admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-08-29T14:00:18.295225+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-08-29 14:03:15 +00:00
parent cb796b6c10
commit afb9a3e5de
96 changed files with 1877 additions and 328 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CVE-2021/CVE-2021-44xx/CVE-2021-4442.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4442",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-29T11:15:23.413",
"lastModified": "2024-08-29T11:15:23.413",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2022/CVE-2022-24xx/CVE-2022-2440.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-2440",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-08-29T11:15:23.790",
"lastModified": "2024-08-29T11:15:23.790",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

60
CVE-2024/CVE-2024-13xx/CVE-2024-1384.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-1384",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-08-29T13:15:05.793",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Premium Portfolio Features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'aux_recent_portfolios_grid' shortcode in all versions up to, and including, 2.3.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/auxin-portfolio/trunk/includes/elements/recent-portfolios.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4475cbd4-07cf-499a-a11a-b63eb9184568?source=cve",
"source": "security@wordfence.com"
}
]
}

8
CVE-2024/CVE-2024-202xx/CVE-2024-20279.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20279",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-08-28T17:15:06.113",
"lastModified": "2024-08-28T17:15:06.113",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacker to modify the behavior of default system policies, such as quality of service (QoS) policies, on an affected system. This vulnerability is due to improper access control when restricted security domains are used to implement multi-tenancy. An attacker with a valid user account associated with a restricted security domain could exploit this vulnerability. A successful exploit could allow the attacker to read, modify, or delete child policies created under default system policies, which are implicitly used by all tenants in the fabric, resulting in disruption of network traffic. Exploitation is not possible for policies under tenants that an attacker has no authorization to access."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la implementaci\u00f3n del dominio de seguridad restringido de Cisco Application Policy Infrastructure Controller (APIC) podr\u00eda permitir que un atacante remoto autenticado modifique el comportamiento de las pol\u00edticas predeterminadas del sistema, como las pol\u00edticas de calidad de servicio (QoS), en un sistema afectado. Esta vulnerabilidad se debe a un control de acceso inadecuado cuando se utilizan dominios de seguridad restringidos para implementar la multi-tenencia. Un atacante con una cuenta de usuario v\u00e1lida asociada con un dominio de seguridad restringido podr\u00eda aprovechar esta vulnerabilidad. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante leer, modificar o eliminar pol\u00edticas secundarias creadas bajo pol\u00edticas predeterminadas del sistema, que son utilizadas impl\u00edcitamente por todos los inquilinos en la estructura, lo que provoca la interrupci\u00f3n del tr\u00e1fico de la red. La explotaci\u00f3n no es posible para las pol\u00edticas bajo inquilinos a los que un atacante no tiene autorizaci\u00f3n para acceder."
}
],
"metrics": {

8
CVE-2024/CVE-2024-202xx/CVE-2024-20284.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20284",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-08-28T17:15:06.893",
"lastModified": "2024-08-28T17:15:06.893",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device.\r\n\r\nThe vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user. \r\nNote: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el int\u00e9rprete de Python del software Cisco NX-OS podr\u00eda permitir que un atacante local autenticado y con pocos privilegios escape del entorno limitado de Python y obtenga acceso no autorizado al sistema operativo subyacente del dispositivo. La vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad manipulando funciones espec\u00edficas dentro del int\u00e9rprete de Python. Una explotaci\u00f3n exitosa podr\u00eda permitir que un atacante escape del entorno limitado de Python y ejecute comandos arbitrarios en el sistema operativo subyacente con los privilegios del usuario autenticado. Nota: Un atacante debe estar autenticado con privilegios de ejecuci\u00f3n de Python para aprovechar estas vulnerabilidades. Para obtener m\u00e1s informaci\u00f3n sobre los privilegios de ejecuci\u00f3n de Python, consulte la documentaci\u00f3n espec\u00edfica del producto, como la secci\u00f3n de la Gu\u00eda de programaci\u00f3n de NX-OS de la serie Cisco Nexus 9000."
}
],
"metrics": {

8
CVE-2024/CVE-2024-202xx/CVE-2024-20285.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20285",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-08-28T17:15:07.687",
"lastModified": "2024-08-28T17:15:07.687",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device.\r\n\r\nThe vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user. \r\nNote: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el int\u00e9rprete de Python del software Cisco NX-OS podr\u00eda permitir que un atacante local autenticado y con pocos privilegios escape del entorno limitado de Python y obtenga acceso no autorizado al sistema operativo subyacente del dispositivo. La vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad manipulando funciones espec\u00edficas dentro del int\u00e9rprete de Python. Una explotaci\u00f3n exitosa podr\u00eda permitir que un atacante escape del entorno limitado de Python y ejecute comandos arbitrarios en el sistema operativo subyacente con los privilegios del usuario autenticado. Nota: Un atacante debe estar autenticado con privilegios de ejecuci\u00f3n de Python para aprovechar estas vulnerabilidades. Para obtener m\u00e1s informaci\u00f3n sobre los privilegios de ejecuci\u00f3n de Python, consulte la documentaci\u00f3n espec\u00edfica del producto, como la secci\u00f3n de la Gu\u00eda de programaci\u00f3n de NX-OS de la serie Cisco Nexus 9000."
}
],
"metrics": {

8
CVE-2024/CVE-2024-202xx/CVE-2024-20286.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20286",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-08-28T17:15:08.400",
"lastModified": "2024-08-28T17:15:08.400",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device.\r\n\r\nThe vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user. \r\nNote: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el int\u00e9rprete de Python del software Cisco NX-OS podr\u00eda permitir que un atacante local autenticado y con pocos privilegios escape del entorno limitado de Python y obtenga acceso no autorizado al sistema operativo subyacente del dispositivo. La vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad manipulando funciones espec\u00edficas dentro del int\u00e9rprete de Python. Una explotaci\u00f3n exitosa podr\u00eda permitir que un atacante escape del entorno limitado de Python y ejecute comandos arbitrarios en el sistema operativo subyacente con los privilegios del usuario autenticado. Nota: Un atacante debe estar autenticado con privilegios de ejecuci\u00f3n de Python para aprovechar estas vulnerabilidades. Para obtener m\u00e1s informaci\u00f3n sobre los privilegios de ejecuci\u00f3n de Python, consulte la documentaci\u00f3n espec\u00edfica del producto, como la secci\u00f3n de la Gu\u00eda de programaci\u00f3n de NX-OS de la serie Cisco Nexus 9000."
}
],
"metrics": {

8
CVE-2024/CVE-2024-202xx/CVE-2024-20289.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20289",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-08-28T17:15:09.117",
"lastModified": "2024-08-28T17:15:09.117",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to execute arbitrary commands on the underlying operating system of an affected device. \r\n\r\nThis vulnerability is due to insufficient validation of arguments for a specific CLI command. An attacker could exploit this vulnerability by including crafted input as the argument of the affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of the currently logged-in user."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI del software Cisco NX-OS podr\u00eda permitir que un atacante local autenticado y con pocos privilegios ejecute comandos arbitrarios en el sistema operativo subyacente de un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de los argumentos para un comando CLI espec\u00edfico. Un atacante podr\u00eda aprovechar esta vulnerabilidad al incluir una entrada manipulada como argumento del comando afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante ejecute comandos arbitrarios en el sistema operativo subyacente con los privilegios del usuario que haya iniciado sesi\u00f3n en ese momento."
}
],
"metrics": {

8
CVE-2024/CVE-2024-204xx/CVE-2024-20411.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20411",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-08-28T17:15:09.500",
"lastModified": "2024-08-28T17:15:09.500",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco NX-OS Software could allow an authenticated, local attacker with privileges to access the Bash shell to execute arbitrary code as root on an affected device.\r\n\r\nThis vulnerability is due to insufficient security restrictions when executing commands from the Bash shell. An attacker with privileges to access the Bash shell could exploit this vulnerability by executing a specific crafted command on the underlying operating system. A successful exploit could allow the attacker to execute arbitrary code with the privileges of root."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el software Cisco NX-OS podr\u00eda permitir que un atacante local autenticado con privilegios acceda al shell Bash para ejecutar c\u00f3digo arbitrario como superusuario en un dispositivo afectado. Esta vulnerabilidad se debe a restricciones de seguridad insuficientes al ejecutar comandos desde el shell Bash. Un atacante con privilegios para acceder al shell Bash podr\u00eda aprovechar esta vulnerabilidad ejecutando un comando espec\u00edfico manipulado en el sistema operativo subyacente. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo arbitrario con los privilegios de superusuario."
}
],
"metrics": {

8
CVE-2024/CVE-2024-204xx/CVE-2024-20413.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20413",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-08-28T17:15:09.763",
"lastModified": "2024-08-28T17:15:09.763",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco NX-OS Software could allow an authenticated, local attacker with privileges to access the Bash shell to elevate privileges to network-admin on an affected device.\r\n\r\nThis vulnerability is due to insufficient security restrictions when executing application arguments from the Bash shell. An attacker with privileges to access the Bash shell could exploit this vulnerability by executing crafted commands on the underlying operating system. A successful exploit could allow the attacker to create new users with the privileges of network-admin."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el software Cisco NX-OS podr\u00eda permitir que un atacante local autenticado con privilegios acceda al shell Bash para elevar los privilegios a administrador de red en un dispositivo afectado. Esta vulnerabilidad se debe a restricciones de seguridad insuficientes al ejecutar argumentos de aplicaci\u00f3n desde el shell Bash. Un atacante con privilegios para acceder al shell Bash podr\u00eda aprovechar esta vulnerabilidad ejecutando comandos dise\u00f1ados en el sistema operativo subyacente. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante crear nuevos usuarios con los privilegios de administrador de red."
}
],
"metrics": {

8
CVE-2024/CVE-2024-204xx/CVE-2024-20446.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20446",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-08-28T17:15:09.997",
"lastModified": "2024-08-28T17:15:09.997",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the DHCPv6 relay agent of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r\nThis vulnerability is due to improper handling of specific fields in a DHCPv6 RELAY-REPLY message. An attacker could exploit this vulnerability by sending a crafted DHCPv6 packet to any IPv6 address that is configured on an affected device. A successful exploit could allow the attacker to cause the dhcp_snoop process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el agente de retransmisi\u00f3n DHCPv6 de Cisco NX-OS Software podr\u00eda permitir que un atacante remoto no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad se debe a un manejo inadecuado de campos espec\u00edficos en un mensaje RELAY-REPLY de DHCPv6. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando un paquete DHCPv6 manipulado a cualquier direcci\u00f3n IPv6 que est\u00e9 configurada en un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante provoque que el proceso dhcp_snoop se bloquee y se reinicie varias veces, lo que hace que el dispositivo afectado se recargue y genere una condici\u00f3n de DoS."
}
],
"metrics": {

8
CVE-2024/CVE-2024-204xx/CVE-2024-20478.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20478",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-08-28T17:15:10.220",
"lastModified": "2024-08-28T17:15:10.220",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the software upgrade component of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Network Controller, formerly Cisco Cloud APIC, could allow an authenticated, remote attacker with Administrator-level privileges to install a modified software image, leading to arbitrary code injection on an affected system.\r\n\r\nThis vulnerability is due to insufficient signature validation of software images. An attacker could exploit this vulnerability by installing a modified software image. A successful exploit could allow the attacker to execute arbitrary code on the affected system and elevate their privileges to root.\r\nNote: Administrators should always validate the hash of any upgrade image before uploading it to Cisco APIC and Cisco Cloud Network Controller."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el componente de actualizaci\u00f3n de software de Cisco Application Policy Infrastructure Controller (APIC) y Cisco Cloud Network Controller, anteriormente Cisco Cloud APIC, podr\u00eda permitir que un atacante remoto autenticado con privilegios de nivel de administrador instale una imagen de software modificada, lo que lleva a la inyecci\u00f3n de c\u00f3digo arbitrario en un sistema afectado. Esta vulnerabilidad se debe a una validaci\u00f3n de firma insuficiente de las im\u00e1genes de software. Un atacante podr\u00eda aprovechar esta vulnerabilidad instalando una imagen de software modificada. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo arbitrario en el sistema afectado y elevar sus privilegios a superusuario. Nota: Los administradores siempre deben validar el hash de cualquier imagen de actualizaci\u00f3n antes de cargarla en Cisco APIC y Cisco Cloud Network Controller."
}
],
"metrics": {

8
CVE-2024/CVE-2024-224xx/CVE-2024-22425.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-22425",
"sourceIdentifier": "security_alert@emc.com",
"published": "2024-02-16T12:15:07.757",
"lastModified": "2024-02-16T13:37:51.433",
"lastModified": "2024-08-29T13:15:06.060",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\nDell RecoverPoint for Virtual Machines 5.3.x contains a brute force/dictionary attack vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to launch a brute force attack or a dictionary attack against the RecoverPoint login form. This allows attackers to brute-force the password of valid users in an automated manner.\n\n"
"value": "Dell RecoverPoint for Virtual Machines 5.3.x, 6.0.SP1 contains a brute force/dictionary attack vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to launch a brute force attack or a dictionary attack against the RecoverPoint login form. This allows attackers to brute-force the password of valid users in an automated manner."
},
{
"lang": "es",
@ -55,6 +55,10 @@
{
"url": "https://www.dell.com/support/kbdoc/en-us/000222133/dsa-2024-092-security-update-for-dell-recoverpoint-for-virtual-machines-multiple-vulnerabilities",
"source": "security_alert@emc.com"
},
{
"url": "https://www.dell.com/support/kbdoc/en-us/000228154/dsa-2024-369-security-update-for-dell-recoverpoint-for-virtual-machines-multiple-vulnerabilities",
"source": "security_alert@emc.com"
}
]
}

8
CVE-2024/CVE-2024-224xx/CVE-2024-22426.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-22426",
"sourceIdentifier": "security_alert@emc.com",
"published": "2024-02-16T12:15:08.537",
"lastModified": "2024-02-16T13:37:51.433",
"lastModified": "2024-08-29T13:15:06.197",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\nDell RecoverPoint for Virtual Machines 5.3.x contains an OS Command injection vulnerability. An unauthenticated remote\nattacker could potentially exploit this vulnerability, leading to execute arbitrary operating system commands, which will get executed in the context of the root user, resulting in a complete system compromise.\n\n"
"value": "Dell RecoverPoint for Virtual Machines 5.3.x, 6.0.SP1 contains an OS Command injection vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to execute arbitrary operating system commands, which will get executed in the context of the root user, resulting in a complete system compromise."
},
{
"lang": "es",
@ -55,6 +55,10 @@
{
"url": "https://www.dell.com/support/kbdoc/en-us/000222133/dsa-2024-092-security-update-for-dell-recoverpoint-for-virtual-machines-multiple-vulnerabilities",
"source": "security_alert@emc.com"
},
{
"url": "https://www.dell.com/support/kbdoc/en-us/000228154/dsa-2024-369-security-update-for-dell-recoverpoint-for-virtual-machines-multiple-vulnerabilities",
"source": "security_alert@emc.com"
}
]
}

60
CVE-2024/CVE-2024-25xx/CVE-2024-2541.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-2541",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-08-29T13:15:06.403",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Popup Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.3 via the Subscribers Import feature. This makes it possible for unauthenticated attackers to extract sensitive data after an administrator has imported subscribers via a CSV file. This data may include the first name, last name, e-mail address, and potentially other personally identifiable information of subscribers."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/popup-builder/trunk/com/libs/Importer.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/086cd6a0-adb6-4e12-b34c-630297f036f3?source=cve",
"source": "security@wordfence.com"
}
]
}

4
CVE-2024/CVE-2024-297xx/CVE-2024-29723.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-29723",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-08-29T11:15:24.160",
"lastModified": "2024-08-29T11:15:24.160",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-297xx/CVE-2024-29724.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-29724",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-08-29T11:15:24.383",
"lastModified": "2024-08-29T11:15:24.383",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-297xx/CVE-2024-29725.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-29725",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-08-29T11:15:24.573",
"lastModified": "2024-08-29T11:15:24.573",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-297xx/CVE-2024-29726.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-29726",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-08-29T11:15:24.767",
"lastModified": "2024-08-29T11:15:24.767",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-297xx/CVE-2024-29727.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-29727",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-08-29T11:15:24.977",
"lastModified": "2024-08-29T11:15:24.977",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-297xx/CVE-2024-29728.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-29728",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-08-29T11:15:25.163",
"lastModified": "2024-08-29T11:15:25.163",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-297xx/CVE-2024-29729.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-29729",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-08-29T11:15:25.357",
"lastModified": "2024-08-29T11:15:25.357",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-297xx/CVE-2024-29730.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-29730",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-08-29T11:15:25.547",
"lastModified": "2024-08-29T11:15:25.547",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-297xx/CVE-2024-29731.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-29731",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-08-29T11:15:25.760",
"lastModified": "2024-08-29T11:15:25.760",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

8
CVE-2024/CVE-2024-341xx/CVE-2024-34195.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-34195",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-28T20:15:07.580",
"lastModified": "2024-08-28T20:35:10.893",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TOTOLINK AC1200 Wireless Router A3002R Firmware V1.1.1-B20200824 is vulnerable to Buffer Overflow. In the boa server program's CGI handling function formWlEncrypt, there is a lack of length restriction on the wlan_ssid field. This oversight leads to potential buffer overflow under specific circumstances. For instance, by invoking the formWlanRedirect function with specific parameters to alter wlan_idx's value and subsequently invoking the formWlEncrypt function, an attacker can trigger buffer overflow, enabling arbitrary command execution or denial of service attacks."
},
{
"lang": "es",
"value": "El firmware V1.1.1-B20200824 del enrutador inal\u00e1mbrico TOTOLINK AC1200 A3002R es vulnerable a un desbordamiento de b\u00fafer. En la funci\u00f3n de manejo de CGI formWlEncrypt del programa del servidor boa, no hay ninguna restricci\u00f3n de longitud en el campo wlan_ssid. Este descuido conduce a un posible desbordamiento de b\u00fafer en circunstancias espec\u00edficas. Por ejemplo, al invocar la funci\u00f3n formWlanRedirect con par\u00e1metros espec\u00edficos para alterar el valor de wlan_idx y, posteriormente, invocar la funci\u00f3n formWlEncrypt, un atacante puede provocar un desbordamiento de b\u00fafer, lo que permite la ejecuci\u00f3n arbitraria de comandos o ataques de denegaci\u00f3n de servicio."
}
],
"metrics": {

60
CVE-2024/CVE-2024-36xx/CVE-2024-3679.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-3679",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-08-29T13:15:06.627",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Premium SEO Pack \u2013 WP SEO Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.001. This makes it possible for unauthenticated attackers to view limited information from password protected posts through the social meta data."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/premium-seo-pack/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ccb65de5-bfb5-47db-87c9-ad46e65924b8?source=cve",
"source": "security@wordfence.com"
}
]
}

4
CVE-2024/CVE-2024-383xx/CVE-2024-38303.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-38303",
"sourceIdentifier": "security_alert@emc.com",
"published": "2024-08-29T11:15:25.970",
"lastModified": "2024-08-29T11:15:25.970",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-383xx/CVE-2024-38304.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-38304",
"sourceIdentifier": "security_alert@emc.com",
"published": "2024-08-29T11:15:26.187",
"lastModified": "2024-08-29T11:15:26.187",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-39xx/CVE-2024-3944.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3944",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-08-29T11:15:26.403",
"lastModified": "2024-08-29T11:15:26.403",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

92
CVE-2024/CVE-2024-409xx/CVE-2024-40909.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40909",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-07-12T13:15:14.137",
"lastModified": "2024-07-12T16:34:58.687",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-29T13:55:21.407",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,19 +15,99 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: bpf: corrige un posible use-after-free en bpf_link_free() Despu\u00e9s del commit 1a80dbcb2dba, bpf_link se puede liberar mediante link->ops->dealloc_deferred, pero el c\u00f3digo a\u00fan prueba y usa link->ops->dealloc despu\u00e9s, lo que conduce a un use-after-free seg\u00fan lo informado por syzbot. En realidad, uno de ellos deber\u00eda ser suficiente, as\u00ed que llame a uno de ellos en lugar de a ambos. Tambi\u00e9n agregue WARN_ON() en caso de cualquier implementaci\u00f3n problem\u00e1tica."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6.26",
"versionEndExcluding": "6.6.35",
"matchCriteriaId": "610CA734-4C6D-43D5-B254-80BB5B7E5098"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.9",
"versionEndExcluding": "6.9.6",
"matchCriteriaId": "A2E0E6CD-2DC0-4E5C-9037-9A023960B2F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:*",
"matchCriteriaId": "2EBB4392-5FA6-4DA9-9772-8F9C750109FA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc2:*:*:*:*:*:*",
"matchCriteriaId": "331C2F14-12C7-45D5-893D-8C52EE38EA10"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/2884dc7d08d98a89d8d65121524bb7533183a63a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/91cff53136daeff50816b0baeafd38a6976f6209",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/fa97b8fed9896f1e89cb657513e483a152d4c382",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

104
CVE-2024/CVE-2024-409xx/CVE-2024-40910.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40910",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-07-12T13:15:14.213",
"lastModified": "2024-07-12T16:34:58.687",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-29T13:55:38.203",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,113 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: ax25: corrige el desequilibrio de recuento en conexiones entrantes Al liberar un socket en ax25_release(), llamamos a netdev_put() para disminuir el recuento en el dispositivo ax.25 asociado. Sin embargo, la ruta de ejecuci\u00f3n para aceptar una conexi\u00f3n entrante nunca llama a netdev_hold(). Este desequilibrio conduce a errores de recuento y, en \u00faltima instancia, a fallos del kernel. Un seguimiento de llamada t\u00edpico para la situaci\u00f3n anterior comenzar\u00e1 con uno de los siguientes errores: refcount_t: decrement hit 0; p\u00e9rdida de memoria. refcount_t: desbordamiento insuficiente; use-after-free. Y luego tendr\u00e1 un seguimiento como: Call Trace: ? show_regs+0x64/0x70? __advertir+0x83/0x120 ? refcount_warn_saturate+0xb2/0x100? report_bug+0x158/0x190? prb_read_valid+0x20/0x30? handle_bug+0x3e/0x70? exc_invalid_op+0x1c/0x70? asm_exc_invalid_op+0x1f/0x30? refcount_warn_saturate+0xb2/0x100? refcount_warn_saturate+0xb2/0x100 ax25_release+0x2ad/0x360 __sock_release+0x35/0xa0 sock_close+0x19/0x20 [...] Al reiniciar (o cualquier intento de eliminar la interfaz), el kernel se atasca en un bucle infinito: unregister_netdevice: esperando ax0 para quedar libre. Recuento de uso = 0 Este parche corrige estos problemas asegurando que llamemos a netdev_hold() y ax25_dev_hold() para nuevas conexiones en ax25_accept(). Esto hace que la l\u00f3gica que conduce a ax25_accept() coincida con la l\u00f3gica de ax25_bind(): en ambos casos incrementamos el refcount, que finalmente disminuye en ax25_release()."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "6.1.95",
"matchCriteriaId": "EFECBC56-DE9A-457A-AE19-CA526A30C054"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.35",
"matchCriteriaId": "6F019D15-84C0-416B-8C57-7F51B68992F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.9.6",
"matchCriteriaId": "0ABBBA1D-F79D-4BDB-AA41-D1EDCC4A6975"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:*",
"matchCriteriaId": "2EBB4392-5FA6-4DA9-9772-8F9C750109FA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc2:*:*:*:*:*:*",
"matchCriteriaId": "331C2F14-12C7-45D5-893D-8C52EE38EA10"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/3c34fb0bd4a4237592c5ecb5b2e2531900c55774",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/52100fd74ad07b53a4666feafff1cd11436362d3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a723a6c8d4831cc8e2c7b0c9f3f0c010d4671964",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f4df9d6c8d4e4c818252b0419c2165d66eabd4eb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

116
CVE-2024/CVE-2024-409xx/CVE-2024-40911.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40911",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-07-12T13:15:14.283",
"lastModified": "2024-07-12T16:34:58.687",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-29T13:43:49.137",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,27 +15,127 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: cfg80211: bloquear wiphy en cfg80211_get_station Wiphy debe estar bloqueado antes de llamar a rdev_get_station() (ver lockdep afirmar en ieee80211_get_station()). Esto corrige la siguiente desreferencia NULL del kernel: No se puede manejar la desreferencia del puntero NULL del kernel en la direcci\u00f3n virtual 0000000000000050 Informaci\u00f3n de cancelaci\u00f3n de memoria: ESR = 0x0000000096000006 EC = 0x25: DABT (EL actual), IL = 32 bits SET = 0, FnV = 0 EA = 0 , S1PTW = 0 FSC = 0x06: error de traducci\u00f3n de nivel 2 Informaci\u00f3n de cancelaci\u00f3n de datos: ISV = 0, ISS = 0x00000006 CM = 0, WnR = 0 tabla de p\u00e1ginas de usuario: 4k p\u00e1ginas, VA de 48 bits, pgdp=0000000003001000 [0000000000000050] 00000002dca003 , p4d=0800000002dca003, pud=08000000028e9003, pmd=0000000000000000 Error interno: Ups: 0000000096000006 [#1] M\u00f3dulos SMP vinculados en: netconsole dwc3_meson_g12a dwc3_of_simple dwc 3 ip_gre gre ath10k_pci ath10k_core ath9k ath9k_common ath9k_hw ath CPU: 0 PID: 1091 Comunicaciones: kworker/u8 :0 No contaminado 6.4.0-02144-g565f9a3a7911-dirty #705 Nombre de hardware: RPT (r1) (DT) Cola de trabajo: bat_events batadv_v_elp_throughput_metric_update pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc: ath10k_sta_statistics+0x10/0x2dc [ath10k_core] lr: sta_set_sinfo+0xcc/0xbd4 sp: ffff000007b43ad0 x29: ffff000007b43ad0 x28: ffff0000071fa900 x27: ffff00000294ca98 6: ffff000006830880 x25: ffff000006830880 x24: ffff00000294c000 x23: 0000000000000001 x22: ffff000007b43c90 x21: ffff800008898acc x20: 0294c6e8 x19: ffff000007b43c90 x18: 0000000000000000 x17: 445946354d552d78 x16: 62661f7200000000 x15: 57464f445946354d x14: 000000000000000 0 x13: 00000000000000e3 x12: d5f0acbcebea978e x11: 00000000000000e3 x10: 000000010048fe41 x9: 0000000000000000 x8: ffff000007b43d90 x7: 00 0000007a1e2125 x6: 0000000000000000 x5: ffff0000024e0900 x4: ffff800000a0250c x3: ffff000007b43c90 x2: ffff00000294ca98 x1: ffff000006831920 x0: 0000000000000000 Rastreo de llamadas: ath10k_sta_statistics+0x10/0x2dc [ath10k_core] sta_set_sinfo+0xcc/0xbd4 0211_get_station+0x2c/0x44 cfg80211_get_station+0x80/0x154 batadv_v_elp_get_throughput+0x138/0x1fc batadv_v_elp_throughput_metric_update+0x1c/0xa4 Process_one_work+0x1ec/ 0x414 work_thread+0x70/0x46c kthread+0xdc/0xe0 ret_from_fork+0x10/0x20 C\u00f3digo: a9bb7bfd 910003fd a90153f3 f9411c40 (f9402814) Esto sucede porque STA tiene tiempo para desconectarse y volver a conectarse antes de batadv_v_elp_throughput_metric_up date() se programa el trabajo retrasado. En esta situaci\u00f3n, ath10k_sta_state() puede estar en medio de restablecer los datos de arsta cuando la cola de trabajo tiene la oportunidad de programarse y termina accediendo a ella. Bloquear Wiphy evita eso."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.16",
"versionEndExcluding": "5.15.162",
"matchCriteriaId": "1383491E-908E-4536-BB15-D4B4B08F8358"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.95",
"matchCriteriaId": "D435765D-2766-44F5-B319-F713A13E35CE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.35",
"matchCriteriaId": "6F019D15-84C0-416B-8C57-7F51B68992F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.9.6",
"matchCriteriaId": "0ABBBA1D-F79D-4BDB-AA41-D1EDCC4A6975"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:*",
"matchCriteriaId": "2EBB4392-5FA6-4DA9-9772-8F9C750109FA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc2:*:*:*:*:*:*",
"matchCriteriaId": "331C2F14-12C7-45D5-893D-8C52EE38EA10"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0ccc63958d8373e15a69f4f8069f3e78f7f3898a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/43e1eefb0b2094e2281150d87d09e8bc872b9fba",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/642f89daa34567d02f312d03e41523a894906dae",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6d540b0317901535275020bd4ac44fac6439ca76",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/dfd84ce41663be9ca3f69bd657c45f49b69344d9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

152
CVE-2024/CVE-2024-409xx/CVE-2024-40912.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40912",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-07-12T13:15:14.363",
"lastModified": "2024-07-12T16:34:58.687",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-29T13:44:09.290",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,39 +15,169 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: wifi: mac80211: corrige el punto muerto en ieee80211_sta_ps_deliver_wakeup() La funci\u00f3n ieee80211_sta_ps_deliver_wakeup() toma sta->ps_lock para sincronizarse con ieee80211_tx_h_unicast_ps_buf() que se llama desde el contexto softirq. Sin embargo, usar solo spin_lock() para obtener sta->ps_lock en ieee80211_sta_ps_deliver_wakeup() no impide que softirq se ejecute en esta misma CPU, ejecute ieee80211_tx_h_unicast_ps_buf() e intente tomar este mismo bloqueo que termina en punto muerto. A continuaci\u00f3n se muestra un ejemplo de bloqueo de rcu que surge en tal situaci\u00f3n. rcu: INFORMACI\u00d3N: rcu_sched autodetectado bloqueo en la CPU rcu: 2-....: (42413413 marca este GP) idle=b154/1/0x40000000000000000 softirq=1763/1765 fqs=21206996 rcu: (t=42586894 santiam\u00e9n g= 2057 q=362405 ncpus=4) CPU: 2 PID: 719 Comm: wpa_supplicant Contaminado: GW 6.4.0-02158-g1b062f552873 #742 Nombre de hardware: RPT (r1) (DT) pstate: 00000005 (nzcv daif -PAN -UAO - TCO -DIT -SSBS BTYPE=--) pc: queued_spin_lock_slowpath+0x58/0x2d0 lr: invoke_tx_handlers_early+0x5b4/0x5c0 sp: ffff00001ef64660 x29: ffff00001ef64660 x28: ffff000009bc1070 : ffff000009bc0ad8 x26: ffff000009bc0900 x25: ffff00001ef647a8 x24: 0000000000000000 x23: ffff000009bc0900 x22: ffff000009bc0900 x21: ffff00000ac0e000 x20: ffff00000a279e00 x19: ffff00001ef646e8 x18: 0000000000000000 x17: ffff800016468000 x16: 08c0 x15: 0010533c93f64f80 x14: 0010395c9faa3946 x13: 0000000000000000 x12: 00000000fa83b2da x11: 000000012edeceea x10: ffff0000010fbe00 0000000000895440 x8: 000000000010533c x7: ffff00000ad8b740 x6: ffff00000c350880 x5 : 0000000000000007 x4 : 0000000000000001 x3 : 0000000000000000 x2 : 0000000000000000 x1 : 0000000000000001 x0 : ffff00000ac0e0e8 Rastreo de llamadas: pin_lock_slowpath+0x58/0x2d0 ieee80211_tx+0x80/0x12c ieee80211_tx_pending+0x110/0x278 tasklet_action_common.constprop.0+0x10c/0x144 tasklet_action+0x20/0x28 _stext +0x11c/0x284 ____do_softirq+0xc/0x14 call_on_irq_stack+0x24/0x34 do_softirq_own_stack+0x18/0x20 do_softirq+0x74/0x7c __local_bh_enable_ip+0xa0/0xa4 _ieee80211_wake_txqs+0x3b0 /0x4b8 __ieee80211_wake_queue+0x12c/0x168 ieee80211_add_pending_skbs+0xec/0x138 ieee80211_sta_ps_deliver_wakeup+0x2a4/0x480 ieee80211_mps_sta_status_update .part.0+0xd8/0x11c ieee80211_mps_sta_status_update+0x18/0x24 sta_apply_parameters+0x3bc/0x4c0 ieee80211_change_station+0x1b8/0x2dc nl80211_set_station+0x444/0x49c genl_family_rcv_ms g_doit.isra.0+0xa4/0xfc genl_rcv_msg+0x1b0/0x244 netlink_rcv_skb+0x38/0x10c genl_rcv+0x34 /0x48 netlink_unicast+0x254/0x2bc netlink_sendmsg+0x190/0x3b4 ____sys_sendmsg+0x1e8/0x218 ___sys_sendmsg+0x68/0x8c __sys_sendmsg+0x44/0x84 __arm64_sys_sendmsg+0x 20/0x28 do_el0_svc+0x6c/0xe8 el0_svc+0x14/0x48 el0t_64_sync_handler+0xb0/0xb4 el0t_64_sync+0x14c /0x150 El uso de spin_lock_bh()/spin_unlock_bh() en su lugar evita que softirq se active en la misma CPU que mantiene el bloqueo."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-667"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.14",
"versionEndExcluding": "4.19.317",
"matchCriteriaId": "94AD7CE0-1AB3-4F0C-9642-209112A5ECB7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.297",
"matchCriteriaId": "212DEE06-A450-420F-8BAA-20996395BBF4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.221",
"matchCriteriaId": "659E1520-6345-41AF-B893-A7C0647585A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.162",
"matchCriteriaId": "10A39ACC-3005-40E8-875C-98A372D1FFD5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.95",
"matchCriteriaId": "D435765D-2766-44F5-B319-F713A13E35CE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.35",
"matchCriteriaId": "6F019D15-84C0-416B-8C57-7F51B68992F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.9.6",
"matchCriteriaId": "0ABBBA1D-F79D-4BDB-AA41-D1EDCC4A6975"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:*",
"matchCriteriaId": "2EBB4392-5FA6-4DA9-9772-8F9C750109FA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc2:*:*:*:*:*:*",
"matchCriteriaId": "331C2F14-12C7-45D5-893D-8C52EE38EA10"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/28ba44d680a30c51cf485a2f5a3b680e66ed3932",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/44c06bbde6443de206b30f513100b5670b23fc5e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/456bbb8a31e425177dc0e8d4f98728a560c20e81",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/47d176755d5c0baf284eff039560f8c1ba0ea485",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9c49b58b9a2bed707e7638576e54c4bccd97b9eb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d90bdff79f8e40adf889b5408bfcf521528b169f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e51637e0c66a6f72d134d9f95daa47ea62b43c7e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e7e916d693dcb5a297f40312600a82475f2e63bc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

8
CVE-2024/CVE-2024-412xx/CVE-2024-41236.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-41236",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-28T18:15:09.497",
"lastModified": "2024-08-28T18:35:16.790",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A SQL injection vulnerability in /smsa/admin_login.php in Kashipara Responsive School Management System v3.2.0 allows an attacker to execute arbitrary SQL commands via the \"username\" parameter of the Admin Login Page"
},
{
"lang": "es",
"value": "Una vulnerabilidad de inyecci\u00f3n SQL en /smsa/admin_login.php en Kashipara Responsive School Management System v3.2.0 permite a un atacante ejecutar comandos SQL arbitrarios a trav\u00e9s del par\u00e1metro \"nombre de usuario\" de la p\u00e1gina de inicio de sesi\u00f3n de administrador."
}
],
"metrics": {

8
CVE-2024/CVE-2024-415xx/CVE-2024-41564.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-41564",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-28T17:15:10.693",
"lastModified": "2024-08-28T17:15:10.693",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "EMI v.1.1.10 and before, fixed in v.1.1.11, contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index and decrement stack count in EMI mod for Minecraft, which allows in-game item duplication."
},
{
"lang": "es",
"value": "La versi\u00f3n 1.1.10 y anteriores de EMI, corregida en la versi\u00f3n 1.1.11, contienen una vulnerabilidad de validaci\u00f3n incorrecta del \u00edndice, la posici\u00f3n o el desplazamiento especificados en la entrada. El problema espec\u00edfico es una falla en la validaci\u00f3n del \u00edndice de ranuras y la disminuci\u00f3n del recuento de la pila en el mod EMI para Minecraft, lo que permite la duplicaci\u00f3n de elementos en el juego."
}
],
"metrics": {

8
CVE-2024/CVE-2024-415xx/CVE-2024-41565.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-41565",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-28T17:15:10.903",
"lastModified": "2024-08-28T17:15:10.903",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "JustEnoughItems (JEI) 19.5.0.33 and before contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index in JEI for Minecraft, which allows in-game item duplication."
},
{
"lang": "es",
"value": "JustEnoughItems (JEI) 19.5.0.33 y versiones anteriores contienen una vulnerabilidad de validaci\u00f3n incorrecta del \u00edndice, la posici\u00f3n o el desplazamiento especificados en la entrada. El problema espec\u00edfico es una falla en la validaci\u00f3n del \u00edndice de ranura en JEI para Minecraft, lo que permite la duplicaci\u00f3n de elementos en el juego."
}
],
"metrics": {

57
CVE-2024/CVE-2024-415xx/CVE-2024-41570.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41570",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-12T13:38:31.277",
"lastModified": "2024-08-13T01:14:38.880",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-29T13:32:21.020",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,10 +81,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:havocframework:havoc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD4BDB55-1BEF-4232-A9A7-3C3DE7BF768B"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.chebuya.com/posts/server-side-request-forgery-on-havoc-c2/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

53
CVE-2024/CVE-2024-418xx/CVE-2024-41888.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41888",
"sourceIdentifier": "security@apache.org",
"published": "2024-08-12T13:38:31.617",
"lastModified": "2024-08-12T13:41:36.517",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-29T12:55:09.210",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,7 +15,30 @@
"value": "Falta la versi\u00f3n de recurso despu\u00e9s de la vulnerabilidad de duraci\u00f3n efectiva en Apache Answer. Este problema afecta a Apache Answer: hasta 1.3.5. El enlace para restablecer la contrase\u00f1a sigue siendo v\u00e1lido dentro de su per\u00edodo de vencimiento, incluso despu\u00e9s de haber sido utilizado. Esto podr\u00eda provocar un uso indebido o un secuestro del enlace. Se recomienda a los usuarios actualizar a la versi\u00f3n 1.3.6, que soluciona el problema."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@apache.org",
@ -28,10 +51,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:answer:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.3.6",
"matchCriteriaId": "43EA3C87-1BF0-4544-9DAA-A0B3D8D4EA1B"
}
]
}
]
}
],
"references": [
{
"url": "https://lists.apache.org/thread/jbs1j2o9rqm5sc19jyk3jcfvkmfkmyf4",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Vendor Advisory"
]
}
]
}

53
CVE-2024/CVE-2024-418xx/CVE-2024-41890.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41890",
"sourceIdentifier": "security@apache.org",
"published": "2024-08-12T13:38:31.733",
"lastModified": "2024-08-12T13:41:36.517",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-29T12:56:47.413",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,7 +15,30 @@
"value": "Falta la versi\u00f3n de recurso despu\u00e9s de la vulnerabilidad de duraci\u00f3n efectiva en Apache Answer. Este problema afecta a Apache Answer: hasta 1.3.5. El usuario env\u00eda varios correos electr\u00f3nicos para restablecer la contrase\u00f1a, cada uno de los cuales contiene un enlace v\u00e1lido. Dentro del per\u00edodo de validez del enlace, esto podr\u00eda dar lugar a un uso indebido o un secuestro del mismo. Se recomienda a los usuarios actualizar a la versi\u00f3n 1.3.6, que soluciona el problema."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@apache.org",
@ -28,10 +51,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:answer:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.3.6",
"matchCriteriaId": "43EA3C87-1BF0-4544-9DAA-A0B3D8D4EA1B"
}
]
}
]
}
],
"references": [
{
"url": "https://lists.apache.org/thread/j7c080xj31x8rvz1pyk2h47rdd9pwbv9",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Vendor Advisory"
]
}
]
}

8
CVE-2024/CVE-2024-419xx/CVE-2024-41918.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-41918",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2024-08-29T03:15:05.130",
"lastModified": "2024-08-29T03:15:05.130",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "'Rakuten Ichiba App' for Android 12.4.0 and earlier and 'Rakuten Ichiba App' for iOS 11.7.0 and earlier are vulnerable to improper authorization in handler for custom URL scheme. An arbitrary site may be displayed on the WebView of the product via Intent from another application installed on the user's device. As a result, the user may be redirected to an unauthorized site, and the user may become a victim of a phishing attack."
},
{
"lang": "es",
"value": "La aplicaci\u00f3n 'Rakuten Ichiba App' para Android 12.4.0 y versiones anteriores y la aplicaci\u00f3n 'Rakuten Ichiba App' para iOS 11.7.0 y versiones anteriores son vulnerables a una autorizaci\u00f3n incorrecta en el controlador para un esquema de URL personalizado. Es posible que se muestre un sitio arbitrario en la vista web del producto a trav\u00e9s de Intent desde otra aplicaci\u00f3n instalada en el dispositivo del usuario. Como resultado, el usuario puede ser redirigido a un sitio no autorizado y puede convertirse en v\u00edctima de un ataque de phishing."
}
],
"metrics": {},

17
CVE-2024/CVE-2024-425xx/CVE-2024-42531.json
View File

@ -2,13 +2,24 @@
"id": "CVE-2024-42531",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-23T17:15:09.833",
"lastModified": "2024-08-23T20:35:18.590",
"lastModified": "2024-08-29T13:15:06.843",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Ezviz Internet PT Camera CS-CV246 D15655150 allows an unauthenticated host to access its live video stream by crafting a set of RTSP packets with a specific set of URLs that can be used to redirect the camera feed."
"value": "Ezviz Internet PT Camera CS-CV246 D15655150 allows an unauthenticated host to access its live video stream by crafting a set of RTSP packets with a specific set of URLs that can be used to redirect the camera feed. NOTE: the vendor's perspective is that the Anonymous120386 sample code can establish RTSP protocol communictaion, but cannot obtain video or audio data; thus, there is no risk."
},
{
"lang": "es",
"value": "Ezviz Internet PT Camera CS-CV246 D15655150 permite que un host no autenticado acceda a su transmisi\u00f3n de video en vivo mediante la creaci\u00f3n de un conjunto de paquetes RTSP con un conjunto espec\u00edfico de URL que se pueden usar para redirigir la transmisi\u00f3n de la c\u00e1mara."
}
],
"metrics": {

8
CVE-2024/CVE-2024-426xx/CVE-2024-42698.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-42698",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-28T16:15:09.210",
"lastModified": "2024-08-28T16:15:09.210",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Roughly Enough Items (REI) v.16.0.729 and before contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index and decrement stack count in the Roughly Enough Items (REI) mod for Minecraft, which allows in-game item duplication."
},
{
"lang": "es",
"value": "Roughly Enough Items (REI) v.16.0.729 y anteriores contienen una vulnerabilidad de validaci\u00f3n incorrecta del \u00edndice, la posici\u00f3n o el desplazamiento especificados en la entrada. El problema espec\u00edfico es una falla en la validaci\u00f3n del \u00edndice de ranura y la disminuci\u00f3n del recuento de la pila en el mod Roughly Enough Items (REI) para Minecraft, lo que permite la duplicaci\u00f3n de elementos en el juego."
}
],
"metrics": {

8
CVE-2024/CVE-2024-427xx/CVE-2024-42793.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-42793",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-28T20:15:07.707",
"lastModified": "2024-08-28T20:35:12.570",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipara Music Management System v1.0 via a crafted request to the /music/ajax.php?action=save_user page."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad de Cross-Site Request Forgery (CSRF) en Kashipara Music Management System v1.0 a trav\u00e9s de una solicitud manipulada a la p\u00e1gina /music/ajax.php?action=save_user."
}
],
"metrics": {

8
CVE-2024/CVE-2024-429xx/CVE-2024-42900.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-42900",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-28T16:15:09.443",
"lastModified": "2024-08-28T16:35:24.427",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Ruoyi v4.7.9 and before was discovered to contain a cross-site scripting (XSS) vulnerability via the sql parameter of the createTable() function at /tool/gen/create."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que Ruoyi v4.7.9 y versiones anteriores conten\u00edan una vulnerabilidad de cross-site scripting (XSS) a trav\u00e9s del par\u00e1metro sql de la funci\u00f3n createTable() en /tool/gen/create."
}
],
"metrics": {

8
CVE-2024/CVE-2024-429xx/CVE-2024-42905.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-42905",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-28T18:15:09.630",
"lastModified": "2024-08-28T19:35:20.503",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Beijing Digital China Cloud Technology Co., Ltd. DCME-320 v.7.4.12.60 has a command execution vulnerability, which can be exploited to obtain device administrator privileges via the getVar function in the code/function/system/tool/ping.php file."
},
{
"lang": "es",
"value": "Beijing Digital China Cloud Technology Co., Ltd. DCME-320 v.7.4.12.60 tiene una vulnerabilidad de ejecuci\u00f3n de comandos, que puede explotarse para obtener privilegios de administrador del dispositivo a trav\u00e9s de la funci\u00f3n getVar en el archivo code/function/system/tool/ping.php."
}
],
"metrics": {

4
CVE-2024/CVE-2024-437xx/CVE-2024-43700.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-43700",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2024-08-29T11:15:26.757",
"lastModified": "2024-08-29T11:15:26.757",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

8
CVE-2024/CVE-2024-438xx/CVE-2024-43805.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-43805",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-08-28T20:15:07.963",
"lastModified": "2024-08-28T20:15:07.963",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. This vulnerability depends on user interaction by opening a malicious notebook with Markdown cells, or Markdown file using JupyterLab preview feature. A malicious user can access any data that the attacked user has access to as well as perform arbitrary requests acting as the attacked user. JupyterLab v3.6.8, v4.2.5 and Jupyter Notebook v7.2.2 have been patched to resolve this issue. Users are advised to upgrade. There is no workaround for the underlying DOM Clobbering susceptibility. However, select plugins can be disabled on deployments which cannot update in a timely fashion to minimise the risk. These are: 1. `@jupyterlab/mathjax-extension:plugin` - users will loose ability to preview mathematical equations. 2. `@jupyterlab/markdownviewer-extension:plugin` - users will loose ability to open Markdown previews. 3. `@jupyterlab/mathjax2-extension:plugin` (if installed with optional `jupyterlab-mathjax2` package) - an older version of the mathjax plugin for JupyterLab 4.x. To disable these extensions run: ```jupyter labextension disable @jupyterlab/markdownviewer-extension:plugin && jupyter labextension disable @jupyterlab/mathjax-extension:plugin && jupyter labextension disable @jupyterlab/mathjax2-extension:plugin ``` in bash."
},
{
"lang": "es",
"value": "jupyterlab es un entorno extensible para computaci\u00f3n interactiva y reproducible, basado en la arquitectura Jupyter Notebook. Esta vulnerabilidad depende de la interacci\u00f3n del usuario al abrir un notebook malicioso con celdas Markdown o un archivo Markdown utilizando la funci\u00f3n de vista previa de JupyterLab. Un usuario malicioso puede acceder a cualquier dato al que tenga acceso el usuario atacado, as\u00ed como realizar solicitudes arbitrarias actuando como el usuario atacado. JupyterLab v3.6.8, v4.2.5 y Jupyter Notebook v7.2.2 han sido parcheados para resolver este problema. Se recomienda a los usuarios que actualicen. No existe un workaround para la susceptibilidad subyacente de DOM Clobbering. Sin embargo, se pueden deshabilitar complementos seleccionados en implementaciones que no se pueden actualizar de manera oportuna para minimizar el riesgo. Estos son: 1. `@jupyterlab/mathjax-extension:plugin`: los usuarios perder\u00e1n la capacidad de obtener una vista previa de ecuaciones matem\u00e1ticas. 2. `@jupyterlab/markdownviewer-extension:plugin`: los usuarios perder\u00e1n la capacidad de abrir vistas previas de Markdown. 3. `@jupyterlab/mathjax2-extension:plugin` (si se instala con el paquete opcional `jupyterlab-mathjax2`): una versi\u00f3n anterior del complemento mathjax para JupyterLab 4.x. Para deshabilitar estas extensiones, ejecute: ```jupyter labextension deshabilitar @jupyterlab/markdownviewer-extension:plugin && jupyter labextension deshabilitar @jupyterlab/mathjax-extension:plugin && jupyter labextension deshabilitar @jupyterlab/mathjax2-extension:plugin ``` en bash."
}
],
"metrics": {

4
CVE-2024/CVE-2024-439xx/CVE-2024-43986.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-43986",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-08-29T11:15:26.853",
"lastModified": "2024-08-29T11:15:26.853",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

8
CVE-2024/CVE-2024-447xx/CVE-2024-44760.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-44760",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-28T20:15:08.230",
"lastModified": "2024-08-28T21:35:14.657",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Incorrect access control in the component /servlet/SnoopServlet of Shenzhou News Union Enterprise Management System v5.0 through v18.8 allows attackers to access sensitive information regarding the server."
},
{
"lang": "es",
"value": "El control de acceso incorrecto en el componente /servlet/SnoopServlet de Shenzhou News Union Enterprise Management System v5.0 a v18.8 permite a los atacantes acceder a informaci\u00f3n confidencial sobre el servidor."
}
],
"metrics": {

8
CVE-2024/CVE-2024-447xx/CVE-2024-44761.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-44761",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-28T19:15:08.933",
"lastModified": "2024-08-28T20:35:14.040",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in EQ Enterprise Management System before v2.0.0 allows attackers to execute a directory traversal via crafted requests."
},
{
"lang": "es",
"value": "Un problema en EQ Enterprise Management System anterior a la versi\u00f3n v2.0.0 permite a los atacantes ejecutar un directory traversal a trav\u00e9s de solicitudes manipuladas."
}
],
"metrics": {

8
CVE-2024/CVE-2024-449xx/CVE-2024-44913.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-44913",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-28T18:15:09.707",
"lastModified": "2024-08-28T19:35:21.377",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in the component EXR!ReadEXR+0x40ef1 of Irfanview v4.67.1.0 allows attackers to cause an access violation via a crafted EXR file. This vulnerability can lead to a Denial of Service (DoS)."
},
{
"lang": "es",
"value": "Un problema en el componente EXR!ReadEXR+0x40ef1 de Irfanview v4.67.1.0 permite a los atacantes provocar una violaci\u00f3n de acceso a trav\u00e9s de un archivo EXR creado por un usuario. Esta vulnerabilidad puede provocar una denegaci\u00f3n de servicio (DoS)."
}
],
"metrics": {

8
CVE-2024/CVE-2024-449xx/CVE-2024-44914.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-44914",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-28T18:15:09.780",
"lastModified": "2024-08-28T19:35:22.160",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in the component EXR!ReadEXR+0x3df50 of Irfanview v4.67.1.0 allows attackers to cause an access violation via a crafted EXR file. This vulnerability can lead to a Denial of Service (DoS)."
},
{
"lang": "es",
"value": "Un problema en el componente EXR!ReadEXR+0x3df50 de Irfanview v4.67.1.0 permite a los atacantes provocar una violaci\u00f3n de acceso a trav\u00e9s de un archivo EXR creado por un usuario. Esta vulnerabilidad puede provocar una denegaci\u00f3n de servicio (DoS)."
}
],
"metrics": {

8
CVE-2024/CVE-2024-449xx/CVE-2024-44915.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-44915",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-28T18:15:09.863",
"lastModified": "2024-08-28T19:35:22.957",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in the component EXR!ReadEXR+0x4eef0 of Irfanview v4.67.1.0 allows attackers to cause an access violation via a crafted EXR file. This vulnerability can lead to a Denial of Service (DoS)."
},
{
"lang": "es",
"value": "Un problema en el componente EXR!ReadEXR+0x4eef0 de Irfanview v4.67.1.0 permite a los atacantes provocar una violaci\u00f3n de acceso a trav\u00e9s de un archivo EXR creado por un usuario. Esta vulnerabilidad puede provocar una denegaci\u00f3n de servicio (DoS)."
}
],
"metrics": {

4
CVE-2024/CVE-2024-44xx/CVE-2024-4428.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-4428",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2024-08-29T11:15:27.200",
"lastModified": "2024-08-29T11:15:27.200",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

8
CVE-2024/CVE-2024-450xx/CVE-2024-45043.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-45043",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-08-28T20:15:08.347",
"lastModified": "2024-08-28T20:15:08.347",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The OpenTelemetry Collector module AWS firehose receiver is for ingesting AWS Kinesis Data Firehose delivery stream messages and parsing the records received based on the configured record type. `awsfirehosereceiver` allows unauthenticated remote requests, even when configured to require a key. OpenTelemetry Collector can be configured to receive CloudWatch metrics via an AWS Firehose Stream. Firehose sets the header `X-Amz-Firehose-Access-Key` with an arbitrary configured string. The OpenTelemetry Collector awsfirehosereceiver can optionally be configured to require this key on incoming requests. However, when this is configured it **still accepts incoming requests with no key**. Only OpenTelemetry Collector users configured with the \u201calpha\u201d `awsfirehosereceiver` module are affected. This module was added in version v0.49.0 of the \u201cContrib\u201d distribution (or may be included in custom builds). There is a risk of unauthorized users writing metrics. Carefully crafted metrics could hide other malicious activity. There is no risk of exfiltrating data. It\u2019s likely these endpoints will be exposed to the public internet, as Firehose does not support private HTTP endpoints. A fix was introduced in PR #34847 and released with v0.108.0. All users are advised to upgrade. There are no known workarounds for this vulnerability."
},
{
"lang": "es",
"value": "El m\u00f3dulo AWS Firehose Receiver de OpenTelemetry Collector sirve para ingerir mensajes de flujo de entrega de AWS Kinesis Data Firehose y analizar los registros recibidos seg\u00fan el tipo de registro configurado. `awsfirehosereceiver` permite solicitudes remotas no autenticadas, incluso cuando est\u00e1 configurado para requerir una clave. OpenTelemetry Collector se puede configurar para recibir m\u00e9tricas de CloudWatch a trav\u00e9s de un flujo de AWS Firehose. Firehose establece el encabezado `X-Amz-Firehose-Access-Key` con una cadena configurada arbitraria. El m\u00f3dulo awsfirehosereceiver de OpenTelemetry Collector se puede configurar opcionalmente para requerir esta clave en las solicitudes entrantes. Sin embargo, cuando esto est\u00e1 configurado, **a\u00fan acepta solicitudes entrantes sin clave**. Solo se ven afectados los usuarios de OpenTelemetry Collector configurados con el m\u00f3dulo `awsfirehosereceiver` \u201calfa\u201d. Este m\u00f3dulo se agreg\u00f3 en la versi\u00f3n v0.49.0 de la distribuci\u00f3n \u201cContrib\u201d (o puede incluirse en compilaciones personalizadas). Existe el riesgo de que usuarios no autorizados escriban m\u00e9tricas. Las m\u00e9tricas cuidadosamente manipuladas podr\u00edan ocultar otras actividades maliciosas. No existe riesgo de exfiltraci\u00f3n de datos. Es probable que estos endpoints queden expuestos a la Internet p\u00fablica, ya que Firehose no admite endpoints HTTP privados. Se introdujo una soluci\u00f3n en PR #34847 y se lanz\u00f3 con v0.108.0. Se recomienda a todos los usuarios que actualicen. No existen workarounds conocidos para esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2024/CVE-2024-450xx/CVE-2024-45046.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-45046",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-08-28T21:15:06.603",
"lastModified": "2024-08-28T21:15:06.603",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. In affected versions `\\PhpOffice\\PhpSpreadsheet\\Writer\\Html` doesn't sanitize spreadsheet styling information such as font names, allowing an attacker to inject arbitrary JavaScript on the page. As a result an attacker may used a crafted spreadsheet to fully takeover a session of a user viewing spreadsheet files as HTML. This issue has been addressed in release version 2.1.0. All users are advised to upgrade. There are no known workarounds for this vulnerability."
},
{
"lang": "es",
"value": "PHPSpreadsheet es una librer\u00eda PHP pura para leer y escribir archivos de hojas de c\u00e1lculo. En las versiones afectadas, `\\PhpOffice\\PhpSpreadsheet\\Writer\\Html` no desinfecta la informaci\u00f3n de estilo de las hojas de c\u00e1lculo, como los nombres de las fuentes, lo que permite a un atacante inyectar JavaScript arbitrario en la p\u00e1gina. Como resultado, un atacante puede usar una hoja de c\u00e1lculo manipulada para apoderarse por completo de la sesi\u00f3n de un usuario que visualiza archivos de hojas de c\u00e1lculo como HTML. Este problema se ha solucionado en la versi\u00f3n 2.1.0. Se recomienda a todos los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2024/CVE-2024-450xx/CVE-2024-45048.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-45048",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-08-28T21:15:06.817",
"lastModified": "2024-08-28T21:15:06.817",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. Affected versions are subject to a bypassing of a filter which allows for an XXE-attack. This in turn allows attacker to obtain contents of local files, even if error reporting is muted. This vulnerability has been addressed in release version 2.2.1. All users are advised to upgrade. There are no known workarounds for this vulnerability."
},
{
"lang": "es",
"value": "PHPSpreadsheet es una librer\u00eda PHP pura para leer y escribir archivos de hojas de c\u00e1lculo. Las versiones afectadas est\u00e1n sujetas a la omisi\u00f3n de un filtro que permite un ataque XXE. Esto, a su vez, permite al atacante obtener el contenido de los archivos locales, incluso si el informe de errores est\u00e1 silenciado. Esta vulnerabilidad se ha solucionado en la versi\u00f3n 2.2.1. Se recomienda a todos los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2024/CVE-2024-450xx/CVE-2024-45054.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-45054",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-08-28T20:15:08.547",
"lastModified": "2024-08-28T20:15:08.547",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Hwameistor is an HA local storage system for cloud-native stateful workloads. This ClusterRole has * verbs of * resources. If a malicious user can access the worker node which has hwameistor's deployment, he/she can abuse these excessive permissions to do whatever he/she likes to the whole cluster, resulting in a cluster-level privilege escalation. This issue has been patched in version 0.14.6. All users are advised to upgrade. Users unable to upgrade should update and limit the ClusterRole using security-role."
},
{
"lang": "es",
"value": "Hwameistor es un sistema de almacenamiento local de alta disponibilidad para cargas de trabajo nativas de la nube con estado. Este ClusterRole tiene * verbos de * recursos. Si un usuario malintencionado puede acceder al nodo de trabajo que tiene la implementaci\u00f3n de hwameistor, puede abusar de estos permisos excesivos para hacer lo que quiera con todo el cl\u00faster, lo que da como resultado una escalada de privilegios a nivel de cl\u00faster. Este problema se ha corregido en la versi\u00f3n 0.14.6. Se recomienda a todos los usuarios que actualicen. Los usuarios que no puedan actualizar deben actualizar y limitar el ClusterRole mediante security-role."
}
],
"metrics": {

10
CVE-2024/CVE-2024-450xx/CVE-2024-45057.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-45057",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-08-28T21:15:07.027",
"lastModified": "2024-08-28T21:15:07.027",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "i-Educar is free, completely online school management software that allows school secretaries, teachers, coordinators and area managers. The lack of sanitization of user-controlled parameters for generating HTML field values \u200b\u200bdynamically leads to XSS (Cross-Site Scripting) attacks. The dynamic generation of HTML fields in the ieducar/intranet/include/clsCampos.inc.php file does not perform the correct validation or sanitization, reflecting the user-controlled values \u200b\u200bto be shown in the page's HTML. This allows an attacker to inject a specific XSS payload into a parameter. Successful exploitation of this flaw allows an attacker to trick the victim into clicking a vulnerable URL, enabling JavaScript scripts to be executed in the browser. Due to the configuration of session cookies, with the HttpOnly and SameSite=Lax flags being defined, there is little an attacker can do to steal the session or force the victim to perform actions within the application. This issue hast been patched but a new release has not yet been made. Users are advised to contact the developer and to coordinate an update schedule."
"value": "i-Educar is free, completely online school management software that allows school secretaries, teachers, coordinators and area managers. The lack of sanitization of user-controlled parameters for generating HTML field values ??dynamically leads to XSS (Cross-Site Scripting) attacks. The dynamic generation of HTML fields in the ieducar/intranet/include/clsCampos.inc.php file does not perform the correct validation or sanitization, reflecting the user-controlled values ??to be shown in the page's HTML. This allows an attacker to inject a specific XSS payload into a parameter. Successful exploitation of this flaw allows an attacker to trick the victim into clicking a vulnerable URL, enabling JavaScript scripts to be executed in the browser. Due to the configuration of session cookies, with the HttpOnly and SameSite=Lax flags being defined, there is little an attacker can do to steal the session or force the victim to perform actions within the application. This issue hast been patched but a new release has not yet been made. Users are advised to contact the developer and to coordinate an update schedule."
},
{
"lang": "es",
"value": "i-Educar es un software de gesti\u00f3n escolar totalmente online y gratuito que permite a las secretarias, profesores, coordinadores y responsables de \u00e1rea de la escuela gestionar de forma din\u00e1mica los valores de los campos HTML. La falta de desinfecci\u00f3n de los par\u00e1metros controlados por el usuario para generar din\u00e1micamente los valores de los campos HTML conduce a ataques XSS (Cross-Site Scripting). La generaci\u00f3n din\u00e1mica de los campos HTML en el archivo ieducar/intranet/include/clsCampos.inc.php no realiza la validaci\u00f3n o desinfecci\u00f3n correcta, reflejando los valores controlados por el usuario que se mostrar\u00e1n en el HTML de la p\u00e1gina. Esto permite a un atacante inyectar un payload XSS espec\u00edfico en un par\u00e1metro. La explotaci\u00f3n exitosa de esta falla permite a un atacante enga\u00f1ar a la v\u00edctima para que haga clic en una URL vulnerable, lo que permite que se ejecuten scripts de JavaScript en el navegador. Debido a la configuraci\u00f3n de las cookies de sesi\u00f3n, con los flags HttpOnly y SameSite=Lax definidos, es poco lo que un atacante puede hacer para robar la sesi\u00f3n o forzar a la v\u00edctima a realizar acciones dentro de la aplicaci\u00f3n. Este problema ha sido parcheado pero a\u00fan no se ha realizado una nueva versi\u00f3n. Se recomienda a los usuarios que se pongan en contacto con el desarrollador y coordinen un cronograma de actualizaci\u00f3n."
}
],
"metrics": {

8
CVE-2024/CVE-2024-450xx/CVE-2024-45058.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-45058",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-08-28T21:15:07.283",
"lastModified": "2024-08-28T21:15:07.283",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "i-Educar is free, completely online school management software that allows school secretaries, teachers, coordinators and area managers. An attacker with only minimal viewing privileges in the settings section is able to change their user type to Administrator (or another type with super-permissions). Any user is capable of becoming an administrator, which can lead to account theft, changing administrative tasks, etc. The failure occurs in the file located in ieducar/intranet/educar_usuario_cad.php on line 446 , which does not perform checks on the user's current permission level to make changes. This issue has not yet been patched. Users are advised to contact the developer and to coordinate an update schedule."
},
{
"lang": "es",
"value": "i-Educar es un software de gesti\u00f3n escolar totalmente online y gratuito que permite a las secretarias, profesores, coordinadores y jefes de \u00e1rea de la escuela gestionar sus cuentas de usuario. Un atacante con privilegios m\u00ednimos de visualizaci\u00f3n en la secci\u00f3n de configuraci\u00f3n es capaz de cambiar su tipo de usuario a Administrador (u otro tipo con superpermisos). Cualquier usuario es capaz de convertirse en administrador, lo que puede derivar en robo de cuentas, cambio de tareas administrativas, etc. El fallo se produce en el archivo ubicado en ieducar/intranet/educar_usuario_cad.php en la l\u00ednea 446 , que no realiza comprobaciones sobre el nivel de permisos actual del usuario para realizar cambios. Este problema a\u00fan no ha sido parcheado. Se recomienda a los usuarios ponerse en contacto con el desarrollador y coordinar un calendario de actualizaciones."
}
],
"metrics": {

8
CVE-2024/CVE-2024-450xx/CVE-2024-45059.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-45059",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-08-28T21:15:07.473",
"lastModified": "2024-08-28T21:15:07.473",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "i-Educar is free, completely online school management software that allows school secretaries, teachers, coordinators and area managers. In affected versions Creating a SQL query from a concatenation of a user-controlled GET parameter allows an attacker to manipulate the query. Successful exploitation of this flaw allows an attacker to have complete and unrestricted access to the database, with a web user with minimal permissions. This may involve obtaining user information, such as emails, password hashes, etc. This issue has not yet been patched. Users are advised to contact the developer and to coordinate an update schedule."
},
{
"lang": "es",
"value": "i-Educar es un software de gesti\u00f3n escolar gratuito y completamente online que permite a las secretarias, profesores, coordinadores y responsables de \u00e1rea de la escuela crear una consulta SQL a partir de una concatenaci\u00f3n de un par\u00e1metro GET controlado por el usuario, lo que permite a un atacante manipular la consulta. La explotaci\u00f3n exitosa de esta falla permite a un atacante tener acceso completo y sin restricciones a la base de datos, con un usuario web con permisos m\u00ednimos. Esto puede implicar la obtenci\u00f3n de informaci\u00f3n del usuario, como correos electr\u00f3nicos, hashes de contrase\u00f1as, etc. Este problema a\u00fan no ha sido parcheado. Se recomienda a los usuarios que se pongan en contacto con el desarrollador y que coordinen un cronograma de actualizaci\u00f3n."
}
],
"metrics": {

8
CVE-2024/CVE-2024-452xx/CVE-2024-45232.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-45232",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-29T00:15:09.177",
"lastModified": "2024-08-29T00:15:09.177",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in powermail extension through 12.3.5 for TYPO3. It fails to validate the mail parameter of the confirmationAction, resulting in Insecure Direct Object Reference (IDOR). An unauthenticated attacker can use this to display the user-submitted data of all forms persisted by the extension. This can only be exploited when the extension is configured to save submitted form data to the database (plugin.tx_powermail.settings.db.enable=1), which however is the default setting of the extension. The fixed versions are 7.5.0, 8.5.0, 10.9.0, and 12.4.0"
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en la extensi\u00f3n Powermail hasta la versi\u00f3n 12.3.5 para TYPO3. No se puede validar el par\u00e1metro de correo de la acci\u00f3n de confirmaci\u00f3n, lo que genera una referencia directa a objetos insegura (IDOR). Un atacante no autenticado puede usar esto para mostrar los datos enviados por el usuario de todos los formularios que la extensi\u00f3n mantiene. Esto solo se puede explotar cuando la extensi\u00f3n est\u00e1 configurada para guardar los datos de los formularios enviados en la base de datos (plugin.tx_powermail.settings.db.enable=1), que, sin embargo, es la configuraci\u00f3n predeterminada de la extensi\u00f3n. Las versiones corregidas son 7.5.0, 8.5.0, 10.9.0 y 12.4.0"
}
],
"metrics": {},

8
CVE-2024/CVE-2024-452xx/CVE-2024-45233.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-45233",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-29T00:15:09.293",
"lastModified": "2024-08-29T00:15:09.293",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in powermail extension through 12.3.5 for TYPO3. Several actions in the OutputController can directly be called, due to missing or insufficiently implemented access checks, resulting in Broken Access Control. Depending on the configuration of the Powermail Frontend plugins, an unauthenticated attacker can exploit this to edit, update, delete, or export data of persisted forms. This can only be exploited when the Powermail Frontend plugins are used. The fixed versions are 7.5.0, 8.5.0, 10.9.0, and 12.4.0."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en la extensi\u00f3n Powermail hasta la versi\u00f3n 12.3.5 para TYPO3. Se pueden llamar directamente varias acciones en OutputController debido a comprobaciones de acceso faltantes o implementadas de manera insuficiente, lo que da como resultado un control de acceso interrumpido. Seg\u00fan la configuraci\u00f3n de los complementos de Powermail Frontend, un atacante no autenticado puede aprovechar esto para editar, actualizar, eliminar o exportar datos de formularios persistentes. Esto solo se puede aprovechar cuando se utilizan los complementos de Powermail Frontend. Las versiones corregidas son 7.5.0, 8.5.0, 10.9.0 y 12.4.0."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-454xx/CVE-2024-45435.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-45435",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-29T03:15:05.357",
"lastModified": "2024-08-29T03:15:05.357",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Chartist 1.x through 1.3.0 allows Prototype Pollution via the extend function."
},
{
"lang": "es",
"value": "Chartist 1.x a 1.3.0 permite la contaminaci\u00f3n de prototipos a trav\u00e9s de la funci\u00f3n de extensi\u00f3n."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-454xx/CVE-2024-45436.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-45436",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-29T03:15:05.460",
"lastModified": "2024-08-29T03:15:05.460",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "extractFromZipFile in model.go in Ollama before 0.1.47 can extract members of a ZIP archive outside of the parent directory."
},
{
"lang": "es",
"value": "extractFromZipFile en model.go en Ollama anterior a 0.1.47 puede extraer miembros de un archivo ZIP fuera del directorio principal."
}
],
"metrics": {},

4
CVE-2024/CVE-2024-454xx/CVE-2024-45440.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45440",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-29T11:15:27.083",
"lastModified": "2024-08-29T11:15:27.083",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-54xx/CVE-2024-5417.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5417",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-08-29T11:15:27.387",
"lastModified": "2024-08-29T11:15:27.387",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-56xx/CVE-2024-5622.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5622",
"sourceIdentifier": "cybersecurity@ch.abb.com",
"published": "2024-08-29T11:15:27.447",
"lastModified": "2024-08-29T11:15:27.447",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-56xx/CVE-2024-5623.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5623",
"sourceIdentifier": "cybersecurity@ch.abb.com",
"published": "2024-08-29T11:15:27.563",
"lastModified": "2024-08-29T11:15:27.563",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-56xx/CVE-2024-5624.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5624",
"sourceIdentifier": "cybersecurity@ch.abb.com",
"published": "2024-08-29T11:15:27.673",
"lastModified": "2024-08-29T11:15:27.673",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-58xx/CVE-2024-5857.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5857",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-08-29T11:15:27.780",
"lastModified": "2024-08-29T11:15:27.780",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-59xx/CVE-2024-5987.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5987",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-08-29T11:15:27.977",
"lastModified": "2024-08-29T11:15:27.977",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

8
CVE-2024/CVE-2024-60xx/CVE-2024-6053.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-6053",
"sourceIdentifier": "psirt@teamviewer.com",
"published": "2024-08-28T17:15:11.163",
"lastModified": "2024-08-28T17:15:11.163",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in the clipboard synchronization feature in TeamViewer Full Client prior version 15.57 and TeamViewer Meeting prior version 15.55.3 can lead to unintentional sharing of the clipboard with the current presenter of a meeting."
},
{
"lang": "es",
"value": "Un control de acceso inadecuado en la funci\u00f3n de sincronizaci\u00f3n del portapapeles en TeamViewer Full Client versi\u00f3n anterior a 15.57 y TeamViewer Meeting versi\u00f3n anterior a 15.55.3 puede provocar que se comparta involuntariamente el portapapeles con el presentador actual de una reuni\u00f3n."
}
],
"metrics": {

4
CVE-2024/CVE-2024-65xx/CVE-2024-6551.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6551",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-08-29T11:15:28.183",
"lastModified": "2024-08-29T11:15:28.183",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-69xx/CVE-2024-6927.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6927",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-08-29T11:15:28.410",
"lastModified": "2024-08-29T11:15:28.410",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-71xx/CVE-2024-7132.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7132",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-08-29T11:15:28.463",
"lastModified": "2024-08-29T11:15:28.463",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

84
CVE-2024/CVE-2024-73xx/CVE-2024-7394.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7394",
"sourceIdentifier": "ff5b8ace-8b95-4078-9743-eac1ca5451de",
"published": "2024-08-08T17:15:20.023",
"lastModified": "2024-08-08T18:55:19.180",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-29T13:41:24.487",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -59,9 +59,41 @@
"baseSeverity": "LOW"
}
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "ff5b8ace-8b95-4078-9743-eac1ca5451de",
"type": "Secondary",
@ -73,22 +105,62 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:concretecms:concrete_cms:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.5.18",
"matchCriteriaId": "4066C924-46C2-48F4-AA67-2664B6AC24FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:concretecms:concrete_cms:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.0.0",
"versionEndExcluding": "9.3.3",
"matchCriteriaId": "22477475-FE69-4804-B73E-B3F268F16FE7"
}
]
}
]
}
],
"references": [
{
"url": "https://documentation.concretecms.org/9-x/developers/introduction/version-history/933-release-notes?pk_vid=e367a434ef4830491723055753d52041",
"source": "ff5b8ace-8b95-4078-9743-eac1ca5451de"
"source": "ff5b8ace-8b95-4078-9743-eac1ca5451de",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://documentation.concretecms.org/developers/introduction/version-history/8518-release-notes?pk_vid=e367a434ef4830491723055758d52041",
"source": "ff5b8ace-8b95-4078-9743-eac1ca5451de"
"source": "ff5b8ace-8b95-4078-9743-eac1ca5451de",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://github.com/concretecms/concretecms/commit/c08d9671cec4e7afdabb547339c4bc0bed8eab06",
"source": "ff5b8ace-8b95-4078-9743-eac1ca5451de"
"source": "ff5b8ace-8b95-4078-9743-eac1ca5451de",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/concretecms/concretecms/pull/12166",
"source": "ff5b8ace-8b95-4078-9743-eac1ca5451de"
"source": "ff5b8ace-8b95-4078-9743-eac1ca5451de",
"tags": [
"Issue Tracking",
"Patch"
]
}
]
}

4
CVE-2024/CVE-2024-74xx/CVE-2024-7418.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7418",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-08-29T11:15:28.540",
"lastModified": "2024-08-29T11:15:28.540",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-76xx/CVE-2024-7606.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7606",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-08-29T11:15:28.757",
"lastModified": "2024-08-29T11:15:28.757",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-76xx/CVE-2024-7607.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7607",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-08-29T11:15:28.963",
"lastModified": "2024-08-29T11:15:28.963",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

8
CVE-2024/CVE-2024-77xx/CVE-2024-7744.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-7744",
"sourceIdentifier": "security@progress.com",
"published": "2024-08-28T17:15:11.380",
"lastModified": "2024-08-28T17:15:11.380",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In WS_FTP Server versions before 8.8.8 (2022.0.8), an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Web Transfer Module allows File Discovery, Probe System Files, User-Controlled Filename, Path Traversal.\n\u00a0\n\nAn authenticated file download flaw has been identified where a user can craft an API call that allows them to download a file from an arbitrary folder on the drive where that user host's root folder is located (by default this is C:)"
},
{
"lang": "es",
"value": "En las versiones de WS_FTP Server anteriores a la 8.8.8 (2022.0.8), una vulnerabilidad de limitaci\u00f3n incorrecta de una ruta de acceso a un directorio restringido (\"Path Traversal\") en el m\u00f3dulo de transferencia web permite el descubrimiento de archivos, el sondeo de archivos del sistema, el nombre de archivo controlado por el usuario y Path Traversal. Se ha identificado una falla de descarga de archivos autenticados en la que un usuario puede crear una llamada API que le permite descargar un archivo desde una carpeta arbitraria en la unidad donde se encuentra la carpeta ra\u00edz del host de ese usuario (de manera predeterminada, es C:)"
}
],
"metrics": {

8
CVE-2024/CVE-2024-77xx/CVE-2024-7745.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-7745",
"sourceIdentifier": "security@progress.com",
"published": "2024-08-28T17:15:11.593",
"lastModified": "2024-08-28T17:15:11.593",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In WS_FTP Server versions before 8.8.8 (2022.0.8), a Missing Critical Step in Multi-Factor Authentication of the Web Transfer Module allows users to skip the second-factor verification and log in with username and password only."
},
{
"lang": "es",
"value": "En las versiones del servidor WS_FTP anteriores a 8.8.8 (2022.0.8), un paso cr\u00edtico faltante en la autenticaci\u00f3n multifactor del m\u00f3dulo de transferencia web permite a los usuarios omitir la verificaci\u00f3n de segundo factor e iniciar sesi\u00f3n solo con nombre de usuario y contrase\u00f1a."
}
],
"metrics": {

4
CVE-2024/CVE-2024-78xx/CVE-2024-7856.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7856",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-08-29T11:15:29.173",
"lastModified": "2024-08-29T11:15:29.173",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

8
CVE-2024/CVE-2024-78xx/CVE-2024-7857.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-7857",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-08-29T03:15:05.547",
"lastModified": "2024-08-29T03:15:05.547",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Media Library Folders plugin for WordPress is vulnerable to second order SQL Injection via the 'sort_type' parameter of the 'mlf_change_sort_type' AJAX action in all versions up to, and including, 8.2.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
},
{
"lang": "es",
"value": "El complemento Media Library Folders para WordPress es vulnerable a la inyecci\u00f3n SQL de segundo orden a trav\u00e9s del par\u00e1metro 'sort_type' de la acci\u00f3n AJAX 'mlf_change_sort_type' en todas las versiones hasta la 8.2.2 incluida, debido a un escape insuficiente en el par\u00e1metro proporcionado por el usuario y a la falta de preparaci\u00f3n suficiente en la consulta SQL existente. Esto permite que los atacantes autenticados, con acceso de nivel de suscriptor y superior, agreguen consultas SQL adicionales a las consultas ya existentes que se pueden usar para extraer informaci\u00f3n confidencial de la base de datos."
}
],
"metrics": {

4
CVE-2024/CVE-2024-78xx/CVE-2024-7895.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7895",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-08-29T11:15:29.390",
"lastModified": "2024-08-29T11:15:29.390",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

8
CVE-2024/CVE-2024-81xx/CVE-2024-8193.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-8193",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-08-28T23:15:05.477",
"lastModified": "2024-08-28T23:15:05.477",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.113 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
},
{
"lang": "es",
"value": "El desbordamiento del b\u00fafer de pila en Skia en Google Chrome anterior a la versi\u00f3n 128.0.6613.113 permiti\u00f3 que un atacante remoto que hab\u00eda comprometido el proceso de renderizaci\u00f3n pudiera explotar la corrupci\u00f3n de pila a trav\u00e9s de una p\u00e1gina HTML manipulada. (Gravedad de seguridad de Chromium: Alta)"
}
],
"metrics": {},

8
CVE-2024/CVE-2024-81xx/CVE-2024-8194.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-8194",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-08-28T23:15:06.160",
"lastModified": "2024-08-28T23:15:06.160",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Type Confusion in V8 in Google Chrome prior to 128.0.6613.113 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
},
{
"lang": "es",
"value": "La confusi\u00f3n de tipos en la versi\u00f3n 8 de Google Chrome anterior a la 128.0.6613.113 permit\u00eda a un atacante remoto explotar potencialmente la corrupci\u00f3n del mont\u00f3n a trav\u00e9s de una p\u00e1gina HTML manipulada. (Gravedad de seguridad de Chromium: alta)"
}
],
"metrics": {},

8
CVE-2024/CVE-2024-81xx/CVE-2024-8198.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-8198",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-08-28T23:15:06.243",
"lastModified": "2024-08-28T23:15:06.243",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.113 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
},
{
"lang": "es",
"value": "El desbordamiento del b\u00fafer de pila en Skia en Google Chrome anterior a la versi\u00f3n 128.0.6613.113 permiti\u00f3 que un atacante remoto que hab\u00eda comprometido el proceso de renderizaci\u00f3n pudiera explotar la corrupci\u00f3n de pila a trav\u00e9s de una p\u00e1gina HTML manipulada. (Gravedad de seguridad de Chromium: Alta)"
}
],
"metrics": {},

8
CVE-2024/CVE-2024-82xx/CVE-2024-8250.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-8250",
"sourceIdentifier": "cve@gitlab.com",
"published": "2024-08-29T00:15:09.370",
"lastModified": "2024-08-29T00:15:09.370",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file"
},
{
"lang": "es",
"value": "La falla del disector NTLMSSP en Wireshark 4.2.0 a 4.0.6 y 4.0.0 a 4.0.16 permite la denegaci\u00f3n de servicio a trav\u00e9s de la inyecci\u00f3n de paquetes o un archivo de captura manipulado"
}
],
"metrics": {

4
CVE-2024/CVE-2024-82xx/CVE-2024-8294.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8294",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-08-29T11:15:29.603",
"lastModified": "2024-08-29T11:15:29.603",
"vulnStatus": "Received",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

137
CVE-2024/CVE-2024-82xx/CVE-2024-8295.json Normal file
View File

@ -0,0 +1,137 @@
{
"id": "CVE-2024-8295",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-08-29T12:15:04.537",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in FeehiCMS up to 2.1.1 and classified as critical. This vulnerability affects the function createBanner of the file /admin/index.php?r=banner%2Fbanner-create. The manipulation of the argument BannerForm[img] leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://gitee.com/A0kooo/cve_article/blob/master/feehi_cms/file_upload2/Fichkems%20banner%20file%20upload%20vulnerability.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.276070",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.276070",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.394560",
"source": "cna@vuldb.com"
}
]
}

137
CVE-2024/CVE-2024-82xx/CVE-2024-8296.json Normal file
View File

@ -0,0 +1,137 @@
{
"id": "CVE-2024-8296",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-08-29T13:15:07.087",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in FeehiCMS up to 2.1.1 and classified as critical. This issue affects the function insert of the file /admin/index.php?r=user%2Fcreate. The manipulation of the argument User[avatar] leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://gitee.com/A0kooo/cve_article/blob/master/feehi_cms/file_upload3/Fichkems%20user%20file%20upload%20vulnerability.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.276071",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.276071",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.394568",
"source": "cna@vuldb.com"
}
]
}

141
CVE-2024/CVE-2024-82xx/CVE-2024-8297.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2024-8297",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-08-29T13:15:07.370",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in kitsada8621 Digital Library Management System 1.0. It has been classified as problematic. Affected is the function JwtRefreshAuth of the file middleware/jwt_refresh_token_middleware.go. The manipulation of the argument Authorization leads to improper output neutralization for logs. It is possible to launch the attack remotely. The name of the patch is 81b3336b4c9240f0bf50c13cb8375cf860d945f1. It is recommended to apply a patch to fix this issue."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 6.9,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 5.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-117"
}
]
}
],
"references": [
{
"url": "https://github.com/kitsada8621/Digital-Library-Management-System/commit/81b3336b4c9240f0bf50c13cb8375cf860d945f1",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/kitsada8621/Digital-Library-Management-System/issues/1",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.276072",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.276072",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.394613",
"source": "cna@vuldb.com"
}
]
}

137
CVE-2024/CVE-2024-83xx/CVE-2024-8301.json Normal file
View File

@ -0,0 +1,137 @@
{
"id": "CVE-2024-8301",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-08-29T13:15:07.660",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in dingfanzu CMS up to 29d67d9044f6f93378e6eb6ff92272217ff7225c. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /ajax/checkin.php. The manipulation of the argument username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 6.9,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/Xor-Gerke/webray.com.cn/blob/main/cve/dingfanzu-CMS/dingfanzu-CMS%20checkin.php%20username%20SQL-inject.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.276073",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.276073",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.396294",
"source": "cna@vuldb.com"
}
]
}

68
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-08-29T12:00:17.403939+00:00
2024-08-29T14:00:18.295225+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-08-29T11:15:29.603000+00:00
2024-08-29T13:55:38.203000+00:00
```
### Last Data Feed Release
@ -33,45 +33,51 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
261447
261454
```
### CVEs added in the last Commit
Recently added CVEs: `33`
Recently added CVEs: `7`
- [CVE-2024-29729](CVE-2024/CVE-2024-297xx/CVE-2024-29729.json) (`2024-08-29T11:15:25.357`)
- [CVE-2024-29730](CVE-2024/CVE-2024-297xx/CVE-2024-29730.json) (`2024-08-29T11:15:25.547`)
- [CVE-2024-29731](CVE-2024/CVE-2024-297xx/CVE-2024-29731.json) (`2024-08-29T11:15:25.760`)
- [CVE-2024-38303](CVE-2024/CVE-2024-383xx/CVE-2024-38303.json) (`2024-08-29T11:15:25.970`)
- [CVE-2024-38304](CVE-2024/CVE-2024-383xx/CVE-2024-38304.json) (`2024-08-29T11:15:26.187`)
- [CVE-2024-3944](CVE-2024/CVE-2024-39xx/CVE-2024-3944.json) (`2024-08-29T11:15:26.403`)
- [CVE-2024-43700](CVE-2024/CVE-2024-437xx/CVE-2024-43700.json) (`2024-08-29T11:15:26.757`)
- [CVE-2024-43986](CVE-2024/CVE-2024-439xx/CVE-2024-43986.json) (`2024-08-29T11:15:26.853`)
- [CVE-2024-4428](CVE-2024/CVE-2024-44xx/CVE-2024-4428.json) (`2024-08-29T11:15:27.200`)
- [CVE-2024-45440](CVE-2024/CVE-2024-454xx/CVE-2024-45440.json) (`2024-08-29T11:15:27.083`)
- [CVE-2024-5417](CVE-2024/CVE-2024-54xx/CVE-2024-5417.json) (`2024-08-29T11:15:27.387`)
- [CVE-2024-5622](CVE-2024/CVE-2024-56xx/CVE-2024-5622.json) (`2024-08-29T11:15:27.447`)
- [CVE-2024-5623](CVE-2024/CVE-2024-56xx/CVE-2024-5623.json) (`2024-08-29T11:15:27.563`)
- [CVE-2024-5624](CVE-2024/CVE-2024-56xx/CVE-2024-5624.json) (`2024-08-29T11:15:27.673`)
- [CVE-2024-5857](CVE-2024/CVE-2024-58xx/CVE-2024-5857.json) (`2024-08-29T11:15:27.780`)
- [CVE-2024-5987](CVE-2024/CVE-2024-59xx/CVE-2024-5987.json) (`2024-08-29T11:15:27.977`)
- [CVE-2024-6551](CVE-2024/CVE-2024-65xx/CVE-2024-6551.json) (`2024-08-29T11:15:28.183`)
- [CVE-2024-6927](CVE-2024/CVE-2024-69xx/CVE-2024-6927.json) (`2024-08-29T11:15:28.410`)
- [CVE-2024-7132](CVE-2024/CVE-2024-71xx/CVE-2024-7132.json) (`2024-08-29T11:15:28.463`)
- [CVE-2024-7418](CVE-2024/CVE-2024-74xx/CVE-2024-7418.json) (`2024-08-29T11:15:28.540`)
- [CVE-2024-7606](CVE-2024/CVE-2024-76xx/CVE-2024-7606.json) (`2024-08-29T11:15:28.757`)
- [CVE-2024-7607](CVE-2024/CVE-2024-76xx/CVE-2024-7607.json) (`2024-08-29T11:15:28.963`)
- [CVE-2024-7856](CVE-2024/CVE-2024-78xx/CVE-2024-7856.json) (`2024-08-29T11:15:29.173`)
- [CVE-2024-7895](CVE-2024/CVE-2024-78xx/CVE-2024-7895.json) (`2024-08-29T11:15:29.390`)
- [CVE-2024-8294](CVE-2024/CVE-2024-82xx/CVE-2024-8294.json) (`2024-08-29T11:15:29.603`)
- [CVE-2024-1384](CVE-2024/CVE-2024-13xx/CVE-2024-1384.json) (`2024-08-29T13:15:05.793`)
- [CVE-2024-2541](CVE-2024/CVE-2024-25xx/CVE-2024-2541.json) (`2024-08-29T13:15:06.403`)
- [CVE-2024-3679](CVE-2024/CVE-2024-36xx/CVE-2024-3679.json) (`2024-08-29T13:15:06.627`)
- [CVE-2024-8295](CVE-2024/CVE-2024-82xx/CVE-2024-8295.json) (`2024-08-29T12:15:04.537`)
- [CVE-2024-8296](CVE-2024/CVE-2024-82xx/CVE-2024-8296.json) (`2024-08-29T13:15:07.087`)
- [CVE-2024-8297](CVE-2024/CVE-2024-82xx/CVE-2024-8297.json) (`2024-08-29T13:15:07.370`)
- [CVE-2024-8301](CVE-2024/CVE-2024-83xx/CVE-2024-8301.json) (`2024-08-29T13:15:07.660`)
### CVEs modified in the last Commit
Recently modified CVEs: `1`
Recently modified CVEs: `87`
- [CVE-2016-1000338](CVE-2016/CVE-2016-10003xx/CVE-2016-1000338.json) (`2024-08-29T11:09:05.303`)
- [CVE-2024-45440](CVE-2024/CVE-2024-454xx/CVE-2024-45440.json) (`2024-08-29T13:25:27.537`)
- [CVE-2024-5417](CVE-2024/CVE-2024-54xx/CVE-2024-5417.json) (`2024-08-29T13:25:27.537`)
- [CVE-2024-5622](CVE-2024/CVE-2024-56xx/CVE-2024-5622.json) (`2024-08-29T13:25:27.537`)
- [CVE-2024-5623](CVE-2024/CVE-2024-56xx/CVE-2024-5623.json) (`2024-08-29T13:25:27.537`)
- [CVE-2024-5624](CVE-2024/CVE-2024-56xx/CVE-2024-5624.json) (`2024-08-29T13:25:27.537`)
- [CVE-2024-5857](CVE-2024/CVE-2024-58xx/CVE-2024-5857.json) (`2024-08-29T13:25:27.537`)
- [CVE-2024-5987](CVE-2024/CVE-2024-59xx/CVE-2024-5987.json) (`2024-08-29T13:25:27.537`)
- [CVE-2024-6053](CVE-2024/CVE-2024-60xx/CVE-2024-6053.json) (`2024-08-29T13:25:27.537`)
- [CVE-2024-6551](CVE-2024/CVE-2024-65xx/CVE-2024-6551.json) (`2024-08-29T13:25:27.537`)
- [CVE-2024-6927](CVE-2024/CVE-2024-69xx/CVE-2024-6927.json) (`2024-08-29T13:25:27.537`)
- [CVE-2024-7132](CVE-2024/CVE-2024-71xx/CVE-2024-7132.json) (`2024-08-29T13:25:27.537`)
- [CVE-2024-7394](CVE-2024/CVE-2024-73xx/CVE-2024-7394.json) (`2024-08-29T13:41:24.487`)
- [CVE-2024-7418](CVE-2024/CVE-2024-74xx/CVE-2024-7418.json) (`2024-08-29T13:25:27.537`)
- [CVE-2024-7606](CVE-2024/CVE-2024-76xx/CVE-2024-7606.json) (`2024-08-29T13:25:27.537`)
- [CVE-2024-7607](CVE-2024/CVE-2024-76xx/CVE-2024-7607.json) (`2024-08-29T13:25:27.537`)
- [CVE-2024-7744](CVE-2024/CVE-2024-77xx/CVE-2024-7744.json) (`2024-08-29T13:25:27.537`)
- [CVE-2024-7745](CVE-2024/CVE-2024-77xx/CVE-2024-7745.json) (`2024-08-29T13:25:27.537`)
- [CVE-2024-7856](CVE-2024/CVE-2024-78xx/CVE-2024-7856.json) (`2024-08-29T13:25:27.537`)
- [CVE-2024-7857](CVE-2024/CVE-2024-78xx/CVE-2024-7857.json) (`2024-08-29T13:25:27.537`)
- [CVE-2024-7895](CVE-2024/CVE-2024-78xx/CVE-2024-7895.json) (`2024-08-29T13:25:27.537`)
- [CVE-2024-8193](CVE-2024/CVE-2024-81xx/CVE-2024-8193.json) (`2024-08-29T13:25:27.537`)
- [CVE-2024-8194](CVE-2024/CVE-2024-81xx/CVE-2024-8194.json) (`2024-08-29T13:25:27.537`)
- [CVE-2024-8198](CVE-2024/CVE-2024-81xx/CVE-2024-8198.json) (`2024-08-29T13:25:27.537`)
- [CVE-2024-8250](CVE-2024/CVE-2024-82xx/CVE-2024-8250.json) (`2024-08-29T13:25:27.537`)
- [CVE-2024-8294](CVE-2024/CVE-2024-82xx/CVE-2024-8294.json) (`2024-08-29T13:25:27.537`)
## Download and Usage

183
_state.csv
View File

@ -83291,7 +83291,7 @@ CVE-2016-1000282,0,0,66e83b6ab3ee42a8bbdc746894acad8039245384a798c1ca7f8000c527a
CVE-2016-10003,0,0,e8b225d473ea5bc8596793189680b6a74993f392f4f18273f1c125dc3667f401,2024-02-02T03:03:55.400000
CVE-2016-1000306,0,0,58929e18d7a88d76b38c9344afa685c5dfce19e3aaa94be62e69e6459dd884bf,2023-11-07T02:29:26.900000
CVE-2016-1000307,0,0,bd4178c1c1fe6f95be6768310a7d45f2219507d406f6b636cf26d421c70a44ed,2017-04-12T18:47:39.847000
CVE-2016-1000338,0,1,36122f4da4a1352af4e6678f167dd3e993e014d4785b51b9370ccd405265e175,2024-08-29T11:09:05.303000
CVE-2016-1000338,0,0,36122f4da4a1352af4e6678f167dd3e993e014d4785b51b9370ccd405265e175,2024-08-29T11:09:05.303000
CVE-2016-1000339,0,0,4cb63073790ec83e24d1eee93dbf56c193741a7586104f79b20c9e49d4502110,2020-10-20T22:15:16.997000
CVE-2016-1000340,0,0,0cd9852c68b6752a64fd008af4174c3d07b57fcc72d0baa3557a19215505fa97,2020-10-20T22:15:17.140000
CVE-2016-1000341,0,0,5cc8f3a0fc7f70fa37111c8016e3b6ceab83f7b18286384b6b91814eeede5244,2020-10-20T22:15:17.247000
@ -185186,7 +185186,7 @@ CVE-2021-44416,0,0,372a7a47904a006de375c34cee672a832db0dfbab964ded7dec098507fa57
CVE-2021-44417,0,0,9c36d12be034c139930a87f51b578ba028993c44da9104d4c126e6bba02ffd2c,2022-10-25T17:30:47.387000
CVE-2021-44418,0,0,648d66faa7f00266afc7968ca015d44a8fb0bd01a7644bca834c8ee2dd52940e,2022-10-07T17:27:03.357000
CVE-2021-44419,0,0,bd976456f08eed6a2c5c817220dcab8a42904ee48415770dd148ee6a19ed6a4a,2022-10-25T17:30:06.647000
CVE-2021-4442,1,1,7bbb8925aa363af241c15ca3cddea3140ed4bc71593c13b036c86f1e9c242e04,2024-08-29T11:15:23.413000
CVE-2021-4442,0,1,5f2f919cb7ccf4eb213ac6825ee4f2a37f3033de479015047f00e06a861808e6,2024-08-29T13:25:27.537000
CVE-2021-44420,0,0,a602170b9adad3b521d3da8453af30ed03e707b53334cbc72e0352c14922570a,2023-11-07T03:39:38.700000
CVE-2021-44421,0,0,1476e1370ffcc53e6e2d74dfc9f360009856c28d2e2306f672b781fbbed28609,2022-03-15T15:22:28.337000
CVE-2021-44422,0,0,68849cc8e1629494b81252315c457dc197d34a62815659c7039c6e8862cb146d,2021-12-27T20:24:38.683000
@ -193446,7 +193446,7 @@ CVE-2022-24396,0,0,0debc179f58e63b300bcd5b1187eb1948b30c02d7babb963d9f8dbbd99e61
CVE-2022-24397,0,0,b778825b07900395e1f26d06ced8e425f9f48ebe0ba5aa51e06200e28869028d,2022-03-16T18:32:08.463000
CVE-2022-24398,0,0,1471ad71605bebfde387a25fa468fd00cc01758fac7083320ea673628433893e,2022-03-16T16:27:56.277000
CVE-2022-24399,0,0,c721ed982df67d1bc5cc48cb4aa54e72e5f2cabd1e48566839710d1c92a4d3e4,2022-12-22T20:35:04.993000
CVE-2022-2440,1,1,b9622c814a61349d2f053e53635bc50a2d250d0da8a442b6c7ca524fa2864a83,2024-08-29T11:15:23.790000
CVE-2022-2440,0,1,4da0d0b19259862fe149e54115a554ad286df21aecb8f03861f9ab68c7adb458,2024-08-29T13:25:27.537000
CVE-2022-24400,0,0,43a8c3b4d64e8d1044fb96ff1ebda066aedabf01e025987f934efbc2a0e67bee,2023-11-07T03:44:27.860000
CVE-2022-24401,0,0,cbaf010e0018da74ef9b46493dc430dc477d885b7bda4398834a645d97d6cec5,2023-11-07T03:44:27.963000
CVE-2022-24402,0,0,04312e5c48416b2b0e895d6f4e38fc2000c2ef3932f423fb6358b115788462f9,2023-11-07T03:44:28.100000
@ -242343,6 +242343,7 @@ CVE-2024-1380,0,0,1c390e3978eb6f331393cad3863c002617264aabe196cd2683b703cbd37866
CVE-2024-1381,0,0,ef72e89e79a6e81e931361d7395d617cf305f1e64f8c84912db534518cd87432,2024-03-05T13:41:01.900000
CVE-2024-1382,0,0,39ef079a75e670ba8624eca288eeb6e2d76aa05a137eb237874d73319bc0b1a1,2024-03-07T13:52:27.110000
CVE-2024-1383,0,0,008850b53bfc9e3887db91e1dcfa0ad38f3c7f17c8652629fc512a2d492fa539,2024-03-13T18:15:58.530000
CVE-2024-1384,1,1,8ddff4f6a092b575b2f1f68bfd61ed7b8cd220bd1bd7879e5fd8ce58465d86de,2024-08-29T13:25:27.537000
CVE-2024-1385,0,0,0820fb6305ae9c9acc31c74a440a8869c10896fe1578e4049a5b4146fa49d438,2024-04-08T18:49:25.863000
CVE-2024-1386,0,0,4c50eb1ea078928867e1daa62df4fab345a42c579981230726958beab55e7320,2024-05-02T18:00:37.360000
CVE-2024-1387,0,0,171cd5527af6e20942bb2f9fdd1995a9525b8e2f55ab7f2995b25f13cb6e5ca5,2024-04-10T13:24:00.070000
@ -243033,16 +243034,16 @@ CVE-2024-20272,0,0,9a8b431abc55ae18c0094ec2d1030d59c5263518a92577c729598443278bb
CVE-2024-20276,0,0,77220479d2c4e0a0ce7772faba7bb9374ec34b0cd2307655f714f3eba6dc1b93,2024-03-27T17:48:21.140000
CVE-2024-20277,0,0,736a7d458de43e0c8ef102aeef0adf3c0541fbbca3219355ca4fb06899462f58,2024-02-02T16:15:54.787000
CVE-2024-20278,0,0,12aa1590b3e8a6125d7154bf2a045b19659a28fc2d4df972ed53df9e81e82c57,2024-03-27T17:48:21.140000
CVE-2024-20279,0,0,d70470f037b7d05c267fe837a51ffe0ea6cc65e6c53b86c34aa33cd4290cbcab,2024-08-28T17:15:06.113000
CVE-2024-20279,0,1,05b20e0d8f3b8cda00d50e64da3647c27567cdb3c3b97e828571e56bf1250500,2024-08-29T13:25:27.537000
CVE-2024-2028,0,0,e06846e6ba84daa4133d99af11982cf4b0bb14edf4a6a3dc6070516f4e834b30,2024-03-13T18:15:58.530000
CVE-2024-20281,0,0,70f852907bc1bd5fcb581ca3147fb954d228d92f21dde79d0c952efed558ff29,2024-04-03T17:24:18.150000
CVE-2024-20282,0,0,f6e711a9a9efd85ad7bd0b3c7c022b317810618a7b30ebfdd488c3c43efc8cbb,2024-04-03T17:24:18.150000
CVE-2024-20283,0,0,89838f66dfd213c04e8273f1b3b892c92b85a1c5cc369285f3f9a454f716823b,2024-04-03T17:24:18.150000
CVE-2024-20284,0,0,94e1b74ffedc9173b8687d071116f5d7bd8dbce82f75276fdc4216fa70f2122c,2024-08-28T17:15:06.893000
CVE-2024-20285,0,0,07291ba086d427d7b395cf9a023737a945604fe3a97c30185e3a52ee5edcf578,2024-08-28T17:15:07.687000
CVE-2024-20286,0,0,a48dde2bf690927e83a911609ce24cf903143a97cbd6a6810f27d7b184f6f6a3,2024-08-28T17:15:08.400000
CVE-2024-20284,0,1,709f3cb69d09f3b634d846af0b80f59fd2c4aaa23e8c655f37fa93b0885ed376,2024-08-29T13:25:27.537000
CVE-2024-20285,0,1,72fbbaafdb89aa3aff17a6a08109a599a5c5a36fc39ac02c13f5da21e82ffbcd,2024-08-29T13:25:27.537000
CVE-2024-20286,0,1,14a3316f5238ceda4d300a7ebd223adf7dbdff97303cb3144e58d57417cf28f0,2024-08-29T13:25:27.537000
CVE-2024-20287,0,0,a744ff6c1bd94e5b436bea194b1f93eaa24b8e47ada607591c8d284066172138,2024-02-02T16:15:54.887000
CVE-2024-20289,0,0,1464ce9b0a93176e874120a5b2b1063011bc50adc24c2ed4daf27402f4108fdb,2024-08-28T17:15:09.117000
CVE-2024-20289,0,1,67b207e27b4f7addc83d99ce2a16d9a68d81f19bcf8b318a5e667a8a27d96ef2,2024-08-29T13:25:27.537000
CVE-2024-2029,0,0,354f931e93072109dced3bc73857c32e7a282fc5266016d20bde6f1070f10b9d,2024-04-10T19:49:51.183000
CVE-2024-20290,0,0,95fa55047489b4a2ee370988084e137cebac8acab30010c47f69339f30b23cb9,2024-02-15T15:43:27.240000
CVE-2024-20291,0,0,c2ed04ab4eaaddf8b1bcc5dc083481f305536f5151be36cfe21c14f02472ee22,2024-02-29T13:49:29.390000
@ -243131,8 +243132,8 @@ CVE-2024-20401,0,0,4e570494182ec3fb0c9186b46f7948499e59b61e9f8ec1f0ca5200f010002
CVE-2024-20404,0,0,9ff8f593f71d4a0ff7aecb6b668971610942799ed16450e68ad59cf7f0b9f5af,2024-06-13T20:25:46.837000
CVE-2024-20405,0,0,2fa5b4e65c2f399507a2e57227d51876c94b3517d024d761ea8ec8bc4f4a8a91,2024-06-18T18:04:04.497000
CVE-2024-2041,0,0,7b4fc911113d944c485bed2a7f958b069e0536bf197811dc0e3dcb8018df3bd7,2024-05-06T14:15:07.747000
CVE-2024-20411,0,0,395490d5288175386abbe9557d871d79478d52ab619dea23e01f03ed9b1e8c1f,2024-08-28T17:15:09.500000
CVE-2024-20413,0,0,de84dfc41b4c606cc815faeb075f0d5e99c6a9bd6cf3cdba0004c89c4dc6eddd,2024-08-28T17:15:09.763000
CVE-2024-20411,0,1,4f003e5090f28bf95bd35a4fbdae5180d9a8ba20c425549807eec3131f67ce95,2024-08-29T13:25:27.537000
CVE-2024-20413,0,1,86bcdec57862054505f9b68ddff1575eb21295556bb50a8805e2f8ad7064ffd1,2024-08-29T13:25:27.537000
CVE-2024-20416,0,0,36fba5d0b9a663051d43c2072f34c721bf06b423d2ffa103fc7cf93ef9750d67,2024-07-18T12:28:43.707000
CVE-2024-20417,0,0,2b2621922f4e9896d58ad85f7dd970402245ce4da0539fb0012d7404735b7f45,2024-08-22T12:48:02.790000
CVE-2024-20419,0,0,0795f6e87845f9b46dc3400495c49fb48a047d8ed4e9d1842a04ff7724f0ad68,2024-08-13T17:15:22.787000
@ -243142,7 +243143,7 @@ CVE-2024-2043,0,0,7a3896d230f6f1ae602a08f92e2eaaa644b5893021849dee8a675eb9b7c81e
CVE-2024-20435,0,0,bea0a896db86de220514ce1618de53b05523503910f680b3361f4c8bb8734dd9,2024-07-18T12:28:43.707000
CVE-2024-2044,0,0,20580816ecbcb2d456bf5030911ad2dbba893322604e54631bb30d65d5e1ff74,2024-08-01T13:49:39.293000
CVE-2024-20443,0,0,272afbe0465f6648950651b716899dcfcb722318ac954aaaf0e63544fb83de9e,2024-08-23T15:18:06.347000
CVE-2024-20446,0,0,a1f458363061be398c6f14b4fa2ac064da5d71cc04c03ec0fa0519fcf8eb70fe,2024-08-28T17:15:09.997000
CVE-2024-20446,0,1,170308ac86546c99c2d31d486f326554296a9af4794b673e7a60dd04eb019f30,2024-08-29T13:25:27.537000
CVE-2024-2045,0,0,711ac9453656184dc732c4f4633f4f7bda646ec847d7f0c1c60c568976f58aa0,2024-03-01T14:04:26.010000
CVE-2024-20450,0,0,a40597aa01c7c808e6329a0cff711d7709db0a15729885e98911c863c6fe701c,2024-08-23T18:14:43.787000
CVE-2024-20451,0,0,616ab4cb2b50cee49c462941d4d3e48792a6a3c09b725bd97a134b2f4a53bec9,2024-08-23T18:14:11.137000
@ -243150,7 +243151,7 @@ CVE-2024-20454,0,0,b7df5fe3c7f3ad82ec42e5ba189942703f651e8bba204ff78589b452573f7
CVE-2024-20456,0,0,bf56f0f0f8d3ed0f6616c43fc8ca6a47b6257ec17aaac25185ba7a05790b5cc9,2024-07-11T13:05:54.930000
CVE-2024-20466,0,0,d9adbd7a5cfca4a39494a47969f1c31ae3805a9aa7b4cd0a12535f31685e123d,2024-08-22T12:48:02.790000
CVE-2024-2047,0,0,65f16d2420b90c918e9e57877aac5f0440eb772d779ccbd58288e6312f3c8025,2024-04-01T01:12:59.077000
CVE-2024-20478,0,0,c7f81a4150a4b8f4abbdfe0686f6cf7280c0fc2d9ab56aa66625f46f1240ded1,2024-08-28T17:15:10.220000
CVE-2024-20478,0,1,2552b4b9bbc0a5cff57b3b8f7e9d97910094a88aceb9d33bb06e1a51f9db4e5e,2024-08-29T13:25:27.537000
CVE-2024-20479,0,0,ced5b461eb6ab05478119ddf8b399bbc19a6ff248adc19d6fde8eab586c6db76,2024-08-23T15:14:45.913000
CVE-2024-2048,0,0,3fe9d949673d5eedf190595df45c4c7d30c6a66a4722ea0631f740f815dd3cc0,2024-06-10T17:16:25.067000
CVE-2024-20486,0,0,1ec7a6c2a991b67e11827b3b316fed30b5b5340988b303f9088e0f10e2e894f9,2024-08-22T12:48:02.790000
@ -244659,8 +244660,8 @@ CVE-2024-22421,0,0,99c38d3298b2bf5bb9fdc84d4f8b3a7acace84723f90c65f7cbbc69e6ce9c
CVE-2024-22422,0,0,bf1b7db87778b518f08d5155d6846f47fb3f9a9aab63a208beaa67919e005bc9,2024-01-25T22:19:52.030000
CVE-2024-22423,0,0,1b933ba1ea433289dd324786d954661b21d8f6a26a0a0fc3e62a3ada9af9073a,2024-04-10T16:15:09.793000
CVE-2024-22424,0,0,e41de4e5b88e38ba83c521498714241036619afde56b4e9066fe088dbecc1ce9,2024-08-07T15:43:51.540000
CVE-2024-22425,0,0,becc90df4034aa7c09ca8901fb304afa488477587c07d65355eaeb277dbc4bf5,2024-02-16T13:37:51.433000
CVE-2024-22426,0,0,6cd1de8ede18aeab9a9939cc46682f0cf77d2044a000263107d14ea6ffb71e98,2024-02-16T13:37:51.433000
CVE-2024-22425,0,1,4463c1b0099c20240ff7bea74998bf76f153d43547160f7ed0a36a514c3b9410,2024-08-29T13:15:06.060000
CVE-2024-22426,0,1,a32ba2513e2bc779f1ff66bc538410f6d2c9643a82691085281dc5970ae40e44,2024-08-29T13:15:06.197000
CVE-2024-22428,0,0,8194cae8c0c923050637f1a5eba79b754f48c489fb7501ce28ea36624191c54b,2024-01-23T14:13:19.053000
CVE-2024-22429,0,0,9b68b129a84f9cab77768773f09c47846afa6114c8e83a72039b112e9b26c65f,2024-05-17T18:35:35.070000
CVE-2024-2243,0,0,e9f5bdfaef0b6d760b2375cadd786cd9763c71b1a8987da492d90b75ae347fc1,2024-04-10T13:23:38.787000
@ -246487,6 +246488,7 @@ CVE-2024-25398,0,0,1ca4a836d24b5db40e48b55b365c5f32c1298501340103a0d376f4b670c71
CVE-2024-25399,0,0,1476dc50a563fb725fe1946b55f2c733462e19d80809e452ba10c245f29defa3,2024-02-28T14:07:00.563000
CVE-2024-25400,0,0,5a1a699f766ac616b34401ab3d26cec4ee9ace8ad79386f513c8e8091e234b3c,2024-08-12T13:38:17.123000
CVE-2024-25407,0,0,acf0dedeaaf5cb4ed513286f293369fa64a4aa24615bdc4521396e5298313ce4,2024-02-13T14:01:40.577000
CVE-2024-2541,1,1,6831f1071bbe94c2f4ec69bfa8edc308ed0121a7521cce2afeb4bad33c9a82ef,2024-08-29T13:25:27.537000
CVE-2024-25410,0,0,bd9e79518cb72a7506fa003003f0ba0ca5f3409a943529c82b970295f2c8078b,2024-08-16T17:35:06.847000
CVE-2024-25413,0,0,e60164141d6ef6aae483b347bcb438f10cf90b0fdc503439bf774c3a45e4d7f4,2024-08-06T16:35:06.130000
CVE-2024-25414,0,0,e37faede54af522703a4e537065f1d12f9e2e079cddb040df250a6ab47704e37,2024-02-16T13:37:51.433000
@ -249514,16 +249516,16 @@ CVE-2024-2969,0,0,8544d89f42684c11ff0ce4f59b9b332aa5f1a74abb30a148c14e95ecc35686
CVE-2024-2970,0,0,fc9de7221826a902f3a6cf19f3180d33eaf927389762bf1e23aea5c70762ccb6,2024-03-29T12:45:02.937000
CVE-2024-2971,0,0,9515cf628b34137ac014a8bc7d614bd445c5e05c6a07bb53515b2fc0d7b4fdaa,2024-03-27T12:29:30.307000
CVE-2024-2972,0,0,3771d0e64c82e60dbf132bba6647e15b9ad9d47823c5e525c2ccab39d1c1d845,2024-04-24T13:39:42.883000
CVE-2024-29723,1,1,60662dc752cc1a09ff6f118d876519ee79cc3236a900a0367a38b995024f9385,2024-08-29T11:15:24.160000
CVE-2024-29724,1,1,d3e2bbf0f52851408b080e731b358580ebbe3bfdeea9814f108b720166a35689,2024-08-29T11:15:24.383000
CVE-2024-29725,1,1,b23dc12621aee91d49ab556299065fc76be273f43e7fd079fd855885dd8d24bf,2024-08-29T11:15:24.573000
CVE-2024-29726,1,1,62ac1f9e68c5a801c0cf0b420311ded633efab76dc9e672b04fe55066ce4bb88,2024-08-29T11:15:24.767000
CVE-2024-29727,1,1,bdd976ac91609333720d513958387ab60206b47fed70ec004b17bdc8010c4864,2024-08-29T11:15:24.977000
CVE-2024-29728,1,1,0612477ddc2f1140903f2514cde9794d9858fc7612adc51b4947129d7463b1a3,2024-08-29T11:15:25.163000
CVE-2024-29729,1,1,4b26fca3ab7503aa250e7292ad6b8b5a2d8a615bc71b99d6008bea2452d983ba,2024-08-29T11:15:25.357000
CVE-2024-29723,0,1,d90d18dec68160096d5d8dfe7291ac2e321173ef407f20893c32353a492b1783,2024-08-29T13:25:27.537000
CVE-2024-29724,0,1,55655e448ac09ab62187148fa49304ecc7878e3b2b7b6bc9fc75847841293ed5,2024-08-29T13:25:27.537000
CVE-2024-29725,0,1,3f7e2d552b76ccb793380759acba73813ddbaa0ce872bd5b5729858789152967,2024-08-29T13:25:27.537000
CVE-2024-29726,0,1,15877539f604c4c9a4319a993203b09105efe869fa020d0830ed7a0da78c5686,2024-08-29T13:25:27.537000
CVE-2024-29727,0,1,3ebc5b72e65bb2a0e3db865ba91cf7f4a915534ffbfb9b1c9d1f1f67a509b586,2024-08-29T13:25:27.537000
CVE-2024-29728,0,1,d8db5affb7332777d23394f536be22de3927aaef635ddf8abf3a63082c848d6a,2024-08-29T13:25:27.537000
CVE-2024-29729,0,1,d1a3d1fc41f2cf0d86e0e8c32a9b9571ffe5e52fe18df687a65eb45214502a58,2024-08-29T13:25:27.537000
CVE-2024-2973,0,0,e93d65866932c82af8b50e3b7af91564bce393a65c7a315e9b3d7b174fddfb22,2024-06-28T10:27:00.920000
CVE-2024-29730,1,1,cc3428bf1237d21db1c0aa41665b5df7d063d97b291467ec7a92ec1dfa4509a0,2024-08-29T11:15:25.547000
CVE-2024-29731,1,1,4c2e56a4faaf5b465568cfd38153d4bc6bec4b5c892d31e301eb615bd3a50c0d,2024-08-29T11:15:25.760000
CVE-2024-29730,0,1,36c18e11ec13d9f9f90cb1346b81c447389c8ad15e99cd575ebececc4b9d01d8,2024-08-29T13:25:27.537000
CVE-2024-29731,0,1,0b7c738426eb2fe72ee45316055d3d3e2c8fef65d55c114a3114215f778fb60c,2024-08-29T13:25:27.537000
CVE-2024-29732,0,0,e30fc06180575c1796869bb0b4fa02497c40c6d7939d34aba0362f12c2710f0b,2024-03-21T12:58:51.093000
CVE-2024-29733,0,0,0811972ef853088b726fd2b07316244d1d628e55e310910ac8174bd65d097612,2024-07-03T01:52:30.320000
CVE-2024-29734,0,0,65bb1ba04f673142d3081922c5e4533cd4af140db3cdfbbce09ab73848e3b6c3,2024-04-03T12:38:04.840000
@ -252756,7 +252758,7 @@ CVE-2024-3418,0,0,502fc54d23469afbe964523306f6a78a43aa4bbda684d42d8a15714665a919
CVE-2024-3419,0,0,55e9e939cce7031c82bff2b248ad3247eb5f6b71fadfe890fcd9e67ed87233e2,2024-05-17T02:39:54.607000
CVE-2024-34191,0,0,dbd580573375fd2d1820adc0049af00ef94f1f54fcce834415d344bda1271c56,2024-05-14T19:17:55.627000
CVE-2024-34193,0,0,e28053bd0a22d022848badc9c3f75e2fb164790fa29e948e479e4871e120d21a,2024-08-20T15:35:11.077000
CVE-2024-34195,0,0,85b392229a6201caf031923e85b74fa52c56af0784be74d04a74145fdcf21d9f,2024-08-28T20:35:10.893000
CVE-2024-34195,0,1,185ac0e1be787dd0b34c0629906ac5b9a248622f89ad1f748020dcdc7c100cd2,2024-08-29T13:25:27.537000
CVE-2024-34196,0,0,fa10f060dde56de72ad527f194a43f50d5d3befcfd4eea3294712a1774de38b0,2024-08-01T13:52:15.947000
CVE-2024-34198,0,0,ba93ef8fc5dbbb63bf24a83115f601ac65bb25dbfcfc498c53d09eed142379f4,2024-08-28T15:46:39.613000
CVE-2024-34199,0,0,27f51e6e9a085d1edb0a1380e0bfff4433e52f8f9e25d5bec96a743b9a9ffd85,2024-07-03T01:59:29.647000
@ -254501,6 +254503,7 @@ CVE-2024-36783,0,0,dbc11dc9218015de97a73e96cb005d8a036c1d720a02ae2fb7f59dd28b9e4
CVE-2024-36787,0,0,26b242769047937307c486de3dde435edbd1d09662a165684d61f83fd541fbdd,2024-08-01T13:53:17.367000
CVE-2024-36788,0,0,ce421f00af3050883a12bce11fefd1ad9628128d70c1a012c0032b203b9673fd,2024-06-07T19:24:09.243000
CVE-2024-36789,0,0,e3781e3969948bd92ae74a8bb78c5b0d32bc5708516429d524b2a965c1c4e0b5,2024-08-15T16:35:11.633000
CVE-2024-3679,1,1,346d11068b4cc9664c7fd0d677228ce08fea56c2a83a5e0bdba0b0b8a7eb8183,2024-08-29T13:25:27.537000
CVE-2024-36790,0,0,f8247224261f96e31ccf08410164dd4379381055fde60fa853baf6df22465be3,2024-08-14T20:35:14.473000
CVE-2024-36792,0,0,fabceb2ff375c58d64c9553c86e9784f4de9e6f1c14eeb688305657805693eab,2024-07-03T02:03:37.690000
CVE-2024-36795,0,0,421d7caed3f1bfdd012cee0400460351c045d5fa781e1724ee2bfb8de7fe2f98,2024-08-22T16:35:04.130000
@ -255515,8 +255518,8 @@ CVE-2024-38294,0,0,f88948441f6418893f991fd0ef34dfd45f0e02ebcb8e39fd787f2f64385d5
CVE-2024-38295,0,0,c8378492e2d02be00aeda8d1da5a5ec5803f1a3bcf3481a4ca52e9e0e7261335,2024-08-02T18:10:46.607000
CVE-2024-38301,0,0,0aaba53899fa63c6f65cba4d5faa4104f18194e9cd1a78452f451bbbdb780cd8,2024-08-08T17:01:45.347000
CVE-2024-38302,0,0,e77ca3bd1f42a6aa7992c70d7c2a8c98c0238a3f11a590553b92597fb717d1f6,2024-07-19T13:01:44.567000
CVE-2024-38303,1,1,ad943e0c1c748fabf9ab0237ca95f69c70ebb55e3dee929ae1d6ef497b14a6ea,2024-08-29T11:15:25.970000
CVE-2024-38304,1,1,ed1f9b94148fba5a138ff2483dcb4daa5edc5c76370b6213d3becb255499b1de,2024-08-29T11:15:26.187000
CVE-2024-38303,0,1,c7b5a51817f2a1a0ebc708751d758e8b7c05c5feea59a6e0d9e1abbf65c3c7ce,2024-08-29T13:25:27.537000
CVE-2024-38304,0,1,1533620b56095e61cefff368d701e3aced2158147e2051c648eac5a7bba0ae3c,2024-08-29T13:25:27.537000
CVE-2024-38305,0,0,50405e5762e7554d2baff98400d3410fc2903bcdf76c1f98cd2e184e9e25e075,2024-08-21T12:30:33.697000
CVE-2024-38306,0,0,302c251894cd8175c95dcaa248535d0e8a6962400e46ca01099390440f888d26,2024-06-25T18:50:42.040000
CVE-2024-3831,0,0,50e818929dc56e84afc0dd8fe8fae7a8b323529f272034386ddae5543191124f,2024-05-14T16:11:39.510000
@ -256194,7 +256197,7 @@ CVE-2024-39428,0,0,5d03789c96f23918b1ab1ea6fa6e056174329d182d27e72cc9dae9827964f
CVE-2024-39429,0,0,e5307c82d36950beba8c9942e931fdf6e3ccb2f9d59fae72d11a48dd470f78ba,2024-08-27T17:44:02.903000
CVE-2024-3943,0,0,fecb7894fc8f71bb1eb318ec20be6409020b761b3221fbb9ca597f81fb48f5da,2024-05-30T13:15:41.297000
CVE-2024-39430,0,0,1e2b9ea56442b26f7737a9950103fafe605e5c7a90c854837eacf7ef42d0ec7f,2024-08-27T17:44:25.593000
CVE-2024-3944,1,1,43f17057ad560956eabbd9dddfe553c1bbcb0fd738ccdc8e77d3a43e7901f3f3,2024-08-29T11:15:26.403000
CVE-2024-3944,0,1,0efd517249d5abd23d4ecaaf8b5a788ce65adb9d6631526affc72f12ff9c041b,2024-08-29T13:25:27.537000
CVE-2024-3945,0,0,f529a76504b589632a786b994a7e59172142cd26cd001d628e7f3ff9658da8b1,2024-05-30T13:15:41.297000
CVE-2024-39457,0,0,71348762cda2a65a9fb6ee86fb97ddb6684e341009bf79ffb50846af36c0e45a,2024-08-22T17:33:32.373000
CVE-2024-39458,0,0,057d26d6064abe38c6844996c076741573b3fb5797f6e26a9cfc5dd443dbc18e,2024-06-27T12:47:19.847000
@ -256879,10 +256882,10 @@ CVE-2024-40905,0,0,96eb254d5f8b6d07fa83b1d2229752059acc8f42da01741b8cbd4eaae0423
CVE-2024-40906,0,0,5c60c6a51bf3d33fb56a478deec3a7b641b4f91617f4ad721d7d102664d4f879,2024-07-12T16:34:58.687000
CVE-2024-40907,0,0,9fa3647e2363eef4d89cec67d70bce284a36061040d50631b9ed8c8182723c64,2024-07-12T16:34:58.687000
CVE-2024-40908,0,0,6cdce7f53523afe33cba2998c01eb82605e728b8ccb05b039038c6b90e3df5fa,2024-07-12T16:34:58.687000
CVE-2024-40909,0,0,7439be860beb7caa27f7701d646d4a54abf5a05487d6ff27f77b0f869581b93c,2024-07-12T16:34:58.687000
CVE-2024-40910,0,0,10721ef8cedf0108a8673fb6f73b97dc61083e1d8e3a25618d127b7c7fb2d9dd,2024-07-12T16:34:58.687000
CVE-2024-40911,0,0,6b8a393d818ce4825af61fa07f730da38f8dc80225b1894e6f1bdd12d0428b70,2024-07-12T16:34:58.687000
CVE-2024-40912,0,0,20e69bf527c15730bfa83ac2c5bb8c8efb197729fb0911a5831d64a96cd34120,2024-07-12T16:34:58.687000
CVE-2024-40909,0,1,2557f1e39cb36a28050303053c68b79c667d03c7345936cb7db86b5f125dff39,2024-08-29T13:55:21.407000
CVE-2024-40910,0,1,05374b2cc6508426828834b80ac481cdb20c9dee38a7e0865e9f298ee5c4422f,2024-08-29T13:55:38.203000
CVE-2024-40911,0,1,546d040d317b6b7c9416414e4eee09f42366cbc593937a74695c34c2e222e06a,2024-08-29T13:43:49.137000
CVE-2024-40912,0,1,da1c1eed990176ed17426fbde413bfdbb83ca8327151eb6056781d3a489705ec,2024-08-29T13:44:09.290000
CVE-2024-40913,0,0,3997e19c7b3cd7ab9a9381f30ce7b7d0dbb42c47c662000ec8e5838dc20d7938,2024-07-12T16:34:58.687000
CVE-2024-40914,0,0,b4afd77951959297c83dbfb50090a2075b74a5741768bd41e814f62a3a399323,2024-07-12T16:34:58.687000
CVE-2024-40915,0,0,96e3fc2bef9f34bbdc211b4ce9c2e2f70133f4a644059f65dace33bfbbf79ebf,2024-07-12T16:34:58.687000
@ -257140,7 +257143,7 @@ CVE-2024-4121,0,0,62ca255cdda2e26a7a0224389681466727634cf0831afab2f14e58a1cb5bd9
CVE-2024-4122,0,0,3d81c7d42348f56045cc538515e4a2e136e243adec928773370fb697e11bd281,2024-06-04T19:20:30.560000
CVE-2024-41226,0,0,0f1b0fab09deb513b318e5339bb250b54a4148cca3ff553dad16500490764bac,2024-08-12T16:01:32.383000
CVE-2024-4123,0,0,b9879b7d0937c162f61c7aeebe9319c3ee0d2290b23cb569d74c82da57c569d5,2024-06-04T19:20:30.660000
CVE-2024-41236,0,0,c4e6a64b54b2e943aa2644b716126f214c4e5e917f99a2fe950f6695e8ec8574,2024-08-28T18:35:16.790000
CVE-2024-41236,0,1,3cbbab435b95a57b894a4463aee8e4605d344dcd712f9c37eefe09a1162931d1,2024-08-29T13:25:27.537000
CVE-2024-41237,0,0,8ccb4952f164337b681989e54cc147e9e164fc596c980ba694a928ee7e458af2,2024-08-08T20:53:45.827000
CVE-2024-41238,0,0,f705e2f0b1f5d028406d99f056a8ab6c4a04267fa568b3aa67b3ab220a8ce6db,2024-08-12T15:06:26.557000
CVE-2024-41239,0,0,131b357876f7631347cb4a7eac6921190f3c4ad817f4e0a0fd5e6c6c0d9100d6,2024-08-08T19:04:43.380000
@ -257248,10 +257251,10 @@ CVE-2024-4155,0,0,9d1d3f06be4be4f0b611f0b92aa6b48510c05900efdf1b1c24851d7c9581a8
CVE-2024-41550,0,0,6726e0c6849e70c536d9bf6936241acc920718305f74521a185836b6b51898fb,2024-08-01T13:58:53.253000
CVE-2024-41551,0,0,a47b3d6d1401636bd7731728d6fcb9c38717d9cec4c98b37b50c290693f43ad0,2024-08-01T13:58:54.023000
CVE-2024-4156,0,0,31cc9500838d0dc99d5959700d84ebbac93048893a2eb67f37ed77d13093550c,2024-05-02T18:00:37.360000
CVE-2024-41564,0,0,01c34f438e5872694f278c8b8396057a7820fd6f83e9a693a9ecf1988006725d,2024-08-28T17:15:10.693000
CVE-2024-41565,0,0,ec1d51b0f10f4435436477324f29c544ea70dc92e44967077c96d395a60a6faa,2024-08-28T17:15:10.903000
CVE-2024-41564,0,1,ed2eb1a56935798a0fef3d91df46815a2d063b1d7caa9d554fe7f607bff6d2c0,2024-08-29T13:25:27.537000
CVE-2024-41565,0,1,73705e4299029ad2a5306d99d1289512d405841c1f23cb5741b41f59418e695d,2024-08-29T13:25:27.537000
CVE-2024-4157,0,0,ac5ec2e690c76b81403cfa49bc63d1a8caa2fb9d97d28a1055398849720db727,2024-05-22T12:46:53.887000
CVE-2024-41570,0,0,08f18f006ef075be3e868b6121774877f2111f5f9ca9672280d529a6b344da0d,2024-08-13T01:14:38.880000
CVE-2024-41570,0,1,548cd2006d0021700d97d9ac462942b0586c18cb85e20f0c023fdc6e3f8676c8,2024-08-29T13:32:21.020000
CVE-2024-41572,0,0,3538ce626eeeb6e9299463c0d735b4d1491706bbb85dc5c5ebc08929e34353d5,2024-08-22T21:15:16.797000
CVE-2024-41577,0,0,1db7c1144df378d1f0197182c3eb7cc1bf4798d90e82fc3037fda80bd09f3f04,2024-08-12T13:41:36.517000
CVE-2024-4158,0,0,9bd0a38e47c5b6d26f1e587737a0ffeb7c251278f38061995fc29ba309646aa6,2024-05-14T16:11:39.510000
@ -257434,9 +257437,9 @@ CVE-2024-41879,0,0,776d1d630925a5effc005e3c54df4f1e81379153a0d899b1b1392cbd63b7b
CVE-2024-4188,0,0,5459733739e7d5773814c2ce2922cf5b8b26c5398a641d72cfafdd22a4667489,2024-07-31T12:57:02.300000
CVE-2024-41880,0,0,fb22214cf23b63ecac791ad54f65d75460df9fd80fc112c0736bcd80f342f363,2024-08-01T13:59:12.507000
CVE-2024-41881,0,0,649cc07cf7de21549ce70eef1f2f35714a84b1ff95e773c0e75090d3c6d27c2e,2024-08-01T13:59:13.313000
CVE-2024-41888,0,0,f20f89081fac3c34ae7fa6d6db5331497415187ab50d1e6d327647c14571c9f8,2024-08-12T13:41:36.517000
CVE-2024-41888,0,1,551a193b56683c8a955974406454da46e806e6e58f5cbc2dcb8dc5dd231b91d3,2024-08-29T12:55:09.210000
CVE-2024-41889,0,0,afc718e09b38fea98bf4af598c03af33eb38888a59959d88ad94aa8810cd502c,2024-08-07T19:35:11.473000
CVE-2024-41890,0,0,da5b4d13bc7e39c8535a50469053d6162e50f634d0dc9974958b5e94f830bd7c,2024-08-12T13:41:36.517000
CVE-2024-41890,0,1,a90af16c8c7558e5227ebbc511a4c71519b3a4532e07b0a451c0d8da1663fee0,2024-08-29T12:56:47.413000
CVE-2024-4190,0,0,937461468fcd73b26e47070e7d0620ac3009210ef2f47e2156f0b87dd1c21bc4,2024-06-13T18:36:09.013000
CVE-2024-41903,0,0,67dddda11208425a9dbc345fc58604fc5d7cb0caf7e9b81aadfd0fc331e40c63,2024-08-14T18:39:21.207000
CVE-2024-41904,0,0,2a16ff348e5db01cbd9004bb6da7c38aafbed87ec5d8a582eda1208aebd9a27c,2024-08-14T18:39:32.883000
@ -257452,7 +257455,7 @@ CVE-2024-41913,0,0,c6ad0a1fb279b7b6cd3ae0202ead0c310e4163291803f6da39ff84b133ebe
CVE-2024-41914,0,0,cbc550b915270d7e2f2879c2f4d0216e7f6bd6d1cd3a3c180c2f13327702487c,2024-08-01T13:59:14.250000
CVE-2024-41915,0,0,79e27d81a466e27de33128fccf775ada519c090b73b4d198c18c4a0be866e968,2024-08-01T13:59:14.947000
CVE-2024-41916,0,0,a0fecd8d5dfc5244c3f03c29349b89d02348a331ee6a39e9fbc76610f4f83ad0,2024-07-31T12:57:02.300000
CVE-2024-41918,0,0,6f9721be4b14a6aed1c1092d3ee4da7776fc0419ab9451c5cb3e812df844e93c,2024-08-29T03:15:05.130000
CVE-2024-41918,0,1,0c40b65e79a7d0e62a7d01300248112aa4d976531b01059734b9300552c86e6f,2024-08-29T13:25:27.537000
CVE-2024-4192,0,0,0768e429bccaed861e82d220deefd437e5feb26a94e95c7a121626318970662c,2024-05-01T13:02:20.750000
CVE-2024-41924,0,0,06cc2d8c551d8fd39f4e2ff31447bb4070ddde2d992cf8f0c8cb1b0035280973,2024-08-01T13:59:15.743000
CVE-2024-41926,0,0,13c43cd281b4a9b74f2496b8daab80f10df1e7e6bc024b50c3c661b49018ccc2,2024-08-01T16:45:25.400000
@ -257872,7 +257875,7 @@ CVE-2024-4252,0,0,9237a844d9d9b4c175441eb52c39ce07fc14167f47531df4616e5c1079e2e9
CVE-2024-42520,0,0,64dffe6569e4f4099d9df2249ffa95a5cd3b2fdfe3c5c543c43632b62f26d14c,2024-08-13T15:35:16.110000
CVE-2024-42523,0,0,d2390426abd67ed67f70fdd3a2ea610ef369e7528c0dbfbeb874b23ed350a545,2024-08-23T18:35:03.563000
CVE-2024-4253,0,0,c9c68d543bb45de2537aab443ac18ac0d0ac2996dd48a0a792630e0df378eb1e,2024-06-04T16:57:41.053000
CVE-2024-42531,0,0,fb28ee845e17364e13fddc2ed3da9cd63cdc86755f2fe33fc8cfb1cc2dd0717a,2024-08-23T20:35:18.590000
CVE-2024-42531,0,1,ede5a120d786ece67387b3c6abd47df9f0913ae8383a64cbc502e8588f56b82a,2024-08-29T13:15:06.843000
CVE-2024-4254,0,0,3b60c29b2fffc26e81ef054aaff64665b1e9fde72fa8de5968c25c437cecbbf1,2024-06-04T16:57:41.053000
CVE-2024-42543,0,0,89bf04af083c2e91e2e9ba214be5b3aa8827ce84405f38705010996fc0353810,2024-08-13T19:35:10.380000
CVE-2024-42545,0,0,f468a16273bd93e60bf7c85edbb037a37f95ddbef27d46e806b8081634956ff0,2024-08-13T15:35:16.993000
@ -257972,7 +257975,7 @@ CVE-2024-4268,0,0,ed1b7008ff1a2549bc2f685279352d3a8f5b6d435592b2f29fd10fa9328ca7
CVE-2024-42680,0,0,b168ab4cd2e2150be7aaf36c84a318add99cf48e6e7026b9bd7262bb9f167200,2024-08-21T11:06:00.887000
CVE-2024-42681,0,0,38014007bcc5735791461b793967c4dfbe475531f64d8682f14c63500277a9d8,2024-08-19T19:35:08.437000
CVE-2024-4269,0,0,3a0e07c5dbf72b66f7c37e018ba2f8991c2e2b5c26c8f2d595b33767cdbe4e7e,2024-08-01T13:59:29.737000
CVE-2024-42698,0,0,fe1c83135bf9fc84a6cd49538bca8838b9d9c29d3ca03087dcd64f79c8ed00e0,2024-08-28T16:15:09.210000
CVE-2024-42698,0,1,798bb21c8e7074071627e495d7f04af8e19b75ed2669314307bb9e91d4b5f426,2024-08-29T13:25:27.537000
CVE-2024-4270,0,0,17133812b9c812b17ff2909d738c8b5ae6f8cc2b39eef016edec8cd05359b195,2024-07-29T16:31:09.117000
CVE-2024-4271,0,0,264c116f07aa10a920ca78d5e9c58bba0fe1e2b31cb4f2cfd0a7a609be29751f,2024-07-03T02:07:19.577000
CVE-2024-4272,0,0,c6d51ebaf4553eb5c8964297a8a6646c1c8e34e58f8be34bef185e25a27d5cec,2024-08-01T13:59:29.913000
@ -258028,7 +258031,7 @@ CVE-2024-4279,0,0,dfbad3c4052d0097199e5a57f42abb52975c0de3af4475a04c90870b0d97f0
CVE-2024-42790,0,0,7510b4b53ddc671a204c6c9918e039c11322e8be8788350ff1b1615bcf8a1bd2,2024-08-27T14:35:06.047000
CVE-2024-42791,0,0,229b4927d8c73b78aebdb2269dabb59bb0e6061ec8574ac1a3619991917c1649,2024-08-26T19:35:30.910000
CVE-2024-42792,0,0,4eaaa19a355275b40166aa1a2acd468fef8bb5420612bb7385f6e2e1abaacd08,2024-08-26T19:10:09.607000
CVE-2024-42793,0,0,2fd1699f07cb06cbca846a8c551b761a2dfd05d711fbd58716ff3794ae7bdac7,2024-08-28T20:35:12.570000
CVE-2024-42793,0,1,510cd9c4d588635a50ff7dc67e5ffcd96c59095ddc7f9dfa239f2609e8b57d87,2024-08-29T13:25:27.537000
CVE-2024-4280,0,0,f46c38f13eff52b4d020fb374e18f92e6528a4bade2042627b2165ccf7b62772,2024-05-14T16:11:39.510000
CVE-2024-4281,0,0,cb48c26c252b1c83fb4810210335ce05e1fcbd94e5804419418b4f73b9d5c028,2024-05-08T13:15:00.690000
CVE-2024-42812,0,0,d754a1b3fa22845b1ec28a5e3b423343f3a09420e9ed62b3cb19e2fa117c33b2,2024-08-20T15:44:20.567000
@ -258048,8 +258051,8 @@ CVE-2024-4287,0,0,e4eaa9cc0eedd48e962bf47bbdeb2988e2d50ccd6011525ef3609c758b0c26
CVE-2024-4288,0,0,98dba4b61502f5abd6b75fde706ee82a9bae31a5b0be7db458ed8cfdf0d8bfc6,2024-05-16T13:03:05.353000
CVE-2024-4289,0,0,00867bfd0f1ec036543766f70ad029cfafef69b68de16bba7569db7276222c78,2024-05-21T12:37:59.687000
CVE-2024-4290,0,0,96468cd9b26f589eaa99a2991d568962f6532fbc65b02b2950965134d65bb1ac,2024-08-01T13:59:30.177000
CVE-2024-42900,0,0,03cb4ee58025e2ddb00a8eae086634a9edd3cd52073546780083b1fedebf3f3d,2024-08-28T16:35:24.427000
CVE-2024-42905,0,0,63b2e3708e6370f68c8f0eab942c4bf94d6d07b2bc063f6d5b24c75cc4e46eeb,2024-08-28T19:35:20.503000
CVE-2024-42900,0,1,a581afacf971ea3c7e1f415a11d8d3e50a8cfeb83f82ad9071f65c9958d77bb9,2024-08-29T13:25:27.537000
CVE-2024-42905,0,1,ddc067821c332a4c26091e24326b09fd2b356b1e4a19dc86f0c28846472da9f5,2024-08-29T13:25:27.537000
CVE-2024-42906,0,0,83be373189250265e4f12ae408fac34eb129a889121f0ce4e7f0836727cd3453,2024-08-27T13:02:05.683000
CVE-2024-4291,0,0,3555454673f17bb302e51e81ea2fe7cd049aabde203c094d5792666ddbcea9c8,2024-07-03T02:07:20.773000
CVE-2024-42913,0,0,4ee002af12bf9d3762c244fec3fad984905617a81f77c95a7eb3d308c6c9d288,2024-08-28T20:15:07.880000
@ -258376,7 +258379,7 @@ CVE-2024-4368,0,0,ebedd608e412600f3409256680729c82fcf5015495435afd7648389243e696
CVE-2024-43688,0,0,f39d1b1cd29869db949f77b65b174936ed5c42e4fb24c070ceb5bc7ef518b2eb,2024-08-26T14:35:06.680000
CVE-2024-4369,0,0,9bcc319f475d5802b53d6dedcfa6ead4761cbf7c42adde8daf6f3ff8c0c17af2,2024-06-19T18:15:11.820000
CVE-2024-4370,0,0,3c1f5b342c087fc6587c8bc9012541b58d80e50fdee9d14eea44daecdec82901,2024-05-15T16:40:19.330000
CVE-2024-43700,1,1,6471e8749a948c3588d3d424d8acec2f1fd2db820d189a275f990eba7aef1dea,2024-08-29T11:15:26.757000
CVE-2024-43700,0,1,eaee2db3d723c53e734007fa4e5d3d90ff936878740dca5737bd4995de9e3dcb,2024-08-29T13:25:27.537000
CVE-2024-4371,0,0,a0b0e0fb8c98057b2328743d7da5c32e9a585001a67e08f1632ceab0df487dfa,2024-07-15T16:42:39.107000
CVE-2024-4372,0,0,9ae4f43bf2d0d90214ce2e4715e0031799e31627a4319bb26ad2a73cf60988cf,2024-05-21T12:37:59.687000
CVE-2024-4373,0,0,95ffe3cd6afce20664a5281c9740358c7cd9b7c7a4c9be8031ba5b0e36cac33d,2024-05-15T16:40:19.330000
@ -258397,7 +258400,7 @@ CVE-2024-43791,0,0,343f2e18bef5efeacf2cd8005024025a5d76578a60f2c9c2f207bc81f2ca8
CVE-2024-43794,0,0,896bb2e8ce2811b7436ee4acf4b9708cca2e72737878d04fdbf593ce2a59df9c,2024-08-23T18:46:31.730000
CVE-2024-43798,0,0,0f4c51b4b2459096a21f79a4c43df1119a11b4e9a3f2bc6fda3ce5410f7de574,2024-08-27T13:01:37.913000
CVE-2024-43802,0,0,e6e6b0823c543afdd24537863512362b0ca92682a64b51ee319640612d5e52b9,2024-08-27T13:02:05.683000
CVE-2024-43805,0,0,b99c33cd6517c00926284743df2ece4d29840e6987c1cb900e897f113c9998cd,2024-08-28T20:15:07.963000
CVE-2024-43805,0,1,e9de3af7500f4b69c1539a4468aa5c023c43f557b57ab88b796f849dd26b41b4,2024-08-29T13:25:27.537000
CVE-2024-43806,0,0,541f1dd38cc99ea47f0a1d3247e689afdaff86c352817f08eb0b94af02655385,2024-08-27T13:02:05.683000
CVE-2024-43807,0,0,3f91dd87019f53cf891d3a83100dd5c601626acd9f1336f0bde904afb8c4caa9,2024-08-19T21:09:42.313000
CVE-2024-43808,0,0,5904dacb826507090b9d583058f58aa9b73c36079d8a4861440bfd52d34f3890,2024-08-19T21:10:14.093000
@ -258524,7 +258527,7 @@ CVE-2024-43966,0,0,cd3d16dd9709908a4a64e6a13b6fef840bd6c4e6049b114619dc3ea375d73
CVE-2024-43967,0,0,dd198820d01657feb4461b4126ff9f2ed88f09f4d5c22ed753dc2e0d9ac5168d,2024-08-26T19:10:09.607000
CVE-2024-4397,0,0,e58140e99ddfaf8bde684cb5f7b842244f11804dcdfb8070d80437acbcb292f3,2024-05-14T16:11:39.510000
CVE-2024-4398,0,0,fee297010492d7a9d0bd198f00369fbc7ee85eff508879444e062d535e0abd54,2024-05-14T16:11:39.510000
CVE-2024-43986,1,1,7be10f2a00b791bc594589fad7436f54d057b9172032e51f0c7fcf2dc33a1982,2024-08-29T11:15:26.853000
CVE-2024-43986,0,1,8c6098ff4ca468ef6cb988aff8c48a1d885b4130f177878606668301c5eb4e22,2024-08-29T13:25:27.537000
CVE-2024-4399,0,0,037b40419d6c617c61ec971c9e0affd6b35920b718c94b9e88ff7a43f16d3faf,2024-07-03T02:07:31.827000
CVE-2024-4400,0,0,387fe642c8f26702c425b79a01d9b1ba308ec0bd188f1564ff2c490875133119,2024-05-16T13:03:05.353000
CVE-2024-4403,0,0,07b387e13ed3d47c920433d5f499100d4d5e53ffefe1712d98753a4da5408fe2,2024-06-10T18:06:22.600000
@ -258551,7 +258554,7 @@ CVE-2024-4424,0,0,f0ec85c26b242f03f1dda01796c703344a9d3cb93681b5b37fa83e955b9558
CVE-2024-4425,0,0,42da9fd06b4c286cf2ec4b279ef4c006e94043f167bd5abbfb6b02300a24e0e6,2024-07-03T02:07:33.267000
CVE-2024-4426,0,0,438c7e77bba5537169c045ba2dc210873849174945e68052d5a8bbbd94b93b11,2024-05-30T13:15:41.297000
CVE-2024-4427,0,0,80d5c9824f4d390f5c719cacd09f3ea81ff1def48bdeaace03a047150cb666b0,2024-05-30T13:15:41.297000
CVE-2024-4428,1,1,c5d2130f62f50a5e70b9f3ded184abeb6b1a4dfdb68893eb767aa55b04a5d0cb,2024-08-29T11:15:27.200000
CVE-2024-4428,0,1,2b4b41fe258d57ee7da92c1cce391c13b13ef10754a34280666a4b4743351809,2024-08-29T13:25:27.537000
CVE-2024-4429,0,0,f3c6ad6c7fc3529e6805efa10bcecee8b01db9336bcb1f88fdc476ffd1173766,2024-05-28T17:11:55.903000
CVE-2024-4430,0,0,137066e4356a4d04e3ad731fb42c3579f278eca0ad3e41ea882926334c71093f,2024-05-14T16:11:39.510000
CVE-2024-4431,0,0,8d95de6ec075320f55907047db89835dd68db45859f7bae49d6625b2a3240b6b,2024-05-24T01:15:30.977000
@ -258614,8 +258617,8 @@ CVE-2024-4471,0,0,44899070168831f8c9dbf9959b26f4abead5dc804569bf5f22dbe3807408cb
CVE-2024-4473,0,0,8a0cf4a98efdbfb5770862e11c920028f2e3a9a43c44eb843685fb5ef0c3f72b,2024-05-14T19:17:55.627000
CVE-2024-4474,0,0,f8c1a36ad14efe96f98dae06e1720ed737c744e50cd9a9e3991eaed9f98aef96,2024-07-17T02:48:04.213000
CVE-2024-4475,0,0,b199ea7732b827fa53d53ebb43badb03a8dff248a786cc8d7d2459800e62c08e,2024-07-17T02:47:07.620000
CVE-2024-44760,0,0,9cf81a9e0ab04798a87becebbd5fde247ae48b2da57114bbb10303113ed6f0ac,2024-08-28T21:35:14.657000
CVE-2024-44761,0,0,7d80c180501c990311d966122b1346cb700cb148eb429229d3870413a61d343c,2024-08-28T20:35:14.040000
CVE-2024-44760,0,1,3a00b65146802967692858d01e10be80e485d57c9e1bc6037d8c115ef89dc218,2024-08-29T13:25:27.537000
CVE-2024-44761,0,1,a7d79c4d2b06f52558db31c99909309cd5baa976e0824d4726ec990dfa036bf1,2024-08-29T13:25:27.537000
CVE-2024-4477,0,0,b275cf91a81ef0e33ced77c1c5ba5e17245e6b33fc991fd87901e463b723d83e,2024-07-12T16:12:03.717000
CVE-2024-4478,0,0,df092e6d564da1ba274f237ab38d20f4d3626835a8920b1b768f819806d6fce1,2024-05-16T13:03:05.353000
CVE-2024-4479,0,0,19a5d52fe32f562c79c648f88a021706b773334e3193aa8af739d9d0094fe357,2024-07-26T13:35:32.397000
@ -258636,9 +258639,9 @@ CVE-2024-4488,0,0,1067ee59b8b50187d3b6e6dcedd09634fc158d8d3cf8abb63a1cced20ae50a
CVE-2024-4489,0,0,982cbf89b6458fc8989b334c07bea5cd0f34b9af1a316c2d08ef53a4dd4e8b8f,2024-06-11T18:07:03.573000
CVE-2024-4490,0,0,46d58037d58f18ff9df6b6b94f91d6beb02adec3983ce96102d15aba21f19fde,2024-05-14T16:11:39.510000
CVE-2024-4491,0,0,fec0fa99feb905362d1059ae18d849f25d02b15efc10c179ce136112d1e08871,2024-06-04T19:20:38.950000
CVE-2024-44913,0,0,3d0a718f021ba05c36d3cde74252c706d497214671f8cff4d115bea728d16df4,2024-08-28T19:35:21.377000
CVE-2024-44914,0,0,f9f8ba7025d22966f03b97ab83fc8a2749a603d218d7389ac39cfd20db2d5481,2024-08-28T19:35:22.160000
CVE-2024-44915,0,0,9030bbe2236b67114df101ba08f9c9855f4e55916353587c850f6e3720a8d862,2024-08-28T19:35:22.957000
CVE-2024-44913,0,1,b6a472d5fd19f3234cb94f535078ee5f4ccf42464ba38a6cbd2f0b0b0d56c911,2024-08-29T13:25:27.537000
CVE-2024-44914,0,1,cdab06c38600f9663e7e3d6a83c73bbea13a8eac91f638774262eedf9129b83e,2024-08-29T13:25:27.537000
CVE-2024-44915,0,1,189fc1c6cfc0d9d55a03d683dcd4ceecbf61c3a051a5df8bd60ce5a5dfbbadd4,2024-08-29T13:25:27.537000
CVE-2024-4492,0,0,0237cea7742a82f916a95c7121fd101b19e30a52d4f326fc68f5db785a621a29,2024-06-04T19:20:39.047000
CVE-2024-4493,0,0,890374eb1d5a1051bad1d8c630ec03ea130ffcf654be5d03c4d1c85a0ebc3c87,2024-06-04T19:20:39.143000
CVE-2024-44931,0,0,a811432be893129eec1153f2a1f5cf79e00f6cda4409f2898f7f29e87e49d41f,2024-08-26T12:47:20.187000
@ -258668,15 +258671,15 @@ CVE-2024-45036,0,0,b93ba1b942c2a90c7150ffd72c683d09bcb868f6dc285088962d5acc53d2e
CVE-2024-45037,0,0,0a75dee24a9a0746d4b594073f73eebe38a0d6b0ee92331f507c53bf54c314fe,2024-08-28T12:57:39.090000
CVE-2024-45038,0,0,9bc86932f350806c3a4bfe09c65e8bf9ee10a426832d16050cb88cd3f58d1bd8,2024-08-28T12:57:39.090000
CVE-2024-4504,0,0,db7504bed7bbf326ed6569d421c20101dbf56fa9ab20eccbe7468f7c026f345b,2024-06-04T19:20:39.947000
CVE-2024-45043,0,0,64e1d74029a8220ee97cc913320ac0ff74a6720da3a17522c390ec0155ccaf98,2024-08-28T20:15:08.347000
CVE-2024-45046,0,0,8cdac0b20865765113a8b4b0b2d2ef87a79d79d8e2fc42a7271e4d63391523e6,2024-08-28T21:15:06.603000
CVE-2024-45048,0,0,f69fdb24175b6f7ace06b9eb02d37b28bd8091a69e42131265e80e387c282be3,2024-08-28T21:15:06.817000
CVE-2024-45043,0,1,813b7117a1d59d56cbce89ce53b65dfc1ca707523a63233a1be8257ae8cc6c73,2024-08-29T13:25:27.537000
CVE-2024-45046,0,1,4d7016da74eaf67c450dc439af799ed2952384706074b1964aaa74d9bd45c737,2024-08-29T13:25:27.537000
CVE-2024-45048,0,1,f84a03b52c4e4737f004ef4638c6c48a715aa1051c897955680d1101538ffe4e,2024-08-29T13:25:27.537000
CVE-2024-45049,0,0,2db7654aac013903b19c74b15111e80acc65bf9e641d52dffa75f446b2d1ef2f,2024-08-28T12:57:39.090000
CVE-2024-4505,0,0,4ef7357f00ff85be3b87c4353ae099f1aed84eaee3f1c1bda33ed5ec6e115293,2024-06-04T19:20:40.050000
CVE-2024-45054,0,0,a13624c329f0bdd0fd7658e8735d8dc858ccaeb0147d1b3630226002f3177470,2024-08-28T20:15:08.547000
CVE-2024-45057,0,0,dae225468c5e970563487e367d430f56eab47b0de224e37bbd34b62154462c20,2024-08-28T21:15:07.027000
CVE-2024-45058,0,0,1d7b030bfdf11ee9e7b86fb4c1f5d13d8fdd33b4e5da1c1474457fed7bc73e59,2024-08-28T21:15:07.283000
CVE-2024-45059,0,0,1b1554031fc92d503bcd73c79a9939703fac7a68247e1643f55a22d235390e8e,2024-08-28T21:15:07.473000
CVE-2024-45054,0,1,b9a631b4140dc3b625193d3b302c7a5fbf5e7defa5c6f149bad3cc57b44dfb5d,2024-08-29T13:25:27.537000
CVE-2024-45057,0,1,9d8b06345321949fa48379fc2183ae1808eec74c9e7dce5df7d16d85f9e3fc50,2024-08-29T13:25:27.537000
CVE-2024-45058,0,1,7787e6673db22abfd684889eec25f0d15a1228d1d6048ef359937e89120200d3,2024-08-29T13:25:27.537000
CVE-2024-45059,0,1,1db4a990b2e27521ef605a35909b28cc3d1be1d4c9ec2ad338f6d6fa0c866be3,2024-08-29T13:25:27.537000
CVE-2024-4506,0,0,ddf6bfe33c9fb68b792eae19c37cbcf6030ec7e8a9a0c1f6ead94d2f62170a3f,2024-06-04T19:20:40.150000
CVE-2024-4507,0,0,feffcf27ced8e6be5fca9d21b321343c494624929485135b513ee1c93a346051,2024-06-04T19:20:40.250000
CVE-2024-4508,0,0,26388c420646a8ddc4ee2de628a691e0fa51808e2f848ae0f9b7aad58ccb1298,2024-05-17T02:40:26.220000
@ -258709,8 +258712,8 @@ CVE-2024-45201,0,0,83db05d7484ca5c2638e18e64e3b5c06d28a9caaae332ad6d01f844ea902b
CVE-2024-4521,0,0,a1d240438f25322e21494c2ddd2f5ee26b23410f012534bc2c27a0a49b09a860,2024-06-04T19:20:41.223000
CVE-2024-4522,0,0,acd0b6b231758473c48ed22daa75c2f0d87280406667aa3ced0f39aaa73cb777,2024-06-04T19:20:41.320000
CVE-2024-4523,0,0,e149ff229bd41b5a453469b36d558b5c1f467161b85c2884a74fe2177217c73a,2024-06-04T19:20:41.420000
CVE-2024-45232,0,0,bc75fd44a589f0d2b28d23aeaf0717be5e8ac2e833776cc2bafe594ebf783a7b,2024-08-29T00:15:09.177000
CVE-2024-45233,0,0,3ece8e67dd0d46109392740b3f711150f9aaa5e9d16296720033c229886812fd,2024-08-29T00:15:09.293000
CVE-2024-45232,0,1,3eafdc056b3094c633f899aaaee19b650dd4281516f38479cba8b692a942a11f,2024-08-29T13:25:27.537000
CVE-2024-45233,0,1,867b02aab716ee2a931910d769a959142fa84b671ca334d56f11c95e815dc218,2024-08-29T13:25:27.537000
CVE-2024-45234,0,0,4b3eecbe75c64cf8d46066aeb4347cf8775538d743d35431815d363ef479920c,2024-08-27T15:45:44.560000
CVE-2024-45235,0,0,12ffac5ccf9101959e31fcf0cfbde69d544eaa4a6e68395ec661cd3f82a2da19,2024-08-26T17:35:17.953000
CVE-2024-45236,0,0,9f46d1e309d244d60318b2e583a075d74d8dfa3f46db84beb50215ce95ea0169,2024-08-27T15:48:05.687000
@ -258746,10 +258749,10 @@ CVE-2024-4540,0,0,56ac6cff101cc91d96d8daf4bfda0c052b655471dc0698e77d798366d59b91
CVE-2024-4541,0,0,3195b1a81526d9da93cf28b1e1f763238ece2897561011f493b9a3c77f12398c,2024-06-20T12:44:01.637000
CVE-2024-4542,0,0,188546ca483f93e7131261a5bd57b93b03491de5e62247759ac8c05b93c8f51b,2024-05-16T14:15:08.980000
CVE-2024-4543,0,0,cda17786b919b03cc3eee3c735d905916723b9b88a929a8c3a419843d78bdd6c,2024-07-03T18:23:54.237000
CVE-2024-45435,0,0,63e29a4cb904912ca4f01a5e9170c97b24c12b8406ecda304755170e7138a13d,2024-08-29T03:15:05.357000
CVE-2024-45436,0,0,3f0def0766ff2b56eca20906568f76d73608112e831c7fa8b8eb60e61d164f2f,2024-08-29T03:15:05.460000
CVE-2024-45435,0,1,efe8bdd369e15fef4da77fdeb59f8a3d610c809290c60741f9b95cf3a960fe83,2024-08-29T13:25:27.537000
CVE-2024-45436,0,1,124850a1ee60b7d75fda634076ab196e53d01ace64f5182cba955e31ca2c9d8a,2024-08-29T13:25:27.537000
CVE-2024-4544,0,0,15f8e020f3ae5b19c85909c1ae8a806386c0b6da2837ebed60d92355c70c1564,2024-05-24T13:03:11.993000
CVE-2024-45440,1,1,2a853f0413b798aea7be65b8d63105bbf333c2d7d9fedadd0a9d9e37f927ea12,2024-08-29T11:15:27.083000
CVE-2024-45440,0,1,48f137caa1abb077b1075de2faba6a6806a147fc385fe9803d57e1539cd03295,2024-08-29T13:25:27.537000
CVE-2024-4545,0,0,864a22773c6eaa7a20fdb4cf4c4b7a2709a2c8e64cfe98132d05364d67e97af4,2024-05-14T16:11:39.510000
CVE-2024-4546,0,0,da973c82a9042d639d29e7a0c2ffb48d440dea200e6df21027887041c43a68db,2024-05-16T13:03:05.353000
CVE-2024-4547,0,0,e03413ba2a3d643e986abd6a70d4989a4412faae98e55cc280c4859673ba647d,2024-05-06T16:00:59.253000
@ -259523,7 +259526,7 @@ CVE-2024-5411,0,0,6f38aadf376ed626f84103b80eadf7d4a3da9be020ddcb9fa408be6d4c8307
CVE-2024-5413,0,0,b448c8c4fee794a9903e33e6c17f07ddeb3dd7c0bc677024b75809ef047d2c8a,2024-05-28T14:59:09.827000
CVE-2024-5414,0,0,08acc305e6c9bea4a9589fa3dba157ea62649fb0f8c0ee74aad6ddc09386f1c2,2024-05-28T14:59:09.827000
CVE-2024-5415,0,0,d8ba178a70f3cfb2a3911a07d12ef045cc2ca261b5b8d85db5edc9c9636eef1e,2024-05-28T14:59:09.827000
CVE-2024-5417,1,1,3dfad3d9ab2045114cbd8aeebf630830e7682cdea6688a175ccc87114a1d8d28,2024-08-29T11:15:27.387000
CVE-2024-5417,0,1,273cd02a5877f57c3a59c25eb16870230ce5806eb2b0983b88dcbbb1399acdaa,2024-08-29T13:25:27.537000
CVE-2024-5418,0,0,a687af8fa8fe7200b6255f9fba7bdce69460001467d8b2873093024e735e15d4,2024-05-31T13:01:46.727000
CVE-2024-5419,0,0,0d1c725f53c48278ea7823202c4adf24cf8a04c4aff5d8363f101c1d9f2798db,2024-07-03T15:43:09.450000
CVE-2024-5420,0,0,3867de6c80eaebb04ae4def03e9baadba6a4785f9b7d05c922afac144ffa3470,2024-06-10T18:15:38.367000
@ -259690,9 +259693,9 @@ CVE-2024-5616,0,0,5078c1aa917db98652cc6ffd2b310b244194da0fcbabfd9d4ed8ccf7b99de5
CVE-2024-5618,0,0,ebe36b14a25a2ade3e64c60f6c84014fea87ffe3e6c056e2ec2d4c12a7dbd5bd,2024-07-19T13:01:44.567000
CVE-2024-5619,0,0,1dd4749b6be6d7e6dc7272136e2a3e724b171183a64961a248fdb4990b57a472,2024-07-19T13:01:44.567000
CVE-2024-5620,0,0,e414f2b903fd835e5fe0db0e605e2aee6c78620744a7541756005a422222af46,2024-07-19T13:01:44.567000
CVE-2024-5622,1,1,6fd3e06055df93cfe6634287751cb5c42d16f05def3d9f379beefa3b12991cbc,2024-08-29T11:15:27.447000
CVE-2024-5623,1,1,dff3241b25f8044e71b49838a52f3d2fae8ddb456baba620db83318f18dc38ca,2024-08-29T11:15:27.563000
CVE-2024-5624,1,1,19cba0a1a2c2c061f15f5d757dc46a91f6c58bb228678258a7005eb4a2aca0b3,2024-08-29T11:15:27.673000
CVE-2024-5622,0,1,18bcf434621ef2e5b1c62688d024dc78322fe74eea4d961814ffeedcd26c673c,2024-08-29T13:25:27.537000
CVE-2024-5623,0,1,380afc824e185d3fd1e6bfe7558d5275e46b630beb14d56bf89b676c7f7164f1,2024-08-29T13:25:27.537000
CVE-2024-5624,0,1,ba479b4d74c802ea24354f03030233e41e51677dce449e9a4ed5ffd581df623f,2024-08-29T13:25:27.537000
CVE-2024-5625,0,0,2e44049535f78135e500a8f8d54d8f4d59ba5936e80e3b134df5c51262f22971,2024-07-19T13:01:44.567000
CVE-2024-5626,0,0,3116199e86dacfa5c8c4bfcae9231b5a383289e4e0bd8acb32e36f957ab44c86,2024-08-01T13:59:55.383000
CVE-2024-5627,0,0,b223ea977e14432dc305de4592ca7e0252873a120062584093cd834d6b6d0c82,2024-07-15T13:00:34.853000
@ -259888,7 +259891,7 @@ CVE-2024-5852,0,0,17ae123c3ebaa5002b861453d278a4e3499e2a8a6baca11a20783ec79d4cdc
CVE-2024-5853,0,0,fce39775d007fbc741a3f2bc4fb52875073a382bd362c86e3cd6e44d0a9e6207,2024-06-20T12:44:01.637000
CVE-2024-5855,0,0,470fd388735694b7759ccf5036e6a18639fe074b164bc2d2da9695a799e80c03,2024-07-09T18:19:14.047000
CVE-2024-5856,0,0,6c7682487972a7913d7724c221dec1f8cbbbfbf7a2635cc868862316d948dc72,2024-07-09T18:19:14.047000
CVE-2024-5857,1,1,fdb79482d5f8f9c2011533dd7235ee7b18235f032fefcb431adfc4ce9d0d59e8,2024-08-29T11:15:27.780000
CVE-2024-5857,0,1,43ecfa36d095920289d94db3a13a3bdc8b37c88b4d781a0a6bcc2c886f368e6e,2024-08-29T13:25:27.537000
CVE-2024-5858,0,0,63cb7f6cd58686ca5ad3c57990888086a18b2814d4915e424991a00332eb64f9,2024-06-17T12:42:04.623000
CVE-2024-5859,0,0,72e4b113c686d9a3109f00890cd02d7c66daeaf956171b1cfade7c196becbe2c,2024-06-24T19:21:07.943000
CVE-2024-5860,0,0,56b79e1c6d22cf1e6319b4d2696b988928a56f1c09b2a292e92b44a530d0359a,2024-07-05T13:52:14.463000
@ -259982,7 +259985,7 @@ CVE-2024-5981,0,0,ef1af743cedf4b6b2a243e8210155140211219a91ac8483d52ff9c2f041ab6
CVE-2024-5983,0,0,e453627058811c95a94483155fc84de41a398cc957b204d5491729f060f018a7,2024-07-24T02:39:24.200000
CVE-2024-5984,0,0,89f42ffe1afdcb4773f46da639d99adec4fd2f40289999f555344358fcd06ab2,2024-07-24T02:37:30.717000
CVE-2024-5985,0,0,4b7f0c13c1d049ea5b2816f8e8132ec8aee9a2fb74d5d00bf96c05e553a08b22,2024-07-24T02:34:43.900000
CVE-2024-5987,1,1,0e0ee96e695aa81cab5437215237337ab38872f58b3ab83ec391f228a32a39af,2024-08-29T11:15:27.977000
CVE-2024-5987,0,1,59ef1dd47c3a32e79663e3d46a9f8e7914697e67936dad31245855d212c4b5d5,2024-08-29T13:25:27.537000
CVE-2024-5988,0,0,6a93e103554a4b2cea7532bb149420b2c5e22d63c1fab23818b5950d94f50a5e,2024-06-25T18:50:42.040000
CVE-2024-5989,0,0,5b8da9d53fdfd0fd3971e8489f4ae4ce0e952b56f28f99337bb24ad669904afb,2024-06-25T18:50:42.040000
CVE-2024-5990,0,0,815ffdec6ed9055e0c29635260b790d8ae8601700cacf3380cde4c3f20ff7240,2024-06-25T18:50:42.040000
@ -260032,7 +260035,7 @@ CVE-2024-6047,0,0,85682382a3873811b400f354140b032b3237064163e98177d5be59d88a26c9
CVE-2024-6048,0,0,c67416098261daba4fbb7cd933140c3939f890be764cfd8ea2022f29e8208654,2024-06-17T12:42:04.623000
CVE-2024-6050,0,0,977e3c1d954bb2d407afb4f807be75a02157bd9cd72111a32e132ff13e7f9262,2024-08-15T17:21:21.920000
CVE-2024-6052,0,0,38b34f27bf68c4c46450287788affa9aba60ae6b039318e5898c7b1f92d4d920,2024-08-27T17:56:02.507000
CVE-2024-6053,0,0,d948e07b8baf864dac71376d31f8ecc578facf82b0fb9781a32c5b912ab40183,2024-08-28T17:15:11.163000
CVE-2024-6053,0,1,21baf840cdd5a02d6a22a91914ac5039a81a4df892e1d76f92eefb4920e5c35a,2024-08-29T13:25:27.537000
CVE-2024-6054,0,0,dbd3e49036b5938301871d5a6c67ee17ba89370e3288082b00ca89a51a1f06ed,2024-06-28T13:11:58.810000
CVE-2024-6055,0,0,69ea90ebaa7aa8fe33baa786beceb3ec128eecc80f960a60b64b4cba1327c031,2024-06-20T12:44:22.977000
CVE-2024-6056,0,0,7f74134484f6fd18fa58f8938789bdbc0044ca3e8ab999314ec931796600d896,2024-06-20T12:44:22.977000
@ -260425,7 +260428,7 @@ CVE-2024-6547,0,0,18c84e0486ad4b936dd6fb72fb2fdab2178f5a996a76eecb6a226aad2d913b
CVE-2024-6548,0,0,60bfc667942bf486cd849da3893b7634ce066ff37e0b88eef507e7c2b2252b95,2024-07-29T14:12:08.783000
CVE-2024-6549,0,0,cc28409fa4123f9cfa0020a8bd1acbb74b9f694b50039e5c195a43b7390fbf1b,2024-07-29T14:12:08.783000
CVE-2024-6550,0,0,6c4bb046e65a00df1f67c81af4edc0fc3847fdca60c1beea606bf943b5851318,2024-07-11T13:05:54.930000
CVE-2024-6551,1,1,5e0b9950be056866cf8e8b5667497b893f9ca503fbbb1a2be6c84e9b11108990,2024-08-29T11:15:28.183000
CVE-2024-6551,0,1,4f1ced20cf55889202b509444f69b6146a29a206020191caf2f0e82360817fe0,2024-08-29T13:25:27.537000
CVE-2024-6552,0,0,c69fea586ad13db8e0f17f3e790d1787fb8eede20c8e873ffff0211dfcfe53f9,2024-08-08T13:04:18.753000
CVE-2024-6553,0,0,70ba64410e40022a47be74c0cb91eccacd959b94b33ca2168d2fb9852aed7506,2024-08-14T19:18:14.797000
CVE-2024-6554,0,0,c39b715167392909a130cc6479af2acca1cb23375ca0bdab5b0fb951f0bce662,2024-07-12T17:01:48.353000
@ -260661,7 +260664,7 @@ CVE-2024-6917,0,0,4e02075ee95758cd510fbf6b3750273e9262615bb77e37c7873232af68d2c2
CVE-2024-6918,0,0,12d78a0add3426ad16ea6912a9097e8912d0223c4f1b31c268f35e0cd50f94e8,2024-08-20T15:44:20.567000
CVE-2024-6922,0,0,06f94107ca0d2a59d9bc293905aa46a216c7a8ead08ee7b0b3a0f5d8d9c7d0a8,2024-07-29T14:12:08.783000
CVE-2024-6923,0,0,5f80c19d7aba57d9ca3502e05808684f0f6d62047a1b2b6de15ae6be51d0a228,2024-08-07T15:15:56.337000
CVE-2024-6927,1,1,b11b798824c8bf7659fd54be5bafdf70ae4a12c53d8d96e11ac19e1d51beb7d5,2024-08-29T11:15:28.410000
CVE-2024-6927,0,1,fc91f7883505fe48251683b91037adf3e44067800dde7ec2b6fe528d778df67e,2024-08-29T13:25:27.537000
CVE-2024-6930,0,0,1339dcde2064efad12400b33b71bb10f58bb3894621d0a104ecb7e997db508bc,2024-08-08T20:06:49.207000
CVE-2024-6932,0,0,67a8aa74150c82de9338c7f5e13237de6a0b3fc058478249ab687a9bbea18d6e,2024-07-22T13:00:31.330000
CVE-2024-6933,0,0,31e003a378d639e27641dced44e726d35d058acd0301a48a16d76976ef2aa1ee,2024-07-22T13:00:31.330000
@ -260780,7 +260783,7 @@ CVE-2024-7123,0,0,9cd56c5d21be01850838f11a2df252558cd6c9b176bc2485ad2b1b549f072a
CVE-2024-7125,0,0,eeabb5486a5ad2f2094206d4f0142bb635fc7a57bcd2279354b026b1e44628c1,2024-08-27T13:01:37.913000
CVE-2024-7127,0,0,2842be40cd41bba2687b1d2d238a3a521369bfe05553f868496bd1f3f7f4951f,2024-08-23T14:00:59.740000
CVE-2024-7128,0,0,22b40e3236f05da8de2b73f629340b5796a3b45429dedc50864bf862ccb583f9,2024-07-29T14:12:08.783000
CVE-2024-7132,1,1,d14b88a1d4278041aa1a27177495083cbe57b0c3236c04365135631db035b60f,2024-08-29T11:15:28.463000
CVE-2024-7132,0,1,cbe2c106b94171e6f5b52f022c196c140605df2c815a60d76564f942007bbec7,2024-08-29T13:25:27.537000
CVE-2024-7134,0,0,c5170ada8be1ea583d3dc92d1c0c20ff0ddcfa0f860d82c947cda0aff2380786,2024-08-21T12:30:33.697000
CVE-2024-7135,0,0,31437d1db396166831d3abd18bbeb77eef50ad11110b9df0f25d86e90a9b1fe1,2024-07-31T12:57:02.300000
CVE-2024-7136,0,0,8aada0541fe051e5634e6d0e6056d54d479250830cd49e1b32d308af5a5c28dc,2024-08-19T13:00:23.117000
@ -260975,7 +260978,7 @@ CVE-2024-7384,0,0,959c51f9d9089f82b75c53d05c8efe51e41a9d17d895f5f42948ac7d882f93
CVE-2024-7388,0,0,f17b6292d40b8d2d9d22865fdbf912ed4604c49db111ea9e78f67fdbb858de85,2024-08-13T12:58:25.437000
CVE-2024-7389,0,0,a5776290ae762be985431158def3f2d002b265ca6a95ce830d8f46206854f21a,2024-08-02T12:59:43.990000
CVE-2024-7390,0,0,7895dab66ddc704219ddf6d579bba9623189661f47faa0372744a2c8c5dc8ef9,2024-08-21T12:30:33.697000
CVE-2024-7394,0,0,29459446676ebb07a97678c0a588cd4da58f4cf687ed192aec71d6f9cff45400,2024-08-08T18:55:19.180000
CVE-2024-7394,0,1,311dd8d09f289dca72e294063b3121b4c7fd832b8fb4e9134c8457f94c79d21d,2024-08-29T13:41:24.487000
CVE-2024-7395,0,0,6b93b6db07480e26c0ae715f45aa50cef676fc9c19ea641f155805eb4429ff3f,2024-08-06T16:31:05.780000
CVE-2024-7396,0,0,4ebde91c8a3429e260812e0a142900e161f2137833db297002231fa5cfafb30a,2024-08-06T16:31:05.780000
CVE-2024-7397,0,0,6d2f711820d3e2f3c7573fc7d4d971b3f755ab6406b8b6440f8e39ce24e2f3e7,2024-08-06T16:31:05.780000
@ -260989,7 +260992,7 @@ CVE-2024-7412,0,0,b7efc7f691385d07c16b9c98953749b4113f5c7d6e2cc5e240ac710642b7a9
CVE-2024-7413,0,0,cc9a3132dbf30c713a640687e195177085da2f3a67f589d16f765a82cdaabb61,2024-08-12T13:41:36.517000
CVE-2024-7414,0,0,ec5a655568a866725caccc407e481351f1a5df496455996ee3102ef3dac59f70,2024-08-12T13:41:36.517000
CVE-2024-7416,0,0,67a9ab6c88d18462429964f1183d705aa9fe2b8f49f4e7e013c20651e7dbf059,2024-08-12T13:41:36.517000
CVE-2024-7418,1,1,5de48952fff8ceff6db8237b9fad6578ec63e1f5c2db58d9801f4ca5ece93944,2024-08-29T11:15:28.540000
CVE-2024-7418,0,1,5654c2ea5f680ee7442f7881c310f72c8023f64985fe11e829ea249b0084006d,2024-08-29T13:25:27.537000
CVE-2024-7420,0,0,212201dc70782f8f787a94c9803febdbce3768abc9739a3b9300a43932a4c1b3,2024-08-15T13:01:10.150000
CVE-2024-7422,0,0,36692ebd2df61833999819382a06fe94bffc446bd5a7ed95f5ad6f2f1be17d62,2024-08-19T13:00:23.117000
CVE-2024-7427,0,0,cd98bf118e873980efded7115c454f880130955b5e501512e2f862e15ce253b8,2024-08-23T18:46:31.730000
@ -261115,8 +261118,8 @@ CVE-2024-7601,0,0,db9958425836572eda0b52c7e651aff0e41e4dc47ec55ea348bc5752e1b198
CVE-2024-7602,0,0,1295ede0549ca488da522cbefe2db5abad88498e69c53af1f38f0ee81eb69b62,2024-08-23T16:36:11.690000
CVE-2024-7603,0,0,026c301c8508bb2890d37936199245036e5a5160d5195c848eb9252477eef559,2024-08-23T16:36:28.327000
CVE-2024-7604,0,0,2ca377c2d37b9340c6f7d1612379ed11f338df19f0e6ffae40ca1da8c016df51,2024-08-23T16:37:09.107000
CVE-2024-7606,1,1,62ee4733469c5caf7fcb3b22200988055110126a50875bcd59dd98e49b9957cd,2024-08-29T11:15:28.757000
CVE-2024-7607,1,1,1aaf6f7879fdc88b0e3787379ff19ff5df6ca94d2922854e07697ef03150e28e,2024-08-29T11:15:28.963000
CVE-2024-7606,0,1,a274c3cb55abf1d09b9eed03004046b3bab57ca9c346c9c7f8eb3d1a43589575,2024-08-29T13:25:27.537000
CVE-2024-7607,0,1,a22f9e92f7acda9358a9e1022b2325b742d117f4b1e701544a71613f7628ae8f,2024-08-29T13:25:27.537000
CVE-2024-7608,0,0,b8872988f702757177432eab77e95a14e7cc629ce3c064dd49371a09c8fc5a16,2024-08-28T12:15:06.900000
CVE-2024-7610,0,0,a10689bea1d0fbdec4f1b8819e74182773158d5010cb9fbea2ce46532922c645,2024-08-08T13:04:18.753000
CVE-2024-7613,0,0,595ae1d3f56b81eeb34ef1e184ddf7962f3a8fbfc042ff77a8fcf0bd3f10f263,2024-08-21T18:47:11.523000
@ -261200,8 +261203,8 @@ CVE-2024-7740,0,0,b6b97e22b2a1c91ed733b5ea0db90c7ca386835aea8a2536d78b137aa899a0
CVE-2024-7741,0,0,451b4501bfecb549fed2131350eefedffb5605095818bbd2dc73e6ce30b3b5e5,2024-08-21T19:07:40.757000
CVE-2024-7742,0,0,5026e5c91e6d01ca137577cf715447f5db3eb9e4e96b1b8aca8896a09ee6d170,2024-08-21T19:08:47.707000
CVE-2024-7743,0,0,c910ec910e11d4c23506ee8328b07eddb255cd4474ff1acb5544c0f61f82b883,2024-08-21T19:15:54.553000
CVE-2024-7744,0,0,1c24802daeb8a1a916eb67627cef6aecd8c9091c1618d772795e5ffee13a4e0c,2024-08-28T17:15:11.380000
CVE-2024-7745,0,0,e29f9de33b3b1e8fe4a25f6826bc4f6300a7deaa8241cd630860c39d845a5db0,2024-08-28T17:15:11.593000
CVE-2024-7744,0,1,e8669f8fd5c9f9018e3b86c3a975e398acdc37121a642a8c3a049f4d03772209,2024-08-29T13:25:27.537000
CVE-2024-7745,0,1,48c3e1f7170ef7640e900d5b015dab81630b73bf8a9f44daf9902b87879253a9,2024-08-29T13:25:27.537000
CVE-2024-7746,0,0,41ddc83547faacdfc7eb4febb4b7b289d12121016bfc1367db838e5c1dc32e37,2024-08-22T14:40:44.167000
CVE-2024-7748,0,0,19a9780c8c3e3580e0507d6a06dfe151328aa44e58ebe3ad1d40e684712edce7,2024-08-15T17:22:53.340000
CVE-2024-7749,0,0,b1dd92bb0312fc7ae82ed3bd4baca9ef6dbf65c2cbb7e0f4fc4cc1353892f66e,2024-08-15T17:23:28.410000
@ -261256,15 +261259,15 @@ CVE-2024-7851,0,0,a6804e632dae2a5227b1aeec5affef71a5e6512f1f3daab8681dcd169bd0ed
CVE-2024-7852,0,0,90686965379176e60723e17deb3351871fe4c0caf2dc6a3e7de2597d0bb591c0,2024-08-28T21:07:30.690000
CVE-2024-7853,0,0,14a48e1ad8f1b546c0c87aa2d80a70dd8973b153912e39385d618671fd730a73,2024-08-28T21:03:35.003000
CVE-2024-7854,0,0,c7d42abb2b322c04201a8af34648ccfdb0ede7da24776e4c0b3ca238a25bf3a0,2024-08-21T12:30:33.697000
CVE-2024-7856,1,1,4cf3aa430f9ecb44ea0b33cc0daa9345aae971c59c9c6a7ee4c9b6e55fae373a,2024-08-29T11:15:29.173000
CVE-2024-7857,0,0,fd16b975757f502228f6eab0377cf04875516074c5737fefdf2a5cfed1cc0e0e,2024-08-29T03:15:05.547000
CVE-2024-7856,0,1,33feb207767ca0a7c11c844a262a4c47fe31800a079ccc95735f9fe6bb170e1c,2024-08-29T13:25:27.537000
CVE-2024-7857,0,1,b74961afa7dd10dda782bf64e146bf5117eb37327cdce5dd6f430c037eea52b1,2024-08-29T13:25:27.537000
CVE-2024-7866,0,0,4c0cb0c858c0ff2de3d3bc9c6187348080bb51d5934bb16167513e626d441be5,2024-08-20T19:23:02.780000
CVE-2024-7867,0,0,cc4e8e2cbae6cc9c2393332b56b3dc1a7160836d4b3b7919e8d1234e73599a3b,2024-08-28T21:59:33.973000
CVE-2024-7868,0,0,426aac72107d4f020c4b4c2ec1e49b6873953f44556989351b1605a1e98035d8,2024-08-19T13:00:23.117000
CVE-2024-7885,0,0,53926a53ab4f71fc31c04b79b6d61e8c39bb180f373c05a721578db45aa87a6a,2024-08-23T17:05:24.343000
CVE-2024-7886,0,0,b8c1f856b8479c6982faa8a2fc4a6d8b2480e045b8b096d9bd3b8640a06eb6f3,2024-08-19T13:00:23.117000
CVE-2024-7887,0,0,ba2ac28c88e5c856e9fa78c00b11f37e0df98a3508bf609dc9edbaa04a8fdb8e,2024-08-19T12:59:59.177000
CVE-2024-7895,1,1,2f6aa8188d1329881ea5f289dd845e81e893fbef662b74ca80d85be3ed523ea3,2024-08-29T11:15:29.390000
CVE-2024-7895,0,1,751537230dd85c922dc90020075e7bad0b718b293dfccd82c96c7e45bafc7da4,2024-08-29T13:25:27.537000
CVE-2024-7896,0,0,d80047a3d1d6cdcff2bc1adb680d3fdbda8db4b01c807c4a42d25c13d72803dc,2024-08-19T17:15:11.543000
CVE-2024-7897,0,0,e1e6bea210133c6b9b950b4aecbbc6a33480bc30160d48b4fd9fe9919d3739ab,2024-08-19T17:15:11.650000
CVE-2024-7898,0,0,8c09771630e516b5f0f9a153f946d68f8ead0f340784a4987dcbcd7e91566a30,2024-08-19T15:15:09.297000
@ -261413,11 +261416,11 @@ CVE-2024-8174,0,0,8543f0d8f92ea7727c4605df4b165224a3b6d137f11ee710b81d48c311ac7b
CVE-2024-8181,0,0,30918501aab4364009bd3804956f0f10b449aad4949fccf3aacccef25d5db4b2,2024-08-27T15:52:01.317000
CVE-2024-8182,0,0,d21b4ee027b5d7ffbba2e6af93024450552ec0bbbe1dfa5ea2b2ec2db0e50d89,2024-08-27T15:52:01.317000
CVE-2024-8188,0,0,bf948f939efb55d2700c81c8fb5cefa3fc31038462bfeb7ac3e161719faca6b2,2024-08-26T20:15:08.760000
CVE-2024-8193,0,0,587355a2d64199050d05deff77d6e1fe4b5f79d97274de2c0bc9724ad81cf505,2024-08-28T23:15:05.477000
CVE-2024-8194,0,0,b369892e8111ae1fd095afd85582c5541269a090a57f85d710381349c9130f20,2024-08-28T23:15:06.160000
CVE-2024-8193,0,1,ff98f1aca00ea2f4f14673823fda0d839c318610a755256f696558b13f2c4f77,2024-08-29T13:25:27.537000
CVE-2024-8194,0,1,53eae44b106de213de808a1df573211b10618e7c00b2d767c985950bf620a990,2024-08-29T13:25:27.537000
CVE-2024-8195,0,0,690850dad9e9debe83e3b31934e05f3d048da18a5a72ab008b4259527f1aad61,2024-08-28T14:31:24.487000
CVE-2024-8197,0,0,60c1dd5a1a3c5aad3ac938fab8c46d1fa7e711c4df3249376b3e24407eb9fe54,2024-08-27T13:01:37.913000
CVE-2024-8198,0,0,fbe148306112c49c489e243b916286b977db8a54ffa4b1f7db0e7a9886d7f526,2024-08-28T23:15:06.243000
CVE-2024-8198,0,1,de980718a9ea6cc588b2d974e2982799ff7ae4aa3d30e607d169215732d9386d,2024-08-29T13:25:27.537000
CVE-2024-8199,0,0,e4e155faf7982af494f6088e1ddff038dcc1d62a5700003ee5b4a40cfdce83b8,2024-08-27T18:33:14.247000
CVE-2024-8200,0,0,d43bb5c61e83498550affa212dfef3001c48e0b48cb46337b88a2d4649830cd9,2024-08-27T18:33:14.247000
CVE-2024-8207,0,0,498323e8227fa40c3fd29b85835950264192b60730f689cfc748d515dfd6f7ad,2024-08-27T13:01:37.913000
@ -261444,5 +261447,9 @@ CVE-2024-8228,0,0,93a2ed289eaee58adcb93cda42520d2efec521ebb9601fd9e70d3a991a36c9
CVE-2024-8229,0,0,b4e82f248689c551a8c2d56510132af8816aa6c16d8f7b5aa18c38850899c5a7,2024-08-29T00:10:09.807000
CVE-2024-8230,0,0,51972d3a01eef60d4ec2fcebcc43d9f517d40a0a396b61ca7c24bdef0d5fcb4e,2024-08-29T00:08:24.643000
CVE-2024-8231,0,0,19b769716e3fff898a72bf0ee7d68779b61ab99af63bed31a0498759613ebd4e,2024-08-28T12:57:27.610000
CVE-2024-8250,0,0,8900d64e25e96bc1ae53b39b4f0c995051fa74e8ba32dae7d165904c43a62b8d,2024-08-29T00:15:09.370000
CVE-2024-8294,1,1,f879bffabf94ff153e219aedfdf7f5e095a8d490ded0d576b72b11dac593e733,2024-08-29T11:15:29.603000
CVE-2024-8250,0,1,74fb86f8fe2035c18dd497ff04e870378212b13108551159d2a1c3008bad35b8,2024-08-29T13:25:27.537000
CVE-2024-8294,0,1,4dbc4ed3db14d85852b6f7a6aa39a58fb9813e3a468ce2496730622a4e7e8e20,2024-08-29T13:25:27.537000
CVE-2024-8295,1,1,f8b1eacce92adcda34eadca7b6a5f9b0537bcb1008b6d197cf25cbc03f38d464,2024-08-29T13:25:27.537000
CVE-2024-8296,1,1,66346d5f20138091aa1a5c7abd768c7cc1b063d98b4b8f55461cfa2a34a9e06b,2024-08-29T13:25:27.537000
CVE-2024-8297,1,1,be3630f7076c181ff3a7dd53d449891a972e9958d66bbbdeb816e8e8d932d822,2024-08-29T13:25:27.537000
CVE-2024-8301,1,1,a320b86a1c6d3602618f46f60fc09d8dff020322bb7a7b0e43fc9a496aef7f93,2024-08-29T13:25:27.537000

Can't render this file because it is too large.