admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-07-24T14:00:17.863007+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-07-24 14:03:13 +00:00
parent 684efb7412
commit 97aa7a28c3
129 changed files with 2426 additions and 451 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1553
CVE-2018/CVE-2018-01xx/CVE-2018-0180.json
View File

File diff suppressed because it is too large Load Diff

8
CVE-2020/CVE-2020-116xx/CVE-2020-11639.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2020-11639",
"sourceIdentifier": "cybersecurity@ch.abb.com",
"published": "2024-07-23T18:15:04.820",
"lastModified": "2024-07-23T18:15:04.820",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An attacker could exploit the vulnerability by\ninjecting garbage data or specially crafted data. Depending on the data injected each process might be\naffected differently. The process could crash or cause communication issues on the affected node, effectively causing a denial-of-service attack. The attacker could tamper with the data transmitted, causing\nthe product to store wrong information or act on wrong data or display wrong information.\n\n\nThis issue affects Advant MOD 300 AdvaBuild: from 3.0 through 3.7 SP2.\n\n\n\n\nFor an attack to be successful, the attacker must have local access to a node in the system and be able to\nstart a specially crafted application that disrupts the communication.\nAn attacker who successfully exploited the vulnerability would be able to manipulate the data in such\nway as allowing reads and writes to the controllers or cause Windows processes in 800xA for MOD 300\nand AdvaBuild to crash."
},
{
"lang": "es",
"value": "Un atacante podr\u00eda aprovechar la vulnerabilidad inyectando datos basura o datos especialmente manipulados. Dependiendo de los datos inyectados, cada proceso puede verse afectado de manera diferente. El proceso podr\u00eda fallar o causar problemas de comunicaci\u00f3n en el nodo afectado, provocando efectivamente un ataque de denegaci\u00f3n de servicio. El atacante podr\u00eda alterar los datos transmitidos, provocando que el producto almacene informaci\u00f3n incorrecta o act\u00fae sobre datos incorrectos o muestre informaci\u00f3n incorrecta. Este problema afecta a Advant MOD 300 AdvaBuild: desde 3.0 hasta 3.7 SP2. Para que un ataque tenga \u00e9xito, el atacante debe tener acceso local a un nodo del sistema y poder iniciar una aplicaci\u00f3n especialmente dise\u00f1ada que interrumpa la comunicaci\u00f3n. Un atacante que explotara con \u00e9xito la vulnerabilidad podr\u00eda manipular los datos de tal manera que permitiera lecturas y escrituras en los controladores o provocar que los procesos de Windows en 800xA para MOD 300 y AdvaBuild fallaran."
}
],
"metrics": {

8
CVE-2020/CVE-2020-116xx/CVE-2020-11640.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2020-11640",
"sourceIdentifier": "cybersecurity@ch.abb.com",
"published": "2024-07-23T18:15:05.083",
"lastModified": "2024-07-23T18:15:05.083",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "AdvaBuild uses a command queue to launch certain operations. An attacker who gains access to the\ncommand queue can use it to launch an attack by running any executable on the AdvaBuild node. The\nexecutables that can be run are not limited to AdvaBuild specific executables.\u00a0\n\nImproper Privilege Management vulnerability in ABB Advant MOD 300 AdvaBuild.This issue affects Advant MOD 300 AdvaBuild: from 3.0 through 3.7 SP2."
},
{
"lang": "es",
"value": "AdvaBuild utiliza una cola de comandos para iniciar determinadas operaciones. Un atacante que obtenga acceso a la cola de comandos puede usarla para lanzar un ataque ejecutando cualquier ejecutable en el nodo AdvaBuild. Los ejecutables que se pueden ejecutar no se limitan a ejecutables espec\u00edficos de AdvaBuild. Vulnerabilidad de gesti\u00f3n de privilegios inadecuada en ABB Advant MOD 300 AdvaBuild. Este problema afecta a Advant MOD 300 AdvaBuild: desde 3.0 hasta 3.7 SP2."
}
],
"metrics": {

8
CVE-2020/CVE-2020-241xx/CVE-2020-24102.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2020-24102",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-22T18:15:02.967",
"lastModified": "2024-07-22T18:15:02.967",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory Traversal vulnerability in Punkbuster pbsv.d64 2.351, allows remote attackers to execute arbitrary code."
},
{
"lang": "es",
"value": " Vulnerabilidad de Directory Traversal en Punkbuster pbsv.d64 2.351, permite a atacantes remotos ejecutar c\u00f3digo arbitrario."
}
],
"metrics": {},

4
CVE-2022/CVE-2022-206xx/CVE-2022-20699.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-20699",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2022-02-10T18:15:08.980",
"lastModified": "2023-11-07T03:42:39.557",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T13:48:50.880",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-03-03",
"cisaActionDue": "2022-03-17",

4
CVE-2022/CVE-2022-207xx/CVE-2022-20700.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-20700",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2022-02-10T18:15:09.033",
"lastModified": "2023-11-07T03:42:39.740",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T13:41:07.373",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-03-03",
"cisaActionDue": "2022-03-17",

4
CVE-2022/CVE-2022-207xx/CVE-2022-20701.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-20701",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2022-02-10T18:15:09.087",
"lastModified": "2023-11-07T03:42:39.943",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T13:38:21.353",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-03-03",
"cisaActionDue": "2022-03-17",

14
CVE-2022/CVE-2022-207xx/CVE-2022-20703.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-20703",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2022-02-10T18:15:09.197",
"lastModified": "2023-11-07T03:42:40.330",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T13:35:37.437",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-03-03",
"cisaActionDue": "2022-03-17",
@ -26,19 +26,19 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.5,
"exploitabilityScore": 2.1,
"impactScore": 5.9
},
{

16
CVE-2022/CVE-2022-207xx/CVE-2022-20708.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-20708",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2022-02-10T18:15:09.467",
"lastModified": "2023-11-07T03:42:41.357",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-24T13:34:53.930",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2022-03-03",
"cisaActionDue": "2022-03-17",
@ -26,19 +26,19 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"exploitabilityScore": 2.1,
"impactScore": 5.9
},
{

8
CVE-2023/CVE-2023-324xx/CVE-2023-32466.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2023-32466",
"sourceIdentifier": "security_alert@emc.com",
"published": "2024-07-24T07:15:01.953",
"lastModified": "2024-07-24T07:15:01.953",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Dell Edge Gateway BIOS, versions 3200 and 5200, contains an out-of-bounds write vulnerability. A local authenticated malicious user with high privileges could potentially exploit this vulnerability leading to exposure of some UEFI code, leading to arbitrary code execution or escalation of privilege."
},
{
"lang": "es",
"value": " El BIOS de Dell Edge Gateway, versiones 3200 y 5200, contiene una vulnerabilidad de escritura fuera de los l\u00edmites. Un usuario malicioso local autenticado con altos privilegios podr\u00eda explotar esta vulnerabilidad, lo que provocar\u00eda la exposici\u00f3n de alg\u00fan c\u00f3digo UEFI, lo que provocar\u00eda la ejecuci\u00f3n de c\u00f3digo arbitrario o una escalada de privilegios."
}
],
"metrics": {

4
CVE-2023/CVE-2023-324xx/CVE-2023-32471.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32471",
"sourceIdentifier": "security_alert@emc.com",
"published": "2024-07-24T08:15:02.393",
"lastModified": "2024-07-24T08:15:02.393",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2023/CVE-2023-483xx/CVE-2023-48362.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-48362",
"sourceIdentifier": "security@apache.org",
"published": "2024-07-24T08:15:02.627",
"lastModified": "2024-07-24T08:15:02.627",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

8
CVE-2024/CVE-2024-07xx/CVE-2024-0760.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-0760",
"sourceIdentifier": "security-officer@isc.org",
"published": "2024-07-23T15:15:03.520",
"lastModified": "2024-07-23T16:15:04.620",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. \nThis issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0 through 9.19.24, and 9.18.11-S1 through 9.18.27-S1."
},
{
"lang": "es",
"value": "Un cliente malintencionado puede enviar muchos mensajes DNS a trav\u00e9s de TCP, lo que podr\u00eda provocar que el servidor se vuelva inestable mientras el ataque est\u00e1 en curso. El servidor puede recuperarse una vez que cese el ataque. El uso de ACL no mitigar\u00e1 el ataque. Este problema afecta a las versiones 9.18.1 a 9.18.27, 9.19.0 a 9.19.24 y 9.18.11-S1 a 9.18.27-S1 de BIND 9."
}
],
"metrics": {

8
CVE-2024/CVE-2024-09xx/CVE-2024-0981.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-0981",
"sourceIdentifier": "psirt@okta.com",
"published": "2024-07-23T21:15:12.773",
"lastModified": "2024-07-23T21:15:12.773",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Okta Browser Plugin versions 6.5.0 through 6.31.0 (Chrome/Edge/Firefox/Safari) are vulnerable to cross-site scripting. This issue occurs when the plugin prompts the user to save these credentials within Okta Personal. A fix was implemented to properly escape these fields, addressing the vulnerability. Importantly, if Okta Personal is not added to the plugin to enable multi-account view, the Workforce Identity Cloud plugin is not affected by this issue. The vulnerability is fixed in Okta Browser Plugin version 6.32.0 for Chrome/Edge/Safari/Firefox."
},
{
"lang": "es",
"value": "Las versiones 6.5.0 a 6.31.0 de Okta Browser Plugin (Chrome/Edge/Firefox/Safari) son vulnerables a Cross Site Scripting. Este problema ocurre cuando el complemento solicita al usuario que guarde estas credenciales en Okta Personal. Se implement\u00f3 una soluci\u00f3n para escapar correctamente de estos campos, solucionando la vulnerabilidad. Es importante destacar que si Okta Personal no se agrega al complemento para habilitar la vista de m\u00faltiples cuentas, el complemento Workforce Identity Cloud no se ve afectado por este problema. La vulnerabilidad se solucion\u00f3 en Okta Browser Plugin versi\u00f3n 6.32.0 para Chrome/Edge/Safari/Firefox."
}
],
"metrics": {

8
CVE-2024/CVE-2024-15xx/CVE-2024-1575.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-1575",
"sourceIdentifier": "security@zyxel.com.tw",
"published": "2024-07-23T02:15:02.090",
"lastModified": "2024-07-23T02:15:02.090",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The improper privilege management vulnerability in the Zyxel WBE660S firmware version 6.70(ACGG.3) and earlier versions could allow an authenticated user to escalate privileges and download the configuration files on a vulnerable device."
},
{
"lang": "es",
"value": " La vulnerabilidad de administraci\u00f3n de privilegios incorrecta en la versi\u00f3n 6.70 (ACGG.3) del firmware Zyxel WBE660S y versiones anteriores podr\u00eda permitir a un usuario autenticado escalar privilegios y descargar los archivos de configuraci\u00f3n en un dispositivo vulnerable."
}
],
"metrics": {

8
CVE-2024/CVE-2024-17xx/CVE-2024-1737.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-1737",
"sourceIdentifier": "security-officer@isc.org",
"published": "2024-07-23T15:15:03.740",
"lastModified": "2024-07-23T16:15:04.713",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname (of any RTYPE) can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name.\nThis issue affects BIND 9 versions 9.11.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.4-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1."
},
{
"lang": "es",
"value": " Las cach\u00e9s de resoluci\u00f3n y las bases de datos de zonas autorizadas que contienen cantidades significativas de RR para el mismo nombre de host (de cualquier RTYPE) pueden sufrir un rendimiento degradado a medida que se agrega o actualiza contenido, y tambi\u00e9n al manejar consultas de clientes para este nombre. Este problema afecta a las versiones de BIND 9, 9.11.0 a 9.11.37, 9.16.0 a 9.16.50, 9.18.0 a 9.18.27, 9.19.0 a 9.19.24, 9.11.4-S1 a 9.11.37-S1. 9.16.8-S1 a 9.16.50-S1 y 9.18.11-S1 a 9.18.27-S1."
}
],
"metrics": {

8
CVE-2024/CVE-2024-19xx/CVE-2024-1975.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-1975",
"sourceIdentifier": "security-officer@isc.org",
"published": "2024-07-23T15:15:03.943",
"lastModified": "2024-07-23T16:15:04.797",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "If a server hosts a zone containing a \"KEY\" Resource Record, or a resolver DNSSEC-validates a \"KEY\" Resource Record from a DNSSEC-signed domain in cache, a client can exhaust resolver CPU resources by sending a stream of SIG(0) signed requests.\nThis issue affects BIND 9 versions 9.0.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.49-S1, and 9.18.11-S1 through 9.18.27-S1."
},
{
"lang": "es",
"value": "Si un servidor aloja una zona que contiene un registro de recursos \"KEY\", o un solucionador DNSSEC valida un registro de recursos \"KEY\" de un dominio firmado por DNSSEC en cach\u00e9, un cliente puede agotar los recursos de la CPU del solucionador enviando una secuencia de solicitudes firmadas SIG(0). Este problema afecta a las versiones de BIND 9 9.0.0 a 9.11.37, 9.16.0 a 9.16.50, 9.18.0 a 9.18.27, 9.19.0 a 9.19.24, 9.9.3-S1 a 9.11.37-S1, 9.16.8-S1 a 9.16.49-S1 y 9.18.11-S1 a 9.18.27-S1."
}
],
"metrics": {

8
CVE-2024/CVE-2024-215xx/CVE-2024-21552.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-21552",
"sourceIdentifier": "report@snyk.io",
"published": "2024-07-22T15:15:02.410",
"lastModified": "2024-07-22T15:15:02.410",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "All versions of `SuperAGI` are vulnerable to Arbitrary Code Execution due to unsafe use of the \u2018eval\u2019 function. An attacker could induce the LLM output to exploit this vulnerability and gain arbitrary code execution on the SuperAGI application server."
},
{
"lang": "es",
"value": " Todas las versiones de \"SuperAGI\" son vulnerables a la ejecuci\u00f3n de c\u00f3digo arbitrario debido al uso inseguro de la funci\u00f3n \"eval\". Un atacante podr\u00eda inducir la salida de LLM para explotar esta vulnerabilidad y obtener la ejecuci\u00f3n de c\u00f3digo arbitrario en el servidor de aplicaciones SuperAGI."
}
],
"metrics": {

8
CVE-2024/CVE-2024-245xx/CVE-2024-24507.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-24507",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-22T22:15:02.200",
"lastModified": "2024-07-22T22:15:02.200",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability in Act-On 2023 allows a remote attacker to execute arbitrary code via the newUser parameter in the login.jsp component."
},
{
"lang": "es",
"value": " La vulnerabilidad de Cross Site Scripting en Act-On 2023 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s del par\u00e1metro newUser en el componente login.jsp."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-256xx/CVE-2024-25638.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-25638",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-07-22T14:15:04.593",
"lastModified": "2024-07-22T14:15:04.593",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "dnsjava is an implementation of DNS in Java. Records in DNS replies are not checked for their relevance to the query, allowing an attacker to respond with RRs from different zones. This vulnerability is fixed in 3.6.0."
},
{
"lang": "es",
"value": "dnsjava es una implementaci\u00f3n de DNS en Java. No se verifica la relevancia de los registros en las respuestas DNS para la consulta, lo que permite que un atacante responda con RR de diferentes zonas. Esta vulnerabilidad se solucion\u00f3 en 3.6.0."
}
],
"metrics": {

8
CVE-2024/CVE-2024-260xx/CVE-2024-26020.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-26020",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-07-22T15:15:02.660",
"lastModified": "2024-07-22T17:15:03.240",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An arbitrary script execution vulnerability exists in the MPV functionality of Ankitects Anki 24.04. A specially crafted flashcard can lead to a arbitrary code execution. An attacker can send malicious flashcard to trigger this vulnerability."
},
{
"lang": "es",
"value": " Existe una vulnerabilidad de ejecuci\u00f3n de script arbitraria en la funcionalidad MPV de Ankitects Anki 24.04. Una tarjeta flash especialmente manipulada puede provocar la ejecuci\u00f3n de c\u00f3digo arbitrario. Un atacante puede enviar una tarjeta flash maliciosa para desencadenar esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2024/CVE-2024-286xx/CVE-2024-28698.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-28698",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-22T18:15:03.120",
"lastModified": "2024-07-22T18:15:03.120",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory Traversal vulnerability in Marimer LLC CSLA .Net before 8.0 allows a remote attacker to execute arbitrary code via a crafted script to the MobileFormatter component."
},
{
"lang": "es",
"value": "Vulnerabilidad de Directory Traversal en Marimer LLC CSLA .Net anterior a 8.0 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de un script manipulado para el componente MobileFormatter."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-290xx/CVE-2024-29070.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-29070",
"sourceIdentifier": "security@apache.org",
"published": "2024-07-23T09:15:02.503",
"lastModified": "2024-07-23T09:15:02.503",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "On versions before 2.1.4,\u00a0session is not invalidated after logout. When the user logged in successfully, the Backend service returns \"Authorization\" as the front-end authentication credential. \"Authorization\" can still initiate requests and access data even after logout.\n\nMitigation:\n\nall users should upgrade to 2.1.4\n\n"
},
{
"lang": "es",
"value": "En versiones anteriores a la 2.1.4, la sesi\u00f3n no se invalida despu\u00e9s de cerrar sesi\u00f3n. Cuando el usuario inicia sesi\u00f3n correctamente, el servicio Backend devuelve \"Authorization\" como credencial de autenticaci\u00f3n de front-end. La \"Authorization\" a\u00fan puede iniciar solicitudes y acceder a datos incluso despu\u00e9s de cerrar sesi\u00f3n. Mitigaci\u00f3n: todos los usuarios deben actualizar a 2.1.4"
}
],
"metrics": {},

8
CVE-2024/CVE-2024-290xx/CVE-2024-29073.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-29073",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-07-22T15:15:02.943",
"lastModified": "2024-07-22T17:15:03.340",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An vulnerability in the handling of Latex exists in Ankitects Anki 24.04. When Latex is sanitized to prevent unsafe commands, the verbatim package, which comes installed by default in many Latex distributions, has been overlooked. A specially crafted flashcard can lead to an arbitrary file read. An attacker can share a flashcard to trigger this vulnerability."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad en el manejo de Latex en Ankitects Anki 24.04. Cuando se desinfecta Latex para evitar comandos inseguros, se pasa por alto el paquete verbatim, que viene instalado de forma predeterminada en muchas distribuciones de Latex. Una tarjeta flash especialmente manipulada puede provocar la lectura de un archivo arbitrario. Un atacante puede compartir una tarjeta did\u00e1ctica para desencadenar esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2024/CVE-2024-321xx/CVE-2024-32152.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-32152",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-07-22T15:15:03.197",
"lastModified": "2024-07-22T17:15:03.493",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A blocklist bypass vulnerability exists in the LaTeX functionality of Ankitects Anki 24.04. A specially crafted malicious flashcard can lead to an arbitrary file creation at a fixed path. An attacker can share a malicious flashcard to trigger this vulnerability."
},
{
"lang": "es",
"value": " Existe una vulnerabilidad de omisi\u00f3n de lista de bloqueo en la funcionalidad LaTeX de Ankitects Anki 24.04. Una tarjeta flash maliciosa especialmente manipulada puede provocar la creaci\u00f3n de un archivo arbitrario en una ruta fija. Un atacante puede compartir una tarjeta flash maliciosa para desencadenar esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2024/CVE-2024-324xx/CVE-2024-32484.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-32484",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-07-22T15:15:03.417",
"lastModified": "2024-07-22T17:15:03.600",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An reflected XSS vulnerability exists in the handling of invalid paths in the Flask server in Ankitects Anki 24.04. A specially crafted flashcard can lead to JavaScript code execution and result in an arbitrary file read. An attacker can share a malicious flashcard to trigger this vulnerability."
},
{
"lang": "es",
"value": " Existe una vulnerabilidad XSS reflejado en el manejo de rutas no v\u00e1lidas en el servidor Flask en Ankitects Anki 24.04. Una tarjeta flash especialmente manipulada puede provocar la ejecuci\u00f3n de c\u00f3digo JavaScript y dar como resultado la lectura de un archivo arbitrario. Un atacante puede compartir una tarjeta flash maliciosa para desencadenar esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2024/CVE-2024-32xx/CVE-2024-3246.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-3246",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-07-24T04:15:04.280",
"lastModified": "2024-07-24T04:15:04.280",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The LiteSpeed Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.2.0.1. This is due to missing or incorrect nonce validation. This makes it possible for unauthenticated attackers to update the token setting and inject malicious JavaScript via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
},
{
"lang": "es",
"value": "El complemento LiteSpeed Cache para WordPress es vulnerable a Cross-Site Request Forgery en todas las versiones hasta la 6.2.0.1 incluida. Esto se debe a una validaci\u00f3n nonce faltante o incorrecta. Esto hace posible que atacantes no autenticados actualicen la configuraci\u00f3n del token e inyecten JavaScript malicioso a trav\u00e9s de una solicitud falsificada, siempre que puedan enga\u00f1ar al administrador del sitio para que realice una acci\u00f3n como hacer clic en un enlace."
}
],
"metrics": {

4
CVE-2024/CVE-2024-32xx/CVE-2024-3297.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3297",
"sourceIdentifier": "cve-requests@bitdefender.com",
"published": "2024-07-24T08:15:02.880",
"lastModified": "2024-07-24T08:15:02.880",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

8
CVE-2024/CVE-2024-341xx/CVE-2024-34128.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-34128",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-07-23T12:15:09.763",
"lastModified": "2024-07-23T12:15:09.763",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field."
},
{
"lang": "es",
"value": "Las versiones 6.5.20 y anteriores de Adobe Experience Manager se ven afectadas por una vulnerabilidad de Cross Site Scripting (XSS) almacenado que podr\u00eda ser aprovechada por un atacante con pocos privilegios para inyectar scripts maliciosos en campos de formulario vulnerables. Se puede ejecutar JavaScript malicioso en el navegador de la v\u00edctima cuando navega a la p\u00e1gina que contiene el campo vulnerable."
}
],
"metrics": {

8
CVE-2024/CVE-2024-343xx/CVE-2024-34329.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-34329",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-22T20:15:03.673",
"lastModified": "2024-07-22T20:15:03.673",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Insecure permissions in Entrust Datacard XPS Card Printer Driver 8.4 and earlier allows unauthenticated attackers to execute arbitrary code as SYSTEM via a crafted DLL payload."
},
{
"lang": "es",
"value": " Los permisos inseguros en Entrust Datacard XPS Card Printer Driver 8.4 y versiones anteriores permiten a atacantes no autenticados ejecutar c\u00f3digo arbitrario como SYSTEM a trav\u00e9s de un payload DLL manipulado."
}
],
"metrics": {},

4
CVE-2024/CVE-2024-34xx/CVE-2024-3454.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3454",
"sourceIdentifier": "cve-requests@bitdefender.com",
"published": "2024-07-24T08:15:03.123",
"lastModified": "2024-07-24T08:15:03.123",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

8
CVE-2024/CVE-2024-373xx/CVE-2024-37380.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-37380",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-07-22T19:15:02.537",
"lastModified": "2024-07-22T19:15:02.537",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A misconfiguration on UniFi U6+ Access Point could cause an incorrect VLAN traffic forwarding to APs meshed to UniFi U6+ Access Point.\n\n\nAffected Products:\nUniFi U6+ Access Point (Version 6.6.65 and earlier) \n\n \nMitigation:\nUpdate your UniFi U6+ Access Point to Version 6.6.74 or later.\n"
},
{
"lang": "es",
"value": " Una mala configuraci\u00f3n en UniFi U6+ Access Point podr\u00eda causar un reenv\u00edo de tr\u00e1fico VLAN incorrecto a los AP conectados al punto de acceso UniFi U6+. Productos afectados: UniFi U6+ Access Point (Versi\u00f3n 6.6.65 y anteriores) Mitigaci\u00f3n: Actualice su UniFi U6+ UniFi U6+ Access Point a la versi\u00f3n 6.6.74 o posterior."
}
],
"metrics": {

8
CVE-2024/CVE-2024-379xx/CVE-2024-37998.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-37998",
"sourceIdentifier": "productcert@siemens.com",
"published": "2024-07-22T14:15:05.453",
"lastModified": "2024-07-22T14:15:05.453",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V5.40), SICORE Base system (All versions < V1.4.0). The password of administrative accounts of the affected applications can be reset without requiring the knowledge of the current password, given the auto login is enabled. This could allow an unauthorized attacker to obtain administrative access of the affected applications."
},
{
"lang": "es",
"value": " Se ha identificado una vulnerabilidad en CPCI85 Central Processing/Communication/ (todas las versiones &lt; V5.40), SICORE Base system (todas las versiones &lt; V1.4.0). La contrase\u00f1a de las cuentas administrativas de las aplicaciones afectadas se puede restablecer sin necesidad de conocer la contrase\u00f1a actual, siempre que el inicio de sesi\u00f3n autom\u00e1tico est\u00e9 habilitado. Esto podr\u00eda permitir que un atacante no autorizado obtenga acceso administrativo a las aplicaciones afectadas."
}
],
"metrics": {

8
CVE-2024/CVE-2024-381xx/CVE-2024-38164.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-38164",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-07-23T22:15:08.420",
"lastModified": "2024-07-23T22:15:08.420",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [
{
"sourceIdentifier": "secure@microsoft.com",
@ -16,6 +16,10 @@
{
"lang": "en",
"value": "An improper access control vulnerability in GroupMe allows an a unauthenticated attacker to elevate privileges over a network by convincing a user to click on a malicious link.\n"
},
{
"lang": "es",
"value": " Una vulnerabilidad de control de acceso inadecuado en GroupMe permite a un atacante no autenticado elevar los privilegios en una red convenciendo a un usuario de hacer clic en un enlace malicioso."
}
],
"metrics": {

8
CVE-2024/CVE-2024-381xx/CVE-2024-38176.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-38176",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-07-23T22:15:08.660",
"lastModified": "2024-07-23T22:15:08.660",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [
{
"sourceIdentifier": "secure@microsoft.com",
@ -16,6 +16,10 @@
{
"lang": "en",
"value": "An improper restriction of excessive authentication attempts in GroupMe allows a unauthenticated attacker to elevate privileges over a network.\n"
},
{
"lang": "es",
"value": "Una restricci\u00f3n inadecuada de intentos excesivos de autenticaci\u00f3n en GroupMe permite que un atacante no autenticado eleve los privilegios en una red."
}
],
"metrics": {

8
CVE-2024/CVE-2024-389xx/CVE-2024-38944.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-38944",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-22T19:15:02.760",
"lastModified": "2024-07-22T19:15:02.760",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in Intelight X-1L Traffic controller Maxtime v.1.9.6 allows a remote attacker to execute arbitrary code via the /cgi-bin/generateForm.cgi?formID=142 component."
},
{
"lang": "es",
"value": "Un problema en Intelight X-1L Traffic controller Maxtime v.1.9.6 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s del componente /cgi-bin/generateForm.cgi?formID=142."
}
],
"metrics": {},

60
CVE-2024/CVE-2024-38xx/CVE-2024-3896.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-3896",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-07-24T13:15:10.453",
"lastModified": "2024-07-24T13:15:10.453",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery, Images, Slider in Rbs Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the the Gallery title field in all versions up to, and including, 3.2.19 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3100759/robo-gallery",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/69ab404b-1c2f-441b-8622-3cf830587d95?source=cve",
"source": "security@wordfence.com"
}
]
}

8
CVE-2024/CVE-2024-392xx/CVE-2024-39250.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-39250",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-22T20:15:04.057",
"lastModified": "2024-07-22T20:15:04.057",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "EfroTech Timetrax v8.3 was discovered to contain an unauthenticated SQL injection vulnerability via the q parameter in the search web interface."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que EfroTech Timetrax v8.3 conten\u00eda una vulnerabilidad de inyecci\u00f3n SQL no autenticada a trav\u00e9s del par\u00e1metro q en la interfaz web de b\u00fasqueda."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-396xx/CVE-2024-39601.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-39601",
"sourceIdentifier": "productcert@siemens.com",
"published": "2024-07-22T14:15:06.107",
"lastModified": "2024-07-22T14:15:06.107",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V5.40), SICORE Base system (All versions < V1.4.0). Affected devices allow a remote authenticated user or an unauthenticated user with physical access to downgrade the firmware of the device. This could allow an attacker to downgrade the device to older versions with known vulnerabilities."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en CPCI85 Central Processing/Communication (todas las versiones &lt; V5.40), SICORE Base system (todas las versiones &lt; V1.4.0). Los dispositivos afectados permiten que un usuario autenticado remoto o un usuario no autenticado con acceso f\u00edsico degraden el firmware del dispositivo. Esto podr\u00eda permitir a un atacante degradar el dispositivo a versiones anteriores con vulnerabilidades conocidas."
}
],
"metrics": {

4
CVE-2024/CVE-2024-396xx/CVE-2024-39676.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-39676",
"sourceIdentifier": "security@apache.org",
"published": "2024-07-24T08:15:02.773",
"lastModified": "2024-07-24T08:15:02.773",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

8
CVE-2024/CVE-2024-396xx/CVE-2024-39685.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-39685",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-07-22T16:15:03.417",
"lastModified": "2024-07-22T16:15:03.417",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Bert-VITS2 is the VITS2 Backbone with multilingual bert. User input supplied to the data_dir variable is used directly in a command executed with subprocess.run(cmd, shell=True) in the resample function, which leads to arbitrary command execution. This affects fishaudio/Bert-VITS2 2.3 and earlier."
},
{
"lang": "es",
"value": "Bert-VITS2 es la columna vertebral de VITS2 con bert multiling\u00fce. La entrada del usuario proporcionada a la variable data_dir se usa directamente en un comando ejecutado con subprocess.run(cmd, shell=True) en la funci\u00f3n resample, lo que conduce a la ejecuci\u00f3n de un comando arbitrario. Esto afecta a fishaudio/Bert-VITS2 2.3 y versiones anteriores."
}
],
"metrics": {

8
CVE-2024/CVE-2024-396xx/CVE-2024-39686.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-39686",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-07-22T16:15:03.657",
"lastModified": "2024-07-22T16:15:03.657",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Bert-VITS2 is the VITS2 Backbone with multilingual bert. User input supplied to the data_dir variable is used directly in a command executed with subprocess.run(cmd, shell=True) in the bert_gen function, which leads to arbitrary command execution. This affects fishaudio/Bert-VITS2 2.3 and earlier."
},
{
"lang": "es",
"value": " Bert-VITS2 es la columna vertebral de VITS2 con bert multiling\u00fce. La entrada del usuario proporcionada a la variable data_dir se usa directamente en un comando ejecutado con subprocess.run(cmd, shell=True) en la funci\u00f3n bert_gen, lo que conduce a la ejecuci\u00f3n de comandos arbitrarios. Esto afecta a fishaudio/Bert-VITS2 2.3 y versiones anteriores."
}
],
"metrics": {

8
CVE-2024/CVE-2024-396xx/CVE-2024-39688.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-39688",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-07-22T16:15:03.883",
"lastModified": "2024-07-22T16:15:03.883",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Bert-VITS2 is the VITS2 Backbone with multilingual bert. User input supplied to the data_dir variable is concatenated with other folders and used to open a new file in the generate_config function, which leads to a limited file write. The issue allows for writing /config/config.json file in arbitrary directory on the server. If a given directory path doesn\u2019t exist, the application will return an error, so this vulnerability could also be used to gain information about existing directories on the server. This affects fishaudio/Bert-VITS2 2.3 and earlier."
},
{
"lang": "es",
"value": "Bert-VITS2 es la columna vertebral de VITS2 con bert multiling\u00fce. La entrada del usuario proporcionada a la variable data_dir se concatena con otras carpetas y se usa para abrir un nuevo archivo en la funci\u00f3n generate_config, lo que conduce a una escritura de archivo limitada. El problema permite escribir el archivo /config/config.json en un directorio arbitrario del servidor. Si una ruta de directorio determinada no existe, la aplicaci\u00f3n devolver\u00e1 un error, por lo que esta vulnerabilidad tambi\u00e9n podr\u00eda usarse para obtener informaci\u00f3n sobre directorios existentes en el servidor. Esto afecta a fishaudio/Bert-VITS2 2.3 y versiones anteriores."
}
],
"metrics": {

8
CVE-2024/CVE-2024-397xx/CVE-2024-39702.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-39702",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-23T16:15:05.557",
"lastModified": "2024-07-24T05:15:12.813",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In lj_str_hash.c in OpenResty 1.19.3.1 through 1.25.3.1, the string hashing function (used during string interning) allows HashDoS (Hash Denial of Service) attacks. An attacker could cause excessive resource usage during proxy operations via crafted requests, potentially leading to a denial of service with relatively few incoming requests. This vulnerability only exists in the OpenResty fork in the openresty/luajit2 GitHub repository. The LuaJIT/LuaJIT repository. is unaffected."
},
{
"lang": "es",
"value": " En lj_str_hash.c en OpenResty 1.19.3.1 a 1.25.3.1, la funci\u00f3n hash de cadena (utilizada durante el internamiento de cadenas) permite ataques HashDoS (denegaci\u00f3n de servicio de hash). Un atacante podr\u00eda provocar un uso excesivo de recursos durante las operaciones de proxy a trav\u00e9s de solicitudes manipuladas, lo que podr\u00eda provocar una denegaci\u00f3n de servicio con relativamente pocas solicitudes entrantes. Esta vulnerabilidad solo existe en la bifurcaci\u00f3n OpenResty en el repositorio de GitHub openresty/luajit2. El repositorio LuaJIT/LuaJIT. no se ve afectado."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-399xx/CVE-2024-39902.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-39902",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-07-22T14:15:06.383",
"lastModified": "2024-07-22T14:15:06.383",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Tuleap is an open source suite to improve management of software developments and collaboration. Prior to Tuleap Community Edition 15.10.99.128 and Tuleap Enterprise Edition 15.10-6 and 15.9-8, the checkbox \"Apply same permissions to all sub-items of this folder\" in the document manager permissions modal is not taken into account and always considered as unchecked. In situations where the permissions are being restricted some users might still keep, incorrectly, the possibility to edit or manage items. Only change made via the web UI are affected, changes directly made via the REST API are not impacted. This vulnerability is fixed in Tuleap Community Edition 15.10.99.128 and Tuleap Enterprise Edition 15.10-6 and 15.9-8."
},
{
"lang": "es",
"value": "Tuleap es una suite de c\u00f3digo abierto para mejorar la gesti\u00f3n de los desarrollos de software y la colaboraci\u00f3n. Antes de Tuleap Community Edition 15.10.99.128 y Tuleap Enterprise Edition 15.10-6 y 15.9-8, la casilla de verificaci\u00f3n \"Apply same permissions to all sub-items of this folder\" en el modo de permisos del administrador de documentos no se tiene en cuenta y siempre se considera como desmarcada. En situaciones en las que se restringen los permisos, es posible que algunos usuarios a\u00fan mantengan, incorrectamente, la posibilidad de editar o administrar elementos. Solo se ven afectados los cambios realizados a trav\u00e9s de la interfaz de usuario web; los cambios realizados directamente a trav\u00e9s de la API REST no se ven afectados. Esta vulnerabilidad se solucion\u00f3 en Tuleap Community Edition 15.10.99.128 y Tuleap Enterprise Edition 15.10-6 y 15.9-8."
}
],
"metrics": {

8
CVE-2024/CVE-2024-400xx/CVE-2024-40051.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-40051",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-22T18:15:03.700",
"lastModified": "2024-07-22T18:15:03.700",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IP Guard v4.81.0307.0 was discovered to contain an arbitrary file read vulnerability via the file name parameter."
},
{
"lang": "es",
"value": " Se descubri\u00f3 que IP Guard v4.81.0307.0 conten\u00eda una vulnerabilidad de lectura de archivos arbitraria a trav\u00e9s del par\u00e1metro file name."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-400xx/CVE-2024-40060.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-40060",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-23T15:15:04.810",
"lastModified": "2024-07-23T15:15:04.810",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "go-chart v2.1.1 was discovered to contain an infinite loop via the drawCanvas() function."
},
{
"lang": "es",
"value": " Se descubri\u00f3 que go-chart v2.1.1 contiene un bucle infinito a trav\u00e9s de la funci\u00f3n drawCanvas()."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-400xx/CVE-2024-40075.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-40075",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-22T19:15:02.867",
"lastModified": "2024-07-22T19:15:02.867",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Laravel v11.x was discovered to contain an XML External Entity (XXE) vulnerability."
},
{
"lang": "es",
"value": " Se descubri\u00f3 que Laravel v11.x contiene una vulnerabilidad de XML External Entity (XXE)."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-405xx/CVE-2024-40502.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-40502",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-22T21:15:04.077",
"lastModified": "2024-07-22T21:15:04.077",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in Hospital Management System Project in ASP.Net MVC 1 allows aremote attacker to execute arbitrary code via the btn_login_b_Click function of the Loginpage.aspx"
},
{
"lang": "es",
"value": " Vulnerabilidad de inyecci\u00f3n SQL en Hospital Management System Project in ASP.Net MVC 1 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de la funci\u00f3n btn_login_b_Click de Loginpage.aspx"
}
],
"metrics": {},

8
CVE-2024/CVE-2024-406xx/CVE-2024-40634.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-40634",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-07-22T18:15:03.770",
"lastModified": "2024-07-22T18:15:03.770",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. This report details a security vulnerability in Argo CD, where an unauthenticated attacker can send a specially crafted large JSON payload to the /api/webhook endpoint, causing excessive memory allocation that leads to service disruption by triggering an Out Of Memory (OOM) kill. The issue poses a high risk to the availability of Argo CD deployments. This vulnerability is fixed in 2.11.6, 2.10.15, and 2.9.20.\n"
},
{
"lang": "es",
"value": "Argo CD es una herramienta declarativa de entrega continua de GitOps para Kubernetes. Este informe detalla una vulnerabilidad de seguridad en Argo CD, donde un atacante no autenticado puede enviar un gran payload JSON especialmente manipulado al endpoint /api/webhook, lo que provoca una asignaci\u00f3n excesiva de memoria que conduce a la interrupci\u00f3n del servicio al desencadenar un Out Of Memory (OOM) kill. El problema plantea un alto riesgo para la disponibilidad de las implementaciones de Argo CD. Esta vulnerabilidad se solucion\u00f3 en 2.11.6, 2.10.15 y 2.9.20."
}
],
"metrics": {

8
CVE-2024/CVE-2024-407xx/CVE-2024-40767.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-40767",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-24T05:15:12.907",
"lastModified": "2024-07-24T05:15:12.907",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In OpenStack Nova before 27.4.1, 28 before 28.2.1, and 29 before 29.1.1, by supplying a raw format image that is actually a crafted QCOW2 image with a backing file path or VMDK flat image with a descriptor file path, an authenticated user may convince systems to return a copy of the referenced file's contents from the server, resulting in unauthorized access to potentially sensitive data. All Nova deployments are affected. NOTE: this issue exists because of an incomplete fix for CVE-2022-47951 and CVE-2024-32498."
},
{
"lang": "es",
"value": "En OpenStack Nova anterior a 27.4.1, 28 anterior a 28.2.1 y 29 anterior a 29.1.1, al proporcionar una imagen sin formato que en realidad es una imagen QCOW2 manipulada con una ruta de archivo de respaldo o una imagen plana VMDK con una ruta de archivo descriptiva, se El usuario autenticado puede convencer a los sistemas para que devuelvan una copia del contenido del archivo al que se hace referencia desde el servidor, lo que resulta en un acceso no autorizado a datos potencialmente confidenciales. Todas las implementaciones de Nova se ven afectadas. NOTA: este problema existe debido a una soluci\u00f3n incompleta para CVE-2022-47951 y CVE-2024-32498."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-40xx/CVE-2024-4076.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-4076",
"sourceIdentifier": "security-officer@isc.org",
"published": "2024-07-23T15:15:05.500",
"lastModified": "2024-07-23T16:15:06.287",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Client queries that trigger serving stale data and that also require lookups in local authoritative zone data may result in an assertion failure.\nThis issue affects BIND 9 versions 9.16.13 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.33-S1 through 9.11.37-S1, 9.16.13-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1."
},
{
"lang": "es",
"value": " Las consultas de los clientes que desencadenan la entrega de datos obsoletos y que tambi\u00e9n requieren b\u00fasquedas en datos de la zona autorizada local pueden provocar un error de aserci\u00f3n. Este problema afecta a las versiones de BIND 9, 9.16.13 a 9.16.50, 9.18.0 a 9.18.27, 9.19.0 a 9.19.24, 9.11.33-S1 a 9.11.37-S1, 9.16.13-S1 a 9.16. 50-S1 y 9.18.11-S1 a 9.18.27-S1."
}
],
"metrics": {

8
CVE-2024/CVE-2024-40xx/CVE-2024-4079.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-4079",
"sourceIdentifier": "security@ni.com",
"published": "2024-07-23T14:15:14.353",
"lastModified": "2024-07-23T14:15:14.353",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An out of bounds read due to a missing bounds check in LabVIEW may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q1 and prior versions."
},
{
"lang": "es",
"value": "Una lectura fuera de los l\u00edmites debido a una verificaci\u00f3n de l\u00edmites faltantes en LabVIEW puede revelar informaci\u00f3n o resultar en la ejecuci\u00f3n de c\u00f3digo arbitrario. La explotaci\u00f3n exitosa requiere que un atacante proporcione al usuario un VI especialmente manipulado. Esta vulnerabilidad afecta a LabVIEW 2024 Q1 y versiones anteriores."
}
],
"metrics": {

8
CVE-2024/CVE-2024-40xx/CVE-2024-4080.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-4080",
"sourceIdentifier": "security@ni.com",
"published": "2024-07-23T14:15:14.590",
"lastModified": "2024-07-23T14:15:14.590",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A memory corruption issue due to an improper length check in LabVIEW tdcore.dll may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q1 and prior versions."
},
{
"lang": "es",
"value": " Un problema de corrupci\u00f3n de memoria debido a una verificaci\u00f3n de longitud incorrecta en LabVIEW tdcore.dll puede revelar informaci\u00f3n o resultar en la ejecuci\u00f3n de c\u00f3digo arbitrario. La explotaci\u00f3n exitosa requiere que un atacante proporcione al usuario un VI especialmente manipulado. Esta vulnerabilidad afecta a LabVIEW 2024 Q1 y versiones anteriores."
}
],
"metrics": {

8
CVE-2024/CVE-2024-40xx/CVE-2024-4081.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-4081",
"sourceIdentifier": "security@ni.com",
"published": "2024-07-23T14:15:14.837",
"lastModified": "2024-07-23T14:15:14.837",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A memory corruption issue due to an improper length check in NI LabVIEW may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects NI LabVIEW 2024 Q1 and prior versions."
},
{
"lang": "es",
"value": " Un problema de corrupci\u00f3n de memoria debido a una verificaci\u00f3n de longitud inadecuada en NI LabVIEW puede revelar informaci\u00f3n o resultar en la ejecuci\u00f3n de c\u00f3digo arbitrario. La explotaci\u00f3n exitosa requiere que un atacante proporcione al usuario un VI especialmente manipulado. Esta vulnerabilidad afecta a NI LabVIEW 2024 Q1 y versiones anteriores."
}
],
"metrics": {

4
CVE-2024/CVE-2024-410xx/CVE-2024-41012.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41012",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-07-23T08:15:01.877",
"lastModified": "2024-07-23T08:15:01.877",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

8
CVE-2024/CVE-2024-411xx/CVE-2024-41129.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-41129",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-07-22T15:15:03.710",
"lastModified": "2024-07-22T15:15:03.710",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ops library is a Python framework for developing and testing Kubernetes and machine charms. The issue here is that ops passes the secret content as one of the args via CLI. This issue may affect any of the charms that are using: Juju (>=3.0), Juju secrets and not correctly capturing and processing `subprocess.CalledProcessError`. This vulnerability is fixed in 2.15.0."
},
{
"lang": "es",
"value": "La librer\u00eda ops es un framework de Python para desarrollar y probar Kubernetes y accesos a m\u00e1quinas. El problema aqu\u00ed es que ops pasa el contenido secreto como uno de los argumentos a trav\u00e9s de CLI. Este problema puede afectar cualquiera de los accesos que est\u00e1n usando: Juju (&gt;=3.0), Juju secrets y no capturen ni procesen correctamente `subprocess.CalledProcessError`. Esta vulnerabilidad se solucion\u00f3 en 2.15.0."
}
],
"metrics": {

8
CVE-2024/CVE-2024-411xx/CVE-2024-41130.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-41130",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-07-22T18:15:04.013",
"lastModified": "2024-07-22T18:15:04.013",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "llama.cpp provides LLM inference in C/C++. Prior to b3427, llama.cpp contains a null pointer dereference in gguf_init_from_file. This vulnerability is fixed in b3427."
},
{
"lang": "es",
"value": " llama.cpp proporciona inferencia LLM en C/C++. Antes de b3427, llama.cpp contiene una desreferencia de puntero nulo en gguf_init_from_file. Esta vulnerabilidad se soluciona en b3427."
}
],
"metrics": {

8
CVE-2024/CVE-2024-411xx/CVE-2024-41131.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-41131",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-07-22T15:15:03.933",
"lastModified": "2024-07-22T15:15:03.933",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ImageSharp is a 2D graphics API. An Out-of-bounds Write vulnerability has been found in the ImageSharp gif decoder, allowing attackers to cause a crash using a specially crafted gif. This can potentially lead to denial of service. All users are advised to upgrade to v3.1.5 or v2.1.9."
},
{
"lang": "es",
"value": " ImageSharp es una API de gr\u00e1ficos 2D. Se ha encontrado una vulnerabilidad de escritura fuera de los l\u00edmites en el decodificador de gif de ImageSharp, lo que permite a los atacantes provocar un bloqueo utilizando un gif especialmente manipulado. Esto puede conducir potencialmente a la denegaci\u00f3n del servicio. Se recomienda a todos los usuarios que actualicen a v3.1.5 o v2.1.9."
}
],
"metrics": {

8
CVE-2024/CVE-2024-411xx/CVE-2024-41132.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-41132",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-07-22T15:15:04.160",
"lastModified": "2024-07-22T15:15:04.160",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ImageSharp is a 2D graphics API. A vulnerability discovered in the ImageSharp library, where the processing of specially crafted files can lead to excessive memory usage in the Gif decoder. The vulnerability is triggered when ImageSharp attempts to process image files that are designed to exploit this flaw. All users are advised to upgrade to v3.1.5 or v2.1.9."
},
{
"lang": "es",
"value": " ImageSharp es una API de gr\u00e1ficos 2D. Una vulnerabilidad descubierta en la librer\u00eda ImageSharp, donde el procesamiento de archivos especialmente manipulados puede provocar un uso excesivo de memoria en el decodificador Gif. La vulnerabilidad se activa cuando ImageSharp intenta procesar archivos de imagen dise\u00f1ados para explotar este fallo. Se recomienda a todos los usuarios que actualicen a v3.1.5 o v2.1.9."
}
],
"metrics": {

8
CVE-2024/CVE-2024-411xx/CVE-2024-41178.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-41178",
"sourceIdentifier": "security@apache.org",
"published": "2024-07-23T17:15:12.663",
"lastModified": "2024-07-23T19:15:13.377",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Exposure of temporary credentials in logs\u00a0in Apache Arrow Rust Object Store (`object_store` crate), version 0.10.1 and earlier on all platforms using AWS WebIdentityTokens.\u00a0\n\nOn certain error conditions, the logs may contain the OIDC token passed to AssumeRoleWithWebIdentity https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRoleWithWebIdentity.html . This allows someone with access to the logs to impersonate that identity, including performing their own calls to AssumeRoleWithWebIdentity, until the OIDC token expires. Typically OIDC tokens are valid for up to an hour, although this will vary depending on the issuer.\n\nUsers are recommended to use a different AWS authentication mechanism, disable logging or upgrade to version 0.10.2, which fixes this issue.\n\nDetails:\n\nWhen using AWS WebIdentityTokens with the object_store crate, in the event of a failure and automatic retry, the underlying reqwest error, including the full URL with the credentials, potentially in the parameters, is written to the logs.\u00a0\n\nThanks to Paul\u00a0Hatcherian for reporting this vulnerability"
},
{
"lang": "es",
"value": "Exposici\u00f3n de credenciales temporales en registros en Apache Arrow Rust Object Store (caja `object_store`), versi\u00f3n 0.10.1 y anteriores en todas las plataformas que utilizan AWS WebIdentityTokens. En determinadas condiciones de error, los registros pueden contener el token OIDC pasado a AssumeRoleWithWebIdentity https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRoleWithWebIdentity.html. Esto permite que alguien con acceso a los registros se haga pasar por esa identidad, incluida la realizaci\u00f3n de sus propias llamadas a AssumeRoleWithWebIdentity, hasta que caduque el token OIDC. Normalmente, los tokens OIDC son v\u00e1lidos por hasta una hora, aunque esto variar\u00e1 seg\u00fan el emisor. Se recomienda a los usuarios utilizar un mecanismo de autenticaci\u00f3n de AWS diferente, deshabilitar el registro o actualizar a la versi\u00f3n 0.10.2, que soluciona este problema. Detalles: cuando se utilizan AWS WebIdentityTokens con la caja object_store, en caso de error y reintento autom\u00e1tico, el error de solicitud subyacente, incluida la URL completa con las credenciales, potencialmente en los par\u00e1metros, se escribe en los registros. Gracias a Paul Hatcherian por informar de esta vulnerabilidad."
}
],
"metrics": {},

4
CVE-2024/CVE-2024-413xx/CVE-2024-41314.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41314",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-22T14:15:06.627",
"lastModified": "2024-07-23T16:15:05.710",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-413xx/CVE-2024-41315.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41315",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-22T14:15:06.693",
"lastModified": "2024-07-23T16:15:05.773",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-413xx/CVE-2024-41316.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41316",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-22T14:15:06.757",
"lastModified": "2024-07-23T16:15:05.843",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-413xx/CVE-2024-41317.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41317",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-22T14:15:06.817",
"lastModified": "2024-07-23T16:15:05.910",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-413xx/CVE-2024-41318.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41318",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-22T14:15:06.880",
"lastModified": "2024-07-23T15:15:04.973",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

8
CVE-2024/CVE-2024-413xx/CVE-2024-41319.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-41319",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-23T15:15:05.050",
"lastModified": "2024-07-23T15:15:05.050",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the cmd parameter in the webcmd function."
},
{
"lang": "es",
"value": " Se descubri\u00f3 que TOTOLINK A6000R V1.0.1-B20201211.2000 contiene una vulnerabilidad de inyecci\u00f3n de comandos a trav\u00e9s del par\u00e1metro cmd en la funci\u00f3n webcmd."
}
],
"metrics": {},

4
CVE-2024/CVE-2024-413xx/CVE-2024-41320.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41320",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-22T14:15:06.940",
"lastModified": "2024-07-23T15:15:05.133",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

8
CVE-2024/CVE-2024-416xx/CVE-2024-41655.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-41655",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-07-23T15:15:05.207",
"lastModified": "2024-07-23T15:15:05.207",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TF2 Item Format helps users format TF2 items to the community standards. Versions of `tf2-item-format` since at least `4.2.6` and prior to `5.9.14` are vulnerable to a Regular Expression Denial of Service (ReDoS) attack when parsing crafted user input. This vulnerability can be exploited by an attacker to perform DoS attacks on any service that uses any `tf2-item-format` to parse user input. Version `5.9.14` contains a fix for the issue."
},
{
"lang": "es",
"value": "TF2 Item Format ayuda a los usuarios a formatear los elementos TF2 seg\u00fan los est\u00e1ndares de la comunidad. Las versiones de `tf2-item-format` desde al menos `4.2.6` y anteriores a `5.9.14` son vulnerables a un ataque de denegaci\u00f3n de servicio de expresi\u00f3n regular (ReDoS) al analizar entradas de usuario manipuladas. Un atacante puede aprovechar esta vulnerabilidad para realizar ataques DoS en cualquier servicio que utilice cualquier \"tf2-item-format\" para analizar la entrada del usuario. La versi\u00f3n `5.9.14` contiene una soluci\u00f3n para el problema."
}
],
"metrics": {

8
CVE-2024/CVE-2024-416xx/CVE-2024-41656.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-41656",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-07-23T22:15:08.970",
"lastModified": "2024-07-23T22:15:08.970",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Sentry is an error tracking and performance monitoring platform. Starting in version 10.0.0 and prior to version 24.7.1, an unsanitized payload sent by an Integration platform integration allows storing arbitrary HTML tags on the Sentry side with the subsequent rendering them on the Issues page. Self-hosted Sentry users may be impacted in case of untrustworthy Integration platform integrations sending external issues from their side to Sentry. A patch has been released in Sentry 24.7.1. For Sentry SaaS customers, no action is needed. This has been patched on July 23, and even prior to the fix, the exploitation was not possible due to the strict Content Security Policy deployed on sentry.io site. For self-hosted users, the maintainers of Sentry strongly recommend upgrading Sentry to the latest version. If it is not possible, one could enable CSP on one's self-hosted installation with `CSP_REPORT_ONLY = False` (enforcing mode). This will mitigate the risk of cross-site scripting."
},
{
"lang": "es",
"value": "Sentry es una plataforma de seguimiento de errores y supervisi\u00f3n del rendimiento. A partir de la versi\u00f3n 10.0.0 y antes de la versi\u00f3n 24.7.1, un payload no saneado enviado por una integraci\u00f3n de plataforma de integraci\u00f3n permite almacenar etiquetas HTML arbitrarias en el lado de Sentry y luego representarlas en la p\u00e1gina de Issues. Los usuarios de Sentry autohospedados pueden verse afectados en caso de integraciones de plataformas de integraci\u00f3n no confiables que env\u00eden problemas externos de su lado a Sentry. Se lanz\u00f3 un parche en Sentry 24.7.1. Para los clientes de Sentry SaaS, no es necesario realizar ninguna acci\u00f3n. Esto fue parcheado el 23 de julio e incluso antes de la soluci\u00f3n, la explotaci\u00f3n no era posible debido a la estricta Pol\u00edtica de seguridad de contenido implementada en el sitio sentry.io. Para los usuarios autohospedados, los mantenedores de Sentry recomiendan encarecidamente actualizar Sentry a la \u00faltima versi\u00f3n. Si no es posible, se podr\u00eda habilitar CSP en la instalaci\u00f3n autohospedada con `CSP_REPORT_ONLY = False` (enforcing mode). Esto mitigar\u00e1 el riesgo de Cross Site Scripting."
}
],
"metrics": {

8
CVE-2024/CVE-2024-416xx/CVE-2024-41661.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-41661",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-07-23T18:15:06.577",
"lastModified": "2024-07-23T18:15:06.577",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "reNgine is an automated reconnaissance framework for web applications. In versions 1.2.0 through 2.1.1, an authenticated command injection vulnerability in the WAF detection tool allows an authenticated attacker to remotely execute arbitrary commands as root user. The URL query parameter `url` is passed to `subprocess.check_output` without any sanitization, resulting in a command injection vulnerability. This API endpoint is accessible by authenticated users with any use role. Because the process runs as `root`, an attacker has root access. Commit edd3c85ee16f93804ad38dac5602549d2d30a93e contains a patch for the issue."
},
{
"lang": "es",
"value": "reNgine es un marco de reconocimiento automatizado para aplicaciones web. En las versiones 1.2.0 a 2.1.1, una vulnerabilidad de inyecci\u00f3n de comandos autenticados en la herramienta de detecci\u00f3n WAF permite a un atacante autenticado ejecutar comandos arbitrarios de forma remota como usuario root. El par\u00e1metro de consulta de URL `url` se pasa a `subprocess.check_output` sin ninguna sanitizaci\u00f3n, lo que genera una vulnerabilidad de inyecci\u00f3n de comando. Los usuarios autenticados con cualquier rol de uso pueden acceder a este API endpoint. Debido a que el proceso se ejecuta como \"root\", un atacante tiene acceso de root. La confirmaci\u00f3n edd3c85ee16f93804ad38dac5602549d2d30a93e contiene un parche para el problema."
}
],
"metrics": {

8
CVE-2024/CVE-2024-416xx/CVE-2024-41663.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-41663",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-07-23T16:15:06.070",
"lastModified": "2024-07-23T16:15:06.070",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Canarytokens help track activity and actions on a network. A Cross-Site Scripting vulnerability was identified in the \"Cloned Website\" Canarytoken, whereby the Canarytoken's creator can attack themselves. The creator of a slow-redirect Canarytoken can insert Javascript into the destination URL of their slow redirect token. When the creator later browses the management page for their own Canarytoken, the Javascript executes. This is a self-XSS. An attacker could create a Canarytoken with this self-XSS, and send the management link to a victim. When they click on it, the Javascript would execute. However, no sensitive information (ex. session information) will be disclosed to the malicious actor. This issue is now patched on Canarytokens.org. Users of self-hosted Canarytokens installations can update by pulling the latest Docker image, or any Docker image after `sha-097d91a`."
},
{
"lang": "es",
"value": "Los Canarytokens ayudan a rastrear la actividad y las acciones en una red. Se identific\u00f3 una vulnerabilidad de Cross Site Scripting en el Canarytoken \"Cloned Website\", mediante la cual el creador del Canarytoken puede atacarse a s\u00ed mismo. El creador de un Canarytoken de redireccionamiento lento puede insertar Javascript en la URL de destino de su token de redireccionamiento lento. Cuando el creador navega m\u00e1s tarde por la p\u00e1gina de administraci\u00f3n de su propio Canarytoken, se ejecuta Javascript. Este es un XSS propio. Un atacante podr\u00eda crear un Canarytoken con este XSS propio y enviar el enlace de administraci\u00f3n a una v\u00edctima. Cuando hacen clic en \u00e9l, se ejecutar\u00e1 Javascript. Sin embargo, no se revelar\u00e1 ninguna informaci\u00f3n confidencial (por ejemplo, informaci\u00f3n de sesi\u00f3n) al actor malicioso. Este problema ya est\u00e1 solucionado en Canarytokens.org. Los usuarios de instalaciones de Canarytokens autohospedadas pueden actualizar extrayendo la \u00faltima imagen de Docker o cualquier imagen de Docker despu\u00e9s de `sha-097d91a`."
}
],
"metrics": {

8
CVE-2024/CVE-2024-416xx/CVE-2024-41664.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-41664",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-07-23T17:15:12.767",
"lastModified": "2024-07-23T17:15:12.767",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Canarytokens help track activity and actions on a network. Prior to `sha-8ea5315`, Canarytokens.org was vulnerable to a blind SSRF in the Webhook alert feature. When a Canarytoken is created, users choose to receive alerts either via email or via a webhook. If a webhook is supplied when a Canarytoken is first created, the site will make a test request to the supplied URL to ensure it accepts alert notification HTTP requests. No safety checks were performed on the URL, leading to a Server-Side Request Forgery vulnerability. The SSRF is Blind because the content of the response is not displayed to the creating user; they are simply told whether an error occurred in making the test request. Using the Blind SSRF, it was possible to map out open ports for IPs inside the Canarytokens.org infrastructure. This issue is now patched on Canarytokens.org. Users of self-hosted Canarytokens installations can update by pulling the latest Docker image, or any Docker image after `sha-097d91a`."
},
{
"lang": "es",
"value": "Los Canarytokens ayudan a rastrear la actividad y las acciones en una red. Antes de `sha-8ea5315`, Canarytokens.org era vulnerable a SSRF ciego en la funci\u00f3n de alerta de Webhook. Cuando se crea un Canarytoken, los usuarios eligen recibir alertas por correo electr\u00f3nico o mediante un webhook. Si se proporciona un webhook cuando se crea un Canarytoken por primera vez, el sitio realizar\u00e1 una solicitud de prueba a la URL proporcionada para garantizar que acepta solicitudes HTTP de notificaci\u00f3n de alerta. No se realizaron comprobaciones de seguridad en la URL, lo que provoc\u00f3 una vulnerabilidad de Server-Side Request Forgery. El SSRF es ciego porque el contenido de la respuesta no se muestra al usuario creador; simplemente se les dice si ocurri\u00f3 un error al realizar la solicitud de prueba. Utilizando Blind SSRF, fue posible mapear puertos abiertos para IP dentro de la infraestructura de Canarytokens.org. Este problema ya est\u00e1 solucionado en Canarytokens.org. Los usuarios de instalaciones de Canarytokens autohospedadas pueden actualizar extrayendo la \u00faltima imagen de Docker o cualquier imagen de Docker despu\u00e9s de `sha-097d91a`."
}
],
"metrics": {

8
CVE-2024/CVE-2024-416xx/CVE-2024-41665.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-41665",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-07-23T18:15:06.790",
"lastModified": "2024-07-23T18:15:06.790",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Ampache, a web based audio/video streaming application and file manager, has a stored cross-site scripting (XSS) vulnerability in versions prior to 6.6.0. This vulnerability exists in the \"Playlists - Democratic - Configure Democratic Playlist\" feature. An attacker with Content Manager permissions can set the Name field to `<svg onload=alert(8)>`. When any administrator or user accesses the Democratic functionality, they will be affected by this stored XSS vulnerability. The attacker can exploit this vulnerability to obtain the cookies of any user or administrator who accesses the `democratic.php` file. Version 6.6.0 contains a patch for the issue."
},
{
"lang": "es",
"value": " Ampache, una aplicaci\u00f3n de transmisi\u00f3n de audio/v\u00eddeo y administrador de archivos basada en web, tiene una vulnerabilidad de Cross Site Scripting (XSS) almacenadas en versiones anteriores a la 6.6.0. Esta vulnerabilidad existe en la funci\u00f3n \"Playlists - Democratic - Configure Democratic Playlist\". Un atacante con permisos de Administrador de contenido puede establecer el campo Name en ``. Cuando cualquier administrador o usuario acceda a la funcionalidad Democratic, se ver\u00e1 afectado por esta vulnerabilidad de XSS almacenado. El atacante puede aprovechar esta vulnerabilidad para obtener las cookies de cualquier usuario o administrador que acceda al archivo `democratic.php`. La versi\u00f3n 6.6.0 contiene un parche para el problema."
}
],
"metrics": {

8
CVE-2024/CVE-2024-416xx/CVE-2024-41668.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-41668",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-07-23T19:15:13.437",
"lastModified": "2024-07-23T19:15:13.437",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The cBioPortal for Cancer Genomics provides visualization, analysis, and download of large-scale cancer genomics data sets. When running a publicly exposed proxy endpoint without authentication, cBioPortal could allow someone to perform a Server Side Request Forgery (SSRF) attack. Logged in users could do the same on private instances. A fix has been released in version 6.0.12. As a workaround, one might be able to disable `/proxy` endpoint entirely via, for example, nginx."
},
{
"lang": "es",
"value": "El cBioPortal for Cancer Genomics proporciona visualizaci\u00f3n, an\u00e1lisis y descarga de conjuntos de datos de gen\u00f3mica del c\u00e1ncer a gran escala. Al ejecutar un endpoint proxy expuesto p\u00fablicamente sin autenticaci\u00f3n, cBioPortal podr\u00eda permitir que alguien realice un ataque de Server Side Request Forgery (SSRF). Los usuarios que hayan iniciado sesi\u00f3n podr\u00edan hacer lo mismo en instancias privadas. Se ha publicado una soluci\u00f3n en la versi\u00f3n 6.0.12. Como workaround, se podr\u00eda deshabilitar completamente el endpoint `/proxy` mediante, por ejemplo, nginx."
}
],
"metrics": {

8
CVE-2024/CVE-2024-418xx/CVE-2024-41824.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-41824",
"sourceIdentifier": "cve@jetbrains.com",
"published": "2024-07-22T15:15:04.400",
"lastModified": "2024-07-22T15:15:04.400",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In JetBrains TeamCity before 2024.07 parameters of the \"password\" type could leak into the build log in some specific cases"
},
{
"lang": "es",
"value": "En JetBrains TeamCity antes de 2024.07, los par\u00e1metros del tipo \"password\" pod\u00edan filtrarse en el registro de compilaci\u00f3n en algunos casos espec\u00edficos."
}
],
"metrics": {

8
CVE-2024/CVE-2024-418xx/CVE-2024-41825.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-41825",
"sourceIdentifier": "cve@jetbrains.com",
"published": "2024-07-22T15:15:04.630",
"lastModified": "2024-07-22T15:15:04.630",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In JetBrains TeamCity before 2024.07 stored XSS was possible on the Code Inspection tab"
},
{
"lang": "es",
"value": " En JetBrains TeamCity antes de 2024.07, era posible el XSS almacenado en la pesta\u00f1a Code Inspection"
}
],
"metrics": {

8
CVE-2024/CVE-2024-418xx/CVE-2024-41826.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-41826",
"sourceIdentifier": "cve@jetbrains.com",
"published": "2024-07-22T15:15:04.847",
"lastModified": "2024-07-22T15:15:04.847",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In JetBrains TeamCity before 2024.07 stored XSS was possible on Show Connection page"
},
{
"lang": "es",
"value": " En JetBrains TeamCity antes de 2024.07, era posible el XSS almacenado en la p\u00e1gina Show Connection"
}
],
"metrics": {

8
CVE-2024/CVE-2024-418xx/CVE-2024-41827.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-41827",
"sourceIdentifier": "cve@jetbrains.com",
"published": "2024-07-22T15:15:05.057",
"lastModified": "2024-07-22T15:15:05.057",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In JetBrains TeamCity before 2024.07 access tokens could continue working after deletion or expiration"
},
{
"lang": "es",
"value": " En JetBrains TeamCity antes de 2024.07, los tokens de acceso pod\u00edan seguir funcionando despu\u00e9s de su eliminaci\u00f3n o vencimiento"
}
],
"metrics": {

8
CVE-2024/CVE-2024-418xx/CVE-2024-41828.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-41828",
"sourceIdentifier": "cve@jetbrains.com",
"published": "2024-07-22T15:15:05.270",
"lastModified": "2024-07-22T15:15:05.270",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In JetBrains TeamCity before 2024.07 comparison of authorization tokens took non-constant time"
},
{
"lang": "es",
"value": " En JetBrains TeamCity antes de 2024.07, la comparaci\u00f3n de tokens de autorizaci\u00f3n no llevaba un tiempo constante"
}
],
"metrics": {

8
CVE-2024/CVE-2024-418xx/CVE-2024-41829.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-41829",
"sourceIdentifier": "cve@jetbrains.com",
"published": "2024-07-22T15:15:05.487",
"lastModified": "2024-07-22T15:15:05.487",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In JetBrains TeamCity before 2024.07 an OAuth code for JetBrains Space could be stolen via Space Application connection"
},
{
"lang": "es",
"value": " En JetBrains TeamCity antes de 2024.07, se pod\u00eda robar un c\u00f3digo OAuth para JetBrains Space a trav\u00e9s de la conexi\u00f3n de Space Application."
}
],
"metrics": {

4
CVE-2024/CVE-2024-418xx/CVE-2024-41836.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41836",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-07-23T12:15:10.240",
"lastModified": "2024-07-23T12:15:10.240",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-418xx/CVE-2024-41839.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41839",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-07-23T12:15:10.520",
"lastModified": "2024-07-23T12:15:10.520",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

8
CVE-2024/CVE-2024-418xx/CVE-2024-41880.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-41880",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-22T19:15:02.990",
"lastModified": "2024-07-22T19:15:02.990",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In veilid-core in Veilid before 0.3.4, the protocol's ping function can be misused in a way that decreases the effectiveness of safety and private routes."
},
{
"lang": "es",
"value": " En veilid-core en Veilid anterior a 0.3.4, la funci\u00f3n de ping del protocolo puede usarse indebidamente de una manera que disminuye la efectividad de las rutas privadas y de seguridad."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-42xx/CVE-2024-4260.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-4260",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-07-23T06:15:09.907",
"lastModified": "2024-07-23T06:15:09.907",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Page Builder Gutenberg Blocks WordPress plugin before 3.1.12 does not prevent users from pinging arbitrary hosts via some of its shortcodes, which could allow high privilege users such as contributors to perform SSRF attacks."
},
{
"lang": "es",
"value": " El complemento Page Builder Gutenberg Blocks de WordPress anterior a 3.1.12 no impide que los usuarios hagan ping a hosts arbitrarios a trav\u00e9s de algunos de sus c\u00f3digos cortos, lo que podr\u00eda permitir a usuarios con altos privilegios, como los contribuyentes, realizar ataques SSRF."
}
],
"metrics": {},

10
CVE-2024/CVE-2024-56xx/CVE-2024-5602.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-5602",
"sourceIdentifier": "security@ni.com",
"published": "2024-07-23T14:15:15.077",
"lastModified": "2024-07-23T14:15:15.077",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow vulnerability due to a missing bounds check in the NI I/O Trace Tool may result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted nitrace file.\n\nThe NI I/O Trace tool is installed as part of the NI System Configuration utilities included with many NI software products.\u202f Refer to the NI Security Advisory for identifying the version of NI IO Trace.exe installed. The NI I/O Trace tool was also previously released as NI Spy."
"value": "A stack-based buffer overflow vulnerability due to a missing bounds check in the NI I/O Trace Tool may result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted nitrace file.\n\nThe NI I/O Trace tool is installed as part of the NI System Configuration utilities included with many NI software products.? Refer to the NI Security Advisory for identifying the version of NI IO Trace.exe installed. The NI I/O Trace tool was also previously released as NI Spy."
},
{
"lang": "es",
"value": "Una vulnerabilidad de desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria debido a una verificaci\u00f3n de l\u00edmites faltantes en NI I/O Trace Tool puede resultar en la ejecuci\u00f3n de c\u00f3digo arbitrario. La explotaci\u00f3n exitosa requiere que un atacante proporcione al usuario un archivo nitrace especialmente manipulado. La herramienta NI I/O Trace se instala como parte de las utilidades de configuraci\u00f3n del sistema NI incluidas con muchos productos de software de NI. Consulte el Aviso de seguridad de NI para identificar la versi\u00f3n de NI IO Trace.exe instalada. La herramienta NI I/O Trace tambi\u00e9n se lanz\u00f3 anteriormente como NI Spy."
}
],
"metrics": {

60
CVE-2024/CVE-2024-58xx/CVE-2024-5818.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-5818",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-07-24T13:15:10.680",
"lastModified": "2024-07-24T13:15:10.680",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored DOM-based Cross-Site Scripting via the plugin's Magazine Grid/Slider widget in all versions up to, and including, 1.3.980 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3121073/royal-elementor-addons",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/83a0150d-a9fa-4cc2-8fe8-a429747a9964?source=cve",
"source": "security@wordfence.com"
}
]
}

8
CVE-2024/CVE-2024-58xx/CVE-2024-5861.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-5861",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-07-24T04:15:04.517",
"lastModified": "2024-07-24T04:15:04.517",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WP EasyPay \u2013 Square for WordPress plugin for WordPress is vulnerable to unauthorized modification of datadue to a missing capability check on the wpep_square_disconnect() function in all versions up to, and including, 4.2.3. This makes it possible for unauthenticated attackers to disconnect square."
},
{
"lang": "es",
"value": " El complemento WP EasyPay \u2013 Square para WordPress es vulnerable a modificaciones no autorizadas de datos debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n wpep_square_disconnect() en todas las versiones hasta la 4.2.3 incluida. Esto hace posible que atacantes no autenticados desconecten el cuadrado."
}
],
"metrics": {

8
CVE-2024/CVE-2024-60xx/CVE-2024-6094.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-6094",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-07-24T06:15:01.903",
"lastModified": "2024-07-24T06:15:01.903",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WP ULike WordPress plugin before 4.7.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)."
},
{
"lang": "es",
"value": " El complemento WP ULike WordPress anterior a 4.7.1 no sanitiza ni escapa a algunas de sus configuraciones, lo que podr\u00eda permitir a usuarios con privilegios elevados, como el administrador, realizar ataques de Cross Site Scripting almacenado incluso cuando la capacidad unfiltered_html no est\u00e1 permitida (por ejemplo, en una configuraci\u00f3n multisitio)."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-61xx/CVE-2024-6121.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-6121",
"sourceIdentifier": "security@ni.com",
"published": "2024-07-22T20:15:04.267",
"lastModified": "2024-07-22T20:15:04.267",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An out-of-date version of Redis shipped with NI SystemLink Server is susceptible to multiple vulnerabilities, including CVE-2022-24834. This affects NI SystemLink Server 2024 Q1 and prior versions. It also affects NI FlexLogger 2023 Q2 and prior versions which installed this shared service."
},
{
"lang": "es",
"value": " Una versi\u00f3n desactualizada de Redis enviada con NI SystemLink Server es susceptible a m\u00faltiples vulnerabilidades, incluida CVE-2022-24834. Esto afecta a NI SystemLink Server 2024 Q1 y versiones anteriores. Tambi\u00e9n afecta a NI FlexLogger 2023 Q2 y versiones anteriores que instalaron este servicio compartido."
}
],
"metrics": {

8
CVE-2024/CVE-2024-61xx/CVE-2024-6122.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-6122",
"sourceIdentifier": "security@ni.com",
"published": "2024-07-22T20:15:04.470",
"lastModified": "2024-07-22T20:15:04.470",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An incorrect permission in the installation directory for the shared NI SystemLink Server KeyValueDatabase service may result in information disclosure via local access. This affects NI SystemLink Server 2024 Q1 and prior versions. It also affects NI FlexLogger 2023 Q2 and prior versions which installed this shared service."
},
{
"lang": "es",
"value": " Un permiso incorrecto en el directorio de instalaci\u00f3n para el servicio compartido NI SystemLink Server KeyValueDatabase puede resultar en la divulgaci\u00f3n de informaci\u00f3n a trav\u00e9s del acceso local. Esto afecta a NI SystemLink Server 2024 Q1 y versiones anteriores. Tambi\u00e9n afecta a NI FlexLogger 2023 Q2 y versiones anteriores que instalaron este servicio compartido."
}
],
"metrics": {

4
CVE-2024/CVE-2024-61xx/CVE-2024-6197.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6197",
"sourceIdentifier": "2499f714-1537-4658-8207-48ae4bb9eae9",
"published": "2024-07-24T08:15:03.340",
"lastModified": "2024-07-24T09:15:02.390",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

8
CVE-2024/CVE-2024-62xx/CVE-2024-6231.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-6231",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-07-23T06:15:11.330",
"lastModified": "2024-07-23T06:15:11.330",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Request a Quote WordPress plugin before 2.4.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
},
{
"lang": "es",
"value": " El complemento de WordPress Request a Quote anterior a 2.4.1 no sanitiza ni escapa a algunas de sus configuraciones, lo que podr\u00eda permitir a usuarios con privilegios elevados, como el administrador, realizar ataques de Cross Site Scripting almacenado incluso cuando la capacidad unfiltered_html no est\u00e1 permitida (por ejemplo, en la configuraci\u00f3n de m\u00faltiples sitios)."
}
],
"metrics": {},

4
CVE-2024/CVE-2024-64xx/CVE-2024-6420.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6420",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-07-23T06:15:11.413",
"lastModified": "2024-07-23T06:15:11.413",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

8
CVE-2024/CVE-2024-65xx/CVE-2024-6553.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-6553",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-07-24T07:15:02.350",
"lastModified": "2024-07-24T07:15:02.350",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WP Meteor Website Speed Optimization Addon plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.4.3.This is due to the plugin utilizing wpdesk and leaving test files with display_errors on. This makes it possible for unauthenticated attackers to retrieve the full path of the web application, which can be used to aid other attacks. The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website."
},
{
"lang": "es",
"value": "El complemento WP Meteor Website Speed Optimization Addon para WordPress es vulnerable a la divulgaci\u00f3n de ruta completa en todas las versiones hasta la 3.4.3 incluida. Esto se debe a que el complemento utiliza wpdesk y deja archivos de prueba con display_errors activado. Esto hace posible que atacantes no autenticados recuperen la ruta completa de la aplicaci\u00f3n web, que puede usarse para ayudar en otros ataques. La informaci\u00f3n mostrada no es \u00fatil por s\u00ed sola y requiere que est\u00e9 presente otra vulnerabilidad para da\u00f1ar un sitio web afectado."
}
],
"metrics": {

8
CVE-2024/CVE-2024-65xx/CVE-2024-6571.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-6571",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-07-24T07:15:02.600",
"lastModified": "2024-07-24T07:15:02.600",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Optimize Images ALT Text (alt tag) & names for SEO using AI plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.1.1. This is due the plugin utilizing cocur and not preventing direct access to the generate-default.php file. This makes it possible for unauthenticated attackers to retrieve the full path of the web application, which can be used to aid other attacks. The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website."
},
{
"lang": "es",
"value": "El complemento Optimize Images ALT Text (alt tag) &amp; names for SEO using AI para WordPress es vulnerable a la divulgaci\u00f3n de ruta completa en todas las versiones hasta la 3.1.1 incluida. Esto se debe a que el complemento utiliza cocur y no impide el acceso directo al archivo generate-default.php. Esto hace posible que atacantes no autenticados recuperen la ruta completa de la aplicaci\u00f3n web, que puede usarse para ayudar en otros ataques. La informaci\u00f3n mostrada no es \u00fatil por s\u00ed sola y requiere que est\u00e9 presente otra vulnerabilidad para da\u00f1ar un sitio web afectado."
}
],
"metrics": {

4
CVE-2024/CVE-2024-66xx/CVE-2024-6629.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6629",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-07-24T07:15:02.820",
"lastModified": "2024-07-24T07:15:02.820",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

8
CVE-2024/CVE-2024-66xx/CVE-2024-6638.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-6638",
"sourceIdentifier": "security@ni.com",
"published": "2024-07-22T20:15:04.723",
"lastModified": "2024-07-22T20:15:04.723",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An integer overflow vulnerability due to improper input validation when reading TDMS files in LabVIEW may result in an infinite loop. Successful exploitation requires an attacker to provide a user with a specially crafted TDMS file. This vulnerability affects LabVIEW 2024 Q1 and prior versions."
},
{
"lang": "es",
"value": "Una vulnerabilidad de desbordamiento de enteros debido a una validaci\u00f3n de entrada incorrecta al leer archivos TDMS en LabVIEW puede resultar en un bucle infinito. La explotaci\u00f3n exitosa requiere que un atacante proporcione al usuario un archivo TDMS especialmente manipulado. Esta vulnerabilidad afecta a LabVIEW 2024 Q1 y versiones anteriores."
}
],
"metrics": {

8
CVE-2024/CVE-2024-66xx/CVE-2024-6675.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-6675",
"sourceIdentifier": "security@ni.com",
"published": "2024-07-22T20:15:04.940",
"lastModified": "2024-07-22T20:15:04.940",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A deserialization of untrusted data vulnerability exists in NI VeriStand that may result in remote code execution. Successful exploitation requires an attacker to get a user to open a specially crafted project file. This vulnerability affects VeriStand 2024 Q2 and prior versions."
},
{
"lang": "es",
"value": " Existe una vulnerabilidad de deserializaci\u00f3n de datos no confiables en NI VeriStand que puede resultar en la ejecuci\u00f3n remota de c\u00f3digo. La explotaci\u00f3n exitosa requiere que un atacante consiga que un usuario abra un archivo de proyecto especialmente manipulado. Esta vulnerabilidad afecta a VeriStand 2024 Q2 y versiones anteriores."
}
],
"metrics": {

8
CVE-2024/CVE-2024-67xx/CVE-2024-6714.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-6714",
"sourceIdentifier": "security@ubuntu.com",
"published": "2024-07-23T16:15:06.543",
"lastModified": "2024-07-23T16:15:06.543",
"vulnStatus": "Received",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in provd before version 0.1.5 with a setuid binary, which allows a local attacker to escalate their privilege."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en provd anterior a la versi\u00f3n 0.1.5 con un binario setuid, que permite a un atacante local escalar sus privilegios."
}
],
"metrics": {

Some files were not shown because too many files have changed in this diff Show More