894a184bd20b4010bb74cc514ccd6533e9d15c77b,2024-06-25T12:24:17.873000 -CVE-2024-41970,0,0,8673d3ab86077ee00005d5cbb5e2dbeda32e664a8bd13b294fdbb12264160151,2024-11-18T10:15:05.487000 -CVE-2024-41971,0,0,0552f83e80023a5f54896fd682060a73475ec804288cffa5c074debb374a9763,2024-11-18T10:15:05.750000 -CVE-2024-41972,0,0,442ae43a9cfbdb24a9b592741605314ddc5f327d54bf282b64631b0f858b82d7,2024-11-18T10:15:05.967000 -CVE-2024-41973,0,0,c343f1d2d3c85dc9f5ab3be159f4e4290b4a608eab096e50bcd9a718dca4324b,2024-11-18T10:15:06.213000 -CVE-2024-41974,0,0,f10a5335cdd9e654d8b744f59fd419b5661c7eba3d880d5437eaffb04a2c10a6,2024-11-18T10:15:06.447000 +CVE-2024-41970,0,1,32fa13cd7fe9993095668588ef4d4875d815f16903184f7122ae92fb288b7278,2024-11-18T17:11:17.393000 +CVE-2024-41971,0,1,5203660ba3f992faca6636723525605722e2b2dc16c59cde746ca4b449fe0881,2024-11-18T17:11:17.393000 +CVE-2024-41972,0,1,4c5f5b2719b61470ef975493433df0f01fd29d31b24ac96c8e40369b808c24fd,2024-11-18T17:11:17.393000 +CVE-2024-41973,0,1,70c5019f9fc8a4be284303215999673ee91f9bc0cb7a583c535f5f91e2a55e33,2024-11-18T17:11:17.393000 +CVE-2024-41974,0,1,c69e47570a7d66c17fbe850449c66e47b486a55973e4c91dfa5f6d84ce3a84f8,2024-11-18T17:11:17.393000 CVE-2024-41976,0,0,28d622db4b0702423d465fd5f760fc3d4baf285e2f7024720bdb5fee42ef0c33,2024-08-23T18:40:16.173000 CVE-2024-41977,0,0,d5d8e1f89415d399848bf3d43d8f9a317c22096ecf54afde801686a9741da6f6,2024-08-23T18:39:13.990000 CVE-2024-41978,0,0,bd0d09a1a56dc8d7414c845b0662922159c0a17b71c017862473bb9d2c3c7ab8,2024-08-23T18:34:36.283000 @@ -260603,17 +260607,17 @@ CVE-2024-42379,0,0,3df4e462d3527273fa2a98871af6d02d089a425040231b6521435b06449dc CVE-2024-4238,0,0,188cceccdce16b8df034bef32fee010a6dd0f801c6690e1589421c7cadfb521c,2024-06-04T19:20:33.063000 CVE-2024-42380,0,0,5abd276ef303a0a04718583183567bd8e789e2a4185f71fabf777d854e3f8a5a,2024-09-10T12:09:50.377000 CVE-2024-42381,0,0,a5fa1277b5fe346d1dd5469d0c93ac780c7d0547ab1d06a7617c27606bb89aa8,2024-08-01T13:59:22.207000 -CVE-2024-42383,0,0,2be8df96a7cb26e915a93e0ac962c943b1279aec7c7832bdba0fad33874b43c8,2024-11-18T10:15:06.667000 -CVE-2024-42384,0,0,f298384383fd30ae2a676184dcfadad14b2336c7aac64e9943db3390b7c509d4,2024-11-18T10:15:06.943000 -CVE-2024-42385,0,0,d012d2bdbf72b21bf4483a06699490531ba125461a838fe81dba188e35e233f3,2024-11-18T10:15:07.187000 -CVE-2024-42386,0,0,44f57a2c936a836d67fe05b3af9d82caf4656480fd48b884b0b3b000defba598,2024-11-18T10:15:07.427000 -CVE-2024-42387,0,0,5f59394f84bb46308f3282a3d35e78b4794b618dde523fac815221485650fbb0,2024-11-18T10:15:07.647000 -CVE-2024-42388,0,0,e425093e5c6384aa19a1931f42570a44509c2be277bc2cb694b8225954a0793c,2024-11-18T10:15:07.873000 -CVE-2024-42389,0,0,4f2ec49962c6317efe1419a4a1be9d77c36081fd8705d58d5d7c326f96fdcac7,2024-11-18T10:15:08.090000 +CVE-2024-42383,0,1,4f3472271496f16a17fbf6fc2fd58370248861e1c78c1639fa2c1e4df6dd00e3,2024-11-18T17:11:17.393000 +CVE-2024-42384,0,1,8e8de5a1abbaf9e24b439cf939332e8e6450db4290f9f58ca6ffad9fd04dafcf,2024-11-18T17:11:17.393000 +CVE-2024-42385,0,1,fff6dc9450aa711fb57c6b9a6f53cb084896e80e7c468fc3ff7399f4f4461a50,2024-11-18T17:11:17.393000 +CVE-2024-42386,0,1,64b7ccfb38dcba775428c6e9f5d0ddab2c975f71869fab65c3396df85f0fbbc9,2024-11-18T17:11:17.393000 +CVE-2024-42387,0,1,9d4b2285ec9150b000a1319083aee9cd517bf113433192507764727abc32f504,2024-11-18T17:11:17.393000 +CVE-2024-42388,0,1,0366ebc5f124ba46181e57975c0d30db7a24422a925c39c53382b981238bd3dd,2024-11-18T17:11:17.393000 +CVE-2024-42389,0,1,ccf8e2893b1640e2a30798965b7e1d68c3d7f734dd377059094788fcbc554d78,2024-11-18T17:11:17.393000 CVE-2024-4239,0,0,cecc2be82896f12bf6cdae75a3b125d58c075d387f3da865cfaf565a2c454897,2024-06-04T19:20:33.163000 -CVE-2024-42390,0,0,2be89beae2069d663b7f8f2695054cea57a3204bc4d91dc76cf6eace46faad42,2024-11-18T10:15:08.307000 -CVE-2024-42391,0,0,a78ad1fa98ddcc8a458d297cf38256ed8ff3f6b292dc5e3a3d1a0644ab4fc8d3,2024-11-18T10:15:08.540000 -CVE-2024-42392,0,0,ffb29d55a2df75b4531a31e3d1e0de35b4379f522f2b242fb409b7093d75af8c,2024-11-18T10:15:08.753000 +CVE-2024-42390,0,1,fe9c78c925c2ffcd02f054f3f39edc8229762747337a09e5ac26468cafd7d979,2024-11-18T17:11:17.393000 +CVE-2024-42391,0,1,cbf33ef33c23af2939d8342db489c3ccd091d115cf8451bf8ae94d7cc16a415d,2024-11-18T17:11:17.393000 +CVE-2024-42392,0,1,69da09d1c330dc4c0b3582df5689ce55ea9e275f3add95db80f4dfd502853334,2024-11-18T17:11:17.393000 CVE-2024-42393,0,0,dccd6d06051b1376b790b00ce1bb00ad00ff605de076bb7cd98815c096883960,2024-08-12T18:22:45.023000 CVE-2024-42394,0,0,3fe51273497ddc687f2c439e086f8a7a30ea6afb40f9bca0dc53718488d7bc49,2024-08-12T18:23:19.533000 CVE-2024-42395,0,0,5ee69c7240e27d4f3c6f1cb04e94fbb984a7c6f59b13e977c958944ad3c06ea4,2024-08-12T18:23:57.077000 @@ -260694,7 +260698,7 @@ CVE-2024-42493,0,0,62acde285327354a8bf885be4a4449e2ac155d363ca62a755a0d6560a4377 CVE-2024-42495,0,0,9abc7330eac6d6df1f12abde56401fb389a89e85bdfac6db206d32a19ef64c3e,2024-10-04T14:37:36.703000 CVE-2024-42496,0,0,82629bcd722b8cb6d341bed3916823c994361fb6b4946b9099c29ac012cbc5a4,2024-09-30T12:45:57.823000 CVE-2024-42497,0,0,6c95277a74b4240375f9e65f5c21a104fec038817af68c50a8b421844638164c,2024-10-16T20:05:09.183000 -CVE-2024-42499,0,1,2f55b7d29eccf27765c0ee4e672821ca8be7416e8b0531bb369bed1ddddc47a9,2024-11-18T16:35:04.877000 +CVE-2024-42499,0,0,2f55b7d29eccf27765c0ee4e672821ca8be7416e8b0531bb369bed1ddddc47a9,2024-11-18T16:35:04.877000 CVE-2024-4250,0,0,29d8096febeb47af7a705b5c5f44b0e0121b5483d3074c39ff1bff1155e9a3a5,2024-06-04T19:20:34.200000 CVE-2024-42500,0,0,f0bcaea9090b49f77db24a21554ec397886059105966434018e3d2adca5c9151,2024-09-10T12:09:50.377000 CVE-2024-42501,0,0,2d6a46c355be0708ff7db2c58107fc669881111adf034802ab42261dde0a7bbe,2024-09-20T12:30:51.220000 @@ -260810,8 +260814,8 @@ CVE-2024-42662,0,0,8b5ee16fc7b16997b64292d55704d2366e5d7a1d5accb8afbbb7fe81c3b29 CVE-2024-4267,0,0,b21b1be134b642d147ee55ecb619e0382fab4366c661a291e53904c7941658dd,2024-05-24T01:15:30.977000 CVE-2024-42675,0,0,92c6b6457955ed616d1577d62ebea7dcf172d2ecdd66922f34ded7a7ee2d3b6e,2024-08-19T09:15:04.283000 CVE-2024-42676,0,0,ee04f7bab8ee13bdc864d5bc2a4a11bd3644007d71c7b1c26d6531bc1196494f,2024-08-19T16:11:33.843000 -CVE-2024-42677,0,0,b97ab4f5686d6ff46f6aa7f7f9b4e7a78fadb921b4c0ab7041661656c522179a,2024-10-30T20:35:26.493000 -CVE-2024-42678,0,0,ce8a3f135d4f809369d6b75de9ff99127513c0db10a407cdd20ba786f1f3cdc9,2024-08-19T16:06:36.343000 +CVE-2024-42677,0,1,fe7b338b030d07b61b9f74b148e3937f8b63506b023672e02e59f76b5281c6c2,2024-11-18T17:15:11.133000 +CVE-2024-42678,0,1,c2240eb771aa395f461f9f756f0157bc445382ec585bbe270c729eed9076eb34,2024-11-18T18:15:06.070000 CVE-2024-42679,0,0,e76aaa5887122d6232dc83073fc758cc42de2802e94141ff1ce4fac272e935d1,2024-09-06T17:35:14.393000 CVE-2024-4268,0,0,ed1b7008ff1a2549bc2f685279352d3a8f5b6d435592b2f29fd10fa9328ca71d,2024-07-02T18:08:17.817000 CVE-2024-42680,0,0,58693ad444a0076e8c2aed38637b138ca0db4c28c3b5f77c2b2ce98f6959fbaa,2024-11-15T21:15:07.623000 @@ -261015,7 +261019,7 @@ CVE-2024-4310,0,0,08f5e8e76073c3640785934b5dbc198d89dde47497c02b1ac3fc670d20c22f CVE-2024-43102,0,0,08e196b4c8739548226238903033d07bdd98395e1a6fb3461533ef08cfa70faf,2024-09-05T21:23:40.503000 CVE-2024-43105,0,0,65a66601afd2de184f3745e025013cb99c4a6cae651d4eabc58a96778d4da9f8,2024-08-23T16:18:28.547000 CVE-2024-43108,0,0,d9bd8ea3b307dd054ae1953991304a1a331018261701e1f611f2a6906461a05c,2024-10-17T17:15:11.883000 -CVE-2024-4311,0,1,260cadd2549199e33a1b79e7fc0d0dc9ef60c4c01c2585bbf87fe2c17f408838,2024-11-18T16:35:13.737000 +CVE-2024-4311,0,0,260cadd2549199e33a1b79e7fc0d0dc9ef60c4c01c2585bbf87fe2c17f408838,2024-11-18T16:35:13.737000 CVE-2024-43110,0,0,1fe822a52c0b3af1ede7bdafa556f57158a1ace3adaf6fcd1e0c1b1f3c86485b,2024-09-05T21:22:04.810000 CVE-2024-43111,0,0,45754d9244b10ae48023a8465600f12d5ca692d4146e1c9ba1d4a0e6fcd0734a,2024-08-29T16:53:16.233000 CVE-2024-43112,0,0,72269ebdb7b810fe860916d34468320e2e91d1a609ed10c8290e69cc95ee1d45,2024-08-29T16:51:55.937000 @@ -261084,7 +261088,7 @@ CVE-2024-43177,0,0,2e91df99c102e520c2bb937f75df1229588c30ac5f4c9282ac32d182ae564 CVE-2024-4318,0,0,3bd63bc61468b7ca3d2d40c33a55eb01fa72ff95d7d5fb5f0e4f8d9b094da54b,2024-05-16T13:03:05.353000 CVE-2024-43180,0,0,abb2e48a138ce8e840850ec2c73107ac445b622170d298531958775b0aa3e8a2,2024-09-20T17:28:06.617000 CVE-2024-43188,0,0,e35d0111e2400440d7a3229650e46565d9a613f599bd61cb8e0041fbf0bfcd3f,2024-09-29T00:24:49.103000 -CVE-2024-43189,0,0,8361501fcc1618295692fa4ffcd954b7028fa6b3347368e6559d4521dfeabfce,2024-11-15T15:15:07.307000 +CVE-2024-43189,0,1,cf20ced7c800104be5d662324d7a55441dc261344bd6e0a30802285def80f86b,2024-11-18T17:11:56.587000 CVE-2024-4319,0,0,7ca0245a01df3d5ced472265b32f90c6f6a22a37af3715d5589379ecac1f6a24,2024-06-11T13:54:12.057000 CVE-2024-43191,0,0,8a71ea5a259352f968ebf1dbb3355400f21e4589035e68272bee613d1cc1dfc7,2024-09-30T12:46:20.237000 CVE-2024-43199,0,0,94150f8459e19abf18625a946d8a507867275817cd3d9928084030fcb7fa8330,2024-08-12T12:59:48.253000 @@ -261309,8 +261313,9 @@ CVE-2024-43412,0,0,d8be950c692563feabe854c0542abee7aa58fa64820fe9c692a8fb330f15b CVE-2024-43413,0,0,8e6331055eff0a1fc21c13ac1aa5a910957effe87064f315927a5ac8c4d9163f,2024-09-12T20:18:46.097000 CVE-2024-43414,0,0,41d126c00be1a75ca1d7b9b05a3a92eaf49a5d7831c24ad21608856181f8c11a,2024-09-12T21:33:40.887000 CVE-2024-43415,0,0,33623038bce272467978985c7d034b7fd7d9931154f17ac64d12541af9ed8ac3,2024-11-13T19:15:08.580000 -CVE-2024-43417,0,0,aab5248f5a199e96281de3e8ba633e068cfce50aefda0254830d2ebd2d16b55a,2024-11-15T19:15:06.737000 -CVE-2024-43418,0,0,d2ce1fef34767053b97958e7039ef8b665cb5d80cc119d4e7b551ab12a87e9e7,2024-11-15T19:15:06.940000 +CVE-2024-43416,1,1,6b8f66094f8ed2dbe0fa74660847db37c04a19ff1696807d3db2d399dbd98613,2024-11-18T17:15:11.220000 +CVE-2024-43417,0,1,8d2c6a51b05307e082819e4e5d85fa2f670567cabba112d8853a207315940a8d,2024-11-18T17:11:56.587000 +CVE-2024-43418,0,1,f6207e77673318a4f9bd8c3c821949f8a3ad17e3dc02d91dd6a1155412036402,2024-11-18T17:11:56.587000 CVE-2024-4342,0,0,2403af0b003f5953a3d2a1b74bf46d64f4a354bc628b01d2ea5f60de4a4002c6,2024-06-03T14:46:24.250000 CVE-2024-43423,0,0,8fb21f51e563dd938c763581007e890cf5873a7efc6a39a36e929ea32ce34c0c,2024-10-01T15:41:32.537000 CVE-2024-43424,0,0,6d9ffac7d6eb9e50db381baa418d84f2f5d9932ec78b86526bf799eb43b3b4f3,2024-11-05T19:39:33.873000 @@ -261553,7 +261558,7 @@ CVE-2024-43699,0,0,78534d33d290678062dddcdfe24e803feecb99e21dbcb3ac97f746608e5c5 CVE-2024-4370,0,0,3c1f5b342c087fc6587c8bc9012541b58d80e50fdee9d14eea44daecdec82901,2024-05-15T16:40:19.330000 CVE-2024-43700,0,0,0a06b833e6fd1b1e874ef27bf2dcddebe6eeed2fb3b70101d743561cb29959e0,2024-10-15T14:35:01.987000 CVE-2024-43701,0,0,806d05bc9a9c57505164825be7dbf8680f4cf63f26e698ce90f59cb6324208a0,2024-10-15T15:35:16.050000 -CVE-2024-43704,0,0,4f037fb81f21fb6df9ec6ed12f104c8ae2db70fc795e157699f6df159f03a38c,2024-11-18T14:35:02.840000 +CVE-2024-43704,0,1,68e20ff94c977992fbc81773ba7e2608b5e5a8d64b392bf66e598044f6eb2d60,2024-11-18T17:11:17.393000 CVE-2024-4371,0,0,a0b0e0fb8c98057b2328743d7da5c32e9a585001a67e08f1632ceab0df487dfa,2024-07-15T16:42:39.107000 CVE-2024-4372,0,0,9ae4f43bf2d0d90214ce2e4715e0031799e31627a4319bb26ad2a73cf60988cf,2024-05-21T12:37:59.687000 CVE-2024-4373,0,0,95ffe3cd6afce20664a5281c9740358c7cd9b7c7a4c9be8031ba5b0e36cac33d,2024-05-15T16:40:19.330000 @@ -262146,7 +262151,7 @@ CVE-2024-4461,0,0,51250da8bcd9ecf720caf9f3a7efd550d6e47af21e57f982fabb8237238dcf CVE-2024-44610,0,0,04bd20e65597a0e47eb48d662767349876511b643e2309be49dec3988931a8cd,2024-10-04T13:51:25.567000 CVE-2024-4462,0,0,7de1c10fc651b37d9659e3e60da12a8c072b437874aeb6819554614b6acb9a58,2024-06-04T16:57:41.053000 CVE-2024-44623,0,0,be0881fa228aca782008c2748d4b046bd517031ec8a03bf9e09823e1f811d2b8,2024-09-25T14:53:20.253000 -CVE-2024-44625,0,0,8b2d24925ebe1cc1d2ae855254c27874ba2f60efed82a7b89d29dab166144e27,2024-11-15T17:15:20.260000 +CVE-2024-44625,0,1,143492ebc545968c43c9d51db8776a563bb3dbd42e2e5efe662368ca5cff1308,2024-11-18T17:11:56.587000 CVE-2024-4463,0,0,697d96b65b3f5bb41384b58e0f6586cf3caa8378b8edc45503427d4f5bdd2d8e,2024-05-14T16:11:39.510000 CVE-2024-4465,0,0,26ef4c6776c9d416386e05785f538f3827353feee51318ae877b367823cc1915,2024-09-20T13:15:19.850000 CVE-2024-4466,0,0,b7aa09b25d001fa0ca3c8a92093b33e950eb38bf6c988ff6fde91a26b7231c00,2024-05-03T12:48:41.067000 @@ -262183,10 +262188,12 @@ CVE-2024-44739,0,0,48da2c283a8d53275b8fef0ca13127577bd8ad3471472700794962cf357a3 CVE-2024-4474,0,0,f8c1a36ad14efe96f98dae06e1720ed737c744e50cd9a9e3991eaed9f98aef96,2024-07-17T02:48:04.213000 CVE-2024-44744,0,0,83942cbf0bc52b807dc374447d58331fdab7ca8540cec1aa4efb11011d74c6f7,2024-10-04T20:15:07.203000 CVE-2024-4475,0,0,b199ea7732b827fa53d53ebb43badb03a8dff248a786cc8d7d2459800e62c08e,2024-07-17T02:47:07.620000 -CVE-2024-44758,0,0,7e2c17fda7d66e4b4978ca78609d630df3e55b53cc04e7d8a3dc3130a137179f,2024-11-15T21:15:09.233000 -CVE-2024-44759,0,0,b9649314fac826d03abe6e58586192745a7059e4a9b66144d374bc1358b57b39,2024-11-15T20:15:20.163000 +CVE-2024-44756,1,1,78609ff24b1cda96c9cd7d66ac02e8c8d27858019ec8e36cd2d3d79c094ad6a6,2024-11-18T17:15:11.450000 +CVE-2024-44757,1,1,e55c3446b1cb5198f4bd82ee03e842b16bf1351c41fa05f37f44b409d7e6480f,2024-11-18T17:15:11.510000 +CVE-2024-44758,0,1,4eb170325393d50fb6b1ac0e145b87ee1b40fc3092e830f797f0944442dc9070,2024-11-18T17:11:56.587000 +CVE-2024-44759,0,1,74017e4a120ba116b0925bdf36ae176aa3414e2488b714ba0e8a87153b7d0ab6,2024-11-18T17:11:56.587000 CVE-2024-44760,0,0,c31c484463dbcf8debf14f8cb14c4edde2aeacb7ab3b47695b1fc32577e35939,2024-11-15T20:15:20.270000 -CVE-2024-44761,0,0,2cb43df04a70791b0f0fb8982142da3403b663e9582e8c16ce12d7edd85714da,2024-08-30T16:00:30.557000 +CVE-2024-44761,0,1,7f624c83820070ebb06f16b5a059f7fe8de7d537067fdcab263416bb3a81ba98,2024-11-18T18:15:06.160000 CVE-2024-44762,0,0,a4d9c40079155e25bc23610bf9eb4b9c915e9b457539684228b809ce3110b930,2024-10-18T12:53:04.627000 CVE-2024-44765,0,0,25fdaadf2c1ed2eab9647bf4bce6cea1d4c8cf1ff3e8ed1f0809e94c749aba6a,2024-11-18T14:35:03.200000 CVE-2024-4477,0,0,b275cf91a81ef0e33ced77c1c5ba5e17245e6b33fc991fd87901e463b723d83e,2024-07-12T16:12:03.717000 @@ -262406,8 +262413,8 @@ CVE-2024-45076,0,0,5fb321e82c08a6c58252337bee6e5fcb4b13786a863fe8ca643f04e713d05 CVE-2024-4508,0,0,26388c420646a8ddc4ee2de628a691e0fa51808e2f848ae0f9b7aad58ccb1298,2024-05-17T02:40:26.220000 CVE-2024-45085,0,0,a565381ecb911dfe05cdd12fd3e31f62bfcf9bb3dc78353a9c71e368d734c50b,2024-11-08T15:13:11.307000 CVE-2024-45086,0,0,4c6cc09258471d9b9c2c13bdbf534b3ba8ab7fabaf8d588e8672331873d00305,2024-11-06T23:04:04.673000 -CVE-2024-45087,0,1,5dd0c92afab1cb6f2018491b006ec4063a6ccc2d4c2aae946e4887e2c597e05c,2024-11-18T16:34:23.010000 -CVE-2024-45088,0,1,8ea4459d29b32873a2b9c91b0fe95ab15fbcb3a8eaf2aa8421a47e7e5522c39b,2024-11-18T16:33:34.060000 +CVE-2024-45087,0,0,5dd0c92afab1cb6f2018491b006ec4063a6ccc2d4c2aae946e4887e2c597e05c,2024-11-18T16:34:23.010000 +CVE-2024-45088,0,0,8ea4459d29b32873a2b9c91b0fe95ab15fbcb3a8eaf2aa8421a47e7e5522c39b,2024-11-18T16:33:34.060000 CVE-2024-4509,0,0,996942a0a2c59f4d53067a2868fbad35944719504585e3998bbd4d788c545588,2024-06-04T19:20:40.347000 CVE-2024-45096,0,0,d4f642a1e6bb8f30a3a63abc6de33d2a734d4a63841c63adbbf0861fc10b1ff8,2024-09-06T12:34:17.957000 CVE-2024-45097,0,0,66f33176e0c07f5466116654bcd7c2847267016c1af22914a830c235e4290102,2024-09-06T12:51:59.750000 @@ -262719,7 +262726,7 @@ CVE-2024-45496,0,0,cb4145e26d358c15cb434585f9bcb20449ce473167aa6d60e18e039ff47cf CVE-2024-45498,0,0,ead799fee90d0be791c926b84a8db9a257cc85e76c202f16fed08488baf7d590,2024-11-04T17:35:22.900000 CVE-2024-4550,0,0,ea2693a2208898e22f1b33bfbea2ea7879154431a660b6be5aad9a2659ccd071,2024-09-14T11:47:14.677000 CVE-2024-45504,0,0,3b58dca9312966af1f86033b4db5d926602e7a6d36304d3cb72a6a0485059e81,2024-11-04T21:35:09.173000 -CVE-2024-45505,0,1,3eb0b8d4332c2328026e4b7a1d206d2d3b95038359abc08a668df6f45242e172,2024-11-18T15:35:10.743000 +CVE-2024-45505,0,1,34cb40b11c299733b64bcc581319f2a16d607cb91223186c6e6adc58ef03ab3e,2024-11-18T17:11:17.393000 CVE-2024-45506,0,0,53228a9659d8b3663e59f7b6cd3ffdc01b4518a34e19971e095f98575a886619,2024-10-14T03:15:10.123000 CVE-2024-45507,0,0,b2cf0920dcb75db868de7b4afd51449cea360da72164b9b7e7a575176b0c17c4,2024-09-05T17:53:39.760000 CVE-2024-45508,0,0,a7bf13ff5f2bf318e53d0cc8b12c1b5ac7eae45f1991e7b683a2e3673a166bb9,2024-09-04T16:44:08.247000 @@ -262760,11 +262767,11 @@ CVE-2024-45604,0,0,8bf71581fc88ef149abd090a70890b5121cb8944654700250436e6871eed9 CVE-2024-45605,0,0,e2dcbd09111d51f02ed3dc28b06a6dfe1b2afb4b9e6f7d6992823c9eafceb7dc,2024-09-26T19:14:00.873000 CVE-2024-45606,0,0,74770cd60bba1a7e3534716f76d2f24e8f6b5a1c9090e259fc4bcbaa501443fe,2024-09-26T19:16:40.720000 CVE-2024-45607,0,0,9d199e13e4c36b979d30a8467667e188e65d4bf0165b27173d5a6e5dc2ce7529,2024-09-19T02:05:28.707000 -CVE-2024-45608,0,0,c692f8fe9893c192cd58fed893ade100507eb59a60353ebf14c7e4fa543e922f,2024-11-15T19:15:07.143000 -CVE-2024-45609,0,0,913b06e92e0c1bf11238525050a178ea0bed3b00bbfc86a83c4e6b38e2106c69,2024-11-15T20:15:20.410000 +CVE-2024-45608,0,1,765c3c7560568625fa1aa78f215fefdc9ce9f65ea6dea74ddbc6eaf59a933bd7,2024-11-18T17:11:56.587000 +CVE-2024-45609,0,1,df48ab1c7a43823d8baf4cbfaa8319859b8b75f536243e24cdd43fb6136d4f62,2024-11-18T17:11:56.587000 CVE-2024-4561,0,0,8ef61ebc386f7e587b6eb6df8054d64514729591e443c5ac6735c0df58420e0f,2024-05-15T16:40:19.330000 -CVE-2024-45610,0,0,6fa74d30bf44c88ef160552ca204c3506802904d40f18cb2d33379537a28eee5,2024-11-15T21:15:09.370000 -CVE-2024-45611,0,0,40f7dbcdb95fcfd8fbd7bda741b3dbab96ad29839dea3a7571ea3c53c1327236,2024-11-15T21:15:09.627000 +CVE-2024-45610,0,1,23f4d6e2e80676428e8cf1de51333208762b700e6cdc63c4850d69f5b37b0a16,2024-11-18T17:11:56.587000 +CVE-2024-45611,0,1,360668651074afe3db834c66a224cf93d064e835294bcbfdc98f8e685f4a656f,2024-11-18T17:11:56.587000 CVE-2024-45612,0,0,3e30286b1d723ddfef1522eda155227a0e1e8c66d0b8dce0d9a777734913d222,2024-09-23T19:33:04.650000 CVE-2024-45613,0,0,a2ff9b099297ab22455347765d4960198846769603bf11c2b22cdb95078fe454,2024-10-01T22:15:02.757000 CVE-2024-45614,0,0,ac4b7afda4571cd40367f25e5fa4ed4a95b6d96da3864aae950ca5538b1c5a35,2024-09-26T13:28:30.537000 @@ -262853,7 +262860,7 @@ CVE-2024-45788,0,0,7ba304e58f1e132a77e708ed9119516e49dd167750ae6faec1e1736fde9ea CVE-2024-45789,0,0,85b2a3e63aad506ab70a8ae8f934d73422c76c344971f05123a4397c0e8661da,2024-09-18T19:55:58.287000 CVE-2024-4579,0,0,b44e5adee861e75c9f2de9111724b513cf79b7a7dcd7134192d107fac1782253,2024-05-14T15:44:07.607000 CVE-2024-45790,0,0,339d5c59c4b08184225ef02e77057a5607db1e407fbacc8325ce6de4811d4a59,2024-09-18T18:38:04.393000 -CVE-2024-45791,0,1,19a4dd4984a63e926a8b2a0fb5e2b10ff764aecef7a1440aceec00f102229759,2024-11-18T15:35:10.970000 +CVE-2024-45791,0,1,e1a64d69dd5379b3e304127bbaec00bcd5f897646eae578bde640671980744fd,2024-11-18T17:11:17.393000 CVE-2024-45792,0,0,5abb7de999f910eaa61796ecbea33f574a65653e2aa062ee4c5c2e229e356bd5,2024-10-04T13:51:25.567000 CVE-2024-45793,0,0,9df195d476b9f18fe89dd15d9de75cbf87671a956c83113b39ce1c0cbc87094f,2024-09-26T13:32:55.343000 CVE-2024-45794,0,0,19fba7f9f80e8b5484ce94a7454fbad3ec8a7fa0a22390c43e093d2565218be6,2024-11-08T19:01:03.880000 @@ -262957,10 +262964,10 @@ CVE-2024-45962,0,0,410a38ff5223f4d49bf1514b127efbec05a242aa992c767afa2b00b3754e2 CVE-2024-45964,0,0,115c652e0870ab8284554895b46caa73ee13878a3a483a4a0704cf316ae20802,2024-10-04T13:50:43.727000 CVE-2024-45965,0,0,337eabe224912cc2b0cbadda62428cffb8300aa00cac2bea6d6188e8e9c18de6,2024-10-04T13:50:43.727000 CVE-2024-45967,0,0,6af6fb1bf8abc96b89a897208a34deb6484f333cf92fc60514a52d4661f8c7cf,2024-10-04T13:51:25.567000 -CVE-2024-45969,0,0,d865bf352dd17e303fb9cb7a0bf07aadd1a1c5fdd539ecf844c17fe8c81603a1,2024-11-15T19:35:11.467000 +CVE-2024-45969,0,1,628436f71f3be98c04818566529f8f6e6a38db694d665f09eb47efe28628aedf,2024-11-18T17:11:56.587000 CVE-2024-4597,0,0,098adbd2826136caa11e67cd45a2f45f6208425bc1c84711667f353f70d7a203,2024-05-14T16:11:39.510000 -CVE-2024-45970,0,0,df7bd90d0fd5d50e5abf391b1c572883ac9aee4953d26d7824e97b7aa4817c2c,2024-11-15T19:35:12.330000 -CVE-2024-45971,0,0,69ce485500e35d7ddd1ef9e0591aaf47d71dcb0b3ac7cf4897f01bbc1f5a00cd,2024-11-15T19:35:13.180000 +CVE-2024-45970,0,1,2a6a34c55df435321f94694b8202ce093e40675313a72b333769103e5648515b,2024-11-18T17:11:56.587000 +CVE-2024-45971,0,1,8f295b45a0382acad90a5db13e029ceb99bd194d91c15e44fdc1a49c91b8080a,2024-11-18T17:11:56.587000 CVE-2024-45979,0,0,0482757b935fe16e8666637b8de38f7a7ad511da9e453512eb3d62b894d1236e,2024-09-30T12:46:20.237000 CVE-2024-45980,0,0,ded57935070da9b29c36c9f95713cf4ac252f503e27a31ee2114452772d0590b,2024-09-30T12:46:20.237000 CVE-2024-45981,0,0,ee65d3def52ce7ec5d6bf2c7e86cdebd6e620d115c275dfbcce303dfb9c98da4,2024-09-30T12:46:20.237000 @@ -263078,7 +263085,7 @@ CVE-2024-46376,0,0,f3c4758540f2ac7c03838f8eccd3f67c9d25fd080cb7169c664824c92406d CVE-2024-46377,0,0,dbd66064786bd129c8f0daf0f8e37ec51d021bf976974fef51557cd63106242d,2024-09-20T12:30:17.483000 CVE-2024-4638,0,0,fdd077899626129e208d16f53a9a5482358eca01d91f2895388a2a3863f13467,2024-09-24T17:13:43.997000 CVE-2024-46382,0,0,65cd8f8715b62b5a7598d3b8d6186f6e2f4b087b931ac8f129c8f64b10f1fd55,2024-09-25T16:56:09.927000 -CVE-2024-46383,0,0,c940113eb54c83050ae731934a303ca798964bc8736d5ca21108a0c20ba8f2b7,2024-11-15T20:35:07.907000 +CVE-2024-46383,0,1,79b0282c485164d5caa415f3143acdee24d6d2c3dd523f8a3d5427f29372b4d7,2024-11-18T17:11:56.587000 CVE-2024-4639,0,0,f02b5c58ae5a71f4f7afea4e263ab89427639817f2fb26164569232dacb74959,2024-10-10T10:39:06.410000 CVE-2024-46394,0,0,2516725e4bff704e46174a8f5632e7834a8075c579df9c6725759cf5ecdadeb1,2024-09-25T16:55:15.023000 CVE-2024-4640,0,0,561eb45560c6a2512cf49113a4a8a4e86a4cf3daabba823a155e6305f710bfc9,2024-09-18T15:48:43.557000 @@ -263097,11 +263104,11 @@ CVE-2024-46451,0,0,d3a56959d528545e5d37d75143f0c1e0141235a2bd503adf0162594e2e188 CVE-2024-46453,0,0,f2e65264e0b1a5c3ff7f710d8d23db018673f8328ef08ecc489a300ea4d9bf1f,2024-10-07T13:53:04.767000 CVE-2024-4646,0,0,368f6c8b75aa07d035e1b1b12d3ee4faeb304323401bbcc5aa2596217dc42f5b,2024-06-04T19:20:44.390000 CVE-2024-46461,0,0,cc86f5c42464c26c4a36c6d59fbb4ac13932ea21683a14dbd86ef949d78638fc,2024-09-26T13:32:02.803000 -CVE-2024-46462,0,0,412241a1e3ea10048c9b2ba97c03ea7b435094221628995ba93dbb1a6eb450aa,2024-11-15T18:15:28.053000 -CVE-2024-46463,0,0,cc31280306f54abffe2fdba3f47cc0293a3070e30d773ace6dcf736f09c61578,2024-11-15T18:15:28.140000 -CVE-2024-46465,0,0,80e1e0e5e7cd3c509168c0985f18a986cf700538a81b8f6ae79f33e43334316e,2024-11-15T18:15:28.220000 -CVE-2024-46466,0,0,1e7d4313b8ccd32630e508af2a3ba08321509ccecff813069da7d2a62ea1defe,2024-11-15T18:15:28.297000 -CVE-2024-46467,0,0,8ab1cfde961da426ea1c40bf65dba8b21a433e4bd6350031671a4736141b5ef6,2024-11-15T18:15:28.377000 +CVE-2024-46462,0,1,b06fad07fa5dbe3b633d70853ae0dbca187c9454d2e508658e090b1bebb5299e,2024-11-18T17:11:56.587000 +CVE-2024-46463,0,1,d6fa67a7ed86e38cf1c592e3c3e7511cc9d5b86ce13d6dcdff016465adf2c804,2024-11-18T17:11:56.587000 +CVE-2024-46465,0,1,21070ef390839acce8b5d58dbfb4d3b934a46f4be9e45b21f54fbcf0be2a0756,2024-11-18T17:11:56.587000 +CVE-2024-46466,0,1,94c6fa5344898c2b907ac22c8282c36e4cdf76cd06bec6e69295ea455c2ef066,2024-11-18T17:11:56.587000 +CVE-2024-46467,0,1,183daba65906dede29b13c89d6f316a4235e3b7f00ec7424155fdec9b9cc05f8,2024-11-18T17:11:56.587000 CVE-2024-46468,0,0,d1dabc49a2c8f6666100b3e113a0965ffec605533a3aa178ac1056f150b98c3d,2024-10-15T18:35:14.680000 CVE-2024-4647,0,0,abfff49b4d0bc1323cd8c136d2663c14e45b73cbc22df4c684f6d02301cae0cc,2024-06-04T19:20:44.487000 CVE-2024-46470,0,0,4aeda2c990e579b9008226e62d5cbdc47a22a0fa6603152064e359fb3aa1bf47,2024-09-30T12:45:57.823000 @@ -263644,7 +263651,7 @@ CVE-2024-47195,0,0,13778db546c78cfe27d2d127a511510e1d599b625eb31f21fc4e65992e212 CVE-2024-47196,0,0,854c9d23e22c82e5339f8a331c929fb519fa43506b02445ee87a1d94228daed1,2024-10-16T18:07:38.850000 CVE-2024-47197,0,0,e4a1d8789bd0c967523f7418fe544ba10b0b511b96a39b8a241e5a1afb5230b4,2024-10-02T17:25:36.990000 CVE-2024-4720,0,0,eb5b6c06efbc2e8e5b700d46905e09781ba603e4dc4e18ff8664640e85fa6762,2024-06-04T19:20:47.440000 -CVE-2024-47208,0,0,b620527cf6de3641c13e3c2764db4b26a2727b76a61053f90f030844e2a0ed6b,2024-11-18T09:15:06.100000 +CVE-2024-47208,0,1,6115ccff310bcba51176654c87cc93aecc95cc99df2dad8188699f844a319269,2024-11-18T17:11:17.393000 CVE-2024-4721,0,0,58190a4c7e114543454f0451ab9386f5b2fe1b56ab67d3c8b011dbecb251f4fd,2024-05-17T02:40:34.750000 CVE-2024-47210,0,0,ca2b900fbd9eb194b293e1ce40d6ad1fe1c427789838eaeabb19878edb5f2c77,2024-09-26T13:32:55.343000 CVE-2024-47211,0,0,8d8dc13d8cf35ee447487a09511da084431dcb4b69bd4c3291b15cb655fdb03c,2024-11-05T15:35:15.623000 @@ -263892,6 +263899,7 @@ CVE-2024-4753,0,0,9e12d2c068502550c7c14176439a96816e2b604b1703bdae766fcb5d094be1 CVE-2024-47530,0,0,c6f97fa84b092a9eb2d48e14ff6f5d7de6955f2fff4d52714e57afe841f02fba,2024-11-15T18:03:06.497000 CVE-2024-47531,0,0,6b496437616d44c1687bfdf7c83e71a8a08a0e7190260cd72e0c9d19f65d8be8,2024-11-15T18:02:14.250000 CVE-2024-47532,0,0,ca603482a4e5336a13d9966dac0aa20f77d073c579719da9b8fe95ac7a0dc7d8,2024-11-15T17:59:51.307000 +CVE-2024-47533,1,1,81f1559d6a40afe7bacd87bda41034bf97609c185f7d5a17e44edf3adeac028e,2024-11-18T17:15:11.563000 CVE-2024-47534,0,0,3fdf39e9d60bdd61b891053803d0cdd86e1d9b2f1594fae7730f1f0f0b99a057,2024-10-11T15:15:05.490000 CVE-2024-47535,0,0,63a4302cce4cbc5b98965ded88b399629f71758bc7b059f3ca8923cf2603f89c,2024-11-13T17:01:58.603000 CVE-2024-47536,0,0,353df15c5abe486c0bd2000eeee4b00375b2403ebe72a10be7f49c66f18c4bd4,2024-10-04T13:51:25.567000 @@ -264086,7 +264094,7 @@ CVE-2024-47754,0,0,c998ddb7bc3dbcc169b2eae7169517ec00cc08562e1a7f8fb53bdf6d08fdc CVE-2024-47755,0,0,8cf25d07e196e075734f98083f38dbef19fd8e91fd1c66d640e943585b9e2f41,2024-10-23T06:15:09.873000 CVE-2024-47756,0,0,b16b4f8db45f19a804a745ad54857c0866041580168f803472ffd8044edad7ec,2024-11-08T16:15:28.193000 CVE-2024-47757,0,0,5c3bc84bf0532d52f78dd383d4cc765ee17a323a7f5a7392a8d7f71add2c3618,2024-11-08T16:15:28.343000 -CVE-2024-47759,0,0,acaa5f0db80802b75023a1647866e35eab454b244f852df9e8db4b6f687ae962,2024-11-15T18:35:34.290000 +CVE-2024-47759,0,1,085fa01bc2dd074bde3a61c52ae586590cb201bffcfe391d462a90bd6ac39b8a,2024-11-18T17:11:56.587000 CVE-2024-4776,0,0,8d62a3fb449cd595ed01f29a43c4395459263028a3240838c3f471dfed40e010,2024-07-03T02:08:08.187000 CVE-2024-47762,0,0,faf4eb81ce6d805e421dff7a7d50a27f6affd6a56e4bb98171a2180279fc1ecf,2024-10-04T13:50:43.727000 CVE-2024-47763,0,0,0009d92633a66a995666b904976a3f571897c7b107ff706ed2173ff97f66c3ef,2024-10-10T12:51:56.987000 @@ -264130,6 +264138,7 @@ CVE-2024-47817,0,0,e954b96b63862e883b53cd879b63811973adbf39f1f221652228e04e702c2 CVE-2024-47818,0,0,4d7e5ae8d80cd68e1a4826a976dd1a317a0485050783b2b6d50912171135a504,2024-10-10T12:57:21.987000 CVE-2024-47819,0,0,62c26271cc7e827b67a56b805c4044787ed1a2ccfbdbca2087660524d24c77f5,2024-10-25T14:24:36.823000 CVE-2024-4782,0,0,37dcdb14f7d23ae467b62646ac8eb504448e2a7781e3c175892c72dc54d3aebf,2024-08-19T13:00:23.117000 +CVE-2024-47820,1,1,da3a80e71a7985ddaa6fab73a0166fcc45523fb13ddbd8ae9accfbe7bb7705dd,2024-11-18T17:15:11.777000 CVE-2024-47821,0,0,f575d00b37a09b9ee026de926d1a8d51695a4626fc799e4be4143335bef0c63c,2024-10-28T13:58:09.230000 CVE-2024-47822,0,0,659225121d6760adf8eca1f83c834e75b86ebec31d9e1e0ebc639ac3cc87e33f,2024-10-10T12:56:30.817000 CVE-2024-47823,0,0,aba6c10bf903d75799cabb92b24bf5cc826ec4b52223e2aab9a9f7d8d8298a07,2024-10-10T12:56:30.817000 @@ -264164,6 +264173,7 @@ CVE-2024-4787,0,0,6e9b8652de9328ef9248746b2fe52f715cb97566c59048ae6277a1aaed304f CVE-2024-47870,0,0,47413a893f4ee24bb29f98fc5c2c7d3ab7293a7a6ecf19104fdd8d7d231efdea,2024-10-17T16:57:02.283000 CVE-2024-47871,0,0,7ae10d9c898e10fd96a36b863761d4f1496d2b2d2ee06f5429addce2956bb34b,2024-10-17T17:11:31.150000 CVE-2024-47872,0,0,5b1fcd45035abc51968e43b1b48eb83b72a045b411e8ee076143bafbf44d6c2a,2024-10-17T16:54:34.383000 +CVE-2024-47873,1,1,eefb363e27a6e5a0cf584a3802d5d8f5e18888e13b95de921cb7cf6df121919c,2024-11-18T17:15:11.973000 CVE-2024-47874,0,0,88e5d0bddb2eed021dc78650aabb938bda29c8272245d4971b4c42756e899edc,2024-10-16T16:38:43.170000 CVE-2024-47875,0,0,bd9cd1419cecd0ec07512540f0b28f5750b0eeb4aa868d3df9a9d592f1a958d0,2024-10-15T12:58:51.050000 CVE-2024-47876,0,0,1c9291ffcd100f5445236e1c704211e20624e03c95916aeaee6676900242dcd8,2024-10-16T16:38:43.170000 @@ -264186,10 +264196,10 @@ CVE-2024-47901,0,0,351c2de719aa37343f5b8705371f6ea3811b8e193d3e2965a197dc16aa263 CVE-2024-47902,0,0,2363b86854bd24a49201ca293fb87d24363aec990236fe9e9bf134a5daa38aeb,2024-10-30T15:48:39.207000 CVE-2024-47903,0,0,7e28902499cd69638cf23751436e57fbe15e705859d687d60c9f544fac8af41e,2024-10-30T15:54:34.647000 CVE-2024-47904,0,0,21b127b0effcb8b297c48dd7cd57e94387991d137ef282d6dd7cb6727add6e3b,2024-10-30T15:39:06.020000 -CVE-2024-47905,0,1,342fd0ae2d71ed0ffefa32d6c5d38e51dfe58c451c0902b48087befb9f1020aa,2024-11-18T15:08:47.280000 +CVE-2024-47905,0,0,342fd0ae2d71ed0ffefa32d6c5d38e51dfe58c451c0902b48087befb9f1020aa,2024-11-18T15:08:47.280000 CVE-2024-47906,0,0,3ed15abb5dece582eac5066e109a653d183f0435fd9bc8ee5d9593e12f00014c,2024-11-13T17:01:58.603000 -CVE-2024-47907,0,1,76ea135eaf975a87092c23d20601ec4ee2afdfde82c00fb738aebc9324f41b4f,2024-11-18T15:09:30.573000 -CVE-2024-47909,0,1,e49b32ebcdd2b33cdea12816d85deb4bedff39c53dd6f92757b307a74c79a7b1,2024-11-18T15:09:45.750000 +CVE-2024-47907,0,0,76ea135eaf975a87092c23d20601ec4ee2afdfde82c00fb738aebc9324f41b4f,2024-11-18T15:09:30.573000 +CVE-2024-47909,0,0,e49b32ebcdd2b33cdea12816d85deb4bedff39c53dd6f92757b307a74c79a7b1,2024-11-18T15:09:45.750000 CVE-2024-4791,0,0,45f7f0badd9eeca0c08f0ffcf78bd3c1e9a171e1e79fba42777d793a804985ff,2024-05-17T02:40:37.090000 CVE-2024-47910,0,0,da0097185007355b026dacc76d86a72088b7bf1d898f5a147fff92f16ae106b9,2024-10-07T19:37:43.677000 CVE-2024-47911,0,0,1780d2f9891b374cce407dc3e6f68171fc1b0dbbc46286fbacc7f087c63dae2c,2024-10-07T19:37:44.613000 @@ -264277,9 +264287,9 @@ CVE-2024-48059,0,0,f3391fb334843a3fc6d7e517bab31554559de5a31b6bcad37ec348d6020d4 CVE-2024-4806,0,0,f8a0e203429c4f99450a15aa6a4b26ee8c7effa68e79948138bc0eccf2af8e7f,2024-06-04T19:20:50.670000 CVE-2024-48061,0,0,3afb2ef6eba7f21135f7c2c854e268a2fe30714157a06ae965803eb7d12a5161,2024-11-06T20:35:30.633000 CVE-2024-48063,0,0,7dad3075f35e3bd4e2e591484ba350f38d4e17902517b9e5e6279458bc0b207a,2024-11-01T13:15:12.020000 -CVE-2024-48068,0,0,06b45b29ce3f821e2db622a6716622dc89ea68129fc83706bd80927d88a3593e,2024-11-15T15:15:07.607000 +CVE-2024-48068,0,1,b57c66f0e06cd485d79a2746551ab3ed70890b6a1ad164f0315fd4c2e695ce9c,2024-11-18T17:11:56.587000 CVE-2024-4807,0,0,e5ccc41d46958232939be978f4766518ab72a806619364a653b00c23b63fbc68,2024-06-04T19:20:50.770000 -CVE-2024-48073,0,1,f808f327cec1eb1c4e50210dd8e768204bbea0c1ec8029cba6324c290353d5f5,2024-11-18T15:35:11.227000 +CVE-2024-48073,0,0,f808f327cec1eb1c4e50210dd8e768204bbea0c1ec8029cba6324c290353d5f5,2024-11-18T15:35:11.227000 CVE-2024-48074,0,0,ad38eed7680db70af45f593399c08c1cb64e93854bc7fa5dd06ea3c6cdff4594,2024-11-08T22:15:20.877000 CVE-2024-48075,0,0,c3cf83a7c1112a907250bd16d631cc7ae5c1880292480daf2a4caebdfa1b94fa,2024-11-13T17:01:16.850000 CVE-2024-4808,0,0,9e98599f6886b9041c106d3216212c5c382436edfce35f9a1807d5234e020eab,2024-05-17T02:40:38.870000 @@ -264368,10 +264378,11 @@ CVE-2024-48279,0,0,734681838e14fea506d33d2e5cffcb45e5208b2ff1232248e90dbda0d4737 CVE-2024-48280,0,0,3fccbb43adc0eac89fff4a77fa6463e9ab8591cb5e7aecf8a80efbe6484b92f9,2024-10-16T16:38:43.170000 CVE-2024-48282,0,0,053fa49ae9967fbc35cea64fb50742395541b443f63ba6361e4836107ed1b694,2024-10-16T16:38:43.170000 CVE-2024-48283,0,0,c5c95d36f4cc9b3b4716d94f26715484ab471510ba26541a1f3c47bce371907e,2024-10-16T16:38:43.170000 -CVE-2024-48284,0,0,ff44737c813838a3d9f0fad7e37e1efb3510844deb2ad0f4251bd9fc2e91616d,2024-11-15T13:58:08.913000 +CVE-2024-48284,0,1,29099906f5c76c6be09cef9255b3f47720bedd738e3cd24d7ed7b7e95c71290e,2024-11-18T18:35:04.410000 CVE-2024-48289,0,0,3c17d5bd38424fa0af920fbe41958bfb5ff6ab46e45b8d73a90e0bb1a9946e7a,2024-11-04T20:35:09.307000 CVE-2024-48290,0,0,470dc7a365392aceea819604e300f16b964336068e4f6e607d709f5104e50d51,2024-11-08T19:01:03.880000 CVE-2024-48291,0,0,3c4533b920a9f2edb3f01b1757898b30516db1528ffb114ee1df5dcc338084ea,2024-10-29T14:34:50.257000 +CVE-2024-48292,1,1,b0f0239355fa7645e28a857f954af51b7bf5af0d20814dc645fc7b82b5bda8b3,2024-11-18T18:15:06.260000 CVE-2024-48307,0,0,935ee3e0328307bbb03111416c4595c4eff3ac408a08578a24f622dddb9d0c64,2024-11-01T12:57:03.417000 CVE-2024-48311,0,0,354d288e073d9064d21602cf2204c79fdbedf6cf54999e8a50b7d788e057c63f,2024-11-01T12:57:03.417000 CVE-2024-48312,0,0,ed565171c6e4291e871155bd5278a308c07670573cfb5e604423e67b93f19726,2024-11-06T18:17:17.287000 @@ -264560,12 +264571,12 @@ CVE-2024-48870,0,0,b84b2a0a996d006ee4f5fea8401898b5086223eb9bced7a7565798c7f43b1 CVE-2024-48878,0,0,2b15f82c5be65c88d261c3882a75397babc580305d6a252ad1dbf2de5b50020f,2024-11-05T19:44:58.650000 CVE-2024-4888,0,0,ad5e456877e6c4225b3f983ebfcea1f0af64a03667e43f1cd6a0842bed4216c0,2024-11-03T17:15:14.137000 CVE-2024-4889,0,0,98c988bc305180dfde4233cdb25b83940a2a23ecd5fc7825e58f1cc0fbfe5628,2024-10-15T19:00:09.633000 -CVE-2024-48896,0,1,4f82b81e83a7f5bcee04a8288e16b9f1676c6671d29afe3f85544a2fc3c6dee6,2024-11-18T15:35:12.090000 -CVE-2024-48897,0,0,cedced1f76d9370254c4282051d59e9499821e7c7e9c98552837ccbae8d6f332,2024-11-18T12:15:18.243000 -CVE-2024-48898,0,1,d46177f605d73faee499baa910454a7afaf5103caf4071401f342b649193b555,2024-11-18T15:35:12.320000 +CVE-2024-48896,0,1,b992316378dc674c4f86c74292b7b1938dedf579a456c4b81377a2d803cc86e3,2024-11-18T17:11:17.393000 +CVE-2024-48897,0,1,cccb8709bd8247a505b1b9368cdd4af0954cf5613e56c1df64987273881b9b0a,2024-11-18T17:11:17.393000 +CVE-2024-48898,0,1,8529d519dd40a302fbe6ba08ef52420551e621ec79dd55c48ad2c7b84db09711,2024-11-18T17:11:17.393000 CVE-2024-4890,0,0,ee7720239380ab5c638f0803999a779457a74687c16e858d2acf0798605f57a2,2024-10-10T20:11:44.610000 CVE-2024-48900,0,0,2b3a5e56342c363922328f10e6f3d06b5c266c3768636276b8919e3a3cee88b7,2024-11-13T17:01:16.850000 -CVE-2024-48901,0,1,937e1f06d0e5a977ef942e91b42fe11922563a76fa84b0c908d8c713f3387c4d,2024-11-18T15:35:12.557000 +CVE-2024-48901,0,1,d55eab1e1ed71395f22d7b632d754e2124bf5bf64f441bf3db31551da986d202,2024-11-18T17:11:17.393000 CVE-2024-48902,0,0,fed2bf5b719b321f64381a649376d7e0618bda5baab6f732c38dcd1211106c26,2024-10-16T16:57:23.463000 CVE-2024-48903,0,0,af1ee698040ee7f8c19b83dd0eb3404cde07c42231b0e3832a1aa5561c10194f,2024-10-23T15:12:34.673000 CVE-2024-48904,0,0,56bc56ed1722c08287266703a07bddbd88211e3eebee5fa1d299ad65c198bf37,2024-10-23T15:12:34.673000 @@ -264610,7 +264621,7 @@ CVE-2024-48955,0,0,84de7be29efb285e46fc24626f552063b1e23de7f9dbbe9943b534f430e23 CVE-2024-48957,0,0,73c8e1634cf56d3192b3375f11aa72eac69f0bcf8a4cb1f3b137dcc189616d8f,2024-10-11T21:36:47.930000 CVE-2024-48958,0,0,92a426e369946b14ff79b98b6fb42dd0c692d3b7d45d68198a4072bdaadf4922,2024-10-11T21:36:48.687000 CVE-2024-4896,0,0,20cc2dc19f323150528d4fb3a23b846b2e602fa65e075afe5dc2b86cb95d9c94,2024-05-22T12:46:53.887000 -CVE-2024-48962,0,0,bd3ff5aade929483229f8c352353f0b6d241b60852765987754d0db5e23c2ccb,2024-11-18T09:15:06.237000 +CVE-2024-48962,0,1,712463568a779c1852b0a7b8be627039bb608e56bf81f6056000f8ffe081852d,2024-11-18T17:11:17.393000 CVE-2024-48963,0,0,6d60ed9d1e7a308212fb6ea5de6f1d94d8559909dd9cb5f4650d856671de0962,2024-10-30T14:54:53.937000 CVE-2024-48964,0,0,7d209543eb23e2e6809a7e4f01bdb09a7ba8fb1b32d439bae945ab7d5b6dd3de,2024-10-30T13:46:31.657000 CVE-2024-48966,0,0,6ce21af485b8f7bde854dc6fa73e4754262c2c902a98462d651b3be5a8dc03bb,2024-11-15T13:58:08.913000 @@ -264680,7 +264691,7 @@ CVE-2024-49050,0,0,8b19f397a01b6d7fc31132a078a2ac62f5deada043479febe88c14fdb7a2c CVE-2024-49051,0,0,60c2167810af01536a270181de90baa8711e93f90bd91dab1cb07d1e3f178dac,2024-11-13T17:01:58.603000 CVE-2024-49056,0,0,45909acaf00cd3c64a19d5557ee0abf98abf49c50825d0cd6a263c45cc01e6bc,2024-11-13T17:01:58.603000 CVE-2024-4906,0,0,dcabb97348a8cb55b860a9e76b2d4e839fce25f207d8f1f73aadb53eff678110,2024-06-04T19:20:52.587000 -CVE-2024-49060,0,0,5a5b232a1362125286d642f24f655ac6dd933be96fcda8497cc4edb155d570c1,2024-11-15T21:15:10.863000 +CVE-2024-49060,0,1,4df9130b37cd2202e0bd981cd0392231b9b7dc98a18880ba2cb6b472371e62ed,2024-11-18T17:11:56.587000 CVE-2024-4907,0,0,89cf000cbe1b65b5529bee88595d69713864cb4ca68c5cee750a10d4257b63ad,2024-06-07T20:15:12.077000 CVE-2024-4908,0,0,3762060553f2912238245a2ee2164293eb895a92d4f73c18aef2dad30449d1a2,2024-06-04T19:20:52.687000 CVE-2024-4909,0,0,ea0d933b3d2cd5595c3fbbee43ad0bc8cc6b1745afbc1d0aa36c8f7e8ca72f46,2024-06-04T19:20:52.787000 @@ -264898,33 +264909,33 @@ CVE-2024-49509,0,0,44f0725638f109faeac3b1edb7fe79b3530c249a79b6e813105742e4e7f48 CVE-2024-49510,0,0,c0194472f88c4c5c8671f983e4a868269b3fe69e469c8a8e8143b44d477cc74f,2024-11-16T00:35:01.073000 CVE-2024-49511,0,0,a336f677c5f90e8359896b06b3e95e0a249cf4a8ccb8da78e4774c7f60124205,2024-11-16T00:34:33.607000 CVE-2024-49512,0,0,dfe66f0ca89b625e4304d81d459db2142573a8f083da54c26ab6d6b08e491a9e,2024-11-16T00:34:20.890000 -CVE-2024-49514,0,0,3218552fab51d7a93086a72aa18c3af34cb35b6a6ced58165054035761000343,2024-11-13T17:01:58.603000 +CVE-2024-49514,0,1,7ea0f696279933a7744e9579182b9aebce6b0e57908368ea25540d509401a533,2024-11-18T18:06:39.030000 CVE-2024-49515,0,0,163774e08792873631404d33f245f053f50b1e416d435aed056086873e2009e3,2024-11-13T19:14:24.320000 CVE-2024-49516,0,0,6037c6fbceb55371c1c7535189e15d09f192790028967e71e20f57a22dd18654,2024-11-13T18:52:31.573000 CVE-2024-49517,0,0,31e82a19ca5650a89d9ac50d92f9e7f089e9c4426d49cd77a1d1b14f9390313f,2024-11-13T18:52:17.520000 CVE-2024-49518,0,0,61aecb82630e5c94b26abd90b6ba07a093f3f1fc1dc8093a4e50311abf31fc9b,2024-11-13T18:52:09.657000 CVE-2024-49519,0,0,0c9b815ee25fd3b977781ca7322f0301dff2ecb81eb4674ef637be6e0aaf8702,2024-11-13T18:52:02.073000 CVE-2024-49520,0,0,5417c9518e041be3da563c2aea58b8195b0422391f27b29dc488ee8778558689,2024-11-13T18:51:35.550000 -CVE-2024-49521,0,0,07f8ecb4edabe47d86ee002ce5130ded526574682ab7b2a363fa9208b9ec52fc,2024-11-13T17:01:58.603000 +CVE-2024-49521,0,1,b6e71b25b37ec4e45f9c94e2de97660647487c454d6134b4a0e23d5fab648bf3,2024-11-18T18:44:32.113000 CVE-2024-49522,0,0,b49aefd5a73ccd26563c8b91d3f2d98c089948509c56be654cf3171337fc2496,2024-11-08T18:06:01.930000 CVE-2024-49523,0,0,f80724f56253226f78ea56271ee80d62b3ba148e1878999be1900b25d2719668,2024-11-08T19:01:03.880000 CVE-2024-49524,0,0,e7793eab2fff9b59c976da4b69592a395e034319e6c39d07f8b75673444fce47,2024-11-08T19:01:03.880000 CVE-2024-49525,0,0,28a277ab9b52157a5e4549773b7a8750a6dbb7b4cb916799fff07dd0ec631a6f,2024-11-13T18:51:21.430000 -CVE-2024-49526,0,0,0871004c04b2341eb737b8d4e5693e458bc7c8461095a71ec5604d2d8a7a3e4f,2024-11-13T17:01:58.603000 -CVE-2024-49527,0,0,90add3f65b96eee1f0b9fbf01f92dfd0e4ee77a768256f110d47e754c67f09f0,2024-11-13T17:01:58.603000 -CVE-2024-49528,0,0,0e21c50648494dddb2e6f81fb4539064ca26c5177933d85140437daf91d91144,2024-11-13T17:01:58.603000 -CVE-2024-49536,0,0,b5bebd3e76ccc8dd27494c774698ac2911e07900ef9d359439a343734b2455b2,2024-11-15T20:15:20.683000 +CVE-2024-49526,0,1,69c6bf5485d49eb3a2da169497c27d72a1196f6e9a7d6c7d2c7c44787150932a,2024-11-18T18:41:33.857000 +CVE-2024-49527,0,1,0d9fde76ea05a295ae3bcd4b45293562d8fc9654bdbe0c09a49c5875709be45a,2024-11-18T18:39:52.213000 +CVE-2024-49528,0,1,f04aeabc999019759ae70807d4e936a36d020a33909dd4ffb4e16898d3cf045e,2024-11-18T18:34:56.667000 +CVE-2024-49536,0,1,1948d5edc9d63b4eeec6f7653e9b4e2cf1af0b686486e8817f1fd467e2d6cb8b,2024-11-18T17:11:56.587000 CVE-2024-49557,0,0,d5723680a20b941e0b929edc2959b845b0ec9b5d07125e59e1942c5e8991b90e,2024-11-15T17:36:47.110000 CVE-2024-49558,0,0,3c676b75de26a8476d548ed8b3e232d51677ecb4a62749082177600c22312603,2024-11-15T17:35:54.480000 CVE-2024-4956,0,0,319b39cd7f80ef1a8cfcc633b91e7d5f141facd950994947b42a7565c106a7a4,2024-05-17T18:36:31.297000 CVE-2024-49560,0,0,0903f1d2d4b8ea486a494eda9aaa463e3a0d845c10ed5808d6808c17d2b3d951,2024-11-15T17:35:25.407000 CVE-2024-4957,0,0,e3bb8e47c8dfba146bed7647eff25fc6cc8427bb0bd54429262b4324d627abed,2024-07-03T02:08:22.473000 -CVE-2024-49574,0,0,1be1ee4ae3282a118752790130cac8d3d756131f62b6f0d2bf633054b33d6aad,2024-11-18T08:15:03.550000 +CVE-2024-49574,0,1,b78f053172e092500def6fd56cbc9315d16f0111976c166230c5fba3ab74a5ad,2024-11-18T17:11:17.393000 CVE-2024-49579,0,0,0f0dd66a3db0fe299ae55b9b0e6c22f11c400dc3ee27d05103041b63e67e9d3e,2024-11-14T19:24:45.603000 CVE-2024-4958,0,0,15591ba73d7708bbd560fadc0281274b5c7c2c12545797826fbf6e13e1222639,2024-06-03T14:46:24.250000 CVE-2024-49580,0,0,89085af96d96dbfcdc87aa1d40157bd1a1b8615e2e8f40b207dbbe916ae159de,2024-11-14T19:25:47.433000 CVE-2024-4959,0,0,862ee7700763d202e5d5dada80050e48cca3b83d56a63673f2017bcf5adb7503,2024-07-03T02:08:22.750000 -CVE-2024-49592,0,1,715889d9da62fb384526376881b7e15d5ac77258b4bdc9daf4aad9f593d32bf8,2024-11-18T16:15:25.520000 +CVE-2024-49592,0,1,c703ea90112e8bcf8bd25130b1345e2b105fcdfcaded2bbe98ade97b760a4e11,2024-11-18T17:11:56.587000 CVE-2024-49593,0,0,28b8568333d09b89b040a623f287dcf302e51d7008368ee150b7fde946577e54,2024-10-18T12:53:04.627000 CVE-2024-4960,0,0,1e2962fabc78c9680506fb58bfd339ee733c096965130a77b4df6d334c6fc642,2024-08-01T21:15:53.753000 CVE-2024-49604,0,0,4130a6c1f975a0d07098374dd7fb4ff2ab97718728858633e395173b92657205,2024-10-23T15:49:25.567000 @@ -265029,17 +265040,17 @@ CVE-2024-4975,0,0,d684ecfff12b84901405d8ee54394b9595e6fb8a06328936509cd0d9c15207 CVE-2024-49750,0,0,a4d8c273c7d01e1dcb69ab54945d9fa3ef0aafd14a5615789a19e3567d7b1d64,2024-11-06T14:58:19.993000 CVE-2024-49751,0,0,ff7d052700c88a06f3721dad1b8cfae38c2356a33cba16eba3e8bf2b6f89cf9e,2024-10-25T12:56:36.827000 CVE-2024-49753,0,0,e48f997c3307c7149c72669441f9343576b6be2cbdb15b89775e89497816dbec,2024-10-28T13:58:09.230000 -CVE-2024-49754,0,0,3550e73273f425617ed28b59b36a9108486b5c28d588af30eef27d5785caf9d5,2024-11-15T16:15:34.510000 +CVE-2024-49754,0,1,3d60a382d225af27e4e427016264fe0ef977537e441dcf7550bd5a624c9296e6,2024-11-18T17:11:56.587000 CVE-2024-49755,0,0,b1c1713e62d1c6cff006bddd32caeacb7a00a5abd98bfdd4887a4a4fcdb0308a,2024-10-29T14:34:50.257000 CVE-2024-49756,0,0,17e2aa8675de07a9bb36aad326a0b90c2e6105df968303ed06bc9a1149a476bc,2024-10-25T12:56:36.827000 CVE-2024-49757,0,0,41883c0db2190e07eb75f1500b6be8583d0953bfe5f6820811285d92db2c4bda,2024-10-28T13:58:09.230000 -CVE-2024-49758,0,0,b469460ce3b2b26871ada73252ec097b2120dacea45da1951a93146e86a8fd7a,2024-11-15T16:15:34.880000 -CVE-2024-49759,0,0,ba9444879a3b53f14c62c77f0b4d72cd1329bbf91a3aad6f19fbe3de6c548660,2024-11-15T16:15:35.100000 +CVE-2024-49758,0,1,144418e92fcd1536b54ea88fa2b7ea4a2c74e2686cf4ba46e82bbe4783267704,2024-11-18T17:11:56.587000 +CVE-2024-49759,0,1,6c97d9af5ed8bddeeec5129fe83aa52bf854bc9b63c657870bb061cf83f575b6,2024-11-18T17:11:56.587000 CVE-2024-4976,0,0,fc4df77a0f9a74699614d42497ce42eb6f6db7897f4ce74b0071ab4cbdb2d9cf,2024-05-16T13:03:05.353000 CVE-2024-49760,0,0,ab1d2b1d3d6f87001d0ec0c674554d145fba544f43978860ab9f315317a9615d,2024-11-06T15:01:01.013000 CVE-2024-49761,0,0,cc77d1f33b16264261b43a7d1baebc02063ded1f31c9ab42da049e2bed05a708,2024-11-05T16:41:46.660000 CVE-2024-49762,0,0,e267f4df9b55b0cddd8b82283d5a577158c52194b354f86421be17fb0c5fcf65,2024-10-25T12:56:07.750000 -CVE-2024-49764,0,0,6747ce98a9cc0f5e3f54775a8fffdb9c130835843da49143280334403b418cd0,2024-11-15T16:15:35.323000 +CVE-2024-49764,0,1,ef6d29f89e0455861a138ef1625f43e061a379304014eb9cc9cfb1da449b9684,2024-11-18T17:11:56.587000 CVE-2024-49766,0,0,555038e30b17856b98b1634207b04f50d3fce08a3c00047a5f41e29a9d10d5d9,2024-10-28T13:58:09.230000 CVE-2024-49767,0,0,b1abfb6c942255ecba6af733c92d4d0cb5e1d316b2b9040982ab9c6769c6893b,2024-11-05T20:03:04.847000 CVE-2024-49768,0,0,d1c7bee24c60a7682e6a57ee28bfb0a2fbc48c379b23053fbff091516cb1e066,2024-11-07T17:28:02.853000 @@ -265501,7 +265512,7 @@ CVE-2024-50261,0,0,946c442cc56e3e8af45dc6329602e8261cd21844e512a68f35505737590fc CVE-2024-50262,0,0,491da488ea3f6be70bbe09eed55bf84625143c296910fe98f090fd0f0e85c13c,2024-11-13T21:10:44.267000 CVE-2024-50263,0,0,031640c798eb6a3a8aeb817df2908ddb318a337ddb803a116f07c15a4af2eba6,2024-11-14T16:23:08.347000 CVE-2024-5028,0,0,6e4747168a055d3478d0389157f1378a0e5efd7245fc9814fa65e0cf7f805db7,2024-08-01T13:59:38.360000 -CVE-2024-5030,0,0,e060a0debd631cb629968dfc8783c3f12caf31d98075661f64e60b5b9a3f945a,2024-11-18T14:35:05.030000 +CVE-2024-5030,0,1,bb4b715ea840400227e7a7cb9b03010c40389d422c5926920262a0b6d21748ab,2024-11-18T17:11:17.393000 CVE-2024-50305,0,0,b03fd6d501d19d7b209a06f202d725af272151828bcd7418064455026a0a9df5,2024-11-15T13:58:08.913000 CVE-2024-50306,0,0,99b8de1207b2fdc71c13146c7372e7163a77f6f60a3176c55d7bfb57d63fa38c,2024-11-15T13:58:08.913000 CVE-2024-50307,0,0,6d2dcfccb50c0c30fd7d9bda3b36490982da8110db31d087befc4509a1d360cd,2024-10-28T13:58:09.230000 @@ -265511,19 +265522,19 @@ CVE-2024-50311,0,0,a911784e609d4ab74e0290e5d915dbb7b1471b8d97b5435937a13bc8c9811 CVE-2024-50312,0,0,8b68d956a110cf88efd2db7bdd6fdd3dc5b02186497d9ae2cbca0852915a398f,2024-10-30T18:35:56.753000 CVE-2024-50313,0,0,57c773ed95d19cba8304d961904a015105ffc1450a840dde453d207457fba72c,2024-11-15T17:12:44.410000 CVE-2024-50315,0,0,4cc2faf3d8c489bc195ea9b1b71e3db71fb7f18259f91c4f6bf82e911f7ad06a,2024-11-06T18:15:06.173000 -CVE-2024-50317,0,1,a9b84feb780c6ced549efecbc710ff86cb7f1421691770a8a5dc3086df9afc79,2024-11-18T15:06:49.627000 -CVE-2024-50318,0,1,4ae08f274b1401b58aade3ea3262f08d3724e205d6e2f5242c1ec403459b6063,2024-11-18T15:06:52.807000 -CVE-2024-50319,0,1,c250c36ae616a674c4e4f90fbe3fc14ee9e885a6ab4a547c82c433574c109ed7,2024-11-18T15:06:25.480000 +CVE-2024-50317,0,0,a9b84feb780c6ced549efecbc710ff86cb7f1421691770a8a5dc3086df9afc79,2024-11-18T15:06:49.627000 +CVE-2024-50318,0,0,4ae08f274b1401b58aade3ea3262f08d3724e205d6e2f5242c1ec403459b6063,2024-11-18T15:06:52.807000 +CVE-2024-50319,0,0,c250c36ae616a674c4e4f90fbe3fc14ee9e885a6ab4a547c82c433574c109ed7,2024-11-18T15:06:25.480000 CVE-2024-5032,0,0,e2dd01f18d9397a3c892e6f9436384b2c9baea7d6f6081290ca836f05f0fc527,2024-08-01T13:59:38.540000 -CVE-2024-50320,0,1,0b145167479836196eb5ec8935584bfa0226d5cbc67026d3d2bf840dfc7e775f,2024-11-18T15:06:28.707000 -CVE-2024-50321,0,1,1aac18caa1d9d71ae5e6dee9a0609687248f8efd8ee6ab41ac662d3c543c5ed6,2024-11-18T15:06:30.603000 -CVE-2024-50322,0,1,55f7cfd3f5ed0a79509ab05b00a8f48a430b0a45186c5b31cdd75ac5a704973c,2024-11-18T16:30:49.997000 -CVE-2024-50323,0,1,a562579fcf99dce3ae7437a27c83ad8795056834e06238cc00b9685555ff374f,2024-11-18T16:32:43.733000 -CVE-2024-50324,0,0,10936f3abea99b40d246353436c16f322f1e8edd86691c4ed2017ef29b6ac364,2024-11-13T17:01:58.603000 -CVE-2024-50326,0,0,f8505e436d1baab155abf9bab1bf26363163cb6a50cac2ccf97fe63c7bf0ba15,2024-11-13T17:01:58.603000 -CVE-2024-50327,0,0,6e4385f7adc6653fc0eccea531afee029a2afab56d07230da273a6cc5802e97e,2024-11-13T17:01:58.603000 -CVE-2024-50328,0,0,c52b44255c444f1b85c1ca0510b04c2ed9fa6db19b96212dac5b5082cc5f424e,2024-11-13T17:01:58.603000 -CVE-2024-50329,0,0,89cdf552b1f22c03dd89112d1803a615063af50e732b7ba419ee8385fbd47dc7,2024-11-13T17:01:58.603000 +CVE-2024-50320,0,0,0b145167479836196eb5ec8935584bfa0226d5cbc67026d3d2bf840dfc7e775f,2024-11-18T15:06:28.707000 +CVE-2024-50321,0,0,1aac18caa1d9d71ae5e6dee9a0609687248f8efd8ee6ab41ac662d3c543c5ed6,2024-11-18T15:06:30.603000 +CVE-2024-50322,0,0,55f7cfd3f5ed0a79509ab05b00a8f48a430b0a45186c5b31cdd75ac5a704973c,2024-11-18T16:30:49.997000 +CVE-2024-50323,0,0,a562579fcf99dce3ae7437a27c83ad8795056834e06238cc00b9685555ff374f,2024-11-18T16:32:43.733000 +CVE-2024-50324,0,1,98ccbb0e0e057aa8a9c81f08205e27ffa89d50f5298cdcffe798db63ee359238,2024-11-18T17:06:27.200000 +CVE-2024-50326,0,1,bf83b6c3ed8ada49d930560b0047ef8315bfe25bc55216a9dc28248e1bba1a67,2024-11-18T18:15:52.253000 +CVE-2024-50327,0,1,6d52ab4ffa1415b615c476396a6a0815b03c3ce65621abac87b32cf8f012c6ac,2024-11-18T18:16:26.200000 +CVE-2024-50328,0,1,7e521f4a2bae72d486394d43e4012f69c28135b113722cee7909e9aa7c86c646,2024-11-18T18:08:14.730000 +CVE-2024-50329,0,1,a5ea09d1ed1836515ad7005f447c09f30856e92d8233eaa41c849886630c9e9f,2024-11-18T18:07:25.600000 CVE-2024-5033,0,0,34cd1f889798bbfeb338d8d711a920994993596df17d9daf9b428477bffed7c1,2024-08-01T13:59:38.730000 CVE-2024-50330,0,0,9adea21497de3fd6fa338dbbeeee11f82df83b3812cd7c8ee66cfc42b7f9da18,2024-11-13T17:01:58.603000 CVE-2024-50331,0,0,0efefdc442f17310b17484439f925e60449deab6fb67909d6983ddda38520b8a,2024-11-13T17:01:58.603000 @@ -265543,12 +265554,12 @@ CVE-2024-50346,0,0,fb25cbb7b8a23f8bc4a8f048afe511d7d942fe5a9bb027a602dbfa956ec82 CVE-2024-50347,0,0,27f16939f93088b46ca4735812513cca765a91a390b88a1aa60491d8fb6217f3,2024-11-01T12:57:03.417000 CVE-2024-50348,0,0,fa8a8e9e48d227df1afdc378e4ee00ffda2dd051bb15c8b477e290549096cb45,2024-11-06T14:49:46.073000 CVE-2024-5035,0,0,592ce94ebba91d65c9cac29085dbc465d14be23d13ac08f1e0101f9ce552a856,2024-05-29T05:16:08.793000 -CVE-2024-50350,0,0,fe33fb1c52289387a103d60f99132eed80d6bd254f86a98de7b78a4c941057aa,2024-11-15T16:15:35.537000 -CVE-2024-50351,0,0,ae2519e0c7bf4bfda7fca0bf4c148d971d247eeb107cc3d234d0973074b92910,2024-11-15T16:15:35.750000 -CVE-2024-50352,0,0,e598f971ea4973919bec33ee98be0b76e78d3b7e47b4e2939d4342c0730209ed,2024-11-15T16:15:35.960000 +CVE-2024-50350,0,1,e57f4a922e1c79b0180c3e0592329ef6fa2f99c33aa6b49b9847573b9eb154a7,2024-11-18T17:11:56.587000 +CVE-2024-50351,0,1,9945f6315496e7ffef292cb6bb254851f7ffc08bf0016a8aaa4ebfb81815189c,2024-11-18T17:11:56.587000 +CVE-2024-50352,0,1,276319a772cc6b9c79af7c6a81a9d32a71ed55878cf5ece133a4c8f2dece885c,2024-11-18T17:11:56.587000 CVE-2024-50353,0,0,ccbaa89f0150ad038f7930bf7da95bdebd48b8dd8438583bd87ed80c0a277898,2024-11-13T15:15:19.900000 CVE-2024-50354,0,0,5fe2cfed42eb75a8865a8b156fa958f7af02063c60312ccd6714684eb18cee96,2024-11-01T12:57:03.417000 -CVE-2024-50355,0,0,f1ef7d5e8f66469b3931f44256f6bd3ac9c89a211edc6ffbf7eafef6207e5929,2024-11-15T16:15:36.160000 +CVE-2024-50355,0,1,fdf0f4898bc3208a4640ca7d84f1eaa6d82a458d706df006a383628856cba927,2024-11-18T17:11:56.587000 CVE-2024-50356,0,0,1007ed397ecbfac0c7e4779187113696b4d36207eb77ee96ff22c8fde6a29757,2024-11-01T14:35:08.330000 CVE-2024-5036,0,0,e97b40bd40cf208c311323e6564cb1ded96d8cc433059436a8705289f1e02a66,2024-06-20T12:43:25.663000 CVE-2024-5037,0,0,46d4a5c4b83922b1ee19bcb8bbc97a0a290a2086fb5a073395bdb9a5e03441e0,2024-08-19T17:15:09.807000 @@ -265730,23 +265741,23 @@ CVE-2024-50634,0,0,fc2a161c2c755e76311d472b0c0ca48eeb524c368ea8177e76956b97738f2 CVE-2024-50636,0,0,2fc9138fa183119876b777928207f426f13352402fa782392dc2b828754f0184,2024-11-12T13:55:21.227000 CVE-2024-50637,0,0,7cb3fd4c2566fc1d1593156e77d24b90af6dfd042618185e839399543b673bed,2024-11-07T14:15:16.780000 CVE-2024-5064,0,0,d857d2e0ee5316e135c4045ce3a7ab1579933a9b029d66480995681ffcc21c71,2024-06-04T19:20:57.870000 -CVE-2024-50647,0,0,2e7f3d7e544ece0ccbd2aaa6f612b5dc159612e5869768624aaaad0a22d84340,2024-11-15T16:15:36.467000 -CVE-2024-50648,0,0,30c2e10e651b32960de225f86256bd9fbaacf658adf0001ebfbed0c8c5c26fc0,2024-11-15T16:15:36.547000 -CVE-2024-50649,0,0,7d22823a31c69e206ba178b089c551e50e81d6f9ee0c9cb53f27845845392f2c,2024-11-15T16:15:36.637000 +CVE-2024-50647,0,1,2f1b25461563552e982e44a8122ac67b8e909c8006bcf9d6b08017cda35c871b,2024-11-18T17:11:56.587000 +CVE-2024-50648,0,1,8d88e1a56eec66687b18c12dd639177f29571163e2e04fe20c5aaa77060d8cf9,2024-11-18T17:11:56.587000 +CVE-2024-50649,0,1,30f98c934ecd40b39fb07714211655ed46ad00ddd9fab5b075877284c12cdf85,2024-11-18T17:11:56.587000 CVE-2024-5065,0,0,0430cc7c42876b1507fe619bbbc6ece1ba2c878f57a5564022a1efa295cd852d,2024-06-04T19:20:57.977000 -CVE-2024-50650,0,0,5bec41adc57062c51936e8c337bf1e936a3ecb43832b17672528a8666a80227d,2024-11-15T16:15:36.710000 -CVE-2024-50651,0,0,4bf05b042e73c0bfe89a5dc5ae8bb550ea2493dde13bd6ee166a1ac311cf9dc2,2024-11-15T16:15:36.783000 -CVE-2024-50652,0,0,4c6e0ebe8d90d732657f125730d362693c1bd46064ac0d862788dfb71947eb2e,2024-11-15T16:15:36.863000 -CVE-2024-50653,0,0,04aa223670ca8ac7e6e42eb750922eb1eddd03b40c75ac69ba2037e986b202fb,2024-11-15T17:15:20.417000 -CVE-2024-50654,0,0,08c547c72106766138db6ec1da1c94ff7787e165e8917a63881abe77d6f40591,2024-11-15T17:15:20.507000 -CVE-2024-50655,0,0,da0d9e781c2b1c6164c6a6f739060bdc8f25ef4722f41360417dac50f1ba609e,2024-11-15T17:15:20.613000 +CVE-2024-50650,0,1,79073e45a142b2e7e0b1ffcbc4f3efa33ba6c864e47e5edadaac92d5aa2c4220,2024-11-18T17:11:56.587000 +CVE-2024-50651,0,1,e1e29eae9615e8af1d8d4e541563c16521fb17dbf6afeff80e640e07c7702ef2,2024-11-18T17:11:56.587000 +CVE-2024-50652,0,1,c46d900b0ec3c3d3dc69c000a8af48eff0cdc2a83f00bffa34618c3851a639e9,2024-11-18T17:11:56.587000 +CVE-2024-50653,0,1,589a70a5b23d6ff26b253303c4ff3d9339d3b1afb47dfccd1dd0e0148641fc3e,2024-11-18T17:11:56.587000 +CVE-2024-50654,0,1,636204422820fa654d237311aa5adb78a2e8a9efb1fc151cee7ee535db42c773,2024-11-18T17:11:56.587000 +CVE-2024-50655,0,1,50cf44ca1f4ce3c8283ef1691ecd956733167f08544895b355697c18f31ab1e4,2024-11-18T17:11:56.587000 CVE-2024-5066,0,0,afaa043e18b083dd4b11b301517b086f80728c1a74393b687f88875df4970445,2024-05-20T13:00:34.807000 CVE-2024-50667,0,0,0dcbd7b35b311fe7a681d780dcbe2293327603709e31a27594acb760866d084d,2024-11-12T17:35:12.270000 CVE-2024-5067,0,0,7a5f09523c1a14d6651905f1f8853395c32eebb526caa99a81fddc9a443e16ea,2024-09-05T17:29:32.287000 CVE-2024-5069,0,0,9472ccb93cc67e368452ccbd7690fcdac2e9c6bf3a0a4c1febdda7b23dc05b96,2024-06-04T19:20:58.080000 CVE-2024-5071,0,0,1e84a840bf7fe6d05a333c61daff03721e2399762594abd260e8b415b74d49eb,2024-10-28T21:35:22.430000 CVE-2024-5072,0,0,b208332fdeb0349d564f3ae12700e597664b77bbcd409305187f03a8e1be9ee8,2024-05-17T18:35:35.070000 -CVE-2024-50724,0,0,5876d658fd18659eb21f77ce4b57af6281fab952c0298d4065af6f6407d660a7,2024-11-15T16:15:36.943000 +CVE-2024-50724,0,1,ec9e73171eb7b496abcb9bb028dd6b1c4fa67552f12252509bd5040345a8bc1c,2024-11-18T17:11:56.587000 CVE-2024-5073,0,0,84e84c9e85d38ba2ba8fcac94cd632adf73ebd62caf103a5afc104149a6ce671,2024-05-30T13:15:41.297000 CVE-2024-5074,0,0,323ff3e4be9a1a01795a645c087210e0124e3c1100808fef1bff4cc986dff48b,2024-08-01T13:59:39.780000 CVE-2024-5075,0,0,3a68f5400be3fd65933ca2b54d2fe1b2cd42ebfc5586417b08ab71b3ebef46c2,2024-08-01T13:59:39.960000 @@ -265755,7 +265766,7 @@ CVE-2024-50766,0,0,af3ada3641e5f900c68c3d98d58b715ce7a7d6da5b4d545f2ac59e163c2e3 CVE-2024-5077,0,0,58d61679dec16d0807ee3c6d8f70abda23dd3b8ef542c3a47286601f3d544039,2024-08-01T13:59:40.333000 CVE-2024-5079,0,0,03cab751fae6538cdd3ee0f9a467090b1b9dca8ded972c9a24812d90a2b62ab7,2024-08-01T13:59:40.517000 CVE-2024-5080,0,0,88ae00b43e12b64ab9ecc2d4c4ea1fe4d89b86d4c131aa05e4a989c5a4e3b207,2024-08-01T13:59:40.707000 -CVE-2024-50800,0,0,ab830a43039dc3b7687658827fe30858d8d98c5f738791670612919030dff069,2024-11-15T19:35:15.183000 +CVE-2024-50800,0,1,41d08e703d2d0d1bc76e1244af52877536c0238af8df7745121db1f62bee0ba9,2024-11-18T17:11:56.587000 CVE-2024-50801,0,0,b02fd2a4d914f47ebf18861bef14a429b26208dd8058232ee786f89bcea879c0,2024-11-04T19:35:13.810000 CVE-2024-50802,0,0,8492f5be24f5ad2918f47970062e4bc2c1c3f432ad972af1d330cb18adac5b2e,2024-11-04T19:35:14.907000 CVE-2024-50808,0,0,1a667410201903fdc8230c48df98057d6516bd370b3a4500e5037005f86c9f20,2024-11-12T13:56:54.483000 @@ -265764,21 +265775,21 @@ CVE-2024-5081,0,0,0bebffdc717b25462ccb5a198cb29076c0fa0475011c795b0df7ab25d1acf1 CVE-2024-50810,0,0,7da23b2ab88a2657cb76543548549613aa1f561df30582c648f7520bf514f0d4,2024-11-12T13:56:54.483000 CVE-2024-50811,0,0,d8ef1ac40dcb898d28bb949cb8cb9a8ce73f83d8e224524d33d6a2ba92df335a,2024-11-12T13:56:54.483000 CVE-2024-5082,0,0,3c0f951c5b33762a472b3ea33ccf88b6977979b0c14a32ab8b6cbf67889fd7af,2024-11-15T13:58:08.913000 -CVE-2024-50823,0,1,897f8833146d447692eb156b62b06111d7de9e1c8b567c234b9e02469c9a8ba9,2024-11-18T16:38:57.740000 -CVE-2024-50824,0,1,253e2fab01ea70e172af1e32c03253e68d2f52e9d8bb420f1349302793f44bc2,2024-11-18T16:39:08.460000 -CVE-2024-50825,0,1,a852c67a775613f61951784ba1d85aff05fff458a46967d4a2cb3204190cec50,2024-11-18T16:39:12.563000 -CVE-2024-50826,0,1,567effa0d1cbd05266720d07d2dd66e1e6b91192087abd2144b16dd48d7d0918,2024-11-18T16:39:16.613000 -CVE-2024-50827,0,1,435aacc94b8322ca86cfe690b21b579c2653aa61b9b69325d9e5b13661528886,2024-11-18T16:36:35.027000 -CVE-2024-50828,0,1,f962dcec3787b9a5fb3bb7b224d2e641691bae11a517565fe9f4bdf5de52ad2a,2024-11-18T16:36:57.377000 -CVE-2024-50829,0,1,8c8780538cf4ded486475b58e8c5a37ae92ec286bd47b319093dfcc48435888c,2024-11-18T16:37:17.363000 +CVE-2024-50823,0,0,897f8833146d447692eb156b62b06111d7de9e1c8b567c234b9e02469c9a8ba9,2024-11-18T16:38:57.740000 +CVE-2024-50824,0,0,253e2fab01ea70e172af1e32c03253e68d2f52e9d8bb420f1349302793f44bc2,2024-11-18T16:39:08.460000 +CVE-2024-50825,0,0,a852c67a775613f61951784ba1d85aff05fff458a46967d4a2cb3204190cec50,2024-11-18T16:39:12.563000 +CVE-2024-50826,0,0,567effa0d1cbd05266720d07d2dd66e1e6b91192087abd2144b16dd48d7d0918,2024-11-18T16:39:16.613000 +CVE-2024-50827,0,0,435aacc94b8322ca86cfe690b21b579c2653aa61b9b69325d9e5b13661528886,2024-11-18T16:36:35.027000 +CVE-2024-50828,0,0,f962dcec3787b9a5fb3bb7b224d2e641691bae11a517565fe9f4bdf5de52ad2a,2024-11-18T16:36:57.377000 +CVE-2024-50829,0,0,8c8780538cf4ded486475b58e8c5a37ae92ec286bd47b319093dfcc48435888c,2024-11-18T16:37:17.363000 CVE-2024-5083,0,0,732c694a7e1209ed2f8fc7bc4b33638dd34156f3bcdf08e1c465413b90acb66d,2024-11-15T13:58:08.913000 -CVE-2024-50830,0,1,bd775197543a3266c4d4d5c6e77884b321e20fc059826bfff304cab32167cd2d,2024-11-18T16:37:21.377000 -CVE-2024-50831,0,1,29b467fc81fe6a7de10b2d3369cd17349f6b9e9a18bd0075164ebe98d10827e7,2024-11-18T16:37:24.967000 -CVE-2024-50832,0,1,80c3f586991f0018e3613b938030f0ee43ec2ccec3386f6e8282e9d5ed8f5250,2024-11-18T16:37:57.470000 -CVE-2024-50833,0,1,4b348468dd295af5f32f716d125c34bcada9ced033acc8cc1677705146a036ac,2024-11-18T16:38:12.770000 -CVE-2024-50834,0,1,82d5b2af22181751f4f11afb192d84f132318db49ba1a701b0cde42308c0dcb5,2024-11-18T16:38:39.357000 -CVE-2024-50835,0,1,397312567174f26bbc5dab16c33e6c34651311612495b682f2e96b8b94d95b88,2024-11-18T16:38:44.020000 -CVE-2024-50836,0,1,518caf893960ca17e9dbb54f5add7adb4f3ea2434220a423ea3505849dd2f243,2024-11-18T16:38:53.153000 +CVE-2024-50830,0,0,bd775197543a3266c4d4d5c6e77884b321e20fc059826bfff304cab32167cd2d,2024-11-18T16:37:21.377000 +CVE-2024-50831,0,0,29b467fc81fe6a7de10b2d3369cd17349f6b9e9a18bd0075164ebe98d10827e7,2024-11-18T16:37:24.967000 +CVE-2024-50832,0,0,80c3f586991f0018e3613b938030f0ee43ec2ccec3386f6e8282e9d5ed8f5250,2024-11-18T16:37:57.470000 +CVE-2024-50833,0,0,4b348468dd295af5f32f716d125c34bcada9ced033acc8cc1677705146a036ac,2024-11-18T16:38:12.770000 +CVE-2024-50834,0,0,82d5b2af22181751f4f11afb192d84f132318db49ba1a701b0cde42308c0dcb5,2024-11-18T16:38:39.357000 +CVE-2024-50835,0,0,397312567174f26bbc5dab16c33e6c34651311612495b682f2e96b8b94d95b88,2024-11-18T16:38:44.020000 +CVE-2024-50836,0,1,fdbd6ed7c2dedab28ad9506291480fd0e9e8b252aece804f823e319c53ef4b67,2024-11-18T18:35:05.817000 CVE-2024-50837,0,0,fa916683a3dbdfde4d576245ae8ebbe1bad5683debaaa4ab7d920a9d6cde4375,2024-11-15T13:58:08.913000 CVE-2024-50838,0,0,03dc014a97e8c40e12ccc27e79d2f7d1a4be7052e0e877e043248cf17a531f10,2024-11-15T13:58:08.913000 CVE-2024-50839,0,0,3a608a7f42db8a1d3498636aca9211ea343bc7800681c21ae957ddd569de8350,2024-11-15T13:58:08.913000 @@ -265812,8 +265823,8 @@ CVE-2024-50970,0,0,2e7889cd3277e474e337527bd160fa64940d7885ad18ecb1fd92dbeebea4f CVE-2024-50971,0,0,848df10022c9f75f1c9b9af05147f0923c3bc4a87738961451f1396fe9fbaab2,2024-11-14T14:54:33.787000 CVE-2024-50972,0,0,4e8fb2dd82bb709cf8c210bd21d32873aff8eb306d7b228bf00eb024671ceb3b,2024-11-14T14:55:08.567000 CVE-2024-5098,0,0,51bb68a404444dbad57c4444d3880f6dd34c8b10fc09ab7783a9da02fb8f5608,2024-06-04T19:20:58.887000 -CVE-2024-50983,0,0,84de45fb907a99039ccf14e66e9e37e3e137e1772ab203e8910a8d2f6cceb415,2024-11-15T22:15:15.907000 -CVE-2024-50986,0,0,949bd035da5362255ed7ac7c9edff0cc7fd8e202111ff0c1f3097978f8821437,2024-11-15T15:15:07.773000 +CVE-2024-50983,0,1,b788efdc706e09905a05cbb8f2412988baac49089c45fc037f14c344dc2f8faa,2024-11-18T17:11:56.587000 +CVE-2024-50986,0,1,a1375d0ed956ca08af4c36c003d3cc8eaaa620cc5988dd8959e4c9eb84629a4c,2024-11-18T17:11:56.587000 CVE-2024-50989,0,0,539ed9c0a64887e69fa9cae96035a115db3a8a96afe0045140278b0fb7737495,2024-11-12T18:35:31.437000 CVE-2024-5099,0,0,c449033239abbf7fd2bba4f64694ff77374623f364f0fa141d0a92a151a3ab2c,2024-06-04T19:20:58.993000 CVE-2024-50990,0,0,3537d7668a1d8721c4b70a753dc5bd5ceae4b32dbcc1547432740e88301eb02f,2024-11-12T20:35:16.907000 @@ -265859,7 +265870,7 @@ CVE-2024-5103,0,0,aef0baf1fd7c527670ecf099c59b541b0a60e91a3e6b8de1c582546f74d7df CVE-2024-51030,0,0,f2e747039aa1c94bb05e787f4d207222d754db12ded9f6bb6df83cbdf74d7a25,2024-11-13T16:47:16.060000 CVE-2024-51031,0,0,b86b8798942030d83468cd0fee37fbed37248c27fcb27a06dd2e8866d706c425,2024-11-13T19:34:52.990000 CVE-2024-51032,0,0,8ef48ff90dee211a4695fed712dc76f07ccf41b216d3f511e2ee570e4fc12c05,2024-11-13T19:35:03.467000 -CVE-2024-51037,0,0,227ae7b5cb9d86b36d7cd849e72d041623335a38cbfae0382a862c71b1bd6796,2024-11-15T19:15:07.803000 +CVE-2024-51037,0,1,1a46f505fe8195b361e8845b5554521fbe70ba9870071aa0cdba65b521761d81,2024-11-18T17:11:56.587000 CVE-2024-5104,0,0,8d4ff1d965ca43b16b77c8055dc82631e6e8123b480d913038100bbc16c5fc14,2024-06-04T19:20:59.397000 CVE-2024-5105,0,0,c1afcbdfab9cbf8b7401c36e665ea5449fdb0423f5baf719d1747abc02484d12,2024-06-04T19:20:59.500000 CVE-2024-51054,0,0,5f7e39a7aaba6174905b6372920760418cc96f41e26463faa8167a7c26d82367,2024-11-12T20:35:17.823000 @@ -265875,7 +265886,7 @@ CVE-2024-51075,0,0,65ae3c5f839d1343cfe96d616d54dd3277e3aa60c8e36fb4e4a98f4465a84 CVE-2024-51076,0,0,cd339191f7270b925031f2e79ccdef36faac89c073f1d7fece38ee50c55aeb1f,2024-11-04T13:41:48.267000 CVE-2024-5108,0,0,b8eaa0c49e3b7a0772fb8d227eefbcd229b705e71c1ea537a10c0b9ca289502f,2024-06-04T19:20:59.700000 CVE-2024-5109,0,0,ceb18a5d96497e9a6ac7740a19ad17f4e12924c64b1533f15150f5dd2571e331,2024-06-04T19:20:59.803000 -CVE-2024-51093,0,0,70b0da1395aa1fd7d223f8a1ca5a0874697a23e76df9769a11cb02923393ec6f,2024-11-14T22:15:19.993000 +CVE-2024-51093,0,1,0a822b4a1682e56f2eda76ec69439d08f6dec6cb34fd3d39887c26822f96e2f5,2024-11-18T17:34:30.303000 CVE-2024-51094,0,0,0ce73c327a1533ca853f11e375f5bcf1b18f54cea162e0846fe5dae6c98f7269,2024-11-13T23:15:04.207000 CVE-2024-5110,0,0,97ec9134be0ff29c231012cbb3632c9becbf0944f1a706861520a2aec58057e2,2024-05-20T13:00:04.957000 CVE-2024-5111,0,0,1e1510502a884c6f23b18cee848205aa75aeed3171cb87569d39e4078bf9232b,2024-06-04T19:20:59.907000 @@ -265888,14 +265899,14 @@ CVE-2024-51132,0,0,741849111477a3dea70a3f4f159f318bcb11e986e2637afecf8a608cf70fd CVE-2024-51135,0,0,14e718ab6bbce05ef8372500586cdca65e1edc88403906fd3621efeb1c3a8273,2024-11-12T17:35:13.127000 CVE-2024-51136,0,0,b7028b746c76b0b8db7064a5c94d8b9b8b4865b267652b712081099f88f87998,2024-11-06T19:31:15.230000 CVE-2024-5114,0,0,51655375bf74d88d0b44bf3106775b49d83b04b179d3446b4a92ffe727b17b66,2024-06-04T19:21:00.217000 -CVE-2024-51141,0,0,72704e13d12a17e571c3a7505e61832763889d7be7070a6bf2a4ed14cd771078,2024-11-15T19:35:16.037000 -CVE-2024-51142,0,0,fd30d68982f80038879876bcb7da202ea098b1b06829842cd1d2fd879f794ac7,2024-11-15T19:35:16.907000 +CVE-2024-51141,0,1,6fd98aa7095a3df6c8f83a85424f84775ce2f15b690f28e90e3bba828d669bbd,2024-11-18T17:11:56.587000 +CVE-2024-51142,0,1,08dd3f065f14213889ddc99a606d0cde77afad89b5ddcf2a8d33ce1396033085,2024-11-18T17:11:56.587000 CVE-2024-5115,0,0,566281473e2daa2487dd251e202869dc3059aeec07f7c63daa38b65c3bae3de7,2024-06-04T19:21:00.323000 CVE-2024-51152,0,0,2fc415b0efc6d5417097e1245b382b91c976aaa5917a1040e7761d3f03c4c572,2024-11-13T20:03:06.083000 -CVE-2024-51156,0,0,ab531e15c589d8d218306e8fd6a6995b5bbbca61f7ac15e609aad877e064595a,2024-11-15T13:58:08.913000 -CVE-2024-51157,0,1,113cde3c71891d82bf55f2d0b4674fdfc6000fe1838706cb74a6d985959d76d5,2024-11-18T15:35:13.060000 +CVE-2024-51156,0,1,950cb85b625d9788feaa8ca00bca17d1dc7f49ab66d36281c4121d0068dc7fe0,2024-11-18T18:35:06.703000 +CVE-2024-51157,0,0,113cde3c71891d82bf55f2d0b4674fdfc6000fe1838706cb74a6d985959d76d5,2024-11-18T15:35:13.060000 CVE-2024-5116,0,0,8edab88198021b2d3b9901d621d1dabac4b2933945eb225d0257a88c98ac3f15,2024-06-04T19:21:00.430000 -CVE-2024-51164,0,0,b9f1776fc3ef4840650c14e1a3f3e7dd8ac91dd3773b241274f401af13a4a1cc,2024-11-15T16:15:37.057000 +CVE-2024-51164,0,1,ceab88983ac8f1f076554a5fc06b1fdf761a41119ff559a9cb41cb2ae46055ec,2024-11-18T17:11:56.587000 CVE-2024-5117,0,0,8f71e5dda3348556d6b06143dcd47b79229dad0468d30aa7c38f8c5c1ecb8524,2024-06-04T19:21:00.547000 CVE-2024-51179,0,0,1ac36b7f8ecbb6442c3e82b8bfc190a784ef1fdb6227f3a1da3d4126f204bf98,2024-11-13T20:35:10.303000 CVE-2024-5118,0,0,ede24973ef1505b96fcd3c614d177bf90baaafde820cda4461fa6280b3c2b455,2024-05-20T13:00:04.957000 @@ -265951,7 +265962,7 @@ CVE-2024-51327,0,0,6dff1d9ddb8570601185ec672ddf11cc5295d3cdce074e30aa360a3024bc5 CVE-2024-51328,0,0,2b00b7365b3324739a77fda3a7b20dd87707f9d87480b5fe651b2c4602f0e7fd,2024-11-04T19:35:16.150000 CVE-2024-51329,0,0,134d8b5a46fc76f9917a9aed6fc6c4366a039772d7dfe5acc179470dd93f05e6,2024-11-06T19:19:24.793000 CVE-2024-5133,0,0,ce2c3261ccf7a6af3656f0cd319a645240f50aa81e714a3f3634cc2f14d7c857,2024-10-17T16:41:53.717000 -CVE-2024-51330,0,0,623b675eccffcbf1cf55a5f779caf9f08fac1ee997e235e10f58c6709b1207ca,2024-11-15T19:15:08.057000 +CVE-2024-51330,0,1,e96a5de3ed2885ee831e7c318016642092d9f94ed9c27996decdea1687d8ed73,2024-11-18T17:11:56.587000 CVE-2024-5134,0,0,58696e79550f0b90695fd0ef5882cdbbda645a91799b45ef9d447d20546faa19,2024-06-04T19:21:01.167000 CVE-2024-5135,0,0,2e8010a5b25d8168b9552f9cffde1de1e433efa7269af046a0453f1985b50c89,2024-05-20T13:00:04.957000 CVE-2024-51358,0,0,15a6b357b2a15ba2efd09a7258436a688d09605b686100927239b26110c73a5e,2024-11-07T20:35:14.957000 @@ -266002,10 +266013,10 @@ CVE-2024-5149,0,0,35aba13432990695b4ab26ada33d31578be519ff456b8edf807a15027d0b18 CVE-2024-51490,0,0,ce278c5bd11182b0f76e1306bfd4f5475ffe3bef255b34a2e09a247de41ed216,2024-11-14T20:13:01.587000 CVE-2024-51492,0,0,0a58c7013d2cd1abea36461b62b0843b3a8fe747b96ce2f6ac388e3c542b0b6c,2024-11-01T21:15:15.080000 CVE-2024-51493,0,0,905ca061a7e2249944cb0aec37c9054b75e237343bc05a733cf47492ea8f9f1d,2024-11-06T18:17:17.287000 -CVE-2024-51494,0,0,3bf3dc12c3275774bba61fd80cb9b469c3d1558c31dcf555fea4131d1a96dff7,2024-11-15T16:15:37.140000 -CVE-2024-51495,0,0,e5f07f08dba079d6dbed1b9bb4b396d9f02dcfcea5a5cfc1d096beea8d8ada12,2024-11-15T16:15:37.343000 -CVE-2024-51496,0,0,74cb6333739e3cc4c8e4c5764cfdffa2904217e6fbc34f4ca72b325e67ebd30c,2024-11-15T16:15:37.553000 -CVE-2024-51497,0,0,a39c34b7cc7817251d031d66b8a932ec72bf7d572c96a4983b8eae763d06c98b,2024-11-15T16:15:37.770000 +CVE-2024-51494,0,1,768d94c39977f281a9540a82a00ca9b85738d8e30ad5f5d9b39024226fed849c,2024-11-18T17:11:56.587000 +CVE-2024-51495,0,1,3aac532ebc83170fd4cdcd9b274e0e501971f24b62c956648aa38b4122350852,2024-11-18T17:11:56.587000 +CVE-2024-51496,0,1,5c3e7be7ec9a4a69a1b4281bdab16f27a5c3b5479253ca9e63bbb38f107e808e,2024-11-18T17:11:56.587000 +CVE-2024-51497,0,1,127d4c66ad34629669c91d690522d14baeaed8083c201258d7ffba47bba9e734,2024-11-18T17:11:56.587000 CVE-2024-51498,0,0,a215c64a461c357224f24d4e16a3f3f3214ac081278e197bc9556945ad303f5e,2024-11-05T16:04:26.053000 CVE-2024-5150,0,0,af277f2642e60b6f0769d64573990279b6b64286b8d76d1359b09a52e223643b,2024-05-29T13:02:09.280000 CVE-2024-51500,0,0,42c2a285903076a2664ebb01d93e2fe7be0196e6180cfa0174e85e23f0ae008b,2024-11-05T16:04:26.053000 @@ -266074,20 +266085,20 @@ CVE-2024-51582,0,0,9c6a2abc6ff39ea954384c7b38779cdbe6d44511f3a75194c8ab9223c55c7 CVE-2024-51583,0,0,010a1e766cc75cf146f9c46f237fd66f102136959cced374ac920d84a09d74b4,2024-11-14T02:17:13.323000 CVE-2024-51584,0,0,9c4a52f0d53ee42578cceb9af71c252fa973eb5d3948982134b3891bd8f24f09,2024-11-14T02:23:33.777000 CVE-2024-51585,0,0,0bc0ac1464e29ee44df8444d7c4cdb63f1fa2b443bcb1af0569bc42ab7621110,2024-11-15T17:17:47.730000 -CVE-2024-51586,0,1,2d1b810317c0d8f65bbc319963d9355b4952c0b5006d44f99373798c188f9277,2024-11-18T16:45:30.550000 +CVE-2024-51586,0,0,2d1b810317c0d8f65bbc319963d9355b4952c0b5006d44f99373798c188f9277,2024-11-18T16:45:30.550000 CVE-2024-51587,0,0,5012d2ea8e67b5c3d09827ef519aa6163b1c4ce17e7784b8af6d96ad392aa639,2024-11-14T20:26:14.467000 CVE-2024-51588,0,0,70526e1ab4d1d5c15696a10cecb0303b3b1171b870de0da3e9c134310aec09dc,2024-11-14T20:26:28.047000 CVE-2024-51589,0,0,f74ef05c06e608fec4a8cb8e6637837c5709985a6e45866d77121ef9596fd10a,2024-11-14T20:26:41.497000 CVE-2024-5159,0,0,6487690749e64572084b0b1ffb84b7950e8b682c3129ca3d21d0dbc204e9ec91,2024-10-25T19:35:15.010000 -CVE-2024-51590,0,1,6c1cae916fe484c86555ba63169dc3ad9ff6121b09849d34400566f0f6e970bc,2024-11-18T16:44:27.333000 +CVE-2024-51590,0,0,6c1cae916fe484c86555ba63169dc3ad9ff6121b09849d34400566f0f6e970bc,2024-11-18T16:44:27.333000 CVE-2024-51591,0,0,726468de391ad91b93d7baa9a968a1009926515da7cdc024a9ffcb433fe899c7,2024-11-14T17:51:14.717000 CVE-2024-51592,0,0,6dde9559fc706856c16fa16d5ca27161b15508ec6dfbe02d9bb0b204646f1a04,2024-11-15T17:04:52.197000 -CVE-2024-51593,0,1,14208f458acbc1944a1f4d7b078b1936cba888671b10f332e0d4198f20f92385,2024-11-18T16:42:06.290000 +CVE-2024-51593,0,0,14208f458acbc1944a1f4d7b078b1936cba888671b10f332e0d4198f20f92385,2024-11-18T16:42:06.290000 CVE-2024-51594,0,0,23c2bde634ef42108d5f97125b3187b82c0cbc626b82203b6c3273a5f7560ce9,2024-11-15T17:15:21.580000 CVE-2024-51595,0,0,10c393f98a067c2f8e99f7ad9b6b4c58d89c36bcb5b68d6536bed94af2eb5437,2024-11-15T17:03:07.770000 CVE-2024-51596,0,0,01788e96d18557d9efd5f3a1c0cc87c5c59abd37f0da1cf910d07664ffc536c3,2024-11-15T17:01:15.687000 CVE-2024-51597,0,0,e580da6df611238773fd113640aa155cd0ddae703c31494078adb66dd981bd48,2024-11-14T20:27:46.943000 -CVE-2024-51598,0,1,cf58f120b68b7927fe29dc94aa870e27fc89bd9b58085f0a65ebf594ffeae2d8,2024-11-18T16:37:58.447000 +CVE-2024-51598,0,0,cf58f120b68b7927fe29dc94aa870e27fc89bd9b58085f0a65ebf594ffeae2d8,2024-11-18T16:37:58.447000 CVE-2024-51599,0,0,7acfc4d03f6c4e0241e4f801826852b96d8755f6240b0f8a5702939c52f7cc5a,2024-11-15T16:55:34.480000 CVE-2024-5160,0,0,761bdadb9ac3f89d156978519ca326c5704c62592c7f03e703ecc7e802a865d7,2024-07-03T02:08:36.807000 CVE-2024-51601,0,0,1c0dbdb8639065f7f5ea5f6062d0125a4c4ce4b0c601912e96fe5db543ebfd2a,2024-11-12T13:56:24.513000 @@ -266127,10 +266138,10 @@ CVE-2024-51659,0,0,78d45b532178a143b0c2b377e8ea9093595088b2434d4e401a5f34f0a4ad9 CVE-2024-5166,0,0,5c544eab21844e01fabd3874ed7776a55145987bd3a510311ad16f12f33bd2bc,2024-05-22T18:59:20.240000 CVE-2024-51661,0,0,7f81708d1fd43600536029afc897b01b4855aee3d2fe39c5692b8132139274de,2024-11-08T15:02:08.660000 CVE-2024-51662,0,0,55b3b930a708e0b1f39e971bf0a8031fc7194c46e2d846ee33949a5396059d6a,2024-11-15T17:16:49.063000 -CVE-2024-51663,0,1,520a8635ff522fdc65658b7a70adf68b74653e7c0896676e8030c7152d369f95,2024-11-18T16:54:02.457000 -CVE-2024-51664,0,1,731666371e8e1d3dea3af653d547a841307a12b3ed3c176b0312ba2fc0f9e478,2024-11-18T16:55:08.183000 +CVE-2024-51663,0,0,520a8635ff522fdc65658b7a70adf68b74653e7c0896676e8030c7152d369f95,2024-11-18T16:54:02.457000 +CVE-2024-51664,0,0,731666371e8e1d3dea3af653d547a841307a12b3ed3c176b0312ba2fc0f9e478,2024-11-18T16:55:08.183000 CVE-2024-51665,0,0,836ecda2a38ee75dca042d09339ec8247ed79262a6a8d01bd25035a2e84a5ce0,2024-11-06T22:07:10.707000 -CVE-2024-51668,0,1,4ac7d5e93cb809510601d69159928326b54ee48272274d0a2c08f9b129fc4bba,2024-11-18T16:51:31.227000 +CVE-2024-51668,0,0,4ac7d5e93cb809510601d69159928326b54ee48272274d0a2c08f9b129fc4bba,2024-11-18T16:51:31.227000 CVE-2024-5167,0,0,a26d674346a63d8730649864e3fcc22e33fb8b5877ed990bcd49874aef8d8c48,2024-08-01T13:59:41.660000 CVE-2024-51670,0,0,6b1c3ded81e899ea83f78c72687b003b0add9ee5b9d5d075c91040d8d36272c7,2024-11-12T13:56:24.513000 CVE-2024-51672,0,0,14a5ef0a87d874231b0f786642aa34aa9f0064d5c86f2b9992f4fe90d62559ab,2024-11-06T22:08:22.747000 @@ -266213,8 +266224,8 @@ CVE-2024-51760,0,0,ed9651aa9154a248687433de274acd9501a7b311268ff1812cf9f76a64d59 CVE-2024-51761,0,0,7fba3491ed17cbb0fcacf7e06dec1801a39b2cbb0c39394d461b327fba0f0b35,2024-11-12T13:56:24.513000 CVE-2024-51762,0,0,d2974582ab4193d4fadecd27c7279e3cb5c2f47e26174ca4e5af6a95c50b9465,2024-11-12T13:56:24.513000 CVE-2024-51763,0,0,1ab0b26c017f9714f7e7328b764552b7d7949949df835662c6f45441aac0b931,2024-11-12T13:56:24.513000 -CVE-2024-51764,0,0,8800ca929d396499daf3236208fd4ea66794e6173690a1c1b1f0ac3f2b68132e,2024-11-15T22:15:16.017000 -CVE-2024-51765,0,0,2b45b920dce3433278e2cb17cc21b3c3ec955264a5b038b22d8bab75a4c3fdc6,2024-11-15T22:15:16.090000 +CVE-2024-51764,0,1,def0e3fb323dc13a1f4a64814ea981d074c49d7989310b17392be2a0714a827c,2024-11-18T17:11:17.393000 +CVE-2024-51765,0,1,b696206920e921448f918bf47ede8d4508cbd7694ac354ffb3bb3d5f575f1ff2,2024-11-18T17:11:17.393000 CVE-2024-5177,0,0,4596ccdb96b84f0f6003dc91187b58acc558e0743564be9aa6ad28db4e46749c,2024-05-24T01:15:30.977000 CVE-2024-51774,0,0,669a599ada079f107ff827e67143f083d374e9861d23daa36ef167763e62d529,2024-11-06T17:35:41.767000 CVE-2024-51776,0,0,5ca2c4eb522419754c0be1183c799032dcc5ffdbcb2b4aea116b020281ac6eec,2024-11-12T13:56:24.513000 @@ -266333,10 +266344,10 @@ CVE-2024-52293,0,0,3c3d696a9a9dccf81a0dd8822f740fd8582d0351216fbf30adefe70568e60 CVE-2024-52295,0,0,d0001dc5d4883cc967b35edc2d0e6e1342c3b390df8efe063091a476dc7315fb,2024-11-13T19:35:16.587000 CVE-2024-52296,0,0,e6de64e2880a3b50a57d7a18eca2e2a99963ce11a96b5efab192b94d0fcdfe73,2024-11-13T17:01:58.603000 CVE-2024-52297,0,0,334767e2c7713d85cf0810fcad1669d303a717547f3174bfd36debed47bce140,2024-11-13T17:01:58.603000 -CVE-2024-52298,0,0,bc26bd9fed3397fbb53ea1d135ed39d550f4a2169fd384872fb17c554771bb47,2024-11-13T17:01:16.850000 -CVE-2024-52299,0,0,19193f3dccf40741b1edc7588b80b858a779dbe136802739b095c8b3aab93499,2024-11-13T17:01:16.850000 +CVE-2024-52298,0,1,79b5bb0a8f0535558ae36e6cf33cebba0d990221bcd6a3d36e81546c18a56017,2024-11-18T17:29:27.170000 +CVE-2024-52299,0,1,73a6e263fc309d7599de17c9ed4a43bc7fe9e6a259aa10d1cb811099a6f35e3d,2024-11-18T17:29:37.337000 CVE-2024-5230,0,0,f45c8274ba28e0dc58bed98870ed092580a9c18662584e7c3debbd7f7cd359f4,2024-06-04T19:21:02.540000 -CVE-2024-52300,0,0,38ddf228c7a00b8ac224c32cd570a94c7e894fa2d17e0e9f5c464fa3b1b143e3,2024-11-13T17:01:16.850000 +CVE-2024-52300,0,1,79b0d837d6ed018cc1d7f4872a1b8952ec440441022015378fe0f1720fe4ce32,2024-11-18T17:29:46.807000 CVE-2024-52301,0,0,091c40845cee35a6db54cae490564bdae10317d21b9b1b70a65b6fc3311911d8,2024-11-13T17:01:16.850000 CVE-2024-52302,0,0,07877ae667924fcd5dc6349e2bbc5755286c2a37cd731fe353996ab7a3354ec7,2024-11-15T13:58:08.913000 CVE-2024-52305,0,0,88b149b5f0a3a8070aa2ae381ffe02a88504a00370b84c79cfb2b490d2da2492,2024-11-13T19:15:08.853000 @@ -266347,9 +266358,9 @@ CVE-2024-52311,0,0,440cc6f6193f2a4b57d7c7c4a4f4b3f01242ca6df6bc89770050e09d3b499 CVE-2024-52312,0,0,e095caa38b1d55aa1661d9e6b591e2f5164609c3e5c2884b5f60aa22d851bdcc,2024-11-12T13:56:54.483000 CVE-2024-52313,0,0,d6c72d2fda8c652aceb546ca4dc43f0485da383ec6c61ed73ed8a61cc3116669,2024-11-12T13:56:54.483000 CVE-2024-52314,0,0,1573621277321f9a5e33b224990557625938794cd01d39551dd04996aff05f9d,2024-11-12T13:56:54.483000 -CVE-2024-52316,0,1,afee392ed72cddc2307bf4fae921b6bad2c7bfa4930281067657dd104f12c5a1,2024-11-18T15:35:14.030000 -CVE-2024-52317,0,1,0377673efaa56035730b0a32a5bd71d6e753c4e4b84ea5d4adac79ce699e8f32,2024-11-18T15:35:14.303000 -CVE-2024-52318,0,1,e1524eb6c03619bf183cecff9397d974c3c18b11df0f7680e3db522a43c9566a,2024-11-18T15:35:15.203000 +CVE-2024-52316,0,1,ff532393fbb3fe055624e3ec9b4317af0a9f5c80b8d099f274ce380979ad21b6,2024-11-18T17:11:17.393000 +CVE-2024-52317,0,1,8dd9cf0b2675d0151da3af6e2ac3dfaef7e6c1fd135283d8e3e44d96c5be783e,2024-11-18T17:11:17.393000 +CVE-2024-52318,0,1,2bba437e59239c6e36ab9227be3e173d0f3c7cc38d614e024ac840e507a6b100,2024-11-18T17:11:17.393000 CVE-2024-5232,0,0,8d68905f3b69b3dadb32694d2c73f30dc32ad3c794d56bacf5b1c8bfed3d3bb6,2024-06-04T19:21:02.890000 CVE-2024-5233,0,0,d230ff373762a089849cb791769c151d4d1eb1a364270894bffa0dbac945e679,2024-06-04T19:21:02.993000 CVE-2024-5234,0,0,14a09ab7485c5dff6a0e2d37ff7f584b26da4a8cf075e00d5ab541632ac32bbb,2024-06-04T19:21:03.100000 @@ -266382,48 +266393,48 @@ CVE-2024-52381,0,0,3fbc89030970c07d375e37c82ba59ce7607ae9e6c691ea1328542c68d514a CVE-2024-52382,0,0,c4bf60f4f3e3ee1d6c9140f8005c8310fb9af0b0c2e66dc8173a41341386c9ed,2024-11-15T13:58:08.913000 CVE-2024-52383,0,0,59cf4c36c8c34facc65aedf368b7db52af8e4801d0555a71f39486dfcb6217b9,2024-11-15T13:58:08.913000 CVE-2024-52384,0,0,12b6b4c606276d15fa1739f31b57b636d0ff7888825685c206f091a25d7ded7a,2024-11-15T13:58:08.913000 -CVE-2024-52386,0,0,a4949f520650dc602e00dd6ae57293a0b01dfd98395804c6e590eb752c9df0de,2024-11-16T22:15:03.793000 +CVE-2024-52386,0,1,0246ac13436e04f2d49165cfaeca73441dc3d86d3bb6dae102a5d1c7f2eb7efc,2024-11-18T17:11:17.393000 CVE-2024-5239,0,0,22096f8834a8c03dcb48be161c14c319f43af7764381bdfba5862a8d7ec5b0e4,2024-06-04T19:21:03.520000 CVE-2024-52393,0,0,544c9a3bd507c14f5bd824b3ace32c372ff7d621dec666c2268e7d1fbb090c75,2024-11-15T13:58:08.913000 CVE-2024-52396,0,0,ed7ce5f089112efbbf69e98091ae455f8a1a2931f642482b52d2f92fdebab2fc,2024-11-15T13:58:08.913000 -CVE-2024-52397,0,0,bbffc7413ab1ad895f595c25e29848241a2351f23e5a619fbf548d8614e7c588,2024-11-16T23:15:04.007000 -CVE-2024-52398,0,0,5f0aef54253ecac59e217943a038b494f7f30be57a91f758c626797e2740b5cd,2024-11-16T22:15:04.640000 -CVE-2024-52399,0,0,c62b65fab54f9c4bd00c27a53ff76b554bf7803cfc1e993c16c1abd632475401,2024-11-16T22:15:04.917000 +CVE-2024-52397,0,1,8289f838a7ece56dfbdce3ede94edaf11056e5ec1013ecf684e088b3c12d017a,2024-11-18T17:11:17.393000 +CVE-2024-52398,0,1,e5bdf8bd1e6e6ba29b95e6bd3948deedce03b788ce3b7c86fbe57b02a2d8110b,2024-11-18T17:11:17.393000 +CVE-2024-52399,0,1,07c7cf273d38fdbaf95ad790ac160d741defdb72f19d4c82c904f30f440acdc0,2024-11-18T17:11:17.393000 CVE-2024-5240,0,0,f498b44970022e280094b55bfe8352214cc561bf319f52e66772660c36836426,2024-06-04T19:21:03.623000 -CVE-2024-52400,0,0,af9610681f47f60899948efe23c427beb3d57a7ce75cbe913541bc561bf7a8fc,2024-11-16T22:15:05.157000 -CVE-2024-52403,0,0,eb2e1c96dd21a7f2b18f16bc442d57382b60d259f252f3b5d57ea93d59e3ecd6,2024-11-16T22:15:05.380000 -CVE-2024-52404,0,0,4929e0409687a719af474f90e2c6146e3d914ec7e7e740449b3352baba316bbd,2024-11-16T22:15:05.587000 -CVE-2024-52405,0,0,6d22237edd2f1e2b9a703db8a3b7711203ee1d268fe7fa139f8fea0721a33338,2024-11-16T22:15:05.800000 -CVE-2024-52406,0,0,cec79d0d6152ec17c4ee4c93fed2aaa3fb65ee879c33717a8e4d22e0ca17df00,2024-11-16T22:15:06.010000 -CVE-2024-52407,0,0,ad151cfbe8c7a28e8f97ebc3aaee59e5399c377ec4980a375226e4a501d1a674,2024-11-16T22:15:06.230000 -CVE-2024-52408,0,0,d72c4a3ab01456bb357e60fe829a1aa79b92ebc4168527571dc5874a7b314989,2024-11-16T22:15:06.453000 -CVE-2024-52409,0,0,ac8bbd363d30cf83f39d1600a8c022a4364c10a3a628ed6bdcee4c26c07a35bc,2024-11-16T22:15:06.653000 +CVE-2024-52400,0,1,44b0790e8e233d5851b26d34fd4519ebdf170be728fb130b9b94645b40759b20,2024-11-18T17:11:17.393000 +CVE-2024-52403,0,1,6aa15ef348a999b51ff4538558f3d975f3457a7b8bb81fab35d4412a585a766a,2024-11-18T17:11:17.393000 +CVE-2024-52404,0,1,48dc8a2f2e6059d5ac0938582d5d8d22444e4b63438da11dae47f3bbf5cb3c07,2024-11-18T17:11:17.393000 +CVE-2024-52405,0,1,9ddcc2485a4f0c1b83ac64cc1ee35952f00618fb76605d4c91b74c4c58aeeacb,2024-11-18T17:11:17.393000 +CVE-2024-52406,0,1,448d0ca88a540a46a44147239f4423529ac7f0c326769fa2ddfc47a10632082b,2024-11-18T17:11:17.393000 +CVE-2024-52407,0,1,329eb261cd0db6944875c54a4cc71486f00b8390597572fac2526e507efb5432,2024-11-18T17:11:17.393000 +CVE-2024-52408,0,1,3a812772a88283f39fb532e54f62f2a0f86d9dfede66df73774e723370830208,2024-11-18T17:11:17.393000 +CVE-2024-52409,0,1,dbd575f5c94dd7d6716af7d54ed504551f09a5c28aef42a3e695cebb0843243a,2024-11-18T17:11:17.393000 CVE-2024-5241,0,0,b91d4b722c041cbce6644b69dfde443a5ae4515bb0ecbdc8f8544e6b04a0143c,2024-06-04T19:21:03.750000 -CVE-2024-52410,0,0,85936c7377e88c8b7b89d7d6f4a2a135b39007d3df0bc74817d1b22c4f64c4df,2024-11-16T22:15:06.877000 -CVE-2024-52411,0,0,594ec8accc803ad33365ae78611565d08b647ee27f6a660ffe23b98ace0e580a,2024-11-16T22:15:07.080000 -CVE-2024-52412,0,0,36869bad726694e759d73232c5f82942f9e59f6caad0d0929ec0c19fd9bf402f,2024-11-16T22:15:07.293000 -CVE-2024-52413,0,0,286dd4e6bb24de0c4b40f057f096c109d9b5bd0dd8fc689e5adc9f157e5f4b80,2024-11-16T22:15:07.510000 -CVE-2024-52414,0,0,2bcdc8c63a6446678de8943f63498d036c15d2f5dd4cf11aba50cc66b943d6ed,2024-11-16T22:15:07.730000 -CVE-2024-52415,0,0,03b0ea7968dc87ac01fc179fdc8f6b5e46ad23cee96ec28b5a8ef2ebc2bcce5a,2024-11-16T22:15:07.943000 -CVE-2024-52416,0,0,b8b97acae55e30819b79a0d1c0ac036d1b23c0e6edb7f8a200566a3d73e8e616,2024-11-16T22:15:08.160000 -CVE-2024-52419,1,1,a387361fbcf9c9da0112760269654bb56d1fc80181927880461b0dc574064032,2024-11-18T16:15:25.687000 +CVE-2024-52410,0,1,cea9b639400ccf4283b888759e1d7302ecb1a495dbb9809786db7be8e5e9529e,2024-11-18T17:11:17.393000 +CVE-2024-52411,0,1,564470c08ea0878d4ea132fe729d723e964cf2cead739737a18b506db1ee66f7,2024-11-18T17:11:17.393000 +CVE-2024-52412,0,1,7e72bd3c3c538c71eb27cf8415f8de62e6237df1fbbb7c137eb46d9df3ec525c,2024-11-18T17:11:17.393000 +CVE-2024-52413,0,1,fac9199ea4170ccc8f576bbc85f03c5b7dfef42ed80a290ccb43cdfab59b719a,2024-11-18T17:11:17.393000 +CVE-2024-52414,0,1,d83961d6e3fb4a6d2045a6d90f9ccc8e729788c60efd5cc28d00fa9ca90664eb,2024-11-18T17:11:17.393000 +CVE-2024-52415,0,1,f21cef685cb9331554c3a9593db27e3c461879e2157c0326f8a0ec52f296f5a6,2024-11-18T17:11:17.393000 +CVE-2024-52416,0,1,772b2f7a98d658000abbec2309afddbd39b233f5dbc3890f465aff8777803c32,2024-11-18T17:11:17.393000 +CVE-2024-52419,0,1,8d25766b8f801288e25b1c5f7e7e137369f47069b467637905d78ebe9f32a227,2024-11-18T17:11:17.393000 CVE-2024-5242,0,0,8cd95bcd77d40a92ee0a6d389bf812b544cb6fb4b8301f7049b84de17fceaeef,2024-05-24T01:15:30.977000 -CVE-2024-52422,1,1,4e22735c92ff7524e78010b928c6bf1c8571f1ade44a5326d0f72d34e9c0b366,2024-11-18T16:15:25.933000 -CVE-2024-52423,1,1,4e063185f516630661b3e4efc4955f879c653348d7ed44c63bada8d22e51e325,2024-11-18T16:15:26.160000 -CVE-2024-52424,1,1,6ce1f214709076c70646fe89900b3f8876d0e00dcebb7f03ef3fa40a1f47f37f,2024-11-18T16:15:26.380000 -CVE-2024-52425,1,1,5b59c0a527f3795050b1c18ff414dbbc3993ba153a9f7eb661cc58e82f49a172,2024-11-18T16:15:26.600000 -CVE-2024-52426,1,1,5acae19ea2b1239e3dde49560c92b435d2d1789550640a4554376c1c3e1919fc,2024-11-18T16:15:26.830000 -CVE-2024-52427,1,1,e77db933d0f03759f523208a3205f2ddb670d11daab48575985218b450d42160,2024-11-18T15:15:06.657000 -CVE-2024-52428,1,1,344182c69f6aca35b6f26b187761740d9c00a28125c3802d89b41b8e3e1bf2fc,2024-11-18T15:15:06.923000 -CVE-2024-52429,1,1,8a243fae9a73cfc6290f3fba82d76f3a1f436cc0ea34b96fe3147158825eff53,2024-11-18T15:15:07.277000 +CVE-2024-52422,0,1,2338bf2241d55f21a0c12dd5371bf65c250271e7243d67a0c51ed3280ad36d5e,2024-11-18T17:11:17.393000 +CVE-2024-52423,0,1,e0267840452833f2602fa1538625cfaf00251d143bc98b03d0ffc2dfae044e02,2024-11-18T17:11:17.393000 +CVE-2024-52424,0,1,8f1a40ffb810b1929a5badb494d0d5ab038ffbe605791144ff2da2a70673d505,2024-11-18T17:11:17.393000 +CVE-2024-52425,0,1,1e8d79e08f50b586b95f6ee20208415f780a72b35c6f1c2b04c8a6f0c29628c5,2024-11-18T17:11:17.393000 +CVE-2024-52426,0,1,bc937c236b052035f692c226bb49fe12719017b192fbfd2e7dc10c7b11ca4bf2,2024-11-18T17:11:17.393000 +CVE-2024-52427,0,1,866e4edd9e1fba728e7340c7a93fd27c5bf44b0d9d2e1cbdabf851459b72f4a8,2024-11-18T17:11:17.393000 +CVE-2024-52428,0,1,4633554ebde5e68989b49a82bd94448b35796df1b77fa9a1ec75af4b6d67f998,2024-11-18T17:11:17.393000 +CVE-2024-52429,0,1,c582d392044ddc28766e57e153fc30c77d12461c131aceb4b6a2f035e5669085,2024-11-18T17:11:17.393000 CVE-2024-5243,0,0,a611ca30664e8a20900f5d6960dcfa388a8eac21aa2051106052824f1ce073bc,2024-05-24T01:15:30.977000 -CVE-2024-52430,1,1,78ec55ced63647f778859c218cfc1d5dab8b0b06423891ea21d80ac83290f9ca,2024-11-18T15:15:07.490000 -CVE-2024-52431,1,1,b15bda962599c504c4e2f02581e9cfbef22129263a7c03491bc7f8cde3255404,2024-11-18T15:15:07.707000 -CVE-2024-52432,1,1,0249017616e7cfe18ebc96e7507e9d44c0a29516dd4d45258ed9da8baba046ce,2024-11-18T15:15:07.923000 -CVE-2024-52433,1,1,155be188230db241ef31b51d0705393570d9d4014af0a9f7221c85d43105d619,2024-11-18T15:15:08.130000 -CVE-2024-52434,1,1,7118749fc90354cdd8e7eceb6d15ca349e45d3be79bce663ec2683fb860274db,2024-11-18T15:15:08.340000 -CVE-2024-52435,1,1,f8af4aece0b73aa204b7ebc025df31e708b37f9a2c07a5a7851018b7259d5df5,2024-11-18T15:15:08.543000 -CVE-2024-52436,1,1,e9dd6f384529b185a55c03a76ed19828a5cb2bf322160c659a6134b040a045ab,2024-11-18T15:15:08.773000 +CVE-2024-52430,0,1,d8ac1411f09a7db08599ac28af3199cc88eeccfe7b2eb72749425165fd949e97,2024-11-18T17:11:17.393000 +CVE-2024-52431,0,1,a8b1c216518090295c16f6462e730a19a7eb7cc2b55241f5293baf693cf5fd46,2024-11-18T17:11:17.393000 +CVE-2024-52432,0,1,8accf8cf1c3e268bce2d329e4bce8ce918c2f1aed5f250cdffb182fe7163b03d,2024-11-18T17:11:17.393000 +CVE-2024-52433,0,1,7af8352b850dc6bbe5e7c25336ff4f6146705481d29b93e916a52482d7bff085,2024-11-18T17:11:17.393000 +CVE-2024-52434,0,1,4c32114cc1ffe7fa4eb0add4d2567f663664a8d84321168452bc394f84e5e4d1,2024-11-18T17:11:17.393000 +CVE-2024-52435,0,1,1f9ab96c0d2886426dd4cb517eb16222ad8517fb43cb5d699370815204faf867,2024-11-18T17:11:17.393000 +CVE-2024-52436,0,1,371b1a4e00d4cd9b234014c0116bb9bfcf6e0ca82600c4ebf1e4512134bffa8b,2024-11-18T17:11:17.393000 CVE-2024-5244,0,0,3de36675ae2f0b5e30ad70179a948c0cef684a516575b6f4510d379552ecc6bb,2024-05-24T01:15:30.977000 CVE-2024-5245,0,0,8367cc316d7fd622697ed020483e2edc6264aea8aa776978b7228518baa31702,2024-05-24T01:15:30.977000 CVE-2024-5246,0,0,481ebf23b779dd3e32e9e0cda77aaee7d0bfc9eca82266cde6c77415f4c9c730,2024-07-03T02:08:44.767000 @@ -266432,29 +266443,29 @@ CVE-2024-5248,0,0,6cfa5cec6de457c13d7096887dc7c2d8bd99f0e898238886822e69d1ee6603 CVE-2024-5249,0,0,7881e207dd06fe76500d559735f87b1084a494789351514ee988debe74e79673,2024-10-01T14:26:17.410000 CVE-2024-5250,0,0,b4b370273f1fe30d94b715ad219dda570a7dcb84192abd50c3cb746299bdbb93,2024-10-01T14:33:47.727000 CVE-2024-52505,0,0,7c58f328eee3b40bfcef13b278250e7509b58c18af26b7fe642ca2ce116c61a9,2024-11-15T13:58:08.913000 -CVE-2024-52507,0,0,125f6e76ead970265ccbf72b03c073e885a41a8afed378315ad0eb723198acc7,2024-11-15T18:15:28.847000 -CVE-2024-52508,0,0,d6130dd73205c2d46831c1d437b1c635c8d9ad98fc719be06f29835d91ebc3b6,2024-11-15T18:15:29.060000 -CVE-2024-52509,0,0,a363fa464af35ac67493cdafcaded0d43fc1d98dbc897995ce1110859374e370,2024-11-15T18:15:29.280000 +CVE-2024-52507,0,1,18377407544f5a86346c3ba14b439e11d26f6fdcec177783785d2e2abbc40b48,2024-11-18T17:11:56.587000 +CVE-2024-52508,0,1,fa3075ebe1eb0237a457fbaec2942230ebf45f577a1b7c74400d5371749c8a2d,2024-11-18T17:11:56.587000 +CVE-2024-52509,0,1,70a256c5b98dc4a98287533c2f4556bc0a54b2011fdde26406b866d5725d4987,2024-11-18T17:11:56.587000 CVE-2024-5251,0,0,7d84d2df7bf6674f7d634954defb2f38b0363c19ae19f78012df0aa633abf27a,2024-07-19T15:25:30.980000 -CVE-2024-52510,0,0,cc7d1ba4832e566babce4719fad7f982f1af06b53a3701790303c04d7ff7f69b,2024-11-15T18:15:29.497000 -CVE-2024-52511,0,0,15a6ba2d4b341b2d290edee9136ece82582e18ea391c5106374d99a2c4c8a40c,2024-11-15T18:15:29.717000 -CVE-2024-52512,0,0,6a63c39bd17573ecb0c00b9d4a77014e067a4b6f563641db935489603a22e52f,2024-11-15T18:15:29.933000 -CVE-2024-52513,0,0,b77daa0a56ac4001634f9d8555d15be1089bfb834ae881cb5e9a31ddd82f2bc7,2024-11-15T18:15:30.157000 -CVE-2024-52514,0,0,8473a595428b93d2147902d8b67b70903474e0a95b272cccc2ccd88e17eddb8d,2024-11-15T18:15:30.370000 -CVE-2024-52515,0,0,01803eef0486d96e7b73173ce83da53fc736e13641607b187afa0d24eefa62ff,2024-11-15T17:15:20.837000 -CVE-2024-52516,0,0,75e66465effc3863e439bb3f53f56098ce6985454a646030523f9b1919e4994d,2024-11-15T17:15:21.070000 -CVE-2024-52517,0,0,ef287e5e3c0bc63233aaef19833d59a0a3b70f6f88c5fd6f9dbbdce130c37eff,2024-11-15T17:15:21.297000 -CVE-2024-52518,0,0,6ebb5f9b29d8be57def26bafc7d4c9a9037ed95795b8a27881e57a224525b49e,2024-11-15T17:15:21.543000 -CVE-2024-52519,0,0,ef167401ae9fc01ccb1f13f70e64122366cb19a9418bcd255bc301ab8d4f7f92,2024-11-15T17:15:21.843000 +CVE-2024-52510,0,1,5e01986d36a9be4a07f3b277f3d34dd7d40f596a818119867fe7f7086c81831b,2024-11-18T17:11:56.587000 +CVE-2024-52511,0,1,e56cff186d489e213d8bf102cfb069eeb55ba53cda63d15efd9f789fca60f820,2024-11-18T17:11:56.587000 +CVE-2024-52512,0,1,ceedad47524acad73509175278361364288f0fe59df91625dc8f3fa4b8049f77,2024-11-18T17:11:56.587000 +CVE-2024-52513,0,1,bf70a46697da250203520de2692f0046889a931311ebb41bb7b075918988d7a2,2024-11-18T17:11:56.587000 +CVE-2024-52514,0,1,f3a5e1b12a6a268b055d961b1334fc870cab8debb59557996cd3e55876748ff7,2024-11-18T17:11:56.587000 +CVE-2024-52515,0,1,02e931edbefe04cbc5d47945f0e38b6dae304af7b0ba99ac41158dc6910e47fe,2024-11-18T17:11:56.587000 +CVE-2024-52516,0,1,39496fea571366c0b83c5743b4e9e68824366d56af20409ef93586a7393b88db,2024-11-18T17:11:56.587000 +CVE-2024-52517,0,1,79ef5f06c71e7883320bf8e8f397d7dd42d47b153375e8d876e20563bda90031,2024-11-18T17:11:56.587000 +CVE-2024-52518,0,1,3cd8ebfd068f07a3ffb7f6fe9cfda49e36fc30a5a0047b20f9c38ec934ce5f9e,2024-11-18T17:11:56.587000 +CVE-2024-52519,0,1,f16f12f279c584a406a6c8d78a09019f1a016b4f4eb220404cbf9f1f42747115,2024-11-18T17:11:56.587000 CVE-2024-5252,0,0,1b28d536afc88eae5088fe06ff49428bbad5ffcb2aa7139fe40c4c06d2601422,2024-07-19T15:29:35.447000 -CVE-2024-52520,0,0,4de7d2e7a45bd842065c15f5be2bd96578b919552715d69160c2096043d8c3e4,2024-11-15T17:35:16.007000 -CVE-2024-52521,0,0,faa46aebbec3a6f9761c605df33640c3789d02a577af493da0314de121761d4d,2024-11-15T17:15:22.580000 -CVE-2024-52522,0,0,95d6ce09113e93a246b361619724cd6885ae3117169da02763d180ee43e73efa,2024-11-15T19:35:18.670000 -CVE-2024-52523,0,0,c73b3a3e311904286520f4e28b5eb14cf21a74cb1348dc035fd6fd39108922b4,2024-11-15T17:35:16.820000 +CVE-2024-52520,0,1,315aa5d55f9f5fb35974c905bb6cd97a37625e3806871a5a3c7237b469ea29fc,2024-11-18T17:11:56.587000 +CVE-2024-52521,0,1,13d2fefbcbfef19ed8f1ced8e2a529a7fff52172729e11154732fa22c3bd8559,2024-11-18T17:11:56.587000 +CVE-2024-52522,0,1,edf7004ccd6336646bd62897c72f173949a7bccd13754c42d91ebe1cf42916e7,2024-11-18T17:11:56.587000 +CVE-2024-52523,0,1,b39a07e2092398c505e1cd9be8c756d4bf2594c64c511dd2bd5163c1956a2cb0,2024-11-18T17:11:56.587000 CVE-2024-52524,0,0,71485345519193ae9ba542ea67056853a738d2240eb01cec0b89113cc24468ca,2024-11-15T13:58:08.913000 -CVE-2024-52525,0,0,ec8e0a0bf9b687aeae95450e5373687e7d3db6b39b44f52647e90ceeb50d4278,2024-11-15T17:15:23.150000 -CVE-2024-52526,0,0,db92b0ba845b721050dc5d75b07751c56b5840b3faec607c877ff07aee8d97f7,2024-11-15T16:15:38.107000 -CVE-2024-52528,0,0,7c0284429d075ac8663d2766c53f75a5ea01338874404bdf68a356726c7ad40f,2024-11-15T17:15:23.400000 +CVE-2024-52525,0,1,87d8daa94d9c7b3468acdf4310326eea5f93ca728ee9d3040ae0a2505b89ffac,2024-11-18T17:11:56.587000 +CVE-2024-52526,0,1,ba0ff75a3b36626b2771509f60c7f01aa4dce06b627b1d265467a40470309dff,2024-11-18T17:11:56.587000 +CVE-2024-52528,0,1,357b5377315c119aee7d7f03933ac3191b35ccfd203197b2c4dbf611d4131383,2024-11-18T17:11:56.587000 CVE-2024-5253,0,0,73f9562f224a9a11b8b8279a7bf00d920003fa046cb7c88a3a55caf281adabe4,2024-07-19T15:30:34.717000 CVE-2024-52530,0,0,9accb3b51708da4056e1b2d60bf748a8c8f27363e68e7120159317514b4fed53,2024-11-12T19:35:14.927000 CVE-2024-52531,0,0,4a9a627b31c610f608576c39893b61b41c0efeb9f9d97b523937261d20004d52,2024-11-12T19:35:15.807000 @@ -266468,19 +266479,19 @@ CVE-2024-52551,0,0,a55fcfda0c856a7c2e6739ceee574cb85a24fabb6c3ff844edb014b969fe9 CVE-2024-52552,0,0,2f96ac448bf9b00ee8139fe2b1f83755e1d5e7ee62e44cc3e0f2925f12d3f6ce,2024-11-15T14:00:09.720000 CVE-2024-52553,0,0,11348c28b862f60d8b3c8dc11ab0fb5f1e53e1358b82b1f8a97199c0de1f5907,2024-11-15T14:00:09.720000 CVE-2024-52554,0,0,6589eaee43c4794afc2869f1e1fb69f264d40d3a38b215d2e67a517b5a3abbef,2024-11-15T13:58:08.913000 -CVE-2024-52555,0,0,5bd2a197b9b62d1570e8e4e5ac858dca21aea78d7b7b9d312bc19de044b868c9,2024-11-15T16:15:38.340000 +CVE-2024-52555,0,1,c97d8ff69d857d692c46704b7ff49ed428a5a26328d189c8729b526799d5895f,2024-11-18T17:11:56.587000 CVE-2024-5256,0,0,c0c79be075ef53b66bd4c726b840e366d70c6f0c56013178c0440e2e2bf91c1e,2024-09-24T18:41:40.007000 -CVE-2024-52565,1,1,859abd0bdf8233cad1c1d83599906a8645b1b858477b59b1e1f34a38b4407b8e,2024-11-18T16:15:27.020000 -CVE-2024-52566,1,1,65ea9eb0ea203428a60a6d1ceb8ae113bb3a66e48c842e7c297ae793520fc822,2024-11-18T16:15:27.287000 -CVE-2024-52567,1,1,71206ca9b022e1a325115677980c79d7ac7040aa42eedfb8a3eb333f68f2fdf2,2024-11-18T16:15:27.537000 -CVE-2024-52568,1,1,9f5e0ce652b55e6de0708a9f9cab1297501f810761acb225a16d8d9369d59bb1,2024-11-18T16:15:27.773000 -CVE-2024-52569,1,1,3c91a3c112c73a43b533451fa9b7931016fb98e63fc148705ac45fdbf7ee2716,2024-11-18T16:15:28.063000 +CVE-2024-52565,0,1,b8ddc414603ab1b65edee888c801830a5e19005ef67a36e46ef7dc6bf1cb03e1,2024-11-18T17:11:17.393000 +CVE-2024-52566,0,1,4c13e09f11387ccf8204db5c6e2f2b0b9d003220b5d6cdffabf419e9af11b119,2024-11-18T17:11:17.393000 +CVE-2024-52567,0,1,7883c82724df84f093775c49944ad85eb5bbd4258b9fb33951822f94c96ef518,2024-11-18T17:11:17.393000 +CVE-2024-52568,0,1,6260cbd1933620aec5cd1dee5797dfd7f6edc01e0eca5718b09efb9115a73a0f,2024-11-18T17:11:17.393000 +CVE-2024-52569,0,1,e7e8237ba9de48172fb8671bb46c84de374aea7b7d0d05db890f1a0152fc2615,2024-11-18T17:11:17.393000 CVE-2024-5257,0,0,e4fba0a5c9dc635ae9582dcee356a08c90165a6e8c8a0a01b6dfbef5e885cd24,2024-07-12T16:54:34.517000 -CVE-2024-52570,1,1,33e194e02359bfc027fdf690607f5b74ae498873e57aacfb6d947988a091a110,2024-11-18T16:15:28.300000 -CVE-2024-52571,1,1,3ad373a9bd484157ecb835cd80f01e58066c7217e4a83e5a1600817a69b0f1b1,2024-11-18T16:15:28.533000 -CVE-2024-52572,1,1,7584cdefdc20f71f5ae0d7d38fda05e62662881d7ba14cb78c757091b3ed09b8,2024-11-18T16:15:28.767000 -CVE-2024-52573,1,1,94c3b1c76f49770abd095eece0ecc02a7f1dba517c7026c03046e4bc22d9d693,2024-11-18T16:15:29.110000 -CVE-2024-52574,1,1,4b23fe4c59c7ea3b5f5f38efc3799c5b843064b1848919d0ce406c92f35b578d,2024-11-18T16:15:29.400000 +CVE-2024-52570,0,1,dbef6001e10b52ffe3b74f97547d009fa042e896dc36ce77b58cdd068ec9584f,2024-11-18T17:11:17.393000 +CVE-2024-52571,0,1,dc54a6ca892fbf2447eec49bac5f3db2ae9d3b0e04f28a30f186a2e020da0d94,2024-11-18T17:11:17.393000 +CVE-2024-52572,0,1,ebb7d32af991ea946ce7b08397e09643d24f4d57c60b8d5741c60f1a71b90137,2024-11-18T17:11:17.393000 +CVE-2024-52573,0,1,cce17e8c7eac72f4f0bd4de019ed716652f5c5bc2155e2ccd9cbdc8c71188bd0,2024-11-18T17:11:17.393000 +CVE-2024-52574,0,1,f9f905d7d81dd0480b5a16770f5f6f4db17a72ca814858644fca40063e1c8a42,2024-11-18T17:11:17.393000 CVE-2024-5258,0,0,51134eb56f05332c584317818ff995de56b2de598a9752cb1990f31f73c535e3,2024-05-24T01:15:30.977000 CVE-2024-5259,0,0,b3c664cd11ddb9db1b34b50011b18499fc5ac06e8b6b6a588e8cf7d8bc26fc37,2024-06-11T17:44:42.783000 CVE-2024-5260,0,0,1ea9956e2812efb1ad02a50e6e15b3c5419e86ea96923b6afc83449c65511582,2024-07-02T12:09:16.907000 @@ -266511,38 +266522,38 @@ CVE-2024-5283,0,0,b38d3b6d84c245f47c02c6b1221c64126cc1590c1b6b303a3d39721ab1dfca CVE-2024-5284,0,0,a632d154686ad4201398091156d5b5851cc181b1b36b426c7e50520edad6a7e5,2024-08-01T13:59:43.927000 CVE-2024-5285,0,0,f5fe057b3eff57d7472395b5cf3577db89e74c15c7e806cbb99af18bbf9a648f,2024-08-01T13:59:44.103000 CVE-2024-5286,0,0,e962fadcb8b0d0d0a4155e18c685e9afa8633703c8403a48cdc3bee697298672,2024-08-01T13:59:44.950000 -CVE-2024-52867,0,0,46907a1243872463172cd86185858507407fc754b16f3742c816c529d86cc416,2024-11-17T03:15:04.003000 +CVE-2024-52867,0,1,0b0882acd5de52cdfd31646d879cc4d64802f76ec8f0a66bcd2a8d5bda665151,2024-11-18T17:11:17.393000 CVE-2024-5287,0,0,13c5ee44df7955897b1f2b3c68a920faa26439fbe1c9c489df67cb947fa427e4,2024-08-01T13:59:45.123000 -CVE-2024-52871,0,0,1910ab17db2061018c381c7526f17daf85fcdb812f81d4b94584f73e6b7b08df,2024-11-17T04:15:03.973000 -CVE-2024-52872,0,0,c2383408e4a6799080aae9df014676ca7d0533dda7b29f5e70e342a606581850,2024-11-17T04:15:04.047000 -CVE-2024-52876,0,0,145c7923f19bec6cacf4c34e4d20a60afb40790718da05ab7738ffc3a2161dec,2024-11-17T05:15:04.760000 +CVE-2024-52871,0,1,fbb45245ca19e2c77e29db135af4fe37412081323f711d5753aa0acf28d33d5d,2024-11-18T18:35:09.027000 +CVE-2024-52872,0,1,d563b0c61f4165e3ef70090846ba3ce24408d217ad938562d8cab8356c89722b,2024-11-18T18:35:09.270000 +CVE-2024-52876,0,1,7c6ec751a0e2ff2c9a216378f9e203f372b2323e8dabe21de99c1bf5b728feea,2024-11-18T17:35:08.900000 CVE-2024-5288,0,0,099c1d3c2643003d52a5f473484a6d38731263e3329a5baa027f91acf149389c,2024-08-28T12:57:39.090000 CVE-2024-5289,0,0,a02da373ddf627c39a88f09ba37230dcf191b29c84a32613f97fcb834cd9c524,2024-06-28T13:13:36.980000 CVE-2024-5290,0,0,35d091933943d3d7227642594800fb6801417d7c5ce37502d2fb6d1c6a076c33,2024-09-17T13:09:13.683000 CVE-2024-5291,0,0,a73212295ca40d57df3fe276c935be7cf4995dc49a26ea7361780508749e211f,2024-05-24T01:15:30.977000 -CVE-2024-52912,0,1,7731ffe6049ba2887e7e3409e2cd49b9e454ae3bea3564fc5bad08ae5d1110dc,2024-11-18T16:35:14.273000 -CVE-2024-52913,0,1,206151d8b5b23f45caf2d0a6c40b9cf1e610ceea76edf868a48f3415c1d7c9a7,2024-11-18T16:35:15.113000 -CVE-2024-52914,0,1,3059e99d9ace138ddec5fe0b60f62fc8bbbc39ca7d1a392356f2e5cfcce9f9d1,2024-11-18T16:35:16.680000 -CVE-2024-52915,0,1,0eaf979c3fff4ad6b5f04a96a5105014cb9539b5c00632c2dd87e9dfb162b045,2024-11-18T16:35:17.807000 -CVE-2024-52916,0,1,58dc8e4891219ffd028df95777970872c88d93d26a7447ba60f4ac76e73e4929,2024-11-18T16:35:18.907000 -CVE-2024-52917,0,1,47fda922d19bb2c9472a7783a82fd99e7130fb820aa9b8f40029a5f6c0ba5197,2024-11-18T16:35:19.943000 -CVE-2024-52918,0,1,569925c852de5b6887cebb28542887bc891949af27000f6d1ca9cc6e464fb774,2024-11-18T16:35:20.793000 -CVE-2024-52919,0,1,dd412698e55d29f3e606c31914db0628a4c9a9e1ccaadd4865c4ff9c35214a02,2024-11-18T16:35:21.600000 +CVE-2024-52912,0,1,5c904759d21c0bebbe56a3d260bff08c51b4dbb222dee8ea41f65b8298c8b381,2024-11-18T17:11:17.393000 +CVE-2024-52913,0,1,b38dd189a4362f700f11dfae809bbc1dc0bfb959b30b5b0babb64be6746ff842,2024-11-18T17:11:17.393000 +CVE-2024-52914,0,1,223d72f5319b7855921863d1a9516a987a334ab13fa978ca90cf868903a1d0c8,2024-11-18T17:11:17.393000 +CVE-2024-52915,0,1,611d9ff353e15d690002dcff2737e41cfa8b90c89ba0f973ff5071784bcffe63,2024-11-18T17:11:17.393000 +CVE-2024-52916,0,1,5eb3c6ec7df09479bfc69c1b32ad83e00a80974109fb71fdc4a12b132ca74a23,2024-11-18T17:11:17.393000 +CVE-2024-52917,0,1,8cd94f18aeac869a9ac94312209262bb8ad694714c988e29f471749c7eea35ad,2024-11-18T17:11:17.393000 +CVE-2024-52918,0,1,901163b028a918ccc7d6897f4455f1c1b20ec37d734ab8c4f8965cb8d2e17158,2024-11-18T17:11:17.393000 +CVE-2024-52919,0,1,b17b6c7dbfe89e9fffb9c30d7d3ba0e69276ae5d82feca85b8c7ca235f087fc6,2024-11-18T17:11:17.393000 CVE-2024-5292,0,0,46d8600092b67d78419e8396a0475f44ad2d697d614c735fcdb066f1cf0c44cc,2024-05-24T01:15:30.977000 -CVE-2024-52920,0,1,a365c9979aca21dad6b6fa7b7fa870ad020322d0d18562fea5341ae97f5e284c,2024-11-18T16:35:22.413000 -CVE-2024-52921,0,1,1610e1abbcc126dc8407817cb9b2ae6042d92c935d9de599bf9be503f888f5e0,2024-11-18T16:35:23.227000 -CVE-2024-52922,0,0,41064221b415d208b3430f5d1dea9756de777280fa574c29151d5624fd8d3f24,2024-11-18T04:15:05.083000 -CVE-2024-52926,0,0,85aa8f8bcf430bff337ab36716ca6d5e43ae2b3bc9930c2ea3ecc1651d8bcbe9,2024-11-18T04:15:05.140000 +CVE-2024-52920,0,1,ee14154c72a3d6d47a63ce45b4b529c1aab3c19b7c4f30c509ebcf3153abac53,2024-11-18T17:11:17.393000 +CVE-2024-52921,0,1,fb172a3b88cd4a244ee03fd6e1fb44f28f784f55578e4a6db1062ac034e884aa,2024-11-18T17:11:17.393000 +CVE-2024-52922,0,1,e8b97ff829616b8c32435ef63ab0f6f4fe9b8ef1e20fd1147c5f1c8a82df7d68,2024-11-18T17:35:09.720000 +CVE-2024-52926,0,1,0a84a3c61a71dea10d393106bc6d283d3391408a983f20ded2723a7ea6448c64,2024-11-18T17:35:09.930000 CVE-2024-5293,0,0,a0cc00d9353625760ac0d77b1ffd0d6d05d987e18d154ce46567c1580d6373f0,2024-05-24T01:15:30.977000 CVE-2024-5294,0,0,717ff7ad64d7503e40c366bff13431a98da71a0fd2586ca956ddf2437b8cbb81,2024-05-24T01:15:30.977000 -CVE-2024-52940,0,1,e7d4aa384f7b67190c5024f269617660e85aa41c42486a6e8a7e79a4d9811d64,2024-11-18T16:35:24.040000 -CVE-2024-52941,0,1,1f1d1d2646db7f9e6fbe32ec16f2e067ebbc1d84f8376bb2f33434e25429fb4a,2024-11-18T16:35:24.863000 -CVE-2024-52942,0,1,8eb255b55d7968c56ee645ead487e1034db2abd44ca31f35c2f7679598a36c39,2024-11-18T16:35:25.583000 -CVE-2024-52943,0,1,36e74df3ee9de86580c86ebea278393f7fc04a832a3b340a032ca59125ee68a4,2024-11-18T16:35:26.300000 -CVE-2024-52944,0,0,1d9415c3df1effaf2fdd768ecef7969eb9d7287485995e406bc8593dede48522,2024-11-18T06:15:06.017000 -CVE-2024-52945,0,0,e54042d64c703df9e8ef816c66f3cff2051889def833fc918055f834dff7d703,2024-11-18T06:15:06.250000 -CVE-2024-52946,0,0,92efe9cbd4f19ea913955a20e2df0ccae22f1fbb17a5e4b04f9c5102bfcb8f14,2024-11-18T06:15:06.460000 -CVE-2024-52947,0,0,3bd8f19a79d240e4f25235fb45fb41049f946a153f7d95e5b110d65d1353d027,2024-11-18T06:15:06.530000 +CVE-2024-52940,0,1,4899ba7a4b0253bf6736cdb115d3b83a6d38ef8f644ea7c3b0ceff9826e8352a,2024-11-18T17:11:17.393000 +CVE-2024-52941,0,1,994a90a347299304b8eae5625a81e79879ba1642baaa7bb0fd2515230fec7b46,2024-11-18T17:11:17.393000 +CVE-2024-52942,0,1,2d71991d3f620c8d414abd7959e93219f8ba421f1204035494c4ef43cfc04a08,2024-11-18T17:11:17.393000 +CVE-2024-52943,0,1,1b61c110823c3190af49de4fecc893fde6501d47c2afacf8e23cc10dc5b35773,2024-11-18T17:11:17.393000 +CVE-2024-52944,0,1,ef607cc6d31e32417624ea6ea83186d7e60f5493f4efdfbaafbb44b80ae9aabe,2024-11-18T17:11:17.393000 +CVE-2024-52945,0,1,245fda9a6f281ef2fc6d1964888db2508fd69b063898a2bbffc6d6c19d7ff415,2024-11-18T17:11:17.393000 +CVE-2024-52946,0,1,ef4806982226269ca873cfccc34dff633254ace5ad4fa6e29d31cbf5dd0c16de,2024-11-18T17:11:17.393000 +CVE-2024-52947,0,1,032f06f1ece995cd81c8fde69d4726dfc9340376c69a3aad6534cd5f5b5e3ade,2024-11-18T18:35:09.517000 CVE-2024-5295,0,0,a4e592514ef2498b5a4a173dae0a6cbcfb9c607b7fa3ff86ebe7c3784f138898,2024-05-24T01:15:30.977000 CVE-2024-5296,0,0,9bd527352a89f2b4ccfc677e3fc5feb9bb09c1923dac2d4ba397c3469bcfc648,2024-05-24T01:15:30.977000 CVE-2024-5297,0,0,d1218091e3a48aa0835b7de76e914f2fa4d051775431f4beee97941e4c178297,2024-05-24T01:15:30.977000 @@ -267717,7 +267728,7 @@ CVE-2024-6624,0,0,d641d0598d5f0d62f69b2f0bb30153f1263b9aa17a64dd7567b42517a1bc60 CVE-2024-6625,0,0,b913737eefce9f28c47dc537f0edd398b1eeb297cd2eb30c69b59c3401317130,2024-07-12T12:49:07.030000 CVE-2024-6626,0,0,0aad6575ac388ffb4fc597a896fd9e2f959aaec10cb9c60d6751965e4f481ec4,2024-11-08T21:18:44.400000 CVE-2024-6627,0,0,c1ab91b855386d03fb23ec47d7ea95469618609ded94a66bedffee95371608e8,2024-07-29T14:12:08.783000 -CVE-2024-6628,0,0,f606c526afc7613393d804aa05c32189aa404a054de0944b1139fab92d0ad121,2024-11-16T04:15:06.370000 +CVE-2024-6628,0,1,6a1573b1985afb1028f4c5bf6d26878e16fd2726fa0842cd8b8a231ede05c9a6,2024-11-18T17:11:17.393000 CVE-2024-6629,0,0,e7fb6a99ed3ad0ead40ca75ee8e19034c6248a18a082e5cb8e8eaa0368a38b0a,2024-08-14T19:26:41.113000 CVE-2024-6630,0,0,7742b604143993a9d769b9ab9c3e5aab85337a51e6772bb186961af80d29fee2,2024-07-10T18:15:05.407000 CVE-2024-6631,0,0,23865a140ea4b1fc0e84cd9f0a6b3f2be375747feadc91408ac623a83a25cf01,2024-09-12T20:39:22.493000 @@ -268246,7 +268257,7 @@ CVE-2024-7291,0,0,298cd3a818c66e9bf797d2d090f42649293656283b8daab213f19385b28931 CVE-2024-7292,0,0,c6586574d98723bfce9aab0ffb40a50c370ca310a8ecc5a7b60264326c1df59b,2024-10-15T14:50:16.800000 CVE-2024-7293,0,0,e3ddc51bf5c7a1090ebf7697ea2720e97cf5f8207cd9cda56863cc600f8dd924,2024-10-15T14:51:15.487000 CVE-2024-7294,0,0,ec28702a0e9b4b566c7b9b572f59dec918495878d4f805ed6b5c7868b0908e22,2024-10-15T14:51:43.663000 -CVE-2024-7295,0,0,28a39254f90e3a5c0867fdb7c463f9c3b3004b2e4177552ff706a5b9f4204e10,2024-11-13T17:01:16.850000 +CVE-2024-7295,0,1,1868ebd5702dd0a1f773eae609a01cb068b98d4431f4f4a91ca1627490b9763c,2024-11-18T17:41:49.787000 CVE-2024-7297,0,0,cb4ca8684118dc46d1f9724d628f899c3458badae695854f058e1eba8efe7ce6,2024-07-31T12:57:02.300000 CVE-2024-7299,0,0,18b86413af481c73d022a0c4ed8ac3628863652a0dcfb13bf199bbb5e4db4366,2024-07-31T16:15:05.217000 CVE-2024-7300,0,0,ec5bc420e71b7c17438e33b04329f442535c8be80d5b4025cfe5a0c36aea8bb7,2024-08-19T14:15:23.360000 @@ -268878,7 +268889,7 @@ CVE-2024-8045,0,0,4f33bec2129e516f0590350db62def0ffeb2e64cb03de1e46d8b3d52953002 CVE-2024-8046,0,0,b737fce0801d82db74076beb4b2a2085f8323b47e71780060f37f6f5c3050f1a,2024-08-27T13:01:37.913000 CVE-2024-8047,0,0,b09ff33da28d13c746e9dd8622cb16da9ea9a8911cc13c3fef8877b81efca550,2024-09-27T21:25:08.523000 CVE-2024-8048,0,0,4c0a6b693b29ae89ab3279e89f5b6eea8d85c44e953e0e26d6d401732564a9f3,2024-10-15T14:56:24.687000 -CVE-2024-8049,0,0,ab8f8e4cbee786653eed27b85332fbd4b740006b649648be14ea61bb177f0e55,2024-11-13T17:01:16.850000 +CVE-2024-8049,0,1,1105fccdd77ea1ab840197cffd9c3d78cc50464d23c5280f55303c9121131d47,2024-11-18T17:46:38.177000 CVE-2024-8051,0,0,b71bf2ca4f8ce5e1c295954092599db477d1b1f3bcba16081ac3f611e48934c5,2024-09-27T18:19:41.863000 CVE-2024-8052,0,0,d36ff2157e56024767ea82c9c1b8c76ab39601d237dbfd50c7fb1e6eeba7daeb,2024-09-27T16:55:57.383000 CVE-2024-8054,0,0,f7372d07d80e2782b99a1ec78381d10ed3eddb2361d69efd0f5544951feb686d,2024-09-27T21:29:57.607000 @@ -269430,7 +269441,7 @@ CVE-2024-8777,0,0,abf6497bbb9ed542a83ea295cf446b5b0a64e2a3685378272b7c6e8d7a6d84 CVE-2024-8778,0,0,04f76622204759cf035b6cf776488dd4e0117dc8a28cbc6a6f40333ff951b555,2024-09-20T14:23:37.697000 CVE-2024-8779,0,0,265c21235e2afe2292182db580bb12dd49935199c0a514bb7965dfbc0ef67e6b,2024-09-17T11:27:50.290000 CVE-2024-8780,0,0,390f3cd9aeaa4212ebd65fe7e603fc1df2783bc2afd801c860ac757dc6f09931,2024-09-20T14:35:20.250000 -CVE-2024-8781,0,0,2c654bf661c293c959d06e86cc607a3c079300764b8e02259277654be925fbed,2024-11-18T14:15:05.730000 +CVE-2024-8781,0,1,3ec0b05f8d5a664e00f19be45699369ceb748ac3a54899e5a3d5a5f6653a98bc,2024-11-18T17:11:17.393000 CVE-2024-8782,0,0,ec0da4baac22ae9eceb8ce2507375e0a71b6a51926de3cc40576bcd259fd7175,2024-09-19T01:46:07.003000 CVE-2024-8783,0,0,b434dfc5f50cf2811a1f5688ac574f745dec48e5af54cf5f568ce8560b0e2702,2024-09-19T01:38:57.033000 CVE-2024-8784,0,0,7bc5ed86fd42122481efd27561493828acec6a50cb9d34c0b1c40453c943431f,2024-09-19T01:38:35.177000 @@ -269455,7 +269466,7 @@ CVE-2024-8810,0,0,28ccf959675d77b7e3dcf659d948720de4b02c335959c6c7364babe715cf7b CVE-2024-8850,0,0,60f99c260767f82bf00cc7954ec3e058985003b965020b8d3dac7a45b3ea5f64,2024-09-25T18:49:53.397000 CVE-2024-8852,0,0,4c29aa9b59fffc51165fcfe6324e59328792cc2858478a0eeda39ebd10055ec2,2024-10-25T21:20:11.410000 CVE-2024-8853,0,0,b5a3b0675f8f2657c7381537f08c47ae3a3694c18acf1b18976370e35c278f0e,2024-09-25T17:49:25.653000 -CVE-2024-8856,0,0,17cad0dd21191e9daa7fa455ad4e34adc4508d865d18ebb384f796d7797cd159,2024-11-16T05:15:13.920000 +CVE-2024-8856,0,1,fb4f196ef6156f559862b984cce6db096a1a6c959909fdc078541d601592321e,2024-11-18T17:11:17.393000 CVE-2024-8858,0,0,a55a2b45b2b7a3f3c60e0d8077307a88defc4d63f2b498893a25b1463c90c22f,2024-10-02T18:41:29.067000 CVE-2024-8861,0,0,d76e122800aa09ccce1d9be4ecd54fe7a1857f12f95213a173e1ba2fbaa723db,2024-10-01T13:41:27.213000 CVE-2024-8862,0,0,d2fbbde6c386af624a5ae935a7a4eac6c09ff6dabefe8b3cf0bd8d2bf80b0d66,2024-09-20T15:47:10.697000 @@ -269469,7 +269480,7 @@ CVE-2024-8869,0,0,eaa7c70f03f38bcd808caaf5c9917ef912247cecdfb7f5fef4110fc2bf4de3 CVE-2024-8870,0,0,a8ca41609dd570e7dbf6ada5503a957f6d86f9197ffc9ad53e763e24ea54852d,2024-10-28T13:58:09.230000 CVE-2024-8871,0,0,9aa028ea04226a6cf84eebdd2f1bc09b571137b587a5afcc0e34e041e00067b3,2024-11-01T12:57:03.417000 CVE-2024-8872,0,0,a59fbf98e5a02680c9463d07c5c7731b213fd42229816cc8689de00fdc1cc0eb,2024-10-01T13:42:57.860000 -CVE-2024-8873,0,0,38ffe9c699e3e86c437c9349aa00ef3449adbd84d9aa407d2793fe539263e349,2024-11-16T04:15:06.593000 +CVE-2024-8873,0,1,6e0b6e18710f3d3dfadf2e546e2b8c29bede4b6c62982614608e9d4b49c62ec9,2024-11-18T17:11:17.393000 CVE-2024-8874,0,0,68f1e31c5d954becd8fd67687bd0d07debd79764a003970910718b6dfb396c9e,2024-11-13T17:01:16.850000 CVE-2024-8875,0,0,285b537766851a72a752adea85efa81abdeba3e4c5af2afdcf8485ecb658237e,2024-09-20T22:44:16.077000 CVE-2024-8876,0,0,adf401fb4b8b2c24f06ac7d28fd2360497bd835317abc655be39e3ccb04a97b8,2024-09-20T16:58:24.333000 @@ -269691,7 +269702,7 @@ CVE-2024-9186,0,0,f4eaaf66520dd1dd546daa33a6861bcc369cf7d44acbcfde5a36d3ec579a2c CVE-2024-9187,0,0,ec7d5f1d630d180582cea6b34ef03e6ee8cc268d8686e0a61f71186e80a87f38,2024-10-15T12:57:46.880000 CVE-2024-9189,0,0,589dc859bd1b4dfe4aefe62d286159acb6f430185a125dd81b1568310ee1bb88,2024-10-03T17:26:19.397000 CVE-2024-9191,0,0,ee6dfe1b0c94de0c4973c32fd9b929e1fce6c45c7ed6900711a578d548548d42,2024-11-05T17:06:41.363000 -CVE-2024-9192,0,0,8298e2a8d9ad5f88dfcacdec29856fa6a984887ca99e06516ed1738f0ea4224b,2024-11-16T04:15:06.813000 +CVE-2024-9192,0,1,6b4f5a1acbf9a7dc210d7032de22d145ff71455a06b1f810943596d74d74ef04,2024-11-18T17:11:17.393000 CVE-2024-9194,0,0,94d0f5f267ad180c0cf40bc9b87cc59bf3002f59241057e5b89ba1ec25bacf82,2024-10-04T13:51:25.567000 CVE-2024-9198,0,0,f43e7cbf5ad8264654a856d8df5069cea0145a66becd85052219123b3f2b7d6c,2024-10-02T14:33:52.780000 CVE-2024-9199,0,0,0d70434db3b8e5067294d8da03c36e695141f2bf7d8322fbb68a3bc3177abf45,2024-10-02T14:33:54.607000 @@ -269821,7 +269832,7 @@ CVE-2024-9382,0,0,9974cbae3b65aba95d0b7e51ea5485cc9f96ba1c03eee8eb0122ba4567d68e CVE-2024-9383,0,0,bcbb779641918c0449c8c1e715b100b70d4ebd612997069770f4fe494807a125,2024-10-22T14:27:13.377000 CVE-2024-9384,0,0,a6a408c481cce62ffd2afe76e175a7a94a46c764ed46cc8221ec17248ad3b62d,2024-10-10T20:52:33.333000 CVE-2024-9385,0,0,0d2e28a3f2481a04ce784fbf885d088010920135683d5ffb6adf8001c8688dc2,2024-10-07T17:48:28.117000 -CVE-2024-9386,0,0,9540e1d810baf87818dd9c7e82162709b1b18fb35a84d897b837ead0d72b464e,2024-11-16T04:15:07.030000 +CVE-2024-9386,0,1,31204a796d938ce775acc935408301f91085158d8b3d44afdf90063aa906017b,2024-11-18T17:11:17.393000 CVE-2024-9388,0,0,764a304573576a5fe1426e0fe465ec61e821b8474424dcb9c99282c3b30b6587,2024-11-01T12:57:03.417000 CVE-2024-9391,0,0,7d6eba489d698d80c25274418cf61f043b91561cc903d053b7833bff789db601,2024-10-04T13:51:25.567000 CVE-2024-9392,0,0,beca44e590b21e5502ca4e733f60749ac893cd13053addd71013500d8f613300,2024-10-04T13:51:25.567000 @@ -269884,7 +269895,7 @@ CVE-2024-9470,0,0,13c3a583553fbf2e90723a5a0ed6f2354808c5a1753993b658aba04d0ed9b2 CVE-2024-9471,0,0,2517c360d1e41d9c7ea79e15df7f34465e8f98b985f9011876ffa34a1656df21,2024-10-15T16:55:45.090000 CVE-2024-9472,0,0,6dc75bb8c902376e1f062a26c7a99982f272de37330a03e0fbfe9796bed76fac,2024-11-15T13:58:08.913000 CVE-2024-9473,0,0,2610a860a1ec132e11b499793a273ee08374ba46887944874ff47b7b5fdd4588,2024-10-17T06:15:04.983000 -CVE-2024-9474,1,1,d6dbf9f7c18fc2211b2dc10f059a5a75199c26bbaaf42f50d455c0b051687053,2024-11-18T16:15:29.780000 +CVE-2024-9474,0,1,b02d2c20c6295f6f6f0fd4f7c09e25b3a661f7b2bc49553cc850c748944c2145,2024-11-18T17:11:17.393000 CVE-2024-9475,0,0,273622ecfea8dd0cb8d3a034084a5946e50b2bee83443e844bae24857067e968,2024-10-28T13:58:09.230000 CVE-2024-9476,0,0,e9d7dbd43229ebc9ea9972271d753666a58d144ea232688064d92b4b52fc9277,2024-11-15T14:00:09.720000 CVE-2024-9477,0,0,cf43e95350fa7037b016e95ffdd76723a0091878a7d1f39dfbb116076ef07df2,2024-11-15T22:54:21.233000 @@ -269896,7 +269907,7 @@ CVE-2024-9486,0,0,69b6721a825ab2624e7f19326bb9e1625f15ea4093ed6bc68f868f6a5c393d CVE-2024-9487,0,0,8c0f797a1267751cd655e097cc4e72301937e39ee2b0b43119e44c1b6d6e9879,2024-11-15T16:57:10.080000 CVE-2024-9488,0,0,7160e6226507ff679fbcba733953e2a0c67fe3c2a8e1dee05991bd941a40e8b2,2024-11-06T14:57:04.457000 CVE-2024-9489,0,0,da9917eda81b5ad40f78c98d3cdcfaa2ce360118ba030bb2ddb2e149e55b8a8e,2024-11-01T16:27:25.937000 -CVE-2024-9500,0,0,d17a5fe6d7405fdf2189b088b648e6a96752a76d7bfb6e4cf4e052611cd95656,2024-11-15T22:15:16.580000 +CVE-2024-9500,0,1,a3c03f4a2da5e76f37827cc5472849fd1bec52b508254b9d9e4dd8dde68494f7,2024-11-18T17:11:17.393000 CVE-2024-9501,0,0,d7be73289096f59e8614142ae5f23da8d3cd042d0cbe3c76d9c725d64a67b604,2024-10-28T13:58:09.230000 CVE-2024-9505,0,0,134fdf0964e1ec52ef4b47c0af3083cd4691e60ed884fd2512ddc6dbb615a8df,2024-10-31T16:39:41.193000 CVE-2024-9506,0,0,fc042b04aa147d17b390b33fa64fff12c26897968128764931f8bf3b1a3e0722,2024-10-16T16:38:43.170000 @@ -269909,7 +269920,7 @@ CVE-2024-9519,0,0,2bb44dd736fdc130a04995624f7dece0b5eecdbbfca83c65536d849a586e04 CVE-2024-9520,0,0,043b00f2bf4932488b29ee05bd55762d90704159cb97bf4c710160da6d129691,2024-10-15T14:34:59.660000 CVE-2024-9521,0,0,09a594ea849fc5009e458f6cc46742d3176f440810ef4457104bfe2103f1d0c7,2024-10-16T16:38:14.557000 CVE-2024-9522,0,0,884c9004d667a145fae3b3526c4cb56c9d9a1365bd2a57b2af580c0e3b9c19a1,2024-10-15T14:27:41.553000 -CVE-2024-9526,0,0,251fce6ca8df5cc44c0860f1fbb78180e4c258770ef7e2f7982582b4ddb743a6,2024-11-18T14:15:05.873000 +CVE-2024-9526,0,1,219b64eb2fbe74194bdb6911eebc5f2631f8f03ef9986668aecea9483e17ea36,2024-11-18T17:11:17.393000 CVE-2024-9528,0,0,ad76266403ba94311c1f58d7258b765d914c39ddcd1148706c2e05f82ca92e87,2024-10-07T17:48:28.117000 CVE-2024-9529,0,0,a74498e9b247fb3cd22f5e7796c9032948030a8869b02aae9fc90324965437c4,2024-11-15T19:35:19.160000 CVE-2024-9530,0,0,a4f4ec0ca4c538513c522bc25437bdee95aa200ea2c8ddaeaa2d301c3f668205,2024-10-25T18:52:10.810000 @@ -269982,7 +269993,7 @@ CVE-2024-9610,0,0,c2ae8ad13a32a2ecc4cf7a3cb852077ce2d6eff8b7bb2625c3e46911eeeead CVE-2024-9611,0,0,f16a109b2beda9ef97e16997885b40d38db6eba42b8291e32288f7a269b19f0c,2024-10-15T12:58:51.050000 CVE-2024-9613,0,0,03f12b76d11ccd814de04879dc193f94fb86a0d3aade1fad8084c29f467aedb8,2024-10-28T13:58:09.230000 CVE-2024-9614,0,0,ad1a60e493b4b858c6e1649c994316222c0b626e3c243e99f0a700c01320130a,2024-11-13T17:01:16.850000 -CVE-2024-9615,0,0,a3758431a0ddbebc40cb627596f23455b8d04368979cf78b778455974d88d531,2024-11-16T04:15:07.253000 +CVE-2024-9615,0,1,6c508b3c9cb4fdfd8043ea0ad79db9207cf964bd26500871fe4f2cf1f36f2c06,2024-11-18T17:11:17.393000 CVE-2024-9616,0,0,7955b22811f75fe98c8bca32dc5925d116cea5c2846865e9f0c5f52b96467c10,2024-10-15T12:58:51.050000 CVE-2024-9620,0,0,6bab3b47a8124e2f6e45a39c3f1a067698db02be0764fadf48434470b2bdf728,2024-10-10T12:56:30.817000 CVE-2024-9621,0,0,9e376b0f3dfa34027ae088e771a22694180917eee238e690ac2f4896caf46a6b,2024-10-10T12:56:30.817000 @@ -270083,14 +270094,14 @@ CVE-2024-9834,0,0,58a96ed6d2e0276f3eaa10de898ae35fd311ab0f6605b68b83724fedae7435 CVE-2024-9835,0,0,ca18e7b41fab9b483950f5f59199903f1b661b24923c7a18a4c44cf7bcb08f14,2024-11-12T15:35:17.853000 CVE-2024-9836,0,0,5d120048cea246a15edceb1ecc1c13de92be1dc1c21567e1e478f7428ef25fec,2024-11-12T15:35:18.093000 CVE-2024-9837,0,0,bb8fbc31e530027dfddbaf6dae2f5d1b4333d91b7cafcea32a3d82a1ea54dea9,2024-10-15T12:57:46.880000 -CVE-2024-9839,0,0,d786924273a2fcc9631e09e9cad4471d59c038ab1e3f2812b6f77c4a974eb931,2024-11-16T04:15:07.467000 +CVE-2024-9839,0,1,a46a9ea1d8a52a43ffa8392d10a25cec74c2c071d36a0f60cede90edf662840f,2024-11-18T17:11:17.393000 CVE-2024-9841,0,0,9c33cdcf9004c71710ba4b1ce56ccfdbfedbb6dd924eb9e38cb785f3220c008b,2024-11-13T19:34:26.237000 CVE-2024-9842,0,0,50d27fc30d770585939a99c8b97644e17ee67bd5f15dde79eaf430c406e7f3eb,2024-11-13T17:01:58.603000 CVE-2024-9843,0,0,d34ad602bf27d4ca13fa0a8bbedece4e1767e628d12a30d7804c35f04b707625,2024-11-13T17:01:58.603000 CVE-2024-9846,0,0,173656afdffd3fc8df737b5cdb277d7e27d47fc010c3df17216e30b52661a1bb,2024-11-06T14:58:04.160000 CVE-2024-9848,0,0,b402d34d635014e43cf3d9b875728458bb9e45308a715285ac01e2036b42d252,2024-10-22T16:42:25.867000 -CVE-2024-9849,0,0,84b6900cddfb6d4a40d4d816dce4f9cf983fb8032f75f635f1c36f12c1c188c8,2024-11-16T04:15:07.673000 -CVE-2024-9850,0,0,b6eec01c333bffb662084fa5852ca81d3ddee4bba8efd53862aaa47b095f068c,2024-11-16T04:15:07.890000 +CVE-2024-9849,0,1,6c0c40572fde6b055e3b5122b180f47cd1f495a97e16300c65ccc1fcd53e1c97,2024-11-18T17:11:17.393000 +CVE-2024-9850,0,1,46bbff5163fdac19fcbf989e651f2e3fe0bb525dd3025c7ac1b112b522023f60,2024-11-18T17:11:17.393000 CVE-2024-9853,0,0,b003ea260222d309866f9bc6bcac4c0549c1930cf36d8d49eac92c8d99d9053c,2024-10-28T13:58:09.230000 CVE-2024-9855,0,0,f4067d5f9739a4a46f27ed071acd023bca1d9a27db9968d98f329af2e8d70e8b,2024-10-15T12:58:51.050000 CVE-2024-9856,0,0,531963d8959dcaa0b68edaa5a63ce972541a941d9ad2303b1c288946d989ee89,2024-10-15T12:58:51.050000 @@ -270112,7 +270123,7 @@ CVE-2024-9883,0,0,3d8bffa6f00f1635d66365d71fac3209d831583acb3bbea648179300cb3b5f CVE-2024-9884,0,0,757f98f3275a3bf4e9b1e819bb018e139225ae1ebee044e7c027a7c44897e089,2024-11-01T12:57:03.417000 CVE-2024-9885,0,0,eba2ae86e119460d513882eefada4208486dcdf1501994be9aa95d7bb726e2cd,2024-11-01T12:57:03.417000 CVE-2024-9886,0,0,2d0240a7ec94642b6f1f1ed4572b40ffdd3dbdf8ae33aee8a7b267be1166a129,2024-11-01T12:57:03.417000 -CVE-2024-9887,0,0,2244630499d7610b1215c2e9fb225d4333507582239171bb9e403f5ad75b247a,2024-11-16T10:15:05.020000 +CVE-2024-9887,0,1,2e76036bb55ad915d047b33f388bd78d598aebdaa5edc485b14ac45b30755ba1,2024-11-18T17:11:17.393000 CVE-2024-9888,0,0,de5de1e3177c72ea1d0a5d19aa48b1693390bd1baf1f85524c962ffa2c18433f,2024-10-16T16:38:14.557000 CVE-2024-9889,0,0,7b65cd99447fbfa39cd4dc11381cd45c81ad318b56728df89040915de3d7880c,2024-11-01T15:27:23.777000 CVE-2024-9890,0,0,d7f68ba62671a34c8b89dcbd3c5c40cfcc4d5decfd7c261059a9e135d650d182,2024-10-28T13:58:09.230000 @@ -270154,10 +270165,10 @@ CVE-2024-9931,0,0,4f99602a22e228cc69b801ddff8bd876efec1042ee86fb7a5c3c9f1dd271a7 CVE-2024-9932,0,0,8a190221d1ff5cf55bd50d44ac85bae930613a4d1f53087f12b10cdd4dba5757,2024-10-28T13:58:09.230000 CVE-2024-9933,0,0,98d3817270b49f8a3306f52253709f2dd1831527ba3d2429bf8c82695141e455,2024-10-28T13:58:09.230000 CVE-2024-9934,0,0,6c9699e32fd3b33a577f551ec288ec7eeb811b43db7ed80ffc7c14ab7b49b826,2024-11-06T18:17:17.287000 -CVE-2024-9935,0,0,5e19fc18f902d6a4ddfc2e4b66b2b5c4dcd8da5056ddd3936c6407eded4d3baa,2024-11-16T04:15:08.103000 +CVE-2024-9935,0,1,c9e284e961fa05d4fa7941f2894b17a86b17dc821840c25b0b3aaebc0832b445,2024-11-18T17:11:17.393000 CVE-2024-9936,0,0,e24713274a06b54c6fb1a28ab183fd20a2323a432a191511c12e0c56155c7d8b,2024-11-06T17:35:42.870000 CVE-2024-9937,0,0,4e7ae54d6a9c5099857ac0a66ba44c96220fc2ab3e1844c918c371d4dbb6d38d,2024-10-16T16:38:14.557000 -CVE-2024-9938,0,0,5ac1d47628e0561eca2a3be1db922669908ce470eb07fd94d992f4332bd53975,2024-11-16T04:15:08.313000 +CVE-2024-9938,0,1,6d537cf2be13384f825f1d7433911745cb0151af95c01ffe257651ffb963013d,2024-11-18T17:11:17.393000 CVE-2024-9940,0,0,0591f213f2bec6924fef18017d23419024c9c5bdc4c598c1e0fd80a492ebb13b,2024-10-18T12:53:04.627000 CVE-2024-9943,0,0,2b1bd0bf17ad8265b1c648445115c5e7c1a49eb398158e5a8ef4b45ea9c6d38b,2024-10-25T12:56:07.750000 CVE-2024-9944,0,0,0b8e9f26d6b78f71e8a64eb7650f72f57e1c6a31a17ce0fafe5b6b8377b71371,2024-10-17T20:47:35.817000