mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-07-09 16:05:11 +00:00
Auto-Update: 2024-12-22T03:00:24.601826+00:00
This commit is contained in:
cad-safe-bot
parent
d17791f430
commit
90307445be
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@adobe.com",
|
||||
"published": "2015-01-23T21:59:00.050",
|
||||
"lastModified": "2024-11-21T02:22:47.480",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"vulnStatus": "Modified",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,12 +3,16 @@
|
||||
"sourceIdentifier": "security@vivo.com",
|
||||
"published": "2024-12-17T03:15:05.613",
|
||||
"lastModified": "2024-12-17T03:15:05.613",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "When using special mode to connect to enterprise wifi, certain options are not properly configured and attackers can pretend to be enterprise wifi through a carefully constructed wifi with the same name, which can lead to man-in-the-middle attacks."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Al usar el modo especial para conectarse a una red wifi empresarial, ciertas opciones no est\u00e1n configuradas correctamente y los atacantes pueden hacerse pasar por una red wifi empresarial a trav\u00e9s de una red wifi cuidadosamente construida con el mismo nombre, lo que puede conducir a ataques de intermediario."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -3,12 +3,16 @@
|
||||
"sourceIdentifier": "security@vivo.com",
|
||||
"published": "2024-12-17T03:15:06.453",
|
||||
"lastModified": "2024-12-17T03:15:06.453",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Due to the flaws in the verification of input parameters, the attacker can input carefully constructed commands to make the ABE service execute some commands with root privilege."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Debido a las fallas en la verificaci\u00f3n de los par\u00e1metros de entrada, el atacante puede ingresar comandos cuidadosamente construidos para hacer que el servicio ABE ejecute algunos comandos con privilegios de superusuario."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "A heap-based buffer overflow vulnerability in the processing of Link Control Protocol messages in FortiGate versions 5.6.12, 6.0.10, 6.2.4 and 6.4.1 and earlier may allow a remote attacker with valid SSL VPN credentials to crash the SSL VPN daemon by sending a large LCP packet, when tunnel mode is enabled. Arbitrary code execution may be theoretically possible, albeit practically very difficult to achieve in this context"
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Una vulnerabilidad de desbordamiento de b\u00fafer en el mont\u00f3n durante el procesamiento de mensajes del Protocolo de control de enlaces en las versiones 5.6.12, 6.0.10, 6.2.4 y 6.4.1 y anteriores de FortiGate puede permitir que un atacante remoto con credenciales de VPN SSL v\u00e1lidas bloquee el daemon de VPN SSL mediante el env\u00edo de un paquete LCP de gran tama\u00f1o cuando el modo t\u00fanel est\u00e1 habilitado. La ejecuci\u00f3n de c\u00f3digo arbitrario puede ser te\u00f3ricamente posible, aunque en la pr\u00e1ctica es muy dif\u00edcil de lograr en este contexto"
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Under non-default configuration, a stack-based buffer overflow in FortiOS version 6.0.10 and below, version 5.6.12 and below may allow a remote attacker authenticated to the SSL VPN to crash the FortiClient NAC daemon (fcnacd) and potentially execute arbitrary code via requesting a large FortiClient file name. We are not aware of proof of concept code successfully achieving the latter."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "En una configuraci\u00f3n no predeterminada, un desbordamiento de b\u00fafer basado en pila en FortiOS versi\u00f3n 6.0.10 y anteriores, versi\u00f3n 5.6.12 y anteriores puede permitir que un atacante remoto autenticado en la VPN SSL bloquee el daemon NAC de FortiClient (fcnacd) y potencialmente ejecute c\u00f3digo arbitrario mediante la solicitud de un nombre de archivo FortiClient grande. No tenemos conocimiento de ning\u00fan c\u00f3digo de prueba de concepto que logre esto \u00faltimo con \u00e9xito."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "An execution with unnecessary privileges vulnerability in the VCM engine of FortiClient for Linux versions 6.2.7 and below, version 6.4.0. may allow local users to elevate their privileges to root by creating a malicious script or program on the target machine."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Una vulnerabilidad de ejecuci\u00f3n con privilegios innecesarios en el motor VCM de FortiClient para Linux versiones 6.2.7 y anteriores, versi\u00f3n 6.4.0, puede permitir que usuarios locales eleven sus privilegios a superusuario mediante la creaci\u00f3n de un script o programa malicioso en la m\u00e1quina de destino."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The HP Linux Imaging and Printing (HPLIP) software may potentially be affected by memory buffer overflow."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El software HP Linux Imaging and Printing (HPLIP) puede verse afectado por un desbordamiento del b\u00fafer de memoria."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "IBM Sterling B2B Integrator Standard Edition 5.2.0.0 a 6.1.1.0 es vulnerable a cross-site scripting. Esta vulnerabilidad permite a los usuarios insertar c\u00f3digo JavaScript arbitrario en la interfaz de usuario web, alterando as\u00ed la funcionalidad prevista y pudiendo provocar la divulgaci\u00f3n de credenciales dentro de una sesi\u00f3n de confianza."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Improper Restriction of XML External Entity Reference vulnerability in OpenText\u2122 Operations Bridge Manager allows Input Data Manipulation.\u00a0\n\nThe vulnerability could be exploited to confidential information\n\nThis issue affects Operations Bridge Manager: 2017.05, 2017.11, 2018.05, 2018.11, 2019.05, 2019.11, 2020.05, 2020.10."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La vulnerabilidad de restricci\u00f3n incorrecta de referencia de entidad externa XML en OpenText\u2122 Operations Bridge Manager permite la manipulaci\u00f3n de datos de entrada. La vulnerabilidad podr\u00eda aprovecharse para obtener informaci\u00f3n confidencial. Este problema afecta a Operations Bridge Manager: 2017.05, 2017.11, 2018.05, 2018.11, 2019.05, 2019.11, 2020.05, 2020.10."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "An access of uninitialized pointer (CWE-824) vulnerability\u00a0in FortiWLC versions 8.6.0, 8.5.3 and earlier may allow a local and authenticated attacker to crash the access point\u00a0being managed by the controller by executing a crafted CLI command."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Una vulnerabilidad de acceso a un puntero no inicializado (CWE-824) en FortiWLC versiones 8.6.0, 8.5.3 y anteriores puede permitir que un atacante local y autenticado bloquee el punto de acceso administrado por el controlador mediante la ejecuci\u00f3n de un comando CLI manipulado espec\u00edficamente."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "A relative path traversal vulnerability (CWE-23) in FortiWAN version 4.5.7 and below, 4.4 all versions may allow a remote non-authenticated attacker to delete files on the system by sending a crafted POST request. In particular, deleting specific configuration files will reset the Admin password to its default value."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Una vulnerabilidad de path traversal relativo (CWE-23) en FortiWAN versi\u00f3n 4.5.7 y anteriores, 4.4 y todas las versiones puede permitir que un atacante remoto no autenticado elimine archivos del sistema mediante el env\u00edo de una solicitud POST manipulada. En particular, la eliminaci\u00f3n de archivos de configuraci\u00f3n espec\u00edficos restablecer\u00e1 la contrase\u00f1a de administrador a su valor predeterminado."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "An OS command injection (CWE-78) vulnerability in FortiWAN version 4.5.7 and below Command Line Interface may allow a local, authenticated and unprivileged attacker to escalate their privileges to root via executing a specially-crafted command.An OS command injection (CWE-78) vulnerability in FortiWAN Command Line Interface may allow a local, authenticated and unprivileged attacker to escalate their privileges to root via executing a specially-crafted command."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Una vulnerabilidad de inyecci\u00f3n de comando del sistema operativo (CWE-78) en la interfaz de l\u00ednea de comandos de FortiWAN versi\u00f3n 4.5.7 y anteriores puede permitir que un atacante local, autenticado y sin privilegios escale sus privilegios a superusuario mediante la ejecuci\u00f3n de un comando especialmente manipulado.Una vulnerabilidad de inyecci\u00f3n de comando del sistema operativo (CWE-78) en la interfaz de l\u00ednea de comandos de FortiWAN puede permitir que un atacante local, autenticado y sin privilegios escale sus privilegios a superusuario mediante la ejecuci\u00f3n de un comando especialmente manipulado."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -3,12 +3,16 @@
|
||||
"sourceIdentifier": "security@vivo.com",
|
||||
"published": "2024-12-17T03:15:06.573",
|
||||
"lastModified": "2024-12-17T03:15:06.573",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The wifi module exposes the interface and has improper permission control, leaking sensitive information about the device."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El m\u00f3dulo wifi expone la interfaz y tiene un control de permisos indebido, filtrando informaci\u00f3n confidencial sobre el dispositivo."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -3,12 +3,16 @@
|
||||
"sourceIdentifier": "security@vivo.com",
|
||||
"published": "2024-12-17T04:15:05.333",
|
||||
"lastModified": "2024-12-17T04:15:05.333",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Some parameters of the weather module are improperly stored, leaking some sensitive information."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Algunos par\u00e1metros del m\u00f3dulo meteorol\u00f3gico se almacenan incorrectamente, lo que da lugar a una filtraci\u00f3n de informaci\u00f3n confidencial."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -3,12 +3,16 @@
|
||||
"sourceIdentifier": "security@vivo.com",
|
||||
"published": "2024-12-17T07:15:05.343",
|
||||
"lastModified": "2024-12-17T07:15:05.343",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Locally installed application can bypass the permission check and perform system operations that require permission."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La aplicaci\u00f3n instalada localmente puede eludir la verificaci\u00f3n de permisos y realizar operaciones del sistema que requieren permiso."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -3,12 +3,16 @@
|
||||
"sourceIdentifier": "security@vivo.com",
|
||||
"published": "2024-12-17T07:15:05.927",
|
||||
"lastModified": "2024-12-17T07:15:05.927",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Some parameters of the alarm clock module are improperly stored, leaking some sensitive information."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Algunos par\u00e1metros del m\u00f3dulo del despertador se almacenan incorrectamente, lo que da lugar a una filtraci\u00f3n de informaci\u00f3n confidencial."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "IBM InfoSphere Information Server 11.7 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "IBM InfoSphere Information Server 11.7 podr\u00eda permitir que un atacante remoto secuestrara la acci\u00f3n de clic de la v\u00edctima. Al persuadir a la v\u00edctima para que visite un sitio web malicioso, un atacante remoto podr\u00eda aprovechar esta vulnerabilidad para secuestrar las acciones de clic de la v\u00edctima y posiblemente lanzar m\u00e1s ataques contra ella."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "A Use After Free (CWE-416) vulnerability in FortiManager version 7.0.0, version 6.4.5 and below, version 6.2.7 and below, version 6.0.10 and below, version 5.6.10 and below, version 5.4.7 and below, version 5.2.10 and below, version 5.0.12 and below and FortiAnalyzer version 7.0.0, version 6.4.5 and below, version 6.2.7 and below, version 6.0.10 and below, version 5.6.10 and below, version 5.4.7 and below, version 5.3.11, version 5.2.10 to 5.2.4 fgfmsd daemon may allow a remote, non-authenticated attacker to execute unauthorized code as root via sending a specifically crafted request to the fgfm port of the targeted device."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Una vulnerabilidad de Use After Free (CWE-416) en FortiManager versi\u00f3n 7.0.0, versi\u00f3n 6.4.5 y anteriores, versi\u00f3n 6.2.7 y anteriores, versi\u00f3n 6.0.10 y anteriores, versi\u00f3n 5.6.10 y anteriores, versi\u00f3n 5.4.7 y anteriores, versi\u00f3n 5.2.10 y anteriores, versi\u00f3n 5.0.12 y anteriores y FortiAnalyzer versi\u00f3n 7.0.0, versi\u00f3n 6.4.5 y anteriores, versi\u00f3n 6.2.7 y anteriores, versi\u00f3n 6.0.10 y anteriores, versi\u00f3n 5.6.10 y anteriores, versi\u00f3n 5.4.7 y anteriores, versi\u00f3n 5.3.11, versi\u00f3n 5.2.10 a 5.2.4 del daemon fgfmsd puede permitir que un atacante remoto no autenticado ejecute c\u00f3digo no autorizado como superusuario mediante el env\u00edo de una solicitud espec\u00edficamente manipulada al puerto fgfm del dispositivo de destino."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "chrome-cve-admin@google.com",
|
||||
"published": "2024-09-23T22:15:02.763",
|
||||
"lastModified": "2024-09-26T13:32:55.343",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "IBM Cognos Analytics Mobile for Android 1.1.14 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "IBM Cognos Analytics Mobile para Android 1.1.14 utiliza algoritmos criptogr\u00e1ficos m\u00e1s d\u00e9biles de lo esperado que podr\u00edan permitir a un atacante descifrar informaci\u00f3n altamente confidencial."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
|
||||
"published": "2024-02-28T09:15:37.230",
|
||||
"lastModified": "2024-11-21T06:35:06.310",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
|
||||
"published": "2024-02-28T09:15:37.273",
|
||||
"lastModified": "2024-11-21T06:35:06.453",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
|
||||
"published": "2024-02-28T09:15:37.367",
|
||||
"lastModified": "2024-11-21T06:35:06.777",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
|
||||
"published": "2024-02-28T09:15:37.540",
|
||||
"lastModified": "2024-11-21T06:35:07.760",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
|
||||
"published": "2024-02-28T09:15:37.640",
|
||||
"lastModified": "2024-11-21T06:35:08.027",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
|
||||
"published": "2024-02-28T09:15:37.733",
|
||||
"lastModified": "2024-11-21T06:35:08.370",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
|
||||
"published": "2024-02-28T09:15:37.833",
|
||||
"lastModified": "2024-11-21T06:35:08.643",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
|
||||
"published": "2024-02-28T09:15:37.880",
|
||||
"lastModified": "2024-11-21T06:35:08.777",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
|
||||
"published": "2024-02-28T09:15:38.047",
|
||||
"lastModified": "2024-11-21T06:35:09.237",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "An insecure library loading vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local attackers who have gained user access to execute unauthorized code or commands.\n\nWe have already fixed the vulnerability in the following versions:\nQVPN Windows 2.0.0.1316 and later\nQVPN Windows 2.0.0.1310 and later"
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se ha informado de una vulnerabilidad de carga de librer\u00edas inseguras que afecta a QVPN Device Client. Si se explota, la vulnerabilidad podr\u00eda permitir que atacantes locales que hayan obtenido acceso de usuario ejecuten c\u00f3digo o comandos no autorizados. Ya hemos corregido la vulnerabilidad en las siguientes versiones: QVPN Windows 2.0.0.1316 y posteriores QVPN Windows 2.0.0.1310 y posteriores"
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "An uncontrolled resource consumption vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to launch a denial-of-service (DoS) attack.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.0.1.2277 and later\nQTS 4.5.4.2280 build 20230112 and later\nQuTS hero h5.0.1.2277 build 20230112 and later\nQuTS hero h4.5.4.2374 build 20230417 and later\nQuTScloud c5.0.1.2374 and later"
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se ha informado de una vulnerabilidad de consumo de recursos no controlado que afecta a varias versiones del sistema operativo QNAP. Si se explota, la vulnerabilidad podr\u00eda permitir a atacantes remotos lanzar un ataque de denegaci\u00f3n de servicio (DoS). Ya hemos corregido la vulnerabilidad en las siguientes versiones: QTS 5.0.1.2277 y posteriores QTS 4.5.4.2280 compilaci\u00f3n 20230112 y posteriores QuTS hero h5.0.1.2277 compilaci\u00f3n 20230112 y posteriores QuTS hero h4.5.4.2374 compilaci\u00f3n 20230417 y posteriores QuTScloud c5.0.1.2374 y posteriores"
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "IBM Robotic Process Automation 21.0.1, 21.0.2, and 21.0.3 could allow a user with psychical access to the system to obtain sensitive information due to insufficiently protected credentials."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "IBM Robotic Process Automation 21.0.1, 21.0.2 y 21.0.3 podr\u00edan permitir que un usuario con acceso f\u00edsico al sistema obtenga informaci\u00f3n confidencial debido a credenciales insuficientemente protegidas."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specially-crafted set of syscalls can lead to a reboot. An unprivileged user can run specially-crafted code to trigger Denial Of Service."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Existe una vulnerabilidad de violaci\u00f3n de acceso en la funcionalidad DirectComposition del controlador win32kbase.sys versi\u00f3n 10.0.22000.593 como parte de Windows 11 versi\u00f3n 22000.593 y versi\u00f3n 10.0.20348.643 como parte de Windows Server 2022 versi\u00f3n 20348.643. Un conjunto de llamadas al sistema especialmente manipulado puede provocar un reinicio. Un usuario sin privilegios puede ejecutar c\u00f3digo especialmente manipulado para activar una denegaci\u00f3n de servicio."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specially-crafted set of syscalls can lead to a reboot. An unprivileged user can run specially-crafted code to trigger Denial Of Service."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Existe una vulnerabilidad de violaci\u00f3n de acceso en la funcionalidad DirectComposition del controlador win32kbase.sys versi\u00f3n 10.0.22000.593 como parte de Windows 11 versi\u00f3n 22000.593 y versi\u00f3n 10.0.20348.643 como parte de Windows Server 2022 versi\u00f3n 20348.643. Un conjunto de llamadas al sistema especialmente manipulado puede provocar un reinicio. Un usuario sin privilegios puede ejecutar c\u00f3digo especialmente manipulado para activar una denegaci\u00f3n de servicio."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in StylemixThemes eRoom \u2013 Zoom Meetings & Webinar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects eRoom \u2013 Zoom Meetings & Webinar: from n/a through 1.4.6."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La vulnerabilidad de autorizaci\u00f3n faltante en StylemixThemes eRoom \u2013 Zoom Meetings y Webinar permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a eRoom \u2013 Zoom Meetings y Webinar: desde n/a hasta 1.4.6."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@us.ibm.com",
|
||||
"published": "2024-03-03T16:15:49.570",
|
||||
"lastModified": "2024-11-21T07:27:19.277",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Las versiones 22.001.20085 (y anteriores), 20.005.3031x (y anteriores) y 17.012.30205 (y anteriores) de Acrobat Reader DC se ven afectadas por una vulnerabilidad de escritura fuera de los l\u00edmites que podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo arbitrario en el contexto del usuario actual. Para explotar este problema es necesaria la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Las versiones 22.001.20085 (y anteriores), 20.005.3031x (y anteriores) y 17.012.30205 (y anteriores) de Acrobat Reader DC se ven afectadas por una vulnerabilidad de escritura fuera de los l\u00edmites que podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo arbitrario en el contexto del usuario actual. Para explotar este problema es necesaria la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Las versiones 22.001.20085 (y anteriores), 20.005.3031x (y anteriores) y 17.012.30205 (y anteriores) de Acrobat Reader DC se ven afectadas por una vulnerabilidad de use after free que podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo arbitrario en el contexto del usuario actual. Para explotar este problema es necesaria la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Las versiones 22.001.20085 (y anteriores), 20.005.3031x (y anteriores) y 17.012.30205 (y anteriores) de Acrobat Reader DC se ven afectadas por una vulnerabilidad de lectura fuera de los l\u00edmites al analizar un archivo manipulado, lo que podr\u00eda provocar una lectura m\u00e1s all\u00e1 del final de una estructura de memoria asignada. Un atacante podr\u00eda aprovechar esta vulnerabilidad para eludir mitigaciones como ASLR. La explotaci\u00f3n de este problema requiere la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Las versiones 22.001.20085 (y anteriores), 20.005.3031x (y anteriores) y 17.012.30205 (y anteriores) de Acrobat Reader DC se ven afectadas por una vulnerabilidad de lectura fuera de los l\u00edmites al analizar un archivo manipulado, lo que podr\u00eda provocar una lectura m\u00e1s all\u00e1 del final de una estructura de memoria asignada. Un atacante podr\u00eda aprovechar esta vulnerabilidad para eludir mitigaciones como ASLR. La explotaci\u00f3n de este problema requiere la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Las versiones 22.001.20085 (y anteriores), 20.005.3031x (y anteriores) y 17.012.30205 (y anteriores) de Acrobat Reader DC se ven afectadas por una vulnerabilidad de lectura fuera de los l\u00edmites al analizar un archivo manipulado, lo que podr\u00eda provocar una lectura m\u00e1s all\u00e1 del final de una estructura de memoria asignada. Un atacante podr\u00eda aprovechar esta vulnerabilidad para eludir mitigaciones como ASLR. La explotaci\u00f3n de este problema requiere la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Las versiones 22.001.20085 (y anteriores), 20.005.3031x (y anteriores) y 17.012.30205 (y anteriores) de Acrobat Reader DC se ven afectadas por una vulnerabilidad de use after free que podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo arbitrario en el contexto del usuario actual. Para explotar este problema es necesaria la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Las versiones 22.001.20085 (y anteriores), 20.005.3031x (y anteriores) y 17.012.30205 (y anteriores) de Acrobat Reader DC se ven afectadas por una vulnerabilidad de use after free que podr\u00eda provocar la divulgaci\u00f3n de memoria confidencial. Un atacante podr\u00eda aprovechar esta vulnerabilidad para eludir mitigaciones como ASLR. La explotaci\u00f3n de este problema requiere la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Las versiones 22.001.20085 (y anteriores), 20.005.3031x (y anteriores) y 17.012.30205 (y anteriores) de Acrobat Reader DC se ven afectadas por una vulnerabilidad de use after free que podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo arbitrario en el contexto del usuario actual. Para explotar este problema es necesaria la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in Pierre JEHAN Owl Carousel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Owl Carousel: from n/a through 0.5.3."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La vulnerabilidad de autorizaci\u00f3n faltante en Pierre JEHAN Owl Carousel permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Owl Carousel: desde n/a hasta 0.5.3."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in Strategy11 Form Builder Team Formidable Forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Formidable Forms: from n/a through 5.5.4."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La vulnerabilidad de autorizaci\u00f3n faltante en Strategy11 Form Builder Team Formidable Forms permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Formidable Forms: desde n/a hasta 5.5.4."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in Popup Maker Popup Maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup Maker: from n/a through 1.17.1."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Vulnerabilidad de autorizaci\u00f3n faltante en Popup Maker Popup Maker permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Popup Maker: desde n/a hasta 1.17.1."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in WP Sunshine Sunshine Photo Cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sunshine Photo Cart: from n/a through 2.9.13."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La vulnerabilidad de autorizaci\u00f3n faltante en WP Sunshine Sunshine Photo Cart permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Sunshine Photo Cart: desde n/a hasta 2.9.13."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in Lucian Apostol Auto Affiliate Links allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Auto Affiliate Links: from n/a through 6.2.1.5."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La vulnerabilidad de autorizaci\u00f3n faltante en Lucian Apostol Auto Affiliate Links permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a los enlaces de afiliados autom\u00e1ticos: desde n/a hasta 6.2.1.5."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in RoboSoft Robo Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Robo Gallery: from n/a through 3.2.9."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La vulnerabilidad de autorizaci\u00f3n faltante en RoboSoft Robo Gallery permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Robo Gallery: desde n/a hasta 3.2.9."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in Tyche Softwares Print Invoice & Delivery Notes for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Print Invoice & Delivery Notes for WooCommerce: from n/a through 4.7.2."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La vulnerabilidad de autorizaci\u00f3n faltante en Tyche Softwares Print Invoice & Delivery Notes for WooCommerce permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Print Invoice y Delivery Notes para WooCommerce: desde n/a hasta 4.7.2."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in VillaTheme CURCY allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CURCY: from n/a through 2.1.25."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La vulnerabilidad de autorizaci\u00f3n faltante en VillaTheme CURCY permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a CURCY: desde n/a hasta 2.1.25."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in Lauri Karisola / WP Trio Stock Sync for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Stock Sync for WooCommerce: from n/a through 2.3.2."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La vulnerabilidad de autorizaci\u00f3n faltante en Lauri Karisola / WP Trio Stock Sync para WooCommerce permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Stock Sync para WooCommerce: desde n/a hasta 2.3.2."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in VillaTheme(villatheme.com) ALD \u2013 Dropshipping and Fulfillment for AliExpress and WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ALD \u2013 Dropshipping and Fulfillment for AliExpress and WooCommerce: from n/a through 1.0.21."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Vulnerabilidad de autorizaci\u00f3n faltante en VillaTheme (villatheme.com) ALD \u2013 Dropshipping and Fulfillment para AliExpress y WooCommerce permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a ALD \u2013 Dropshipping and Fulfillment para AliExpress y WooCommerce: desde n/a hasta 1.0.21."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in JS Help Desk JS Help Desk \u2013 Best Help Desk & Support Plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk \u2013 Best Help Desk & Support Plugin: from n/a through 2.7.1."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Vulnerabilidad de autorizaci\u00f3n faltante en JS Help Desk JS Help Desk \u2013 Best Help Desk & Support Plugin permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a JS Help Desk \u2013 Best Help Desk & Support Plugin: desde n/a hasta 2.7.1."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in JS Help Desk JS Help Desk \u2013 Best Help Desk & Support Plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk \u2013 Best Help Desk & Support Plugin: from n/a through 2.7.1."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Vulnerabilidad de autorizaci\u00f3n faltante en JS Help Desk JS Help Desk \u2013 Best Help Desk y Support Plugin permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a JS Help Desk \u2013 Best Help Desk y Support Plugin: desde n/a hasta 2.7.1."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Trending/Popular Post Slider and Widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Trending/Popular Post Slider and Widget: from n/a through 1.5.7."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La vulnerabilidad de autorizaci\u00f3n faltante en WP OnlineSupport, Essential Plugin Trending/Popular Post Slider y Widget permite explotar los niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta al control deslizante de publicaciones populares/tendencias y al widget: desde n/a hasta 1.5.7."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in Printful Printful Integration for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Printful Integration for WooCommerce: from n/a through 2.2.3."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La vulnerabilidad de autorizaci\u00f3n faltante en Printful Integration para WooCommerce permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Printful Integration para WooCommerce: desde n/a hasta 2.2.3."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in Depicter Slider and Popup by Averta Depicter Slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Depicter Slider: from n/a through 1.9.0."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Vulnerabilidad de autorizaci\u00f3n faltante en Depicter Slider y Popup de Averta Depicter Slider permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Depicter Slider: desde n/a hasta 1.9.0."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in Wpexpertsio APIExperts Square for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects APIExperts Square for WooCommerce: from n/a through 4.4.1."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La vulnerabilidad de autorizaci\u00f3n faltante en Wpexpertsio APIExperts Square para WooCommerce permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a APIExperts Square para WooCommerce: desde n/a hasta 4.4.1."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in 8Degree Themes Coming Soon Landing Page and Maintenance Mode WordPress Plugin allows Retrieve Embedded Sensitive Data.This issue affects Coming Soon Landing Page and Maintenance Mode WordPress Plugin: from n/a through 2.2.0."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La vulnerabilidad de autorizaci\u00f3n faltante en 8Degree Themes Coming Soon Landing Page and Maintenance Mode WordPress Plugin permite recuperar datos confidenciales integrados. Este problema afecta a la p\u00e1gina de destino Coming Soon y al complemento de modo de mantenimiento de WordPress: desde n/a hasta 2.2.0."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Blocks for Gutenberg: from n/a through 3.8.5."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La vulnerabilidad de autorizaci\u00f3n faltante en WPDeveloper Essential Blocks para Gutenberg permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Essential Blocks para Gutenberg: desde n/a hasta 3.8.5."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
|
||||
"published": "2024-05-03T18:15:08.247",
|
||||
"lastModified": "2024-11-21T07:33:48.257",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a NULL Pointer Dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Las versiones 22.003.20282 (y anteriores), 22.003.20281 (y anteriores) y 20.005.30418 (y anteriores) de Adobe Acrobat Reader se ven afectadas por una vulnerabilidad de desreferencia de puntero nulo. Un atacante no autenticado podr\u00eda aprovechar esta vulnerabilidad para lograr una denegaci\u00f3n de servicio de la aplicaci\u00f3n en el contexto del usuario actual. La explotaci\u00f3n de este problema requiere la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in Survey Maker team Survey Maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Survey Maker: from n/a through 3.2.0."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Vulnerabilidad de autorizaci\u00f3n faltante en Survey Maker team Survey Maker permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Survey Maker: desde n/a hasta 3.2.0."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to bypass security mechanisms or read application data.\n\nWe have already fixed the vulnerability in the following versions:\nQuLog Center 1.5.0.738 ( 2023/03/06 ) and later\nQuLog Center 1.4.1.691 ( 2023/03/01 ) and later\nQuLog Center 1.3.1.645 ( 2023/02/22 ) and later"
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se ha informado de una vulnerabilidad de cross-site scripting (XSS) que afecta a varias versiones del sistema operativo QNAP. Si se explota, la vulnerabilidad podr\u00eda permitir a atacantes remotos que hayan obtenido acceso de usuario eludir los mecanismos de seguridad o leer datos de la aplicaci\u00f3n. Ya hemos corregido la vulnerabilidad en las siguientes versiones: QuLog Center 1.5.0.738 (06/03/2023) y posteriores QuLog Center 1.4.1.691 (01/03/2023) y posteriores QuLog Center 1.3.1.645 (22/02/2023) y posteriores"
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute arbitrary commands.\n\nWe have already fixed the vulnerability in the following versions:\nQuFirewall 2.3.3 ( 2023/03/27 ) and later\n and later"
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se ha informado de una vulnerabilidad de inyecci\u00f3n de comandos que afecta a varias versiones del sistema operativo QNAP. Si se explota, la vulnerabilidad podr\u00eda permitir que atacantes remotos que hayan obtenido acceso de administrador ejecuten comandos arbitrarios. Ya hemos corregido la vulnerabilidad en las siguientes versiones: QuFirewall 2.3.3 (2023/03/27) y posteriores."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to bypass security mechanisms or read application data.\n\nWe have already fixed the vulnerability in the following versions:\nQuLog Center 1.5.0.738 ( 2023/03/06 ) and later\nQuLog Center 1.4.1.691 ( 2023/03/01 ) and later\nQuLog Center 1.3.1.645 ( 2023/02/22 ) and later"
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se ha informado de una vulnerabilidad de cross-site scripting (XSS) que afecta a varias versiones del sistema operativo QNAP. Si se explota, la vulnerabilidad podr\u00eda permitir a atacantes remotos que hayan obtenido acceso de administrador eludir los mecanismos de seguridad o leer datos de la aplicaci\u00f3n. Ya hemos corregido la vulnerabilidad en las siguientes versiones: QuLog Center 1.5.0.738 (06/03/2023) y posteriores QuLog Center 1.4.1.691 (01/03/2023) y posteriores QuLog Center 1.3.1.645 (22/02/2023) y posteriores"
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in Video Gallery by Total-Soft Video Gallery \u2013 YouTube Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Video Gallery \u2013 YouTube Gallery: from n/a through 1.7.6."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La vulnerabilidad de autorizaci\u00f3n faltante en Video Gallery de Total-Soft Video Gallery \u2013 YouTube Gallery permite explotar los niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Video Gallery \u2013 YouTube Gallery: desde n/a hasta 1.7.6."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@us.ibm.com",
|
||||
"published": "2024-03-03T16:15:49.777",
|
||||
"lastModified": "2024-11-21T07:52:35.513",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in HashThemes Total allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Total: from n/a through 2.1.19."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La vulnerabilidad de autorizaci\u00f3n faltante en HashThemes Total permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Total: desde n/a hasta 2.1.19."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in HashThemes Viral Mag allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Viral Mag: from n/a through 1.0.9."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La vulnerabilidad de autorizaci\u00f3n faltante en HashThemes Viral Mag permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Viral Mag: desde n/a hasta 1.0.9."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -3,12 +3,16 @@
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2024-12-14T02:15:05.010",
|
||||
"lastModified": "2024-12-16T18:15:05.407",
|
||||
"vulnStatus": "Received",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "In Menlo On-Premise Appliance before 2.88, web policy may not be consistently applied properly to intentionally malformed client requests. This is fixed in 2.88.2+, 2.89.1+, and 2.90.1+."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "En Menlo On-Premise Appliance anterior a la versi\u00f3n 2.88, es posible que la pol\u00edtica web no se aplique de manera correcta y consistente a las solicitudes de clientes malformadas intencionalmente. Esto se solucion\u00f3 en las versiones 2.88.2+, 2.89.1+ y 2.90.1+."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 10.5, 11.1 y 11.5 es vulnerable a la denegaci\u00f3n de servicio con una consulta especialmente manipulada."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in Matthew Ruddy Easing Slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easing Slider : from n/a through 3.0.8."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La vulnerabilidad de autorizaci\u00f3n faltante en Matthew Ruddy Easing Slider permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Easing Slider: desde n/a hasta 3.0.8."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in Link Whisper Link Whisper Free allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Link Whisper Free: from n/a through 0.6.3."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Vulnerabilidad de autorizaci\u00f3n faltante en Link Whisper Link Whisper Free permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Link Whisper Free: desde n/a hasta 0.6.3."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in wp3sixty Woo Custom Emails allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Woo Custom Emails: from n/a through 2.2."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La vulnerabilidad de autorizaci\u00f3n faltante en wp3sixty Woo Custom Emails permite explotar los niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a los correos electr\u00f3nicos personalizados de Woo: desde n/a hasta 2.2."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in Webcodin WCP Contact Form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WCP Contact Form: from n/a through 3.1.0."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La vulnerabilidad de autorizaci\u00f3n faltante en Webcodin WCP Contact Form permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta al formulario de contacto de WCP: desde n/a hasta 3.1.0."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in Webcodin WCP Contact Form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WCP Contact Form: from n/a through 3.1.0."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La vulnerabilidad de autorizaci\u00f3n faltante en Webcodin WCP Contact Form permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta al formulario de contacto de WCP: desde n/a hasta 3.1.0."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in Fahad Mahmood Injection Guard allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Injection Guard: from n/a through 1.2.1."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La vulnerabilidad de autorizaci\u00f3n faltante en Fahad Mahmood Injection Guard permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Injection Guard: desde n/a hasta 1.2.1."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in MobileMonkey WP-Chatbot for Messenger allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-Chatbot for Messenger: from n/a through 4.7."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La vulnerabilidad de autorizaci\u00f3n faltante en MobileMonkey WP-Chatbot para Messenger permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a WP-Chatbot para Messenger: desde n/a hasta 4.7."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in Total-Soft Portfolio Gallery \u2013 Responsive Image Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Portfolio Gallery \u2013 Responsive Image Gallery: from n/a through 1.4.6."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La vulnerabilidad de autorizaci\u00f3n faltante en Total-Soft Portfolio Gallery \u2013 Responsive Image Gallery permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Portfolio Gallery \u2013 Responsive Image Gallery: desde n/a hasta 1.4.6."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in Thomas Michalak Soundcloud Is Gold allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Soundcloud Is Gold: from n/a through 2.5.1."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La vulnerabilidad de autorizaci\u00f3n faltante en Thomas Michalak Soundcloud Is Gold permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Soundcloud Is Gold: desde n/a hasta 2.5.1."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in GS Plugins GS Pins for Pinterest allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GS Pins for Pinterest: from n/a through 1.6.7."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Vulnerabilidad de autorizaci\u00f3n faltante en GS Plugins GS Pins for Pinterest permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a GS Pins para Pinterest: desde n/a hasta 1.6.7."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in Bill Minozzi reCAPTCHA for all allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects reCAPTCHA for all: from n/a through 1.22."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La vulnerabilidad de autorizaci\u00f3n faltante en Bill Minozzi reCAPTCHA for all permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a reCAPTCHA para todos: desde n/a hasta 1.22."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in Booking Ultra Pro Booking Ultra Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booking Ultra Pro: from n/a through 1.1.12."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Vulnerabilidad de autorizaci\u00f3n faltante en Booking Ultra Pro Booking Ultra Pro permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Booking Ultra Pro: desde n/a hasta 1.1.12."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in 10up Simple Page Ordering allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Page Ordering: from n/a through 2.5.0."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La vulnerabilidad de autorizaci\u00f3n faltante en 10up Simple Page Ordering permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Simple Page Ordering: desde n/a hasta 2.5.0."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in a3rev Software WooCommerce Predictive Search allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Predictive Search: from n/a through 5.8.0."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La vulnerabilidad de autorizaci\u00f3n faltante en a3rev Software WooCommerce Predictive Search permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a WooCommerce Predictive Search: desde n/a hasta 5.8.0."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in Tagbox Taggbox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Taggbox: from n/a through 3.3."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Vulnerabilidad de autorizaci\u00f3n faltante en Tagbox Taggbox permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Taggbox: desde n/a hasta 3.3."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in wppal Easy Captcha allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Captcha: from n/a through 1.0."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La vulnerabilidad de autorizaci\u00f3n faltante en wppal Easy Captcha permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Easy Captcha: desde n/a hasta 1.0."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in WebToffee WordPress Backup & Migration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Backup & Migration: from n/a through 1.4.0."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La vulnerabilidad de autorizaci\u00f3n faltante en WebToffee WordPress Backup y Migration permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a WordPress Backup y Migration: desde n/a hasta 1.4.0."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in Jason Crouse, VeronaLabs Slimstat Analytics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Slimstat Analytics: from n/a through 5.0.5.1."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La vulnerabilidad de autorizaci\u00f3n faltante en Jason Crouse, VeronaLabs Slimstat Analytics permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Slimstat Analytics: desde n/a hasta 5.0.5.1."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in Photo Gallery Team Photo Gallery by 10Web allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Photo Gallery by 10Web: from n/a through 1.8.15."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Vulnerabilidad de autorizaci\u00f3n faltante en Photo Gallery Team Photo Gallery by 10Web permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Photo Gallery de 10Web: desde n/a hasta 1.8.15."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in \u0421leanTalk - Anti-Spam Protection Spam protection, AntiSpam, FireWall by CleanTalk allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spam protection, AntiSpam, FireWall by CleanTalk: from n/a through 6.10."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Vulnerabilidad de autorizaci\u00f3n faltante en ?leanTalk - Anti-Spam Protection Spam protection, AntiSpam, FireWall by CleanTalk permite explotar los niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a la protecci\u00f3n antispam, AntiSpam y FireWall de CleanTalk: desde n/a hasta 6.10."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in cybernetikz Easy Social Icons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Social Icons: from n/a through 3.2.5."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La vulnerabilidad de autorizaci\u00f3n faltante en cybernetikz Easy Social Icons permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Easy Social Icons: desde n/a hasta 3.2.5."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in Inisev Social Media & Share Icons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Social Media & Share Icons: from n/a through 2.8.1."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La vulnerabilidad de autorizaci\u00f3n faltante en Inisev Social Media & Share Icons permite explotar los niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a los \u00edconos de redes sociales y para compartir: desde n/a hasta 2.8.1."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in G5Theme Grid Plus allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Grid Plus: from n/a through 1.3.2."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La vulnerabilidad de autorizaci\u00f3n faltante en G5Theme Grid Plus permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Grid Plus: desde n/a hasta 1.3.2."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Uncanny Toolkit for LearnDash: from n/a through 3.6.4.3."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La vulnerabilidad de autorizaci\u00f3n faltante en Uncanny Owl Uncanny Toolkit para LearnDash permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Uncanny Toolkit para LearnDash: desde n/a hasta 3.6.4.3."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in Rextheme Change WooCommerce Add To Cart Button Text allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Change WooCommerce Add To Cart Button Text: from n/a through 1.3."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La vulnerabilidad de autorizaci\u00f3n faltante en Rextheme Change WooCommerce Add To Cart Button Text permite explotar los niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Cambiar texto de bot\u00f3n Agregar al carrito de WooCommerce: desde n/a hasta 1.3."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Loading…
x
Reference in New Issue
Block a user