From afb9a3e5de44f32cd8e105a98b964b965d42f565 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Thu, 29 Aug 2024 14:03:15 +0000 Subject: [PATCH] Auto-Update: 2024-08-29T14:00:18.295225+00:00 --- CVE-2021/CVE-2021-44xx/CVE-2021-4442.json | 4 +- CVE-2022/CVE-2022-24xx/CVE-2022-2440.json | 4 +- CVE-2024/CVE-2024-13xx/CVE-2024-1384.json | 60 +++++++ CVE-2024/CVE-2024-202xx/CVE-2024-20279.json | 8 +- CVE-2024/CVE-2024-202xx/CVE-2024-20284.json | 8 +- CVE-2024/CVE-2024-202xx/CVE-2024-20285.json | 8 +- CVE-2024/CVE-2024-202xx/CVE-2024-20286.json | 8 +- CVE-2024/CVE-2024-202xx/CVE-2024-20289.json | 8 +- CVE-2024/CVE-2024-204xx/CVE-2024-20411.json | 8 +- CVE-2024/CVE-2024-204xx/CVE-2024-20413.json | 8 +- CVE-2024/CVE-2024-204xx/CVE-2024-20446.json | 8 +- CVE-2024/CVE-2024-204xx/CVE-2024-20478.json | 8 +- CVE-2024/CVE-2024-224xx/CVE-2024-22425.json | 8 +- CVE-2024/CVE-2024-224xx/CVE-2024-22426.json | 8 +- CVE-2024/CVE-2024-25xx/CVE-2024-2541.json | 60 +++++++ CVE-2024/CVE-2024-297xx/CVE-2024-29723.json | 4 +- CVE-2024/CVE-2024-297xx/CVE-2024-29724.json | 4 +- CVE-2024/CVE-2024-297xx/CVE-2024-29725.json | 4 +- CVE-2024/CVE-2024-297xx/CVE-2024-29726.json | 4 +- CVE-2024/CVE-2024-297xx/CVE-2024-29727.json | 4 +- CVE-2024/CVE-2024-297xx/CVE-2024-29728.json | 4 +- CVE-2024/CVE-2024-297xx/CVE-2024-29729.json | 4 +- CVE-2024/CVE-2024-297xx/CVE-2024-29730.json | 4 +- CVE-2024/CVE-2024-297xx/CVE-2024-29731.json | 4 +- CVE-2024/CVE-2024-341xx/CVE-2024-34195.json | 8 +- CVE-2024/CVE-2024-36xx/CVE-2024-3679.json | 60 +++++++ CVE-2024/CVE-2024-383xx/CVE-2024-38303.json | 4 +- CVE-2024/CVE-2024-383xx/CVE-2024-38304.json | 4 +- CVE-2024/CVE-2024-39xx/CVE-2024-3944.json | 4 +- CVE-2024/CVE-2024-409xx/CVE-2024-40909.json | 92 +++++++++- CVE-2024/CVE-2024-409xx/CVE-2024-40910.json | 104 ++++++++++- CVE-2024/CVE-2024-409xx/CVE-2024-40911.json | 116 ++++++++++++- CVE-2024/CVE-2024-409xx/CVE-2024-40912.json | 152 ++++++++++++++-- CVE-2024/CVE-2024-412xx/CVE-2024-41236.json | 8 +- CVE-2024/CVE-2024-415xx/CVE-2024-41564.json | 8 +- CVE-2024/CVE-2024-415xx/CVE-2024-41565.json | 8 +- CVE-2024/CVE-2024-415xx/CVE-2024-41570.json | 57 +++++- CVE-2024/CVE-2024-418xx/CVE-2024-41888.json | 53 +++++- CVE-2024/CVE-2024-418xx/CVE-2024-41890.json | 53 +++++- CVE-2024/CVE-2024-419xx/CVE-2024-41918.json | 8 +- CVE-2024/CVE-2024-425xx/CVE-2024-42531.json | 17 +- CVE-2024/CVE-2024-426xx/CVE-2024-42698.json | 8 +- CVE-2024/CVE-2024-427xx/CVE-2024-42793.json | 8 +- CVE-2024/CVE-2024-429xx/CVE-2024-42900.json | 8 +- CVE-2024/CVE-2024-429xx/CVE-2024-42905.json | 8 +- CVE-2024/CVE-2024-437xx/CVE-2024-43700.json | 4 +- CVE-2024/CVE-2024-438xx/CVE-2024-43805.json | 8 +- CVE-2024/CVE-2024-439xx/CVE-2024-43986.json | 4 +- CVE-2024/CVE-2024-447xx/CVE-2024-44760.json | 8 +- CVE-2024/CVE-2024-447xx/CVE-2024-44761.json | 8 +- CVE-2024/CVE-2024-449xx/CVE-2024-44913.json | 8 +- CVE-2024/CVE-2024-449xx/CVE-2024-44914.json | 8 +- CVE-2024/CVE-2024-449xx/CVE-2024-44915.json | 8 +- CVE-2024/CVE-2024-44xx/CVE-2024-4428.json | 4 +- CVE-2024/CVE-2024-450xx/CVE-2024-45043.json | 8 +- CVE-2024/CVE-2024-450xx/CVE-2024-45046.json | 8 +- CVE-2024/CVE-2024-450xx/CVE-2024-45048.json | 8 +- CVE-2024/CVE-2024-450xx/CVE-2024-45054.json | 8 +- CVE-2024/CVE-2024-450xx/CVE-2024-45057.json | 10 +- CVE-2024/CVE-2024-450xx/CVE-2024-45058.json | 8 +- CVE-2024/CVE-2024-450xx/CVE-2024-45059.json | 8 +- CVE-2024/CVE-2024-452xx/CVE-2024-45232.json | 8 +- CVE-2024/CVE-2024-452xx/CVE-2024-45233.json | 8 +- CVE-2024/CVE-2024-454xx/CVE-2024-45435.json | 8 +- CVE-2024/CVE-2024-454xx/CVE-2024-45436.json | 8 +- CVE-2024/CVE-2024-454xx/CVE-2024-45440.json | 4 +- CVE-2024/CVE-2024-54xx/CVE-2024-5417.json | 4 +- CVE-2024/CVE-2024-56xx/CVE-2024-5622.json | 4 +- CVE-2024/CVE-2024-56xx/CVE-2024-5623.json | 4 +- CVE-2024/CVE-2024-56xx/CVE-2024-5624.json | 4 +- CVE-2024/CVE-2024-58xx/CVE-2024-5857.json | 4 +- CVE-2024/CVE-2024-59xx/CVE-2024-5987.json | 4 +- CVE-2024/CVE-2024-60xx/CVE-2024-6053.json | 8 +- CVE-2024/CVE-2024-65xx/CVE-2024-6551.json | 4 +- CVE-2024/CVE-2024-69xx/CVE-2024-6927.json | 4 +- CVE-2024/CVE-2024-71xx/CVE-2024-7132.json | 4 +- CVE-2024/CVE-2024-73xx/CVE-2024-7394.json | 84 ++++++++- CVE-2024/CVE-2024-74xx/CVE-2024-7418.json | 4 +- CVE-2024/CVE-2024-76xx/CVE-2024-7606.json | 4 +- CVE-2024/CVE-2024-76xx/CVE-2024-7607.json | 4 +- CVE-2024/CVE-2024-77xx/CVE-2024-7744.json | 8 +- CVE-2024/CVE-2024-77xx/CVE-2024-7745.json | 8 +- CVE-2024/CVE-2024-78xx/CVE-2024-7856.json | 4 +- CVE-2024/CVE-2024-78xx/CVE-2024-7857.json | 8 +- CVE-2024/CVE-2024-78xx/CVE-2024-7895.json | 4 +- CVE-2024/CVE-2024-81xx/CVE-2024-8193.json | 8 +- CVE-2024/CVE-2024-81xx/CVE-2024-8194.json | 8 +- CVE-2024/CVE-2024-81xx/CVE-2024-8198.json | 8 +- CVE-2024/CVE-2024-82xx/CVE-2024-8250.json | 8 +- CVE-2024/CVE-2024-82xx/CVE-2024-8294.json | 4 +- CVE-2024/CVE-2024-82xx/CVE-2024-8295.json | 137 +++++++++++++++ CVE-2024/CVE-2024-82xx/CVE-2024-8296.json | 137 +++++++++++++++ CVE-2024/CVE-2024-82xx/CVE-2024-8297.json | 141 +++++++++++++++ CVE-2024/CVE-2024-83xx/CVE-2024-8301.json | 137 +++++++++++++++ README.md | 68 ++++---- _state.csv | 183 ++++++++++---------- 96 files changed, 1877 insertions(+), 328 deletions(-) create mode 100644 CVE-2024/CVE-2024-13xx/CVE-2024-1384.json create mode 100644 CVE-2024/CVE-2024-25xx/CVE-2024-2541.json create mode 100644 CVE-2024/CVE-2024-36xx/CVE-2024-3679.json create mode 100644 CVE-2024/CVE-2024-82xx/CVE-2024-8295.json create mode 100644 CVE-2024/CVE-2024-82xx/CVE-2024-8296.json create mode 100644 CVE-2024/CVE-2024-82xx/CVE-2024-8297.json create mode 100644 CVE-2024/CVE-2024-83xx/CVE-2024-8301.json diff --git a/CVE-2021/CVE-2021-44xx/CVE-2021-4442.json b/CVE-2021/CVE-2021-44xx/CVE-2021-4442.json index 0b96417f6e9..4586e8975cf 100644 --- a/CVE-2021/CVE-2021-44xx/CVE-2021-4442.json +++ b/CVE-2021/CVE-2021-44xx/CVE-2021-4442.json @@ -2,8 +2,8 @@ "id": "CVE-2021-4442", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-08-29T11:15:23.413", - "lastModified": "2024-08-29T11:15:23.413", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2022/CVE-2022-24xx/CVE-2022-2440.json b/CVE-2022/CVE-2022-24xx/CVE-2022-2440.json index 058cc8777c6..384b93d5aea 100644 --- a/CVE-2022/CVE-2022-24xx/CVE-2022-2440.json +++ b/CVE-2022/CVE-2022-24xx/CVE-2022-2440.json @@ -2,8 +2,8 @@ "id": "CVE-2022-2440", "sourceIdentifier": "security@wordfence.com", "published": "2024-08-29T11:15:23.790", - "lastModified": "2024-08-29T11:15:23.790", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-13xx/CVE-2024-1384.json b/CVE-2024/CVE-2024-13xx/CVE-2024-1384.json new file mode 100644 index 00000000000..95719eec7db --- /dev/null +++ b/CVE-2024/CVE-2024-13xx/CVE-2024-1384.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-1384", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-08-29T13:15:05.793", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Premium Portfolio Features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'aux_recent_portfolios_grid' shortcode in all versions up to, and including, 2.3.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/auxin-portfolio/trunk/includes/elements/recent-portfolios.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4475cbd4-07cf-499a-a11a-b63eb9184568?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-202xx/CVE-2024-20279.json b/CVE-2024/CVE-2024-202xx/CVE-2024-20279.json index f8c237d4da0..f83d794dff2 100644 --- a/CVE-2024/CVE-2024-202xx/CVE-2024-20279.json +++ b/CVE-2024/CVE-2024-202xx/CVE-2024-20279.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20279", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-08-28T17:15:06.113", - "lastModified": "2024-08-28T17:15:06.113", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacker to modify the behavior of default system policies, such as quality of service (QoS) policies, on an affected system. This vulnerability is due to improper access control when restricted security domains are used to implement multi-tenancy. An attacker with a valid user account associated with a restricted security domain could exploit this vulnerability. A successful exploit could allow the attacker to read, modify, or delete child policies created under default system policies, which are implicitly used by all tenants in the fabric, resulting in disruption of network traffic. Exploitation is not possible for policies under tenants that an attacker has no authorization to access." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la implementaci\u00f3n del dominio de seguridad restringido de Cisco Application Policy Infrastructure Controller (APIC) podr\u00eda permitir que un atacante remoto autenticado modifique el comportamiento de las pol\u00edticas predeterminadas del sistema, como las pol\u00edticas de calidad de servicio (QoS), en un sistema afectado. Esta vulnerabilidad se debe a un control de acceso inadecuado cuando se utilizan dominios de seguridad restringidos para implementar la multi-tenencia. Un atacante con una cuenta de usuario v\u00e1lida asociada con un dominio de seguridad restringido podr\u00eda aprovechar esta vulnerabilidad. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante leer, modificar o eliminar pol\u00edticas secundarias creadas bajo pol\u00edticas predeterminadas del sistema, que son utilizadas impl\u00edcitamente por todos los inquilinos en la estructura, lo que provoca la interrupci\u00f3n del tr\u00e1fico de la red. La explotaci\u00f3n no es posible para las pol\u00edticas bajo inquilinos a los que un atacante no tiene autorizaci\u00f3n para acceder." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-202xx/CVE-2024-20284.json b/CVE-2024/CVE-2024-202xx/CVE-2024-20284.json index 021999ed72e..92f40e26b58 100644 --- a/CVE-2024/CVE-2024-202xx/CVE-2024-20284.json +++ b/CVE-2024/CVE-2024-202xx/CVE-2024-20284.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20284", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-08-28T17:15:06.893", - "lastModified": "2024-08-28T17:15:06.893", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device.\r\n\r\nThe vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user. \r\nNote: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en el int\u00e9rprete de Python del software Cisco NX-OS podr\u00eda permitir que un atacante local autenticado y con pocos privilegios escape del entorno limitado de Python y obtenga acceso no autorizado al sistema operativo subyacente del dispositivo. La vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad manipulando funciones espec\u00edficas dentro del int\u00e9rprete de Python. Una explotaci\u00f3n exitosa podr\u00eda permitir que un atacante escape del entorno limitado de Python y ejecute comandos arbitrarios en el sistema operativo subyacente con los privilegios del usuario autenticado. Nota: Un atacante debe estar autenticado con privilegios de ejecuci\u00f3n de Python para aprovechar estas vulnerabilidades. Para obtener m\u00e1s informaci\u00f3n sobre los privilegios de ejecuci\u00f3n de Python, consulte la documentaci\u00f3n espec\u00edfica del producto, como la secci\u00f3n de la Gu\u00eda de programaci\u00f3n de NX-OS de la serie Cisco Nexus 9000." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-202xx/CVE-2024-20285.json b/CVE-2024/CVE-2024-202xx/CVE-2024-20285.json index 0db641b0fa2..b1e5d6e0c8d 100644 --- a/CVE-2024/CVE-2024-202xx/CVE-2024-20285.json +++ b/CVE-2024/CVE-2024-202xx/CVE-2024-20285.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20285", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-08-28T17:15:07.687", - "lastModified": "2024-08-28T17:15:07.687", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device.\r\n\r\nThe vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user. \r\nNote: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en el int\u00e9rprete de Python del software Cisco NX-OS podr\u00eda permitir que un atacante local autenticado y con pocos privilegios escape del entorno limitado de Python y obtenga acceso no autorizado al sistema operativo subyacente del dispositivo. La vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad manipulando funciones espec\u00edficas dentro del int\u00e9rprete de Python. Una explotaci\u00f3n exitosa podr\u00eda permitir que un atacante escape del entorno limitado de Python y ejecute comandos arbitrarios en el sistema operativo subyacente con los privilegios del usuario autenticado. Nota: Un atacante debe estar autenticado con privilegios de ejecuci\u00f3n de Python para aprovechar estas vulnerabilidades. Para obtener m\u00e1s informaci\u00f3n sobre los privilegios de ejecuci\u00f3n de Python, consulte la documentaci\u00f3n espec\u00edfica del producto, como la secci\u00f3n de la Gu\u00eda de programaci\u00f3n de NX-OS de la serie Cisco Nexus 9000." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-202xx/CVE-2024-20286.json b/CVE-2024/CVE-2024-202xx/CVE-2024-20286.json index c162dc55406..b4603332a50 100644 --- a/CVE-2024/CVE-2024-202xx/CVE-2024-20286.json +++ b/CVE-2024/CVE-2024-202xx/CVE-2024-20286.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20286", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-08-28T17:15:08.400", - "lastModified": "2024-08-28T17:15:08.400", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device.\r\n\r\nThe vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user. \r\nNote: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en el int\u00e9rprete de Python del software Cisco NX-OS podr\u00eda permitir que un atacante local autenticado y con pocos privilegios escape del entorno limitado de Python y obtenga acceso no autorizado al sistema operativo subyacente del dispositivo. La vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad manipulando funciones espec\u00edficas dentro del int\u00e9rprete de Python. Una explotaci\u00f3n exitosa podr\u00eda permitir que un atacante escape del entorno limitado de Python y ejecute comandos arbitrarios en el sistema operativo subyacente con los privilegios del usuario autenticado. Nota: Un atacante debe estar autenticado con privilegios de ejecuci\u00f3n de Python para aprovechar estas vulnerabilidades. Para obtener m\u00e1s informaci\u00f3n sobre los privilegios de ejecuci\u00f3n de Python, consulte la documentaci\u00f3n espec\u00edfica del producto, como la secci\u00f3n de la Gu\u00eda de programaci\u00f3n de NX-OS de la serie Cisco Nexus 9000." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-202xx/CVE-2024-20289.json b/CVE-2024/CVE-2024-202xx/CVE-2024-20289.json index 217e84c5685..8980a338bd8 100644 --- a/CVE-2024/CVE-2024-202xx/CVE-2024-20289.json +++ b/CVE-2024/CVE-2024-202xx/CVE-2024-20289.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20289", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-08-28T17:15:09.117", - "lastModified": "2024-08-28T17:15:09.117", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to execute arbitrary commands on the underlying operating system of an affected device. \r\n\r\nThis vulnerability is due to insufficient validation of arguments for a specific CLI command. An attacker could exploit this vulnerability by including crafted input as the argument of the affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of the currently logged-in user." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en la CLI del software Cisco NX-OS podr\u00eda permitir que un atacante local autenticado y con pocos privilegios ejecute comandos arbitrarios en el sistema operativo subyacente de un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de los argumentos para un comando CLI espec\u00edfico. Un atacante podr\u00eda aprovechar esta vulnerabilidad al incluir una entrada manipulada como argumento del comando afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante ejecute comandos arbitrarios en el sistema operativo subyacente con los privilegios del usuario que haya iniciado sesi\u00f3n en ese momento." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-204xx/CVE-2024-20411.json b/CVE-2024/CVE-2024-204xx/CVE-2024-20411.json index 997286edebf..ec970763138 100644 --- a/CVE-2024/CVE-2024-204xx/CVE-2024-20411.json +++ b/CVE-2024/CVE-2024-204xx/CVE-2024-20411.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20411", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-08-28T17:15:09.500", - "lastModified": "2024-08-28T17:15:09.500", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in Cisco NX-OS Software could allow an authenticated, local attacker with privileges to access the Bash shell to execute arbitrary code as root on an affected device.\r\n\r\nThis vulnerability is due to insufficient security restrictions when executing commands from the Bash shell. An attacker with privileges to access the Bash shell could exploit this vulnerability by executing a specific crafted command on the underlying operating system. A successful exploit could allow the attacker to execute arbitrary code with the privileges of root." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en el software Cisco NX-OS podr\u00eda permitir que un atacante local autenticado con privilegios acceda al shell Bash para ejecutar c\u00f3digo arbitrario como superusuario en un dispositivo afectado. Esta vulnerabilidad se debe a restricciones de seguridad insuficientes al ejecutar comandos desde el shell Bash. Un atacante con privilegios para acceder al shell Bash podr\u00eda aprovechar esta vulnerabilidad ejecutando un comando espec\u00edfico manipulado en el sistema operativo subyacente. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo arbitrario con los privilegios de superusuario." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-204xx/CVE-2024-20413.json b/CVE-2024/CVE-2024-204xx/CVE-2024-20413.json index 1486216814a..ed668166706 100644 --- a/CVE-2024/CVE-2024-204xx/CVE-2024-20413.json +++ b/CVE-2024/CVE-2024-204xx/CVE-2024-20413.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20413", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-08-28T17:15:09.763", - "lastModified": "2024-08-28T17:15:09.763", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in Cisco NX-OS Software could allow an authenticated, local attacker with privileges to access the Bash shell to elevate privileges to network-admin on an affected device.\r\n\r\nThis vulnerability is due to insufficient security restrictions when executing application arguments from the Bash shell. An attacker with privileges to access the Bash shell could exploit this vulnerability by executing crafted commands on the underlying operating system. A successful exploit could allow the attacker to create new users with the privileges of network-admin." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en el software Cisco NX-OS podr\u00eda permitir que un atacante local autenticado con privilegios acceda al shell Bash para elevar los privilegios a administrador de red en un dispositivo afectado. Esta vulnerabilidad se debe a restricciones de seguridad insuficientes al ejecutar argumentos de aplicaci\u00f3n desde el shell Bash. Un atacante con privilegios para acceder al shell Bash podr\u00eda aprovechar esta vulnerabilidad ejecutando comandos dise\u00f1ados en el sistema operativo subyacente. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante crear nuevos usuarios con los privilegios de administrador de red." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-204xx/CVE-2024-20446.json b/CVE-2024/CVE-2024-204xx/CVE-2024-20446.json index 8a861491733..2bb4db31df2 100644 --- a/CVE-2024/CVE-2024-204xx/CVE-2024-20446.json +++ b/CVE-2024/CVE-2024-204xx/CVE-2024-20446.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20446", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-08-28T17:15:09.997", - "lastModified": "2024-08-28T17:15:09.997", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the DHCPv6 relay agent of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r\nThis vulnerability is due to improper handling of specific fields in a DHCPv6 RELAY-REPLY message. An attacker could exploit this vulnerability by sending a crafted DHCPv6 packet to any IPv6 address that is configured on an affected device. A successful exploit could allow the attacker to cause the dhcp_snoop process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en el agente de retransmisi\u00f3n DHCPv6 de Cisco NX-OS Software podr\u00eda permitir que un atacante remoto no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad se debe a un manejo inadecuado de campos espec\u00edficos en un mensaje RELAY-REPLY de DHCPv6. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando un paquete DHCPv6 manipulado a cualquier direcci\u00f3n IPv6 que est\u00e9 configurada en un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante provoque que el proceso dhcp_snoop se bloquee y se reinicie varias veces, lo que hace que el dispositivo afectado se recargue y genere una condici\u00f3n de DoS." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-204xx/CVE-2024-20478.json b/CVE-2024/CVE-2024-204xx/CVE-2024-20478.json index 9e082560149..8ea34274c4b 100644 --- a/CVE-2024/CVE-2024-204xx/CVE-2024-20478.json +++ b/CVE-2024/CVE-2024-204xx/CVE-2024-20478.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20478", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-08-28T17:15:10.220", - "lastModified": "2024-08-28T17:15:10.220", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the software upgrade component of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Network Controller, formerly Cisco Cloud APIC, could allow an authenticated, remote attacker with Administrator-level privileges to install a modified software image, leading to arbitrary code injection on an affected system.\r\n\r\nThis vulnerability is due to insufficient signature validation of software images. An attacker could exploit this vulnerability by installing a modified software image. A successful exploit could allow the attacker to execute arbitrary code on the affected system and elevate their privileges to root.\r\nNote: Administrators should always validate the hash of any upgrade image before uploading it to Cisco APIC and Cisco Cloud Network Controller." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en el componente de actualizaci\u00f3n de software de Cisco Application Policy Infrastructure Controller (APIC) y Cisco Cloud Network Controller, anteriormente Cisco Cloud APIC, podr\u00eda permitir que un atacante remoto autenticado con privilegios de nivel de administrador instale una imagen de software modificada, lo que lleva a la inyecci\u00f3n de c\u00f3digo arbitrario en un sistema afectado. Esta vulnerabilidad se debe a una validaci\u00f3n de firma insuficiente de las im\u00e1genes de software. Un atacante podr\u00eda aprovechar esta vulnerabilidad instalando una imagen de software modificada. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo arbitrario en el sistema afectado y elevar sus privilegios a superusuario. Nota: Los administradores siempre deben validar el hash de cualquier imagen de actualizaci\u00f3n antes de cargarla en Cisco APIC y Cisco Cloud Network Controller." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-224xx/CVE-2024-22425.json b/CVE-2024/CVE-2024-224xx/CVE-2024-22425.json index 0ac5eccf299..53be53a3390 100644 --- a/CVE-2024/CVE-2024-224xx/CVE-2024-22425.json +++ b/CVE-2024/CVE-2024-224xx/CVE-2024-22425.json @@ -2,13 +2,13 @@ "id": "CVE-2024-22425", "sourceIdentifier": "security_alert@emc.com", "published": "2024-02-16T12:15:07.757", - "lastModified": "2024-02-16T13:37:51.433", + "lastModified": "2024-08-29T13:15:06.060", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "\nDell RecoverPoint for Virtual Machines 5.3.x contains a brute force/dictionary attack vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to launch a brute force attack or a dictionary attack against the RecoverPoint login form. This allows attackers to brute-force the password of valid users in an automated manner.\n\n" + "value": "Dell RecoverPoint for Virtual Machines 5.3.x, 6.0.SP1 contains a brute force/dictionary attack vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to launch a brute force attack or a dictionary attack against the RecoverPoint login form. This allows attackers to brute-force the password of valid users in an automated manner." }, { "lang": "es", @@ -55,6 +55,10 @@ { "url": "https://www.dell.com/support/kbdoc/en-us/000222133/dsa-2024-092-security-update-for-dell-recoverpoint-for-virtual-machines-multiple-vulnerabilities", "source": "security_alert@emc.com" + }, + { + "url": "https://www.dell.com/support/kbdoc/en-us/000228154/dsa-2024-369-security-update-for-dell-recoverpoint-for-virtual-machines-multiple-vulnerabilities", + "source": "security_alert@emc.com" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-224xx/CVE-2024-22426.json b/CVE-2024/CVE-2024-224xx/CVE-2024-22426.json index c3afc4ca0c9..738db1cd7e0 100644 --- a/CVE-2024/CVE-2024-224xx/CVE-2024-22426.json +++ b/CVE-2024/CVE-2024-224xx/CVE-2024-22426.json @@ -2,13 +2,13 @@ "id": "CVE-2024-22426", "sourceIdentifier": "security_alert@emc.com", "published": "2024-02-16T12:15:08.537", - "lastModified": "2024-02-16T13:37:51.433", + "lastModified": "2024-08-29T13:15:06.197", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "\nDell RecoverPoint for Virtual Machines 5.3.x contains an OS Command injection vulnerability. An unauthenticated remote\nattacker could potentially exploit this vulnerability, leading to execute arbitrary operating system commands, which will get executed in the context of the root user, resulting in a complete system compromise.\n\n" + "value": "Dell RecoverPoint for Virtual Machines 5.3.x, 6.0.SP1 contains an OS Command injection vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to execute arbitrary operating system commands, which will get executed in the context of the root user, resulting in a complete system compromise." }, { "lang": "es", @@ -55,6 +55,10 @@ { "url": "https://www.dell.com/support/kbdoc/en-us/000222133/dsa-2024-092-security-update-for-dell-recoverpoint-for-virtual-machines-multiple-vulnerabilities", "source": "security_alert@emc.com" + }, + { + "url": "https://www.dell.com/support/kbdoc/en-us/000228154/dsa-2024-369-security-update-for-dell-recoverpoint-for-virtual-machines-multiple-vulnerabilities", + "source": "security_alert@emc.com" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-25xx/CVE-2024-2541.json b/CVE-2024/CVE-2024-25xx/CVE-2024-2541.json new file mode 100644 index 00000000000..9b8533bfb94 --- /dev/null +++ b/CVE-2024/CVE-2024-25xx/CVE-2024-2541.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-2541", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-08-29T13:15:06.403", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Popup Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.3 via the Subscribers Import feature. This makes it possible for unauthenticated attackers to extract sensitive data after an administrator has imported subscribers via a CSV file. This data may include the first name, last name, e-mail address, and potentially other personally identifiable information of subscribers." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/popup-builder/trunk/com/libs/Importer.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/086cd6a0-adb6-4e12-b34c-630297f036f3?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-297xx/CVE-2024-29723.json b/CVE-2024/CVE-2024-297xx/CVE-2024-29723.json index d979958fffa..7422a65a25a 100644 --- a/CVE-2024/CVE-2024-297xx/CVE-2024-29723.json +++ b/CVE-2024/CVE-2024-297xx/CVE-2024-29723.json @@ -2,8 +2,8 @@ "id": "CVE-2024-29723", "sourceIdentifier": "cve-coordination@incibe.es", "published": "2024-08-29T11:15:24.160", - "lastModified": "2024-08-29T11:15:24.160", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-297xx/CVE-2024-29724.json b/CVE-2024/CVE-2024-297xx/CVE-2024-29724.json index 62bc89d3e60..17332edc830 100644 --- a/CVE-2024/CVE-2024-297xx/CVE-2024-29724.json +++ b/CVE-2024/CVE-2024-297xx/CVE-2024-29724.json @@ -2,8 +2,8 @@ "id": "CVE-2024-29724", "sourceIdentifier": "cve-coordination@incibe.es", "published": "2024-08-29T11:15:24.383", - "lastModified": "2024-08-29T11:15:24.383", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-297xx/CVE-2024-29725.json b/CVE-2024/CVE-2024-297xx/CVE-2024-29725.json index 08cf6679f16..be147490733 100644 --- a/CVE-2024/CVE-2024-297xx/CVE-2024-29725.json +++ b/CVE-2024/CVE-2024-297xx/CVE-2024-29725.json @@ -2,8 +2,8 @@ "id": "CVE-2024-29725", "sourceIdentifier": "cve-coordination@incibe.es", "published": "2024-08-29T11:15:24.573", - "lastModified": "2024-08-29T11:15:24.573", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-297xx/CVE-2024-29726.json b/CVE-2024/CVE-2024-297xx/CVE-2024-29726.json index 14e303340b9..ba782d5b9a5 100644 --- a/CVE-2024/CVE-2024-297xx/CVE-2024-29726.json +++ b/CVE-2024/CVE-2024-297xx/CVE-2024-29726.json @@ -2,8 +2,8 @@ "id": "CVE-2024-29726", "sourceIdentifier": "cve-coordination@incibe.es", "published": "2024-08-29T11:15:24.767", - "lastModified": "2024-08-29T11:15:24.767", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-297xx/CVE-2024-29727.json b/CVE-2024/CVE-2024-297xx/CVE-2024-29727.json index 32a2b5fa561..c7ca41dee0c 100644 --- a/CVE-2024/CVE-2024-297xx/CVE-2024-29727.json +++ b/CVE-2024/CVE-2024-297xx/CVE-2024-29727.json @@ -2,8 +2,8 @@ "id": "CVE-2024-29727", "sourceIdentifier": "cve-coordination@incibe.es", "published": "2024-08-29T11:15:24.977", - "lastModified": "2024-08-29T11:15:24.977", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-297xx/CVE-2024-29728.json b/CVE-2024/CVE-2024-297xx/CVE-2024-29728.json index 4dfbc635a51..ee87b3bbfc1 100644 --- a/CVE-2024/CVE-2024-297xx/CVE-2024-29728.json +++ b/CVE-2024/CVE-2024-297xx/CVE-2024-29728.json @@ -2,8 +2,8 @@ "id": "CVE-2024-29728", "sourceIdentifier": "cve-coordination@incibe.es", "published": "2024-08-29T11:15:25.163", - "lastModified": "2024-08-29T11:15:25.163", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-297xx/CVE-2024-29729.json b/CVE-2024/CVE-2024-297xx/CVE-2024-29729.json index def1b77727d..d4d31f5bef8 100644 --- a/CVE-2024/CVE-2024-297xx/CVE-2024-29729.json +++ b/CVE-2024/CVE-2024-297xx/CVE-2024-29729.json @@ -2,8 +2,8 @@ "id": "CVE-2024-29729", "sourceIdentifier": "cve-coordination@incibe.es", "published": "2024-08-29T11:15:25.357", - "lastModified": "2024-08-29T11:15:25.357", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-297xx/CVE-2024-29730.json b/CVE-2024/CVE-2024-297xx/CVE-2024-29730.json index 6ee04c2e5d4..38911d7a624 100644 --- a/CVE-2024/CVE-2024-297xx/CVE-2024-29730.json +++ b/CVE-2024/CVE-2024-297xx/CVE-2024-29730.json @@ -2,8 +2,8 @@ "id": "CVE-2024-29730", "sourceIdentifier": "cve-coordination@incibe.es", "published": "2024-08-29T11:15:25.547", - "lastModified": "2024-08-29T11:15:25.547", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-297xx/CVE-2024-29731.json b/CVE-2024/CVE-2024-297xx/CVE-2024-29731.json index 331ff611414..ac9bb536380 100644 --- a/CVE-2024/CVE-2024-297xx/CVE-2024-29731.json +++ b/CVE-2024/CVE-2024-297xx/CVE-2024-29731.json @@ -2,8 +2,8 @@ "id": "CVE-2024-29731", "sourceIdentifier": "cve-coordination@incibe.es", "published": "2024-08-29T11:15:25.760", - "lastModified": "2024-08-29T11:15:25.760", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-341xx/CVE-2024-34195.json b/CVE-2024/CVE-2024-341xx/CVE-2024-34195.json index 5f85b7c966c..6f86c0e581c 100644 --- a/CVE-2024/CVE-2024-341xx/CVE-2024-34195.json +++ b/CVE-2024/CVE-2024-341xx/CVE-2024-34195.json @@ -2,13 +2,17 @@ "id": "CVE-2024-34195", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-28T20:15:07.580", - "lastModified": "2024-08-28T20:35:10.893", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "TOTOLINK AC1200 Wireless Router A3002R Firmware V1.1.1-B20200824 is vulnerable to Buffer Overflow. In the boa server program's CGI handling function formWlEncrypt, there is a lack of length restriction on the wlan_ssid field. This oversight leads to potential buffer overflow under specific circumstances. For instance, by invoking the formWlanRedirect function with specific parameters to alter wlan_idx's value and subsequently invoking the formWlEncrypt function, an attacker can trigger buffer overflow, enabling arbitrary command execution or denial of service attacks." + }, + { + "lang": "es", + "value": "El firmware V1.1.1-B20200824 del enrutador inal\u00e1mbrico TOTOLINK AC1200 A3002R es vulnerable a un desbordamiento de b\u00fafer. En la funci\u00f3n de manejo de CGI formWlEncrypt del programa del servidor boa, no hay ninguna restricci\u00f3n de longitud en el campo wlan_ssid. Este descuido conduce a un posible desbordamiento de b\u00fafer en circunstancias espec\u00edficas. Por ejemplo, al invocar la funci\u00f3n formWlanRedirect con par\u00e1metros espec\u00edficos para alterar el valor de wlan_idx y, posteriormente, invocar la funci\u00f3n formWlEncrypt, un atacante puede provocar un desbordamiento de b\u00fafer, lo que permite la ejecuci\u00f3n arbitraria de comandos o ataques de denegaci\u00f3n de servicio." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-36xx/CVE-2024-3679.json b/CVE-2024/CVE-2024-36xx/CVE-2024-3679.json new file mode 100644 index 00000000000..e123352768c --- /dev/null +++ b/CVE-2024/CVE-2024-36xx/CVE-2024-3679.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-3679", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-08-29T13:15:06.627", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Premium SEO Pack \u2013 WP SEO Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.001. This makes it possible for unauthenticated attackers to view limited information from password protected posts through the social meta data." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://wordpress.org/plugins/premium-seo-pack/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ccb65de5-bfb5-47db-87c9-ad46e65924b8?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-383xx/CVE-2024-38303.json b/CVE-2024/CVE-2024-383xx/CVE-2024-38303.json index 8e84a8e3cf3..fc8173929b6 100644 --- a/CVE-2024/CVE-2024-383xx/CVE-2024-38303.json +++ b/CVE-2024/CVE-2024-383xx/CVE-2024-38303.json @@ -2,8 +2,8 @@ "id": "CVE-2024-38303", "sourceIdentifier": "security_alert@emc.com", "published": "2024-08-29T11:15:25.970", - "lastModified": "2024-08-29T11:15:25.970", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-383xx/CVE-2024-38304.json b/CVE-2024/CVE-2024-383xx/CVE-2024-38304.json index f7c0c7c07ef..24ecec15d7c 100644 --- a/CVE-2024/CVE-2024-383xx/CVE-2024-38304.json +++ b/CVE-2024/CVE-2024-383xx/CVE-2024-38304.json @@ -2,8 +2,8 @@ "id": "CVE-2024-38304", "sourceIdentifier": "security_alert@emc.com", "published": "2024-08-29T11:15:26.187", - "lastModified": "2024-08-29T11:15:26.187", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-39xx/CVE-2024-3944.json b/CVE-2024/CVE-2024-39xx/CVE-2024-3944.json index 9271093d81a..3d8acab7dc9 100644 --- a/CVE-2024/CVE-2024-39xx/CVE-2024-3944.json +++ b/CVE-2024/CVE-2024-39xx/CVE-2024-3944.json @@ -2,8 +2,8 @@ "id": "CVE-2024-3944", "sourceIdentifier": "security@wordfence.com", "published": "2024-08-29T11:15:26.403", - "lastModified": "2024-08-29T11:15:26.403", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-409xx/CVE-2024-40909.json b/CVE-2024/CVE-2024-409xx/CVE-2024-40909.json index 979cecf5cc4..ab384028d16 100644 --- a/CVE-2024/CVE-2024-409xx/CVE-2024-40909.json +++ b/CVE-2024/CVE-2024-409xx/CVE-2024-40909.json @@ -2,8 +2,8 @@ "id": "CVE-2024-40909", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-07-12T13:15:14.137", - "lastModified": "2024-07-12T16:34:58.687", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-08-29T13:55:21.407", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,99 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: bpf: corrige un posible use-after-free en bpf_link_free() Despu\u00e9s del commit 1a80dbcb2dba, bpf_link se puede liberar mediante link->ops->dealloc_deferred, pero el c\u00f3digo a\u00fan prueba y usa link->ops->dealloc despu\u00e9s, lo que conduce a un use-after-free seg\u00fan lo informado por syzbot. En realidad, uno de ellos deber\u00eda ser suficiente, as\u00ed que llame a uno de ellos en lugar de a ambos. Tambi\u00e9n agregue WARN_ON() en caso de cualquier implementaci\u00f3n problem\u00e1tica." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.6.26", + "versionEndExcluding": "6.6.35", + "matchCriteriaId": "610CA734-4C6D-43D5-B254-80BB5B7E5098" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.9", + "versionEndExcluding": "6.9.6", + "matchCriteriaId": "A2E0E6CD-2DC0-4E5C-9037-9A023960B2F9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:*", + "matchCriteriaId": "2EBB4392-5FA6-4DA9-9772-8F9C750109FA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc2:*:*:*:*:*:*", + "matchCriteriaId": "331C2F14-12C7-45D5-893D-8C52EE38EA10" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/2884dc7d08d98a89d8d65121524bb7533183a63a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/91cff53136daeff50816b0baeafd38a6976f6209", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/fa97b8fed9896f1e89cb657513e483a152d4c382", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-409xx/CVE-2024-40910.json b/CVE-2024/CVE-2024-409xx/CVE-2024-40910.json index 881f51d1071..f39a5dba9ac 100644 --- a/CVE-2024/CVE-2024-409xx/CVE-2024-40910.json +++ b/CVE-2024/CVE-2024-409xx/CVE-2024-40910.json @@ -2,8 +2,8 @@ "id": "CVE-2024-40910", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-07-12T13:15:14.213", - "lastModified": "2024-07-12T16:34:58.687", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-08-29T13:55:38.203", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,23 +15,113 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: ax25: corrige el desequilibrio de recuento en conexiones entrantes Al liberar un socket en ax25_release(), llamamos a netdev_put() para disminuir el recuento en el dispositivo ax.25 asociado. Sin embargo, la ruta de ejecuci\u00f3n para aceptar una conexi\u00f3n entrante nunca llama a netdev_hold(). Este desequilibrio conduce a errores de recuento y, en \u00faltima instancia, a fallos del kernel. Un seguimiento de llamada t\u00edpico para la situaci\u00f3n anterior comenzar\u00e1 con uno de los siguientes errores: refcount_t: decrement hit 0; p\u00e9rdida de memoria. refcount_t: desbordamiento insuficiente; use-after-free. Y luego tendr\u00e1 un seguimiento como: Call Trace: ? show_regs+0x64/0x70? __advertir+0x83/0x120 ? refcount_warn_saturate+0xb2/0x100? report_bug+0x158/0x190? prb_read_valid+0x20/0x30? handle_bug+0x3e/0x70? exc_invalid_op+0x1c/0x70? asm_exc_invalid_op+0x1f/0x30? refcount_warn_saturate+0xb2/0x100? refcount_warn_saturate+0xb2/0x100 ax25_release+0x2ad/0x360 __sock_release+0x35/0xa0 sock_close+0x19/0x20 [...] Al reiniciar (o cualquier intento de eliminar la interfaz), el kernel se atasca en un bucle infinito: unregister_netdevice: esperando ax0 para quedar libre. Recuento de uso = 0 Este parche corrige estos problemas asegurando que llamemos a netdev_hold() y ax25_dev_hold() para nuevas conexiones en ax25_accept(). Esto hace que la l\u00f3gica que conduce a ax25_accept() coincida con la l\u00f3gica de ax25_bind(): en ambos casos incrementamos el refcount, que finalmente disminuye en ax25_release()." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.18", + "versionEndExcluding": "6.1.95", + "matchCriteriaId": "EFECBC56-DE9A-457A-AE19-CA526A30C054" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.35", + "matchCriteriaId": "6F019D15-84C0-416B-8C57-7F51B68992F0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.9.6", + "matchCriteriaId": "0ABBBA1D-F79D-4BDB-AA41-D1EDCC4A6975" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:*", + "matchCriteriaId": "2EBB4392-5FA6-4DA9-9772-8F9C750109FA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc2:*:*:*:*:*:*", + "matchCriteriaId": "331C2F14-12C7-45D5-893D-8C52EE38EA10" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/3c34fb0bd4a4237592c5ecb5b2e2531900c55774", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/52100fd74ad07b53a4666feafff1cd11436362d3", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a723a6c8d4831cc8e2c7b0c9f3f0c010d4671964", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f4df9d6c8d4e4c818252b0419c2165d66eabd4eb", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-409xx/CVE-2024-40911.json b/CVE-2024/CVE-2024-409xx/CVE-2024-40911.json index 907a4684017..dc1bec92c88 100644 --- a/CVE-2024/CVE-2024-409xx/CVE-2024-40911.json +++ b/CVE-2024/CVE-2024-409xx/CVE-2024-40911.json @@ -2,8 +2,8 @@ "id": "CVE-2024-40911", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-07-12T13:15:14.283", - "lastModified": "2024-07-12T16:34:58.687", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-08-29T13:43:49.137", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,27 +15,127 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: cfg80211: bloquear wiphy en cfg80211_get_station Wiphy debe estar bloqueado antes de llamar a rdev_get_station() (ver lockdep afirmar en ieee80211_get_station()). Esto corrige la siguiente desreferencia NULL del kernel: No se puede manejar la desreferencia del puntero NULL del kernel en la direcci\u00f3n virtual 0000000000000050 Informaci\u00f3n de cancelaci\u00f3n de memoria: ESR = 0x0000000096000006 EC = 0x25: DABT (EL actual), IL = 32 bits SET = 0, FnV = 0 EA = 0 , S1PTW = 0 FSC = 0x06: error de traducci\u00f3n de nivel 2 Informaci\u00f3n de cancelaci\u00f3n de datos: ISV = 0, ISS = 0x00000006 CM = 0, WnR = 0 tabla de p\u00e1ginas de usuario: 4k p\u00e1ginas, VA de 48 bits, pgdp=0000000003001000 [0000000000000050] 00000002dca003 , p4d=0800000002dca003, pud=08000000028e9003, pmd=0000000000000000 Error interno: Ups: 0000000096000006 [#1] M\u00f3dulos SMP vinculados en: netconsole dwc3_meson_g12a dwc3_of_simple dwc 3 ip_gre gre ath10k_pci ath10k_core ath9k ath9k_common ath9k_hw ath CPU: 0 PID: 1091 Comunicaciones: kworker/u8 :0 No contaminado 6.4.0-02144-g565f9a3a7911-dirty #705 Nombre de hardware: RPT (r1) (DT) Cola de trabajo: bat_events batadv_v_elp_throughput_metric_update pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc: ath10k_sta_statistics+0x10/0x2dc [ath10k_core] lr: sta_set_sinfo+0xcc/0xbd4 sp: ffff000007b43ad0 x29: ffff000007b43ad0 x28: ffff0000071fa900 x27: ffff00000294ca98 6: ffff000006830880 x25: ffff000006830880 x24: ffff00000294c000 x23: 0000000000000001 x22: ffff000007b43c90 x21: ffff800008898acc x20: 0294c6e8 x19: ffff000007b43c90 x18: 0000000000000000 x17: 445946354d552d78 x16: 62661f7200000000 x15: 57464f445946354d x14: 000000000000000 0 x13: 00000000000000e3 x12: d5f0acbcebea978e x11: 00000000000000e3 x10: 000000010048fe41 x9: 0000000000000000 x8: ffff000007b43d90 x7: 00 0000007a1e2125 x6: 0000000000000000 x5: ffff0000024e0900 x4: ffff800000a0250c x3: ffff000007b43c90 x2: ffff00000294ca98 x1: ffff000006831920 x0: 0000000000000000 Rastreo de llamadas: ath10k_sta_statistics+0x10/0x2dc [ath10k_core] sta_set_sinfo+0xcc/0xbd4 0211_get_station+0x2c/0x44 cfg80211_get_station+0x80/0x154 batadv_v_elp_get_throughput+0x138/0x1fc batadv_v_elp_throughput_metric_update+0x1c/0xa4 Process_one_work+0x1ec/ 0x414 work_thread+0x70/0x46c kthread+0xdc/0xe0 ret_from_fork+0x10/0x20 C\u00f3digo: a9bb7bfd 910003fd a90153f3 f9411c40 (f9402814) Esto sucede porque STA tiene tiempo para desconectarse y volver a conectarse antes de batadv_v_elp_throughput_metric_up date() se programa el trabajo retrasado. En esta situaci\u00f3n, ath10k_sta_state() puede estar en medio de restablecer los datos de arsta cuando la cola de trabajo tiene la oportunidad de programarse y termina accediendo a ella. Bloquear Wiphy evita eso." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.16", + "versionEndExcluding": "5.15.162", + "matchCriteriaId": "1383491E-908E-4536-BB15-D4B4B08F8358" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.95", + "matchCriteriaId": "D435765D-2766-44F5-B319-F713A13E35CE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.35", + "matchCriteriaId": "6F019D15-84C0-416B-8C57-7F51B68992F0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.9.6", + "matchCriteriaId": "0ABBBA1D-F79D-4BDB-AA41-D1EDCC4A6975" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:*", + "matchCriteriaId": "2EBB4392-5FA6-4DA9-9772-8F9C750109FA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc2:*:*:*:*:*:*", + "matchCriteriaId": "331C2F14-12C7-45D5-893D-8C52EE38EA10" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/0ccc63958d8373e15a69f4f8069f3e78f7f3898a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/43e1eefb0b2094e2281150d87d09e8bc872b9fba", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/642f89daa34567d02f312d03e41523a894906dae", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6d540b0317901535275020bd4ac44fac6439ca76", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/dfd84ce41663be9ca3f69bd657c45f49b69344d9", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-409xx/CVE-2024-40912.json b/CVE-2024/CVE-2024-409xx/CVE-2024-40912.json index c9f563b7bda..bcb0eadbac1 100644 --- a/CVE-2024/CVE-2024-409xx/CVE-2024-40912.json +++ b/CVE-2024/CVE-2024-409xx/CVE-2024-40912.json @@ -2,8 +2,8 @@ "id": "CVE-2024-40912", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-07-12T13:15:14.363", - "lastModified": "2024-07-12T16:34:58.687", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-08-29T13:44:09.290", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,169 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: wifi: mac80211: corrige el punto muerto en ieee80211_sta_ps_deliver_wakeup() La funci\u00f3n ieee80211_sta_ps_deliver_wakeup() toma sta->ps_lock para sincronizarse con ieee80211_tx_h_unicast_ps_buf() que se llama desde el contexto softirq. Sin embargo, usar solo spin_lock() para obtener sta->ps_lock en ieee80211_sta_ps_deliver_wakeup() no impide que softirq se ejecute en esta misma CPU, ejecute ieee80211_tx_h_unicast_ps_buf() e intente tomar este mismo bloqueo que termina en punto muerto. A continuaci\u00f3n se muestra un ejemplo de bloqueo de rcu que surge en tal situaci\u00f3n. rcu: INFORMACI\u00d3N: rcu_sched autodetectado bloqueo en la CPU rcu: 2-....: (42413413 marca este GP) idle=b154/1/0x40000000000000000 softirq=1763/1765 fqs=21206996 rcu: (t=42586894 santiam\u00e9n g= 2057 q=362405 ncpus=4) CPU: 2 PID: 719 Comm: wpa_supplicant Contaminado: GW 6.4.0-02158-g1b062f552873 #742 Nombre de hardware: RPT (r1) (DT) pstate: 00000005 (nzcv daif -PAN -UAO - TCO -DIT -SSBS BTYPE=--) pc: queued_spin_lock_slowpath+0x58/0x2d0 lr: invoke_tx_handlers_early+0x5b4/0x5c0 sp: ffff00001ef64660 x29: ffff00001ef64660 x28: ffff000009bc1070 : ffff000009bc0ad8 x26: ffff000009bc0900 x25: ffff00001ef647a8 x24: 0000000000000000 x23: ffff000009bc0900 x22: ffff000009bc0900 x21: ffff00000ac0e000 x20: ffff00000a279e00 x19: ffff00001ef646e8 x18: 0000000000000000 x17: ffff800016468000 x16: 08c0 x15: 0010533c93f64f80 x14: 0010395c9faa3946 x13: 0000000000000000 x12: 00000000fa83b2da x11: 000000012edeceea x10: ffff0000010fbe00 0000000000895440 x8: 000000000010533c x7: ffff00000ad8b740 x6: ffff00000c350880 x5 : 0000000000000007 x4 : 0000000000000001 x3 : 0000000000000000 x2 : 0000000000000000 x1 : 0000000000000001 x0 : ffff00000ac0e0e8 Rastreo de llamadas: pin_lock_slowpath+0x58/0x2d0 ieee80211_tx+0x80/0x12c ieee80211_tx_pending+0x110/0x278 tasklet_action_common.constprop.0+0x10c/0x144 tasklet_action+0x20/0x28 _stext +0x11c/0x284 ____do_softirq+0xc/0x14 call_on_irq_stack+0x24/0x34 do_softirq_own_stack+0x18/0x20 do_softirq+0x74/0x7c __local_bh_enable_ip+0xa0/0xa4 _ieee80211_wake_txqs+0x3b0 /0x4b8 __ieee80211_wake_queue+0x12c/0x168 ieee80211_add_pending_skbs+0xec/0x138 ieee80211_sta_ps_deliver_wakeup+0x2a4/0x480 ieee80211_mps_sta_status_update .part.0+0xd8/0x11c ieee80211_mps_sta_status_update+0x18/0x24 sta_apply_parameters+0x3bc/0x4c0 ieee80211_change_station+0x1b8/0x2dc nl80211_set_station+0x444/0x49c genl_family_rcv_ms g_doit.isra.0+0xa4/0xfc genl_rcv_msg+0x1b0/0x244 netlink_rcv_skb+0x38/0x10c genl_rcv+0x34 /0x48 netlink_unicast+0x254/0x2bc netlink_sendmsg+0x190/0x3b4 ____sys_sendmsg+0x1e8/0x218 ___sys_sendmsg+0x68/0x8c __sys_sendmsg+0x44/0x84 __arm64_sys_sendmsg+0x 20/0x28 do_el0_svc+0x6c/0xe8 el0_svc+0x14/0x48 el0t_64_sync_handler+0xb0/0xb4 el0t_64_sync+0x14c /0x150 El uso de spin_lock_bh()/spin_unlock_bh() en su lugar evita que softirq se active en la misma CPU que mantiene el bloqueo." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-667" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.14", + "versionEndExcluding": "4.19.317", + "matchCriteriaId": "94AD7CE0-1AB3-4F0C-9642-209112A5ECB7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.297", + "matchCriteriaId": "212DEE06-A450-420F-8BAA-20996395BBF4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.221", + "matchCriteriaId": "659E1520-6345-41AF-B893-A7C0647585A0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.162", + "matchCriteriaId": "10A39ACC-3005-40E8-875C-98A372D1FFD5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.95", + "matchCriteriaId": "D435765D-2766-44F5-B319-F713A13E35CE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.35", + "matchCriteriaId": "6F019D15-84C0-416B-8C57-7F51B68992F0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.9.6", + "matchCriteriaId": "0ABBBA1D-F79D-4BDB-AA41-D1EDCC4A6975" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:*", + "matchCriteriaId": "2EBB4392-5FA6-4DA9-9772-8F9C750109FA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc2:*:*:*:*:*:*", + "matchCriteriaId": "331C2F14-12C7-45D5-893D-8C52EE38EA10" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/28ba44d680a30c51cf485a2f5a3b680e66ed3932", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/44c06bbde6443de206b30f513100b5670b23fc5e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/456bbb8a31e425177dc0e8d4f98728a560c20e81", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/47d176755d5c0baf284eff039560f8c1ba0ea485", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9c49b58b9a2bed707e7638576e54c4bccd97b9eb", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d90bdff79f8e40adf889b5408bfcf521528b169f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e51637e0c66a6f72d134d9f95daa47ea62b43c7e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e7e916d693dcb5a297f40312600a82475f2e63bc", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-412xx/CVE-2024-41236.json b/CVE-2024/CVE-2024-412xx/CVE-2024-41236.json index cf2d56d2339..3dec6d61051 100644 --- a/CVE-2024/CVE-2024-412xx/CVE-2024-41236.json +++ b/CVE-2024/CVE-2024-412xx/CVE-2024-41236.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41236", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-28T18:15:09.497", - "lastModified": "2024-08-28T18:35:16.790", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A SQL injection vulnerability in /smsa/admin_login.php in Kashipara Responsive School Management System v3.2.0 allows an attacker to execute arbitrary SQL commands via the \"username\" parameter of the Admin Login Page" + }, + { + "lang": "es", + "value": "Una vulnerabilidad de inyecci\u00f3n SQL en /smsa/admin_login.php en Kashipara Responsive School Management System v3.2.0 permite a un atacante ejecutar comandos SQL arbitrarios a trav\u00e9s del par\u00e1metro \"nombre de usuario\" de la p\u00e1gina de inicio de sesi\u00f3n de administrador." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-415xx/CVE-2024-41564.json b/CVE-2024/CVE-2024-415xx/CVE-2024-41564.json index 8364dfe8112..050813fee7e 100644 --- a/CVE-2024/CVE-2024-415xx/CVE-2024-41564.json +++ b/CVE-2024/CVE-2024-415xx/CVE-2024-41564.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41564", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-28T17:15:10.693", - "lastModified": "2024-08-28T17:15:10.693", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "EMI v.1.1.10 and before, fixed in v.1.1.11, contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index and decrement stack count in EMI mod for Minecraft, which allows in-game item duplication." + }, + { + "lang": "es", + "value": "La versi\u00f3n 1.1.10 y anteriores de EMI, corregida en la versi\u00f3n 1.1.11, contienen una vulnerabilidad de validaci\u00f3n incorrecta del \u00edndice, la posici\u00f3n o el desplazamiento especificados en la entrada. El problema espec\u00edfico es una falla en la validaci\u00f3n del \u00edndice de ranuras y la disminuci\u00f3n del recuento de la pila en el mod EMI para Minecraft, lo que permite la duplicaci\u00f3n de elementos en el juego." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-415xx/CVE-2024-41565.json b/CVE-2024/CVE-2024-415xx/CVE-2024-41565.json index 02322d05690..b45d370f7c6 100644 --- a/CVE-2024/CVE-2024-415xx/CVE-2024-41565.json +++ b/CVE-2024/CVE-2024-415xx/CVE-2024-41565.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41565", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-28T17:15:10.903", - "lastModified": "2024-08-28T17:15:10.903", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "JustEnoughItems (JEI) 19.5.0.33 and before contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index in JEI for Minecraft, which allows in-game item duplication." + }, + { + "lang": "es", + "value": "JustEnoughItems (JEI) 19.5.0.33 y versiones anteriores contienen una vulnerabilidad de validaci\u00f3n incorrecta del \u00edndice, la posici\u00f3n o el desplazamiento especificados en la entrada. El problema espec\u00edfico es una falla en la validaci\u00f3n del \u00edndice de ranura en JEI para Minecraft, lo que permite la duplicaci\u00f3n de elementos en el juego." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-415xx/CVE-2024-41570.json b/CVE-2024/CVE-2024-415xx/CVE-2024-41570.json index 1cc30bc5c4a..ee3271532b7 100644 --- a/CVE-2024/CVE-2024-415xx/CVE-2024-41570.json +++ b/CVE-2024/CVE-2024-415xx/CVE-2024-41570.json @@ -2,8 +2,8 @@ "id": "CVE-2024-41570", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-12T13:38:31.277", - "lastModified": "2024-08-13T01:14:38.880", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-29T13:32:21.020", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -51,10 +81,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:havocframework:havoc:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DD4BDB55-1BEF-4232-A9A7-3C3DE7BF768B" + } + ] + } + ] + } + ], "references": [ { "url": "https://blog.chebuya.com/posts/server-side-request-forgery-on-havoc-c2/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-418xx/CVE-2024-41888.json b/CVE-2024/CVE-2024-418xx/CVE-2024-41888.json index 26b47e7b048..156d78c5d6b 100644 --- a/CVE-2024/CVE-2024-418xx/CVE-2024-41888.json +++ b/CVE-2024/CVE-2024-418xx/CVE-2024-41888.json @@ -2,8 +2,8 @@ "id": "CVE-2024-41888", "sourceIdentifier": "security@apache.org", "published": "2024-08-12T13:38:31.617", - "lastModified": "2024-08-12T13:41:36.517", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-29T12:55:09.210", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,7 +15,30 @@ "value": "Falta la versi\u00f3n de recurso despu\u00e9s de la vulnerabilidad de duraci\u00f3n efectiva en Apache Answer. Este problema afecta a Apache Answer: hasta 1.3.5. El enlace para restablecer la contrase\u00f1a sigue siendo v\u00e1lido dentro de su per\u00edodo de vencimiento, incluso despu\u00e9s de haber sido utilizado. Esto podr\u00eda provocar un uso indebido o un secuestro del enlace. Se recomienda a los usuarios actualizar a la versi\u00f3n 1.3.6, que soluciona el problema." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, "weaknesses": [ { "source": "security@apache.org", @@ -28,10 +51,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:answer:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.3.6", + "matchCriteriaId": "43EA3C87-1BF0-4544-9DAA-A0B3D8D4EA1B" + } + ] + } + ] + } + ], "references": [ { "url": "https://lists.apache.org/thread/jbs1j2o9rqm5sc19jyk3jcfvkmfkmyf4", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Mailing List", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-418xx/CVE-2024-41890.json b/CVE-2024/CVE-2024-418xx/CVE-2024-41890.json index 4d0e900b46a..ea48f53b0dc 100644 --- a/CVE-2024/CVE-2024-418xx/CVE-2024-41890.json +++ b/CVE-2024/CVE-2024-418xx/CVE-2024-41890.json @@ -2,8 +2,8 @@ "id": "CVE-2024-41890", "sourceIdentifier": "security@apache.org", "published": "2024-08-12T13:38:31.733", - "lastModified": "2024-08-12T13:41:36.517", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-29T12:56:47.413", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,7 +15,30 @@ "value": "Falta la versi\u00f3n de recurso despu\u00e9s de la vulnerabilidad de duraci\u00f3n efectiva en Apache Answer. Este problema afecta a Apache Answer: hasta 1.3.5. El usuario env\u00eda varios correos electr\u00f3nicos para restablecer la contrase\u00f1a, cada uno de los cuales contiene un enlace v\u00e1lido. Dentro del per\u00edodo de validez del enlace, esto podr\u00eda dar lugar a un uso indebido o un secuestro del mismo. Se recomienda a los usuarios actualizar a la versi\u00f3n 1.3.6, que soluciona el problema." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, "weaknesses": [ { "source": "security@apache.org", @@ -28,10 +51,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:answer:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.3.6", + "matchCriteriaId": "43EA3C87-1BF0-4544-9DAA-A0B3D8D4EA1B" + } + ] + } + ] + } + ], "references": [ { "url": "https://lists.apache.org/thread/j7c080xj31x8rvz1pyk2h47rdd9pwbv9", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Mailing List", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-419xx/CVE-2024-41918.json b/CVE-2024/CVE-2024-419xx/CVE-2024-41918.json index 7274ed7c635..5a3e4afdacf 100644 --- a/CVE-2024/CVE-2024-419xx/CVE-2024-41918.json +++ b/CVE-2024/CVE-2024-419xx/CVE-2024-41918.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41918", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-08-29T03:15:05.130", - "lastModified": "2024-08-29T03:15:05.130", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "'Rakuten Ichiba App' for Android 12.4.0 and earlier and 'Rakuten Ichiba App' for iOS 11.7.0 and earlier are vulnerable to improper authorization in handler for custom URL scheme. An arbitrary site may be displayed on the WebView of the product via Intent from another application installed on the user's device. As a result, the user may be redirected to an unauthorized site, and the user may become a victim of a phishing attack." + }, + { + "lang": "es", + "value": "La aplicaci\u00f3n 'Rakuten Ichiba App' para Android 12.4.0 y versiones anteriores y la aplicaci\u00f3n 'Rakuten Ichiba App' para iOS 11.7.0 y versiones anteriores son vulnerables a una autorizaci\u00f3n incorrecta en el controlador para un esquema de URL personalizado. Es posible que se muestre un sitio arbitrario en la vista web del producto a trav\u00e9s de Intent desde otra aplicaci\u00f3n instalada en el dispositivo del usuario. Como resultado, el usuario puede ser redirigido a un sitio no autorizado y puede convertirse en v\u00edctima de un ataque de phishing." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-425xx/CVE-2024-42531.json b/CVE-2024/CVE-2024-425xx/CVE-2024-42531.json index d753be2098c..e227a388e06 100644 --- a/CVE-2024/CVE-2024-425xx/CVE-2024-42531.json +++ b/CVE-2024/CVE-2024-425xx/CVE-2024-42531.json @@ -2,13 +2,24 @@ "id": "CVE-2024-42531", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-23T17:15:09.833", - "lastModified": "2024-08-23T20:35:18.590", + "lastModified": "2024-08-29T13:15:06.843", "vulnStatus": "Awaiting Analysis", - "cveTags": [], + "cveTags": [ + { + "sourceIdentifier": "cve@mitre.org", + "tags": [ + "disputed" + ] + } + ], "descriptions": [ { "lang": "en", - "value": "Ezviz Internet PT Camera CS-CV246 D15655150 allows an unauthenticated host to access its live video stream by crafting a set of RTSP packets with a specific set of URLs that can be used to redirect the camera feed." + "value": "Ezviz Internet PT Camera CS-CV246 D15655150 allows an unauthenticated host to access its live video stream by crafting a set of RTSP packets with a specific set of URLs that can be used to redirect the camera feed. NOTE: the vendor's perspective is that the Anonymous120386 sample code can establish RTSP protocol communictaion, but cannot obtain video or audio data; thus, there is no risk." + }, + { + "lang": "es", + "value": "Ezviz Internet PT Camera CS-CV246 D15655150 permite que un host no autenticado acceda a su transmisi\u00f3n de video en vivo mediante la creaci\u00f3n de un conjunto de paquetes RTSP con un conjunto espec\u00edfico de URL que se pueden usar para redirigir la transmisi\u00f3n de la c\u00e1mara." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-426xx/CVE-2024-42698.json b/CVE-2024/CVE-2024-426xx/CVE-2024-42698.json index 8a0652d2936..be8d43c9922 100644 --- a/CVE-2024/CVE-2024-426xx/CVE-2024-42698.json +++ b/CVE-2024/CVE-2024-426xx/CVE-2024-42698.json @@ -2,13 +2,17 @@ "id": "CVE-2024-42698", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-28T16:15:09.210", - "lastModified": "2024-08-28T16:15:09.210", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Roughly Enough Items (REI) v.16.0.729 and before contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index and decrement stack count in the Roughly Enough Items (REI) mod for Minecraft, which allows in-game item duplication." + }, + { + "lang": "es", + "value": "Roughly Enough Items (REI) v.16.0.729 y anteriores contienen una vulnerabilidad de validaci\u00f3n incorrecta del \u00edndice, la posici\u00f3n o el desplazamiento especificados en la entrada. El problema espec\u00edfico es una falla en la validaci\u00f3n del \u00edndice de ranura y la disminuci\u00f3n del recuento de la pila en el mod Roughly Enough Items (REI) para Minecraft, lo que permite la duplicaci\u00f3n de elementos en el juego." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-427xx/CVE-2024-42793.json b/CVE-2024/CVE-2024-427xx/CVE-2024-42793.json index 1c4f536e0d7..fd76d472d27 100644 --- a/CVE-2024/CVE-2024-427xx/CVE-2024-42793.json +++ b/CVE-2024/CVE-2024-427xx/CVE-2024-42793.json @@ -2,13 +2,17 @@ "id": "CVE-2024-42793", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-28T20:15:07.707", - "lastModified": "2024-08-28T20:35:12.570", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipara Music Management System v1.0 via a crafted request to the /music/ajax.php?action=save_user page." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad de Cross-Site Request Forgery (CSRF) en Kashipara Music Management System v1.0 a trav\u00e9s de una solicitud manipulada a la p\u00e1gina /music/ajax.php?action=save_user." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-429xx/CVE-2024-42900.json b/CVE-2024/CVE-2024-429xx/CVE-2024-42900.json index 23055a2ecb0..bcdc5ea6f3c 100644 --- a/CVE-2024/CVE-2024-429xx/CVE-2024-42900.json +++ b/CVE-2024/CVE-2024-429xx/CVE-2024-42900.json @@ -2,13 +2,17 @@ "id": "CVE-2024-42900", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-28T16:15:09.443", - "lastModified": "2024-08-28T16:35:24.427", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Ruoyi v4.7.9 and before was discovered to contain a cross-site scripting (XSS) vulnerability via the sql parameter of the createTable() function at /tool/gen/create." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que Ruoyi v4.7.9 y versiones anteriores conten\u00edan una vulnerabilidad de cross-site scripting (XSS) a trav\u00e9s del par\u00e1metro sql de la funci\u00f3n createTable() en /tool/gen/create." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-429xx/CVE-2024-42905.json b/CVE-2024/CVE-2024-429xx/CVE-2024-42905.json index e499923a2ca..1dda6dc5e68 100644 --- a/CVE-2024/CVE-2024-429xx/CVE-2024-42905.json +++ b/CVE-2024/CVE-2024-429xx/CVE-2024-42905.json @@ -2,13 +2,17 @@ "id": "CVE-2024-42905", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-28T18:15:09.630", - "lastModified": "2024-08-28T19:35:20.503", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Beijing Digital China Cloud Technology Co., Ltd. DCME-320 v.7.4.12.60 has a command execution vulnerability, which can be exploited to obtain device administrator privileges via the getVar function in the code/function/system/tool/ping.php file." + }, + { + "lang": "es", + "value": "Beijing Digital China Cloud Technology Co., Ltd. DCME-320 v.7.4.12.60 tiene una vulnerabilidad de ejecuci\u00f3n de comandos, que puede explotarse para obtener privilegios de administrador del dispositivo a trav\u00e9s de la funci\u00f3n getVar en el archivo code/function/system/tool/ping.php." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43700.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43700.json index fb61b0ef416..0d7206a1f27 100644 --- a/CVE-2024/CVE-2024-437xx/CVE-2024-43700.json +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43700.json @@ -2,8 +2,8 @@ "id": "CVE-2024-43700", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-08-29T11:15:26.757", - "lastModified": "2024-08-29T11:15:26.757", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-438xx/CVE-2024-43805.json b/CVE-2024/CVE-2024-438xx/CVE-2024-43805.json index bb048450f31..7fae375a1f6 100644 --- a/CVE-2024/CVE-2024-438xx/CVE-2024-43805.json +++ b/CVE-2024/CVE-2024-438xx/CVE-2024-43805.json @@ -2,13 +2,17 @@ "id": "CVE-2024-43805", "sourceIdentifier": "security-advisories@github.com", "published": "2024-08-28T20:15:07.963", - "lastModified": "2024-08-28T20:15:07.963", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. This vulnerability depends on user interaction by opening a malicious notebook with Markdown cells, or Markdown file using JupyterLab preview feature. A malicious user can access any data that the attacked user has access to as well as perform arbitrary requests acting as the attacked user. JupyterLab v3.6.8, v4.2.5 and Jupyter Notebook v7.2.2 have been patched to resolve this issue. Users are advised to upgrade. There is no workaround for the underlying DOM Clobbering susceptibility. However, select plugins can be disabled on deployments which cannot update in a timely fashion to minimise the risk. These are: 1. `@jupyterlab/mathjax-extension:plugin` - users will loose ability to preview mathematical equations. 2. `@jupyterlab/markdownviewer-extension:plugin` - users will loose ability to open Markdown previews. 3. `@jupyterlab/mathjax2-extension:plugin` (if installed with optional `jupyterlab-mathjax2` package) - an older version of the mathjax plugin for JupyterLab 4.x. To disable these extensions run: ```jupyter labextension disable @jupyterlab/markdownviewer-extension:plugin && jupyter labextension disable @jupyterlab/mathjax-extension:plugin && jupyter labextension disable @jupyterlab/mathjax2-extension:plugin ``` in bash." + }, + { + "lang": "es", + "value": "jupyterlab es un entorno extensible para computaci\u00f3n interactiva y reproducible, basado en la arquitectura Jupyter Notebook. Esta vulnerabilidad depende de la interacci\u00f3n del usuario al abrir un notebook malicioso con celdas Markdown o un archivo Markdown utilizando la funci\u00f3n de vista previa de JupyterLab. Un usuario malicioso puede acceder a cualquier dato al que tenga acceso el usuario atacado, as\u00ed como realizar solicitudes arbitrarias actuando como el usuario atacado. JupyterLab v3.6.8, v4.2.5 y Jupyter Notebook v7.2.2 han sido parcheados para resolver este problema. Se recomienda a los usuarios que actualicen. No existe un workaround para la susceptibilidad subyacente de DOM Clobbering. Sin embargo, se pueden deshabilitar complementos seleccionados en implementaciones que no se pueden actualizar de manera oportuna para minimizar el riesgo. Estos son: 1. `@jupyterlab/mathjax-extension:plugin`: los usuarios perder\u00e1n la capacidad de obtener una vista previa de ecuaciones matem\u00e1ticas. 2. `@jupyterlab/markdownviewer-extension:plugin`: los usuarios perder\u00e1n la capacidad de abrir vistas previas de Markdown. 3. `@jupyterlab/mathjax2-extension:plugin` (si se instala con el paquete opcional `jupyterlab-mathjax2`): una versi\u00f3n anterior del complemento mathjax para JupyterLab 4.x. Para deshabilitar estas extensiones, ejecute: ```jupyter labextension deshabilitar @jupyterlab/markdownviewer-extension:plugin && jupyter labextension deshabilitar @jupyterlab/mathjax-extension:plugin && jupyter labextension deshabilitar @jupyterlab/mathjax2-extension:plugin ``` en bash." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-439xx/CVE-2024-43986.json b/CVE-2024/CVE-2024-439xx/CVE-2024-43986.json index b3d65117f57..d0916612cea 100644 --- a/CVE-2024/CVE-2024-439xx/CVE-2024-43986.json +++ b/CVE-2024/CVE-2024-439xx/CVE-2024-43986.json @@ -2,8 +2,8 @@ "id": "CVE-2024-43986", "sourceIdentifier": "audit@patchstack.com", "published": "2024-08-29T11:15:26.853", - "lastModified": "2024-08-29T11:15:26.853", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-447xx/CVE-2024-44760.json b/CVE-2024/CVE-2024-447xx/CVE-2024-44760.json index 34ff8bcc86c..fa6d1be5b09 100644 --- a/CVE-2024/CVE-2024-447xx/CVE-2024-44760.json +++ b/CVE-2024/CVE-2024-447xx/CVE-2024-44760.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44760", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-28T20:15:08.230", - "lastModified": "2024-08-28T21:35:14.657", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Incorrect access control in the component /servlet/SnoopServlet of Shenzhou News Union Enterprise Management System v5.0 through v18.8 allows attackers to access sensitive information regarding the server." + }, + { + "lang": "es", + "value": "El control de acceso incorrecto en el componente /servlet/SnoopServlet de Shenzhou News Union Enterprise Management System v5.0 a v18.8 permite a los atacantes acceder a informaci\u00f3n confidencial sobre el servidor." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-447xx/CVE-2024-44761.json b/CVE-2024/CVE-2024-447xx/CVE-2024-44761.json index a47a4f12ee8..b81f70452aa 100644 --- a/CVE-2024/CVE-2024-447xx/CVE-2024-44761.json +++ b/CVE-2024/CVE-2024-447xx/CVE-2024-44761.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44761", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-28T19:15:08.933", - "lastModified": "2024-08-28T20:35:14.040", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in EQ Enterprise Management System before v2.0.0 allows attackers to execute a directory traversal via crafted requests." + }, + { + "lang": "es", + "value": "Un problema en EQ Enterprise Management System anterior a la versi\u00f3n v2.0.0 permite a los atacantes ejecutar un directory traversal a trav\u00e9s de solicitudes manipuladas." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44913.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44913.json index 8d65f6e60d4..4ab01a746b9 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44913.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44913.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44913", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-28T18:15:09.707", - "lastModified": "2024-08-28T19:35:21.377", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in the component EXR!ReadEXR+0x40ef1 of Irfanview v4.67.1.0 allows attackers to cause an access violation via a crafted EXR file. This vulnerability can lead to a Denial of Service (DoS)." + }, + { + "lang": "es", + "value": "Un problema en el componente EXR!ReadEXR+0x40ef1 de Irfanview v4.67.1.0 permite a los atacantes provocar una violaci\u00f3n de acceso a trav\u00e9s de un archivo EXR creado por un usuario. Esta vulnerabilidad puede provocar una denegaci\u00f3n de servicio (DoS)." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44914.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44914.json index 9112ddc975c..d4f0ff67f50 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44914.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44914.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44914", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-28T18:15:09.780", - "lastModified": "2024-08-28T19:35:22.160", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in the component EXR!ReadEXR+0x3df50 of Irfanview v4.67.1.0 allows attackers to cause an access violation via a crafted EXR file. This vulnerability can lead to a Denial of Service (DoS)." + }, + { + "lang": "es", + "value": "Un problema en el componente EXR!ReadEXR+0x3df50 de Irfanview v4.67.1.0 permite a los atacantes provocar una violaci\u00f3n de acceso a trav\u00e9s de un archivo EXR creado por un usuario. Esta vulnerabilidad puede provocar una denegaci\u00f3n de servicio (DoS)." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44915.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44915.json index 45676f6fc52..636aca522a7 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44915.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44915.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44915", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-28T18:15:09.863", - "lastModified": "2024-08-28T19:35:22.957", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in the component EXR!ReadEXR+0x4eef0 of Irfanview v4.67.1.0 allows attackers to cause an access violation via a crafted EXR file. This vulnerability can lead to a Denial of Service (DoS)." + }, + { + "lang": "es", + "value": "Un problema en el componente EXR!ReadEXR+0x4eef0 de Irfanview v4.67.1.0 permite a los atacantes provocar una violaci\u00f3n de acceso a trav\u00e9s de un archivo EXR creado por un usuario. Esta vulnerabilidad puede provocar una denegaci\u00f3n de servicio (DoS)." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-44xx/CVE-2024-4428.json b/CVE-2024/CVE-2024-44xx/CVE-2024-4428.json index 9827648803d..03d98eaee5c 100644 --- a/CVE-2024/CVE-2024-44xx/CVE-2024-4428.json +++ b/CVE-2024/CVE-2024-44xx/CVE-2024-4428.json @@ -2,8 +2,8 @@ "id": "CVE-2024-4428", "sourceIdentifier": "iletisim@usom.gov.tr", "published": "2024-08-29T11:15:27.200", - "lastModified": "2024-08-29T11:15:27.200", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-450xx/CVE-2024-45043.json b/CVE-2024/CVE-2024-450xx/CVE-2024-45043.json index 5c2db818fb7..4ed2cbd14e5 100644 --- a/CVE-2024/CVE-2024-450xx/CVE-2024-45043.json +++ b/CVE-2024/CVE-2024-450xx/CVE-2024-45043.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45043", "sourceIdentifier": "security-advisories@github.com", "published": "2024-08-28T20:15:08.347", - "lastModified": "2024-08-28T20:15:08.347", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The OpenTelemetry Collector module AWS firehose receiver is for ingesting AWS Kinesis Data Firehose delivery stream messages and parsing the records received based on the configured record type. `awsfirehosereceiver` allows unauthenticated remote requests, even when configured to require a key. OpenTelemetry Collector can be configured to receive CloudWatch metrics via an AWS Firehose Stream. Firehose sets the header `X-Amz-Firehose-Access-Key` with an arbitrary configured string. The OpenTelemetry Collector awsfirehosereceiver can optionally be configured to require this key on incoming requests. However, when this is configured it **still accepts incoming requests with no key**. Only OpenTelemetry Collector users configured with the \u201calpha\u201d `awsfirehosereceiver` module are affected. This module was added in version v0.49.0 of the \u201cContrib\u201d distribution (or may be included in custom builds). There is a risk of unauthorized users writing metrics. Carefully crafted metrics could hide other malicious activity. There is no risk of exfiltrating data. It\u2019s likely these endpoints will be exposed to the public internet, as Firehose does not support private HTTP endpoints. A fix was introduced in PR #34847 and released with v0.108.0. All users are advised to upgrade. There are no known workarounds for this vulnerability." + }, + { + "lang": "es", + "value": "El m\u00f3dulo AWS Firehose Receiver de OpenTelemetry Collector sirve para ingerir mensajes de flujo de entrega de AWS Kinesis Data Firehose y analizar los registros recibidos seg\u00fan el tipo de registro configurado. `awsfirehosereceiver` permite solicitudes remotas no autenticadas, incluso cuando est\u00e1 configurado para requerir una clave. OpenTelemetry Collector se puede configurar para recibir m\u00e9tricas de CloudWatch a trav\u00e9s de un flujo de AWS Firehose. Firehose establece el encabezado `X-Amz-Firehose-Access-Key` con una cadena configurada arbitraria. El m\u00f3dulo awsfirehosereceiver de OpenTelemetry Collector se puede configurar opcionalmente para requerir esta clave en las solicitudes entrantes. Sin embargo, cuando esto est\u00e1 configurado, **a\u00fan acepta solicitudes entrantes sin clave**. Solo se ven afectados los usuarios de OpenTelemetry Collector configurados con el m\u00f3dulo `awsfirehosereceiver` \u201calfa\u201d. Este m\u00f3dulo se agreg\u00f3 en la versi\u00f3n v0.49.0 de la distribuci\u00f3n \u201cContrib\u201d (o puede incluirse en compilaciones personalizadas). Existe el riesgo de que usuarios no autorizados escriban m\u00e9tricas. Las m\u00e9tricas cuidadosamente manipuladas podr\u00edan ocultar otras actividades maliciosas. No existe riesgo de exfiltraci\u00f3n de datos. Es probable que estos endpoints queden expuestos a la Internet p\u00fablica, ya que Firehose no admite endpoints HTTP privados. Se introdujo una soluci\u00f3n en PR #34847 y se lanz\u00f3 con v0.108.0. Se recomienda a todos los usuarios que actualicen. No existen workarounds conocidos para esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-450xx/CVE-2024-45046.json b/CVE-2024/CVE-2024-450xx/CVE-2024-45046.json index 4d27e1f8841..9479a8f86b7 100644 --- a/CVE-2024/CVE-2024-450xx/CVE-2024-45046.json +++ b/CVE-2024/CVE-2024-450xx/CVE-2024-45046.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45046", "sourceIdentifier": "security-advisories@github.com", "published": "2024-08-28T21:15:06.603", - "lastModified": "2024-08-28T21:15:06.603", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. In affected versions `\\PhpOffice\\PhpSpreadsheet\\Writer\\Html` doesn't sanitize spreadsheet styling information such as font names, allowing an attacker to inject arbitrary JavaScript on the page. As a result an attacker may used a crafted spreadsheet to fully takeover a session of a user viewing spreadsheet files as HTML. This issue has been addressed in release version 2.1.0. All users are advised to upgrade. There are no known workarounds for this vulnerability." + }, + { + "lang": "es", + "value": "PHPSpreadsheet es una librer\u00eda PHP pura para leer y escribir archivos de hojas de c\u00e1lculo. En las versiones afectadas, `\\PhpOffice\\PhpSpreadsheet\\Writer\\Html` no desinfecta la informaci\u00f3n de estilo de las hojas de c\u00e1lculo, como los nombres de las fuentes, lo que permite a un atacante inyectar JavaScript arbitrario en la p\u00e1gina. Como resultado, un atacante puede usar una hoja de c\u00e1lculo manipulada para apoderarse por completo de la sesi\u00f3n de un usuario que visualiza archivos de hojas de c\u00e1lculo como HTML. Este problema se ha solucionado en la versi\u00f3n 2.1.0. Se recomienda a todos los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-450xx/CVE-2024-45048.json b/CVE-2024/CVE-2024-450xx/CVE-2024-45048.json index 20826505edc..2c805ace177 100644 --- a/CVE-2024/CVE-2024-450xx/CVE-2024-45048.json +++ b/CVE-2024/CVE-2024-450xx/CVE-2024-45048.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45048", "sourceIdentifier": "security-advisories@github.com", "published": "2024-08-28T21:15:06.817", - "lastModified": "2024-08-28T21:15:06.817", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. Affected versions are subject to a bypassing of a filter which allows for an XXE-attack. This in turn allows attacker to obtain contents of local files, even if error reporting is muted. This vulnerability has been addressed in release version 2.2.1. All users are advised to upgrade. There are no known workarounds for this vulnerability." + }, + { + "lang": "es", + "value": "PHPSpreadsheet es una librer\u00eda PHP pura para leer y escribir archivos de hojas de c\u00e1lculo. Las versiones afectadas est\u00e1n sujetas a la omisi\u00f3n de un filtro que permite un ataque XXE. Esto, a su vez, permite al atacante obtener el contenido de los archivos locales, incluso si el informe de errores est\u00e1 silenciado. Esta vulnerabilidad se ha solucionado en la versi\u00f3n 2.2.1. Se recomienda a todos los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-450xx/CVE-2024-45054.json b/CVE-2024/CVE-2024-450xx/CVE-2024-45054.json index e2a29188362..ef0fc12f8dd 100644 --- a/CVE-2024/CVE-2024-450xx/CVE-2024-45054.json +++ b/CVE-2024/CVE-2024-450xx/CVE-2024-45054.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45054", "sourceIdentifier": "security-advisories@github.com", "published": "2024-08-28T20:15:08.547", - "lastModified": "2024-08-28T20:15:08.547", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Hwameistor is an HA local storage system for cloud-native stateful workloads. This ClusterRole has * verbs of * resources. If a malicious user can access the worker node which has hwameistor's deployment, he/she can abuse these excessive permissions to do whatever he/she likes to the whole cluster, resulting in a cluster-level privilege escalation. This issue has been patched in version 0.14.6. All users are advised to upgrade. Users unable to upgrade should update and limit the ClusterRole using security-role." + }, + { + "lang": "es", + "value": "Hwameistor es un sistema de almacenamiento local de alta disponibilidad para cargas de trabajo nativas de la nube con estado. Este ClusterRole tiene * verbos de * recursos. Si un usuario malintencionado puede acceder al nodo de trabajo que tiene la implementaci\u00f3n de hwameistor, puede abusar de estos permisos excesivos para hacer lo que quiera con todo el cl\u00faster, lo que da como resultado una escalada de privilegios a nivel de cl\u00faster. Este problema se ha corregido en la versi\u00f3n 0.14.6. Se recomienda a todos los usuarios que actualicen. Los usuarios que no puedan actualizar deben actualizar y limitar el ClusterRole mediante security-role." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-450xx/CVE-2024-45057.json b/CVE-2024/CVE-2024-450xx/CVE-2024-45057.json index fc1a7045fcb..1b1fe3ca0c3 100644 --- a/CVE-2024/CVE-2024-450xx/CVE-2024-45057.json +++ b/CVE-2024/CVE-2024-450xx/CVE-2024-45057.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45057", "sourceIdentifier": "security-advisories@github.com", "published": "2024-08-28T21:15:07.027", - "lastModified": "2024-08-28T21:15:07.027", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "i-Educar is free, completely online school management software that allows school secretaries, teachers, coordinators and area managers. The lack of sanitization of user-controlled parameters for generating HTML field values \u200b\u200bdynamically leads to XSS (Cross-Site Scripting) attacks. The dynamic generation of HTML fields in the ieducar/intranet/include/clsCampos.inc.php file does not perform the correct validation or sanitization, reflecting the user-controlled values \u200b\u200bto be shown in the page's HTML. This allows an attacker to inject a specific XSS payload into a parameter. Successful exploitation of this flaw allows an attacker to trick the victim into clicking a vulnerable URL, enabling JavaScript scripts to be executed in the browser. Due to the configuration of session cookies, with the HttpOnly and SameSite=Lax flags being defined, there is little an attacker can do to steal the session or force the victim to perform actions within the application. This issue hast been patched but a new release has not yet been made. Users are advised to contact the developer and to coordinate an update schedule." + "value": "i-Educar is free, completely online school management software that allows school secretaries, teachers, coordinators and area managers. The lack of sanitization of user-controlled parameters for generating HTML field values ??dynamically leads to XSS (Cross-Site Scripting) attacks. The dynamic generation of HTML fields in the ieducar/intranet/include/clsCampos.inc.php file does not perform the correct validation or sanitization, reflecting the user-controlled values ??to be shown in the page's HTML. This allows an attacker to inject a specific XSS payload into a parameter. Successful exploitation of this flaw allows an attacker to trick the victim into clicking a vulnerable URL, enabling JavaScript scripts to be executed in the browser. Due to the configuration of session cookies, with the HttpOnly and SameSite=Lax flags being defined, there is little an attacker can do to steal the session or force the victim to perform actions within the application. This issue hast been patched but a new release has not yet been made. Users are advised to contact the developer and to coordinate an update schedule." + }, + { + "lang": "es", + "value": "i-Educar es un software de gesti\u00f3n escolar totalmente online y gratuito que permite a las secretarias, profesores, coordinadores y responsables de \u00e1rea de la escuela gestionar de forma din\u00e1mica los valores de los campos HTML. La falta de desinfecci\u00f3n de los par\u00e1metros controlados por el usuario para generar din\u00e1micamente los valores de los campos HTML conduce a ataques XSS (Cross-Site Scripting). La generaci\u00f3n din\u00e1mica de los campos HTML en el archivo ieducar/intranet/include/clsCampos.inc.php no realiza la validaci\u00f3n o desinfecci\u00f3n correcta, reflejando los valores controlados por el usuario que se mostrar\u00e1n en el HTML de la p\u00e1gina. Esto permite a un atacante inyectar un payload XSS espec\u00edfico en un par\u00e1metro. La explotaci\u00f3n exitosa de esta falla permite a un atacante enga\u00f1ar a la v\u00edctima para que haga clic en una URL vulnerable, lo que permite que se ejecuten scripts de JavaScript en el navegador. Debido a la configuraci\u00f3n de las cookies de sesi\u00f3n, con los flags HttpOnly y SameSite=Lax definidos, es poco lo que un atacante puede hacer para robar la sesi\u00f3n o forzar a la v\u00edctima a realizar acciones dentro de la aplicaci\u00f3n. Este problema ha sido parcheado pero a\u00fan no se ha realizado una nueva versi\u00f3n. Se recomienda a los usuarios que se pongan en contacto con el desarrollador y coordinen un cronograma de actualizaci\u00f3n." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-450xx/CVE-2024-45058.json b/CVE-2024/CVE-2024-450xx/CVE-2024-45058.json index d48b36f30dd..5ff32de2bdc 100644 --- a/CVE-2024/CVE-2024-450xx/CVE-2024-45058.json +++ b/CVE-2024/CVE-2024-450xx/CVE-2024-45058.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45058", "sourceIdentifier": "security-advisories@github.com", "published": "2024-08-28T21:15:07.283", - "lastModified": "2024-08-28T21:15:07.283", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "i-Educar is free, completely online school management software that allows school secretaries, teachers, coordinators and area managers. An attacker with only minimal viewing privileges in the settings section is able to change their user type to Administrator (or another type with super-permissions). Any user is capable of becoming an administrator, which can lead to account theft, changing administrative tasks, etc. The failure occurs in the file located in ieducar/intranet/educar_usuario_cad.php on line 446 , which does not perform checks on the user's current permission level to make changes. This issue has not yet been patched. Users are advised to contact the developer and to coordinate an update schedule." + }, + { + "lang": "es", + "value": "i-Educar es un software de gesti\u00f3n escolar totalmente online y gratuito que permite a las secretarias, profesores, coordinadores y jefes de \u00e1rea de la escuela gestionar sus cuentas de usuario. Un atacante con privilegios m\u00ednimos de visualizaci\u00f3n en la secci\u00f3n de configuraci\u00f3n es capaz de cambiar su tipo de usuario a Administrador (u otro tipo con superpermisos). Cualquier usuario es capaz de convertirse en administrador, lo que puede derivar en robo de cuentas, cambio de tareas administrativas, etc. El fallo se produce en el archivo ubicado en ieducar/intranet/educar_usuario_cad.php en la l\u00ednea 446 , que no realiza comprobaciones sobre el nivel de permisos actual del usuario para realizar cambios. Este problema a\u00fan no ha sido parcheado. Se recomienda a los usuarios ponerse en contacto con el desarrollador y coordinar un calendario de actualizaciones." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-450xx/CVE-2024-45059.json b/CVE-2024/CVE-2024-450xx/CVE-2024-45059.json index 7a4dba4da34..0e400e237c6 100644 --- a/CVE-2024/CVE-2024-450xx/CVE-2024-45059.json +++ b/CVE-2024/CVE-2024-450xx/CVE-2024-45059.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45059", "sourceIdentifier": "security-advisories@github.com", "published": "2024-08-28T21:15:07.473", - "lastModified": "2024-08-28T21:15:07.473", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "i-Educar is free, completely online school management software that allows school secretaries, teachers, coordinators and area managers. In affected versions Creating a SQL query from a concatenation of a user-controlled GET parameter allows an attacker to manipulate the query. Successful exploitation of this flaw allows an attacker to have complete and unrestricted access to the database, with a web user with minimal permissions. This may involve obtaining user information, such as emails, password hashes, etc. This issue has not yet been patched. Users are advised to contact the developer and to coordinate an update schedule." + }, + { + "lang": "es", + "value": "i-Educar es un software de gesti\u00f3n escolar gratuito y completamente online que permite a las secretarias, profesores, coordinadores y responsables de \u00e1rea de la escuela crear una consulta SQL a partir de una concatenaci\u00f3n de un par\u00e1metro GET controlado por el usuario, lo que permite a un atacante manipular la consulta. La explotaci\u00f3n exitosa de esta falla permite a un atacante tener acceso completo y sin restricciones a la base de datos, con un usuario web con permisos m\u00ednimos. Esto puede implicar la obtenci\u00f3n de informaci\u00f3n del usuario, como correos electr\u00f3nicos, hashes de contrase\u00f1as, etc. Este problema a\u00fan no ha sido parcheado. Se recomienda a los usuarios que se pongan en contacto con el desarrollador y que coordinen un cronograma de actualizaci\u00f3n." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-452xx/CVE-2024-45232.json b/CVE-2024/CVE-2024-452xx/CVE-2024-45232.json index 69a23b9ac78..2962f0c8cf4 100644 --- a/CVE-2024/CVE-2024-452xx/CVE-2024-45232.json +++ b/CVE-2024/CVE-2024-452xx/CVE-2024-45232.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45232", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-29T00:15:09.177", - "lastModified": "2024-08-29T00:15:09.177", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in powermail extension through 12.3.5 for TYPO3. It fails to validate the mail parameter of the confirmationAction, resulting in Insecure Direct Object Reference (IDOR). An unauthenticated attacker can use this to display the user-submitted data of all forms persisted by the extension. This can only be exploited when the extension is configured to save submitted form data to the database (plugin.tx_powermail.settings.db.enable=1), which however is the default setting of the extension. The fixed versions are 7.5.0, 8.5.0, 10.9.0, and 12.4.0" + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en la extensi\u00f3n Powermail hasta la versi\u00f3n 12.3.5 para TYPO3. No se puede validar el par\u00e1metro de correo de la acci\u00f3n de confirmaci\u00f3n, lo que genera una referencia directa a objetos insegura (IDOR). Un atacante no autenticado puede usar esto para mostrar los datos enviados por el usuario de todos los formularios que la extensi\u00f3n mantiene. Esto solo se puede explotar cuando la extensi\u00f3n est\u00e1 configurada para guardar los datos de los formularios enviados en la base de datos (plugin.tx_powermail.settings.db.enable=1), que, sin embargo, es la configuraci\u00f3n predeterminada de la extensi\u00f3n. Las versiones corregidas son 7.5.0, 8.5.0, 10.9.0 y 12.4.0" } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-452xx/CVE-2024-45233.json b/CVE-2024/CVE-2024-452xx/CVE-2024-45233.json index 45d5bad1ddc..77e4a4f3463 100644 --- a/CVE-2024/CVE-2024-452xx/CVE-2024-45233.json +++ b/CVE-2024/CVE-2024-452xx/CVE-2024-45233.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45233", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-29T00:15:09.293", - "lastModified": "2024-08-29T00:15:09.293", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in powermail extension through 12.3.5 for TYPO3. Several actions in the OutputController can directly be called, due to missing or insufficiently implemented access checks, resulting in Broken Access Control. Depending on the configuration of the Powermail Frontend plugins, an unauthenticated attacker can exploit this to edit, update, delete, or export data of persisted forms. This can only be exploited when the Powermail Frontend plugins are used. The fixed versions are 7.5.0, 8.5.0, 10.9.0, and 12.4.0." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en la extensi\u00f3n Powermail hasta la versi\u00f3n 12.3.5 para TYPO3. Se pueden llamar directamente varias acciones en OutputController debido a comprobaciones de acceso faltantes o implementadas de manera insuficiente, lo que da como resultado un control de acceso interrumpido. Seg\u00fan la configuraci\u00f3n de los complementos de Powermail Frontend, un atacante no autenticado puede aprovechar esto para editar, actualizar, eliminar o exportar datos de formularios persistentes. Esto solo se puede aprovechar cuando se utilizan los complementos de Powermail Frontend. Las versiones corregidas son 7.5.0, 8.5.0, 10.9.0 y 12.4.0." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-454xx/CVE-2024-45435.json b/CVE-2024/CVE-2024-454xx/CVE-2024-45435.json index 544083afd73..b2d811dcaf0 100644 --- a/CVE-2024/CVE-2024-454xx/CVE-2024-45435.json +++ b/CVE-2024/CVE-2024-454xx/CVE-2024-45435.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45435", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-29T03:15:05.357", - "lastModified": "2024-08-29T03:15:05.357", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Chartist 1.x through 1.3.0 allows Prototype Pollution via the extend function." + }, + { + "lang": "es", + "value": "Chartist 1.x a 1.3.0 permite la contaminaci\u00f3n de prototipos a trav\u00e9s de la funci\u00f3n de extensi\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-454xx/CVE-2024-45436.json b/CVE-2024/CVE-2024-454xx/CVE-2024-45436.json index c10398390f2..9265f5f21c3 100644 --- a/CVE-2024/CVE-2024-454xx/CVE-2024-45436.json +++ b/CVE-2024/CVE-2024-454xx/CVE-2024-45436.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45436", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-29T03:15:05.460", - "lastModified": "2024-08-29T03:15:05.460", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "extractFromZipFile in model.go in Ollama before 0.1.47 can extract members of a ZIP archive outside of the parent directory." + }, + { + "lang": "es", + "value": "extractFromZipFile en model.go en Ollama anterior a 0.1.47 puede extraer miembros de un archivo ZIP fuera del directorio principal." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-454xx/CVE-2024-45440.json b/CVE-2024/CVE-2024-454xx/CVE-2024-45440.json index 475d7bd5c45..9bfd2812d60 100644 --- a/CVE-2024/CVE-2024-454xx/CVE-2024-45440.json +++ b/CVE-2024/CVE-2024-454xx/CVE-2024-45440.json @@ -2,8 +2,8 @@ "id": "CVE-2024-45440", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-29T11:15:27.083", - "lastModified": "2024-08-29T11:15:27.083", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-54xx/CVE-2024-5417.json b/CVE-2024/CVE-2024-54xx/CVE-2024-5417.json index d5ec05261a7..ace899880c8 100644 --- a/CVE-2024/CVE-2024-54xx/CVE-2024-5417.json +++ b/CVE-2024/CVE-2024-54xx/CVE-2024-5417.json @@ -2,8 +2,8 @@ "id": "CVE-2024-5417", "sourceIdentifier": "contact@wpscan.com", "published": "2024-08-29T11:15:27.387", - "lastModified": "2024-08-29T11:15:27.387", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-56xx/CVE-2024-5622.json b/CVE-2024/CVE-2024-56xx/CVE-2024-5622.json index 8d4aa0ffdeb..0fd9e51b015 100644 --- a/CVE-2024/CVE-2024-56xx/CVE-2024-5622.json +++ b/CVE-2024/CVE-2024-56xx/CVE-2024-5622.json @@ -2,8 +2,8 @@ "id": "CVE-2024-5622", "sourceIdentifier": "cybersecurity@ch.abb.com", "published": "2024-08-29T11:15:27.447", - "lastModified": "2024-08-29T11:15:27.447", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-56xx/CVE-2024-5623.json b/CVE-2024/CVE-2024-56xx/CVE-2024-5623.json index 0f6705f9137..c94b80ee26a 100644 --- a/CVE-2024/CVE-2024-56xx/CVE-2024-5623.json +++ b/CVE-2024/CVE-2024-56xx/CVE-2024-5623.json @@ -2,8 +2,8 @@ "id": "CVE-2024-5623", "sourceIdentifier": "cybersecurity@ch.abb.com", "published": "2024-08-29T11:15:27.563", - "lastModified": "2024-08-29T11:15:27.563", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-56xx/CVE-2024-5624.json b/CVE-2024/CVE-2024-56xx/CVE-2024-5624.json index 2320376cd4a..31dda242df3 100644 --- a/CVE-2024/CVE-2024-56xx/CVE-2024-5624.json +++ b/CVE-2024/CVE-2024-56xx/CVE-2024-5624.json @@ -2,8 +2,8 @@ "id": "CVE-2024-5624", "sourceIdentifier": "cybersecurity@ch.abb.com", "published": "2024-08-29T11:15:27.673", - "lastModified": "2024-08-29T11:15:27.673", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-58xx/CVE-2024-5857.json b/CVE-2024/CVE-2024-58xx/CVE-2024-5857.json index cc5b600d405..0a6145fe5e6 100644 --- a/CVE-2024/CVE-2024-58xx/CVE-2024-5857.json +++ b/CVE-2024/CVE-2024-58xx/CVE-2024-5857.json @@ -2,8 +2,8 @@ "id": "CVE-2024-5857", "sourceIdentifier": "security@wordfence.com", "published": "2024-08-29T11:15:27.780", - "lastModified": "2024-08-29T11:15:27.780", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-59xx/CVE-2024-5987.json b/CVE-2024/CVE-2024-59xx/CVE-2024-5987.json index 9f18aadf40d..edfc5e568b3 100644 --- a/CVE-2024/CVE-2024-59xx/CVE-2024-5987.json +++ b/CVE-2024/CVE-2024-59xx/CVE-2024-5987.json @@ -2,8 +2,8 @@ "id": "CVE-2024-5987", "sourceIdentifier": "security@wordfence.com", "published": "2024-08-29T11:15:27.977", - "lastModified": "2024-08-29T11:15:27.977", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-60xx/CVE-2024-6053.json b/CVE-2024/CVE-2024-60xx/CVE-2024-6053.json index e86b65c716b..a9b3f635b19 100644 --- a/CVE-2024/CVE-2024-60xx/CVE-2024-6053.json +++ b/CVE-2024/CVE-2024-60xx/CVE-2024-6053.json @@ -2,13 +2,17 @@ "id": "CVE-2024-6053", "sourceIdentifier": "psirt@teamviewer.com", "published": "2024-08-28T17:15:11.163", - "lastModified": "2024-08-28T17:15:11.163", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper access control in the clipboard synchronization feature in TeamViewer Full Client prior version 15.57 and TeamViewer Meeting prior version 15.55.3 can lead to unintentional sharing of the clipboard with the current presenter of a meeting." + }, + { + "lang": "es", + "value": "Un control de acceso inadecuado en la funci\u00f3n de sincronizaci\u00f3n del portapapeles en TeamViewer Full Client versi\u00f3n anterior a 15.57 y TeamViewer Meeting versi\u00f3n anterior a 15.55.3 puede provocar que se comparta involuntariamente el portapapeles con el presentador actual de una reuni\u00f3n." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-65xx/CVE-2024-6551.json b/CVE-2024/CVE-2024-65xx/CVE-2024-6551.json index 7ccd3bc78a1..ebebffaa9ab 100644 --- a/CVE-2024/CVE-2024-65xx/CVE-2024-6551.json +++ b/CVE-2024/CVE-2024-65xx/CVE-2024-6551.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6551", "sourceIdentifier": "security@wordfence.com", "published": "2024-08-29T11:15:28.183", - "lastModified": "2024-08-29T11:15:28.183", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-69xx/CVE-2024-6927.json b/CVE-2024/CVE-2024-69xx/CVE-2024-6927.json index a0b274e3ff9..fd568559252 100644 --- a/CVE-2024/CVE-2024-69xx/CVE-2024-6927.json +++ b/CVE-2024/CVE-2024-69xx/CVE-2024-6927.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6927", "sourceIdentifier": "contact@wpscan.com", "published": "2024-08-29T11:15:28.410", - "lastModified": "2024-08-29T11:15:28.410", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-71xx/CVE-2024-7132.json b/CVE-2024/CVE-2024-71xx/CVE-2024-7132.json index 5d64f4b9b71..b838acd8b34 100644 --- a/CVE-2024/CVE-2024-71xx/CVE-2024-7132.json +++ b/CVE-2024/CVE-2024-71xx/CVE-2024-7132.json @@ -2,8 +2,8 @@ "id": "CVE-2024-7132", "sourceIdentifier": "contact@wpscan.com", "published": "2024-08-29T11:15:28.463", - "lastModified": "2024-08-29T11:15:28.463", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-73xx/CVE-2024-7394.json b/CVE-2024/CVE-2024-73xx/CVE-2024-7394.json index 9da6a4fa969..4148ad32106 100644 --- a/CVE-2024/CVE-2024-73xx/CVE-2024-7394.json +++ b/CVE-2024/CVE-2024-73xx/CVE-2024-7394.json @@ -2,8 +2,8 @@ "id": "CVE-2024-7394", "sourceIdentifier": "ff5b8ace-8b95-4078-9743-eac1ca5451de", "published": "2024-08-08T17:15:20.023", - "lastModified": "2024-08-08T18:55:19.180", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-29T13:41:24.487", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -59,9 +59,41 @@ "baseSeverity": "LOW" } } + ], + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "ff5b8ace-8b95-4078-9743-eac1ca5451de", "type": "Secondary", @@ -73,22 +105,62 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:concretecms:concrete_cms:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.5.18", + "matchCriteriaId": "4066C924-46C2-48F4-AA67-2664B6AC24FE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:concretecms:concrete_cms:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.0.0", + "versionEndExcluding": "9.3.3", + "matchCriteriaId": "22477475-FE69-4804-B73E-B3F268F16FE7" + } + ] + } + ] + } + ], "references": [ { "url": "https://documentation.concretecms.org/9-x/developers/introduction/version-history/933-release-notes?pk_vid=e367a434ef4830491723055753d52041", - "source": "ff5b8ace-8b95-4078-9743-eac1ca5451de" + "source": "ff5b8ace-8b95-4078-9743-eac1ca5451de", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://documentation.concretecms.org/developers/introduction/version-history/8518-release-notes?pk_vid=e367a434ef4830491723055758d52041", - "source": "ff5b8ace-8b95-4078-9743-eac1ca5451de" + "source": "ff5b8ace-8b95-4078-9743-eac1ca5451de", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://github.com/concretecms/concretecms/commit/c08d9671cec4e7afdabb547339c4bc0bed8eab06", - "source": "ff5b8ace-8b95-4078-9743-eac1ca5451de" + "source": "ff5b8ace-8b95-4078-9743-eac1ca5451de", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/concretecms/concretecms/pull/12166", - "source": "ff5b8ace-8b95-4078-9743-eac1ca5451de" + "source": "ff5b8ace-8b95-4078-9743-eac1ca5451de", + "tags": [ + "Issue Tracking", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-74xx/CVE-2024-7418.json b/CVE-2024/CVE-2024-74xx/CVE-2024-7418.json index 76bc7b22a06..67ceb3fcc0f 100644 --- a/CVE-2024/CVE-2024-74xx/CVE-2024-7418.json +++ b/CVE-2024/CVE-2024-74xx/CVE-2024-7418.json @@ -2,8 +2,8 @@ "id": "CVE-2024-7418", "sourceIdentifier": "security@wordfence.com", "published": "2024-08-29T11:15:28.540", - "lastModified": "2024-08-29T11:15:28.540", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-76xx/CVE-2024-7606.json b/CVE-2024/CVE-2024-76xx/CVE-2024-7606.json index 59ce5666c08..bf9d9097ca0 100644 --- a/CVE-2024/CVE-2024-76xx/CVE-2024-7606.json +++ b/CVE-2024/CVE-2024-76xx/CVE-2024-7606.json @@ -2,8 +2,8 @@ "id": "CVE-2024-7606", "sourceIdentifier": "security@wordfence.com", "published": "2024-08-29T11:15:28.757", - "lastModified": "2024-08-29T11:15:28.757", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-76xx/CVE-2024-7607.json b/CVE-2024/CVE-2024-76xx/CVE-2024-7607.json index 30e34a7aa4a..a306f218b6b 100644 --- a/CVE-2024/CVE-2024-76xx/CVE-2024-7607.json +++ b/CVE-2024/CVE-2024-76xx/CVE-2024-7607.json @@ -2,8 +2,8 @@ "id": "CVE-2024-7607", "sourceIdentifier": "security@wordfence.com", "published": "2024-08-29T11:15:28.963", - "lastModified": "2024-08-29T11:15:28.963", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-77xx/CVE-2024-7744.json b/CVE-2024/CVE-2024-77xx/CVE-2024-7744.json index d57aaf5ac30..26447cdee19 100644 --- a/CVE-2024/CVE-2024-77xx/CVE-2024-7744.json +++ b/CVE-2024/CVE-2024-77xx/CVE-2024-7744.json @@ -2,13 +2,17 @@ "id": "CVE-2024-7744", "sourceIdentifier": "security@progress.com", "published": "2024-08-28T17:15:11.380", - "lastModified": "2024-08-28T17:15:11.380", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In WS_FTP Server versions before 8.8.8 (2022.0.8), an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Web Transfer Module allows File Discovery, Probe System Files, User-Controlled Filename, Path Traversal.\n\u00a0\n\nAn authenticated file download flaw has been identified where a user can craft an API call that allows them to download a file from an arbitrary folder on the drive where that user host's root folder is located (by default this is C:)" + }, + { + "lang": "es", + "value": "En las versiones de WS_FTP Server anteriores a la 8.8.8 (2022.0.8), una vulnerabilidad de limitaci\u00f3n incorrecta de una ruta de acceso a un directorio restringido (\"Path Traversal\") en el m\u00f3dulo de transferencia web permite el descubrimiento de archivos, el sondeo de archivos del sistema, el nombre de archivo controlado por el usuario y Path Traversal. Se ha identificado una falla de descarga de archivos autenticados en la que un usuario puede crear una llamada API que le permite descargar un archivo desde una carpeta arbitraria en la unidad donde se encuentra la carpeta ra\u00edz del host de ese usuario (de manera predeterminada, es C:)" } ], "metrics": { diff --git a/CVE-2024/CVE-2024-77xx/CVE-2024-7745.json b/CVE-2024/CVE-2024-77xx/CVE-2024-7745.json index 5bbeb148b91..ae8ec0a269b 100644 --- a/CVE-2024/CVE-2024-77xx/CVE-2024-7745.json +++ b/CVE-2024/CVE-2024-77xx/CVE-2024-7745.json @@ -2,13 +2,17 @@ "id": "CVE-2024-7745", "sourceIdentifier": "security@progress.com", "published": "2024-08-28T17:15:11.593", - "lastModified": "2024-08-28T17:15:11.593", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In WS_FTP Server versions before 8.8.8 (2022.0.8), a Missing Critical Step in Multi-Factor Authentication of the Web Transfer Module allows users to skip the second-factor verification and log in with username and password only." + }, + { + "lang": "es", + "value": "En las versiones del servidor WS_FTP anteriores a 8.8.8 (2022.0.8), un paso cr\u00edtico faltante en la autenticaci\u00f3n multifactor del m\u00f3dulo de transferencia web permite a los usuarios omitir la verificaci\u00f3n de segundo factor e iniciar sesi\u00f3n solo con nombre de usuario y contrase\u00f1a." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-78xx/CVE-2024-7856.json b/CVE-2024/CVE-2024-78xx/CVE-2024-7856.json index f3cf4b70568..6cbd94c9840 100644 --- a/CVE-2024/CVE-2024-78xx/CVE-2024-7856.json +++ b/CVE-2024/CVE-2024-78xx/CVE-2024-7856.json @@ -2,8 +2,8 @@ "id": "CVE-2024-7856", "sourceIdentifier": "security@wordfence.com", "published": "2024-08-29T11:15:29.173", - "lastModified": "2024-08-29T11:15:29.173", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-78xx/CVE-2024-7857.json b/CVE-2024/CVE-2024-78xx/CVE-2024-7857.json index 6cfb9622f2d..a9dc905d3d7 100644 --- a/CVE-2024/CVE-2024-78xx/CVE-2024-7857.json +++ b/CVE-2024/CVE-2024-78xx/CVE-2024-7857.json @@ -2,13 +2,17 @@ "id": "CVE-2024-7857", "sourceIdentifier": "security@wordfence.com", "published": "2024-08-29T03:15:05.547", - "lastModified": "2024-08-29T03:15:05.547", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Media Library Folders plugin for WordPress is vulnerable to second order SQL Injection via the 'sort_type' parameter of the 'mlf_change_sort_type' AJAX action in all versions up to, and including, 8.2.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database." + }, + { + "lang": "es", + "value": "El complemento Media Library Folders para WordPress es vulnerable a la inyecci\u00f3n SQL de segundo orden a trav\u00e9s del par\u00e1metro 'sort_type' de la acci\u00f3n AJAX 'mlf_change_sort_type' en todas las versiones hasta la 8.2.2 incluida, debido a un escape insuficiente en el par\u00e1metro proporcionado por el usuario y a la falta de preparaci\u00f3n suficiente en la consulta SQL existente. Esto permite que los atacantes autenticados, con acceso de nivel de suscriptor y superior, agreguen consultas SQL adicionales a las consultas ya existentes que se pueden usar para extraer informaci\u00f3n confidencial de la base de datos." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-78xx/CVE-2024-7895.json b/CVE-2024/CVE-2024-78xx/CVE-2024-7895.json index 8fe46f15c15..e4ba54b3d6d 100644 --- a/CVE-2024/CVE-2024-78xx/CVE-2024-7895.json +++ b/CVE-2024/CVE-2024-78xx/CVE-2024-7895.json @@ -2,8 +2,8 @@ "id": "CVE-2024-7895", "sourceIdentifier": "security@wordfence.com", "published": "2024-08-29T11:15:29.390", - "lastModified": "2024-08-29T11:15:29.390", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-81xx/CVE-2024-8193.json b/CVE-2024/CVE-2024-81xx/CVE-2024-8193.json index e465c682f42..c0fcfce53ac 100644 --- a/CVE-2024/CVE-2024-81xx/CVE-2024-8193.json +++ b/CVE-2024/CVE-2024-81xx/CVE-2024-8193.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8193", "sourceIdentifier": "chrome-cve-admin@google.com", "published": "2024-08-28T23:15:05.477", - "lastModified": "2024-08-28T23:15:05.477", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.113 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)" + }, + { + "lang": "es", + "value": "El desbordamiento del b\u00fafer de pila en Skia en Google Chrome anterior a la versi\u00f3n 128.0.6613.113 permiti\u00f3 que un atacante remoto que hab\u00eda comprometido el proceso de renderizaci\u00f3n pudiera explotar la corrupci\u00f3n de pila a trav\u00e9s de una p\u00e1gina HTML manipulada. (Gravedad de seguridad de Chromium: Alta)" } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-81xx/CVE-2024-8194.json b/CVE-2024/CVE-2024-81xx/CVE-2024-8194.json index d73036b609c..2ed0e5aea6b 100644 --- a/CVE-2024/CVE-2024-81xx/CVE-2024-8194.json +++ b/CVE-2024/CVE-2024-81xx/CVE-2024-8194.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8194", "sourceIdentifier": "chrome-cve-admin@google.com", "published": "2024-08-28T23:15:06.160", - "lastModified": "2024-08-28T23:15:06.160", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Type Confusion in V8 in Google Chrome prior to 128.0.6613.113 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)" + }, + { + "lang": "es", + "value": "La confusi\u00f3n de tipos en la versi\u00f3n 8 de Google Chrome anterior a la 128.0.6613.113 permit\u00eda a un atacante remoto explotar potencialmente la corrupci\u00f3n del mont\u00f3n a trav\u00e9s de una p\u00e1gina HTML manipulada. (Gravedad de seguridad de Chromium: alta)" } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-81xx/CVE-2024-8198.json b/CVE-2024/CVE-2024-81xx/CVE-2024-8198.json index 780fecbfa11..c119be7e3f1 100644 --- a/CVE-2024/CVE-2024-81xx/CVE-2024-8198.json +++ b/CVE-2024/CVE-2024-81xx/CVE-2024-8198.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8198", "sourceIdentifier": "chrome-cve-admin@google.com", "published": "2024-08-28T23:15:06.243", - "lastModified": "2024-08-28T23:15:06.243", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.113 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)" + }, + { + "lang": "es", + "value": "El desbordamiento del b\u00fafer de pila en Skia en Google Chrome anterior a la versi\u00f3n 128.0.6613.113 permiti\u00f3 que un atacante remoto que hab\u00eda comprometido el proceso de renderizaci\u00f3n pudiera explotar la corrupci\u00f3n de pila a trav\u00e9s de una p\u00e1gina HTML manipulada. (Gravedad de seguridad de Chromium: Alta)" } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-82xx/CVE-2024-8250.json b/CVE-2024/CVE-2024-82xx/CVE-2024-8250.json index 144f3f3e794..df7dab92204 100644 --- a/CVE-2024/CVE-2024-82xx/CVE-2024-8250.json +++ b/CVE-2024/CVE-2024-82xx/CVE-2024-8250.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8250", "sourceIdentifier": "cve@gitlab.com", "published": "2024-08-29T00:15:09.370", - "lastModified": "2024-08-29T00:15:09.370", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file" + }, + { + "lang": "es", + "value": "La falla del disector NTLMSSP en Wireshark 4.2.0 a 4.0.6 y 4.0.0 a 4.0.16 permite la denegaci\u00f3n de servicio a trav\u00e9s de la inyecci\u00f3n de paquetes o un archivo de captura manipulado" } ], "metrics": { diff --git a/CVE-2024/CVE-2024-82xx/CVE-2024-8294.json b/CVE-2024/CVE-2024-82xx/CVE-2024-8294.json index 64349797b26..4657c8b661d 100644 --- a/CVE-2024/CVE-2024-82xx/CVE-2024-8294.json +++ b/CVE-2024/CVE-2024-82xx/CVE-2024-8294.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8294", "sourceIdentifier": "cna@vuldb.com", "published": "2024-08-29T11:15:29.603", - "lastModified": "2024-08-29T11:15:29.603", - "vulnStatus": "Received", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-82xx/CVE-2024-8295.json b/CVE-2024/CVE-2024-82xx/CVE-2024-8295.json new file mode 100644 index 00000000000..bff20423031 --- /dev/null +++ b/CVE-2024/CVE-2024-82xx/CVE-2024-8295.json @@ -0,0 +1,137 @@ +{ + "id": "CVE-2024-8295", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-08-29T12:15:04.537", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been found in FeehiCMS up to 2.1.1 and classified as critical. This vulnerability affects the function createBanner of the file /admin/index.php?r=banner%2Fbanner-create. The manipulation of the argument BannerForm[img] leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://gitee.com/A0kooo/cve_article/blob/master/feehi_cms/file_upload2/Fichkems%20banner%20file%20upload%20vulnerability.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.276070", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.276070", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.394560", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-82xx/CVE-2024-8296.json b/CVE-2024/CVE-2024-82xx/CVE-2024-8296.json new file mode 100644 index 00000000000..a8d1e80d2e2 --- /dev/null +++ b/CVE-2024/CVE-2024-82xx/CVE-2024-8296.json @@ -0,0 +1,137 @@ +{ + "id": "CVE-2024-8296", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-08-29T13:15:07.087", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in FeehiCMS up to 2.1.1 and classified as critical. This issue affects the function insert of the file /admin/index.php?r=user%2Fcreate. The manipulation of the argument User[avatar] leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://gitee.com/A0kooo/cve_article/blob/master/feehi_cms/file_upload3/Fichkems%20user%20file%20upload%20vulnerability.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.276071", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.276071", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.394568", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-82xx/CVE-2024-8297.json b/CVE-2024/CVE-2024-82xx/CVE-2024-8297.json new file mode 100644 index 00000000000..06236c2f54f --- /dev/null +++ b/CVE-2024/CVE-2024-82xx/CVE-2024-8297.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2024-8297", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-08-29T13:15:07.370", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in kitsada8621 Digital Library Management System 1.0. It has been classified as problematic. Affected is the function JwtRefreshAuth of the file middleware/jwt_refresh_token_middleware.go. The manipulation of the argument Authorization leads to improper output neutralization for logs. It is possible to launch the attack remotely. The name of the patch is 81b3336b4c9240f0bf50c13cb8375cf860d945f1. It is recommended to apply a patch to fix this issue." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 6.9, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE", + "baseScore": 5.0 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 10.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-117" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/kitsada8621/Digital-Library-Management-System/commit/81b3336b4c9240f0bf50c13cb8375cf860d945f1", + "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/kitsada8621/Digital-Library-Management-System/issues/1", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.276072", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.276072", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.394613", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-83xx/CVE-2024-8301.json b/CVE-2024/CVE-2024-83xx/CVE-2024-8301.json new file mode 100644 index 00000000000..e3d830f46f1 --- /dev/null +++ b/CVE-2024/CVE-2024-83xx/CVE-2024-8301.json @@ -0,0 +1,137 @@ +{ + "id": "CVE-2024-8301", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-08-29T13:15:07.660", + "lastModified": "2024-08-29T13:25:27.537", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in dingfanzu CMS up to 29d67d9044f6f93378e6eb6ff92272217ff7225c. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /ajax/checkin.php. The manipulation of the argument username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 6.9, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 7.5 + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/Xor-Gerke/webray.com.cn/blob/main/cve/dingfanzu-CMS/dingfanzu-CMS%20checkin.php%20username%20SQL-inject.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.276073", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.276073", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.396294", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 14f0ce5b606..f0579ae6e42 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-08-29T12:00:17.403939+00:00 +2024-08-29T14:00:18.295225+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-08-29T11:15:29.603000+00:00 +2024-08-29T13:55:38.203000+00:00 ``` ### Last Data Feed Release @@ -33,45 +33,51 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -261447 +261454 ``` ### CVEs added in the last Commit -Recently added CVEs: `33` +Recently added CVEs: `7` -- [CVE-2024-29729](CVE-2024/CVE-2024-297xx/CVE-2024-29729.json) (`2024-08-29T11:15:25.357`) -- [CVE-2024-29730](CVE-2024/CVE-2024-297xx/CVE-2024-29730.json) (`2024-08-29T11:15:25.547`) -- [CVE-2024-29731](CVE-2024/CVE-2024-297xx/CVE-2024-29731.json) (`2024-08-29T11:15:25.760`) -- [CVE-2024-38303](CVE-2024/CVE-2024-383xx/CVE-2024-38303.json) (`2024-08-29T11:15:25.970`) -- [CVE-2024-38304](CVE-2024/CVE-2024-383xx/CVE-2024-38304.json) (`2024-08-29T11:15:26.187`) -- [CVE-2024-3944](CVE-2024/CVE-2024-39xx/CVE-2024-3944.json) (`2024-08-29T11:15:26.403`) -- [CVE-2024-43700](CVE-2024/CVE-2024-437xx/CVE-2024-43700.json) (`2024-08-29T11:15:26.757`) -- [CVE-2024-43986](CVE-2024/CVE-2024-439xx/CVE-2024-43986.json) (`2024-08-29T11:15:26.853`) -- [CVE-2024-4428](CVE-2024/CVE-2024-44xx/CVE-2024-4428.json) (`2024-08-29T11:15:27.200`) -- [CVE-2024-45440](CVE-2024/CVE-2024-454xx/CVE-2024-45440.json) (`2024-08-29T11:15:27.083`) -- [CVE-2024-5417](CVE-2024/CVE-2024-54xx/CVE-2024-5417.json) (`2024-08-29T11:15:27.387`) -- [CVE-2024-5622](CVE-2024/CVE-2024-56xx/CVE-2024-5622.json) (`2024-08-29T11:15:27.447`) -- [CVE-2024-5623](CVE-2024/CVE-2024-56xx/CVE-2024-5623.json) (`2024-08-29T11:15:27.563`) -- [CVE-2024-5624](CVE-2024/CVE-2024-56xx/CVE-2024-5624.json) (`2024-08-29T11:15:27.673`) -- [CVE-2024-5857](CVE-2024/CVE-2024-58xx/CVE-2024-5857.json) (`2024-08-29T11:15:27.780`) -- [CVE-2024-5987](CVE-2024/CVE-2024-59xx/CVE-2024-5987.json) (`2024-08-29T11:15:27.977`) -- [CVE-2024-6551](CVE-2024/CVE-2024-65xx/CVE-2024-6551.json) (`2024-08-29T11:15:28.183`) -- [CVE-2024-6927](CVE-2024/CVE-2024-69xx/CVE-2024-6927.json) (`2024-08-29T11:15:28.410`) -- [CVE-2024-7132](CVE-2024/CVE-2024-71xx/CVE-2024-7132.json) (`2024-08-29T11:15:28.463`) -- [CVE-2024-7418](CVE-2024/CVE-2024-74xx/CVE-2024-7418.json) (`2024-08-29T11:15:28.540`) -- [CVE-2024-7606](CVE-2024/CVE-2024-76xx/CVE-2024-7606.json) (`2024-08-29T11:15:28.757`) -- [CVE-2024-7607](CVE-2024/CVE-2024-76xx/CVE-2024-7607.json) (`2024-08-29T11:15:28.963`) -- [CVE-2024-7856](CVE-2024/CVE-2024-78xx/CVE-2024-7856.json) (`2024-08-29T11:15:29.173`) -- [CVE-2024-7895](CVE-2024/CVE-2024-78xx/CVE-2024-7895.json) (`2024-08-29T11:15:29.390`) -- [CVE-2024-8294](CVE-2024/CVE-2024-82xx/CVE-2024-8294.json) (`2024-08-29T11:15:29.603`) +- [CVE-2024-1384](CVE-2024/CVE-2024-13xx/CVE-2024-1384.json) (`2024-08-29T13:15:05.793`) +- [CVE-2024-2541](CVE-2024/CVE-2024-25xx/CVE-2024-2541.json) (`2024-08-29T13:15:06.403`) +- [CVE-2024-3679](CVE-2024/CVE-2024-36xx/CVE-2024-3679.json) (`2024-08-29T13:15:06.627`) +- [CVE-2024-8295](CVE-2024/CVE-2024-82xx/CVE-2024-8295.json) (`2024-08-29T12:15:04.537`) +- [CVE-2024-8296](CVE-2024/CVE-2024-82xx/CVE-2024-8296.json) (`2024-08-29T13:15:07.087`) +- [CVE-2024-8297](CVE-2024/CVE-2024-82xx/CVE-2024-8297.json) (`2024-08-29T13:15:07.370`) +- [CVE-2024-8301](CVE-2024/CVE-2024-83xx/CVE-2024-8301.json) (`2024-08-29T13:15:07.660`) ### CVEs modified in the last Commit -Recently modified CVEs: `1` +Recently modified CVEs: `87` -- [CVE-2016-1000338](CVE-2016/CVE-2016-10003xx/CVE-2016-1000338.json) (`2024-08-29T11:09:05.303`) +- [CVE-2024-45440](CVE-2024/CVE-2024-454xx/CVE-2024-45440.json) (`2024-08-29T13:25:27.537`) +- [CVE-2024-5417](CVE-2024/CVE-2024-54xx/CVE-2024-5417.json) (`2024-08-29T13:25:27.537`) +- [CVE-2024-5622](CVE-2024/CVE-2024-56xx/CVE-2024-5622.json) (`2024-08-29T13:25:27.537`) +- [CVE-2024-5623](CVE-2024/CVE-2024-56xx/CVE-2024-5623.json) (`2024-08-29T13:25:27.537`) +- [CVE-2024-5624](CVE-2024/CVE-2024-56xx/CVE-2024-5624.json) (`2024-08-29T13:25:27.537`) +- [CVE-2024-5857](CVE-2024/CVE-2024-58xx/CVE-2024-5857.json) (`2024-08-29T13:25:27.537`) +- [CVE-2024-5987](CVE-2024/CVE-2024-59xx/CVE-2024-5987.json) (`2024-08-29T13:25:27.537`) +- [CVE-2024-6053](CVE-2024/CVE-2024-60xx/CVE-2024-6053.json) (`2024-08-29T13:25:27.537`) +- [CVE-2024-6551](CVE-2024/CVE-2024-65xx/CVE-2024-6551.json) (`2024-08-29T13:25:27.537`) +- [CVE-2024-6927](CVE-2024/CVE-2024-69xx/CVE-2024-6927.json) (`2024-08-29T13:25:27.537`) +- [CVE-2024-7132](CVE-2024/CVE-2024-71xx/CVE-2024-7132.json) (`2024-08-29T13:25:27.537`) +- [CVE-2024-7394](CVE-2024/CVE-2024-73xx/CVE-2024-7394.json) (`2024-08-29T13:41:24.487`) +- [CVE-2024-7418](CVE-2024/CVE-2024-74xx/CVE-2024-7418.json) (`2024-08-29T13:25:27.537`) +- [CVE-2024-7606](CVE-2024/CVE-2024-76xx/CVE-2024-7606.json) (`2024-08-29T13:25:27.537`) +- [CVE-2024-7607](CVE-2024/CVE-2024-76xx/CVE-2024-7607.json) (`2024-08-29T13:25:27.537`) +- [CVE-2024-7744](CVE-2024/CVE-2024-77xx/CVE-2024-7744.json) (`2024-08-29T13:25:27.537`) +- [CVE-2024-7745](CVE-2024/CVE-2024-77xx/CVE-2024-7745.json) (`2024-08-29T13:25:27.537`) +- [CVE-2024-7856](CVE-2024/CVE-2024-78xx/CVE-2024-7856.json) (`2024-08-29T13:25:27.537`) +- [CVE-2024-7857](CVE-2024/CVE-2024-78xx/CVE-2024-7857.json) (`2024-08-29T13:25:27.537`) +- [CVE-2024-7895](CVE-2024/CVE-2024-78xx/CVE-2024-7895.json) (`2024-08-29T13:25:27.537`) +- [CVE-2024-8193](CVE-2024/CVE-2024-81xx/CVE-2024-8193.json) (`2024-08-29T13:25:27.537`) +- [CVE-2024-8194](CVE-2024/CVE-2024-81xx/CVE-2024-8194.json) (`2024-08-29T13:25:27.537`) +- [CVE-2024-8198](CVE-2024/CVE-2024-81xx/CVE-2024-8198.json) (`2024-08-29T13:25:27.537`) +- [CVE-2024-8250](CVE-2024/CVE-2024-82xx/CVE-2024-8250.json) (`2024-08-29T13:25:27.537`) +- [CVE-2024-8294](CVE-2024/CVE-2024-82xx/CVE-2024-8294.json) (`2024-08-29T13:25:27.537`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 7dbc27dd3bf..e5f11168f8e 100644 --- a/_state.csv +++ b/_state.csv @@ -83291,7 +83291,7 @@ CVE-2016-1000282,0,0,66e83b6ab3ee42a8bbdc746894acad8039245384a798c1ca7f8000c527a CVE-2016-10003,0,0,e8b225d473ea5bc8596793189680b6a74993f392f4f18273f1c125dc3667f401,2024-02-02T03:03:55.400000 CVE-2016-1000306,0,0,58929e18d7a88d76b38c9344afa685c5dfce19e3aaa94be62e69e6459dd884bf,2023-11-07T02:29:26.900000 CVE-2016-1000307,0,0,bd4178c1c1fe6f95be6768310a7d45f2219507d406f6b636cf26d421c70a44ed,2017-04-12T18:47:39.847000 -CVE-2016-1000338,0,1,36122f4da4a1352af4e6678f167dd3e993e014d4785b51b9370ccd405265e175,2024-08-29T11:09:05.303000 +CVE-2016-1000338,0,0,36122f4da4a1352af4e6678f167dd3e993e014d4785b51b9370ccd405265e175,2024-08-29T11:09:05.303000 CVE-2016-1000339,0,0,4cb63073790ec83e24d1eee93dbf56c193741a7586104f79b20c9e49d4502110,2020-10-20T22:15:16.997000 CVE-2016-1000340,0,0,0cd9852c68b6752a64fd008af4174c3d07b57fcc72d0baa3557a19215505fa97,2020-10-20T22:15:17.140000 CVE-2016-1000341,0,0,5cc8f3a0fc7f70fa37111c8016e3b6ceab83f7b18286384b6b91814eeede5244,2020-10-20T22:15:17.247000 @@ -185186,7 +185186,7 @@ CVE-2021-44416,0,0,372a7a47904a006de375c34cee672a832db0dfbab964ded7dec098507fa57 CVE-2021-44417,0,0,9c36d12be034c139930a87f51b578ba028993c44da9104d4c126e6bba02ffd2c,2022-10-25T17:30:47.387000 CVE-2021-44418,0,0,648d66faa7f00266afc7968ca015d44a8fb0bd01a7644bca834c8ee2dd52940e,2022-10-07T17:27:03.357000 CVE-2021-44419,0,0,bd976456f08eed6a2c5c817220dcab8a42904ee48415770dd148ee6a19ed6a4a,2022-10-25T17:30:06.647000 -CVE-2021-4442,1,1,7bbb8925aa363af241c15ca3cddea3140ed4bc71593c13b036c86f1e9c242e04,2024-08-29T11:15:23.413000 +CVE-2021-4442,0,1,5f2f919cb7ccf4eb213ac6825ee4f2a37f3033de479015047f00e06a861808e6,2024-08-29T13:25:27.537000 CVE-2021-44420,0,0,a602170b9adad3b521d3da8453af30ed03e707b53334cbc72e0352c14922570a,2023-11-07T03:39:38.700000 CVE-2021-44421,0,0,1476e1370ffcc53e6e2d74dfc9f360009856c28d2e2306f672b781fbbed28609,2022-03-15T15:22:28.337000 CVE-2021-44422,0,0,68849cc8e1629494b81252315c457dc197d34a62815659c7039c6e8862cb146d,2021-12-27T20:24:38.683000 @@ -193446,7 +193446,7 @@ CVE-2022-24396,0,0,0debc179f58e63b300bcd5b1187eb1948b30c02d7babb963d9f8dbbd99e61 CVE-2022-24397,0,0,b778825b07900395e1f26d06ced8e425f9f48ebe0ba5aa51e06200e28869028d,2022-03-16T18:32:08.463000 CVE-2022-24398,0,0,1471ad71605bebfde387a25fa468fd00cc01758fac7083320ea673628433893e,2022-03-16T16:27:56.277000 CVE-2022-24399,0,0,c721ed982df67d1bc5cc48cb4aa54e72e5f2cabd1e48566839710d1c92a4d3e4,2022-12-22T20:35:04.993000 -CVE-2022-2440,1,1,b9622c814a61349d2f053e53635bc50a2d250d0da8a442b6c7ca524fa2864a83,2024-08-29T11:15:23.790000 +CVE-2022-2440,0,1,4da0d0b19259862fe149e54115a554ad286df21aecb8f03861f9ab68c7adb458,2024-08-29T13:25:27.537000 CVE-2022-24400,0,0,43a8c3b4d64e8d1044fb96ff1ebda066aedabf01e025987f934efbc2a0e67bee,2023-11-07T03:44:27.860000 CVE-2022-24401,0,0,cbaf010e0018da74ef9b46493dc430dc477d885b7bda4398834a645d97d6cec5,2023-11-07T03:44:27.963000 CVE-2022-24402,0,0,04312e5c48416b2b0e895d6f4e38fc2000c2ef3932f423fb6358b115788462f9,2023-11-07T03:44:28.100000 @@ -242343,6 +242343,7 @@ CVE-2024-1380,0,0,1c390e3978eb6f331393cad3863c002617264aabe196cd2683b703cbd37866 CVE-2024-1381,0,0,ef72e89e79a6e81e931361d7395d617cf305f1e64f8c84912db534518cd87432,2024-03-05T13:41:01.900000 CVE-2024-1382,0,0,39ef079a75e670ba8624eca288eeb6e2d76aa05a137eb237874d73319bc0b1a1,2024-03-07T13:52:27.110000 CVE-2024-1383,0,0,008850b53bfc9e3887db91e1dcfa0ad38f3c7f17c8652629fc512a2d492fa539,2024-03-13T18:15:58.530000 +CVE-2024-1384,1,1,8ddff4f6a092b575b2f1f68bfd61ed7b8cd220bd1bd7879e5fd8ce58465d86de,2024-08-29T13:25:27.537000 CVE-2024-1385,0,0,0820fb6305ae9c9acc31c74a440a8869c10896fe1578e4049a5b4146fa49d438,2024-04-08T18:49:25.863000 CVE-2024-1386,0,0,4c50eb1ea078928867e1daa62df4fab345a42c579981230726958beab55e7320,2024-05-02T18:00:37.360000 CVE-2024-1387,0,0,171cd5527af6e20942bb2f9fdd1995a9525b8e2f55ab7f2995b25f13cb6e5ca5,2024-04-10T13:24:00.070000 @@ -243033,16 +243034,16 @@ CVE-2024-20272,0,0,9a8b431abc55ae18c0094ec2d1030d59c5263518a92577c729598443278bb CVE-2024-20276,0,0,77220479d2c4e0a0ce7772faba7bb9374ec34b0cd2307655f714f3eba6dc1b93,2024-03-27T17:48:21.140000 CVE-2024-20277,0,0,736a7d458de43e0c8ef102aeef0adf3c0541fbbca3219355ca4fb06899462f58,2024-02-02T16:15:54.787000 CVE-2024-20278,0,0,12aa1590b3e8a6125d7154bf2a045b19659a28fc2d4df972ed53df9e81e82c57,2024-03-27T17:48:21.140000 -CVE-2024-20279,0,0,d70470f037b7d05c267fe837a51ffe0ea6cc65e6c53b86c34aa33cd4290cbcab,2024-08-28T17:15:06.113000 +CVE-2024-20279,0,1,05b20e0d8f3b8cda00d50e64da3647c27567cdb3c3b97e828571e56bf1250500,2024-08-29T13:25:27.537000 CVE-2024-2028,0,0,e06846e6ba84daa4133d99af11982cf4b0bb14edf4a6a3dc6070516f4e834b30,2024-03-13T18:15:58.530000 CVE-2024-20281,0,0,70f852907bc1bd5fcb581ca3147fb954d228d92f21dde79d0c952efed558ff29,2024-04-03T17:24:18.150000 CVE-2024-20282,0,0,f6e711a9a9efd85ad7bd0b3c7c022b317810618a7b30ebfdd488c3c43efc8cbb,2024-04-03T17:24:18.150000 CVE-2024-20283,0,0,89838f66dfd213c04e8273f1b3b892c92b85a1c5cc369285f3f9a454f716823b,2024-04-03T17:24:18.150000 -CVE-2024-20284,0,0,94e1b74ffedc9173b8687d071116f5d7bd8dbce82f75276fdc4216fa70f2122c,2024-08-28T17:15:06.893000 -CVE-2024-20285,0,0,07291ba086d427d7b395cf9a023737a945604fe3a97c30185e3a52ee5edcf578,2024-08-28T17:15:07.687000 -CVE-2024-20286,0,0,a48dde2bf690927e83a911609ce24cf903143a97cbd6a6810f27d7b184f6f6a3,2024-08-28T17:15:08.400000 +CVE-2024-20284,0,1,709f3cb69d09f3b634d846af0b80f59fd2c4aaa23e8c655f37fa93b0885ed376,2024-08-29T13:25:27.537000 +CVE-2024-20285,0,1,72fbbaafdb89aa3aff17a6a08109a599a5c5a36fc39ac02c13f5da21e82ffbcd,2024-08-29T13:25:27.537000 +CVE-2024-20286,0,1,14a3316f5238ceda4d300a7ebd223adf7dbdff97303cb3144e58d57417cf28f0,2024-08-29T13:25:27.537000 CVE-2024-20287,0,0,a744ff6c1bd94e5b436bea194b1f93eaa24b8e47ada607591c8d284066172138,2024-02-02T16:15:54.887000 -CVE-2024-20289,0,0,1464ce9b0a93176e874120a5b2b1063011bc50adc24c2ed4daf27402f4108fdb,2024-08-28T17:15:09.117000 +CVE-2024-20289,0,1,67b207e27b4f7addc83d99ce2a16d9a68d81f19bcf8b318a5e667a8a27d96ef2,2024-08-29T13:25:27.537000 CVE-2024-2029,0,0,354f931e93072109dced3bc73857c32e7a282fc5266016d20bde6f1070f10b9d,2024-04-10T19:49:51.183000 CVE-2024-20290,0,0,95fa55047489b4a2ee370988084e137cebac8acab30010c47f69339f30b23cb9,2024-02-15T15:43:27.240000 CVE-2024-20291,0,0,c2ed04ab4eaaddf8b1bcc5dc083481f305536f5151be36cfe21c14f02472ee22,2024-02-29T13:49:29.390000 @@ -243131,8 +243132,8 @@ CVE-2024-20401,0,0,4e570494182ec3fb0c9186b46f7948499e59b61e9f8ec1f0ca5200f010002 CVE-2024-20404,0,0,9ff8f593f71d4a0ff7aecb6b668971610942799ed16450e68ad59cf7f0b9f5af,2024-06-13T20:25:46.837000 CVE-2024-20405,0,0,2fa5b4e65c2f399507a2e57227d51876c94b3517d024d761ea8ec8bc4f4a8a91,2024-06-18T18:04:04.497000 CVE-2024-2041,0,0,7b4fc911113d944c485bed2a7f958b069e0536bf197811dc0e3dcb8018df3bd7,2024-05-06T14:15:07.747000 -CVE-2024-20411,0,0,395490d5288175386abbe9557d871d79478d52ab619dea23e01f03ed9b1e8c1f,2024-08-28T17:15:09.500000 -CVE-2024-20413,0,0,de84dfc41b4c606cc815faeb075f0d5e99c6a9bd6cf3cdba0004c89c4dc6eddd,2024-08-28T17:15:09.763000 +CVE-2024-20411,0,1,4f003e5090f28bf95bd35a4fbdae5180d9a8ba20c425549807eec3131f67ce95,2024-08-29T13:25:27.537000 +CVE-2024-20413,0,1,86bcdec57862054505f9b68ddff1575eb21295556bb50a8805e2f8ad7064ffd1,2024-08-29T13:25:27.537000 CVE-2024-20416,0,0,36fba5d0b9a663051d43c2072f34c721bf06b423d2ffa103fc7cf93ef9750d67,2024-07-18T12:28:43.707000 CVE-2024-20417,0,0,2b2621922f4e9896d58ad85f7dd970402245ce4da0539fb0012d7404735b7f45,2024-08-22T12:48:02.790000 CVE-2024-20419,0,0,0795f6e87845f9b46dc3400495c49fb48a047d8ed4e9d1842a04ff7724f0ad68,2024-08-13T17:15:22.787000 @@ -243142,7 +243143,7 @@ CVE-2024-2043,0,0,7a3896d230f6f1ae602a08f92e2eaaa644b5893021849dee8a675eb9b7c81e CVE-2024-20435,0,0,bea0a896db86de220514ce1618de53b05523503910f680b3361f4c8bb8734dd9,2024-07-18T12:28:43.707000 CVE-2024-2044,0,0,20580816ecbcb2d456bf5030911ad2dbba893322604e54631bb30d65d5e1ff74,2024-08-01T13:49:39.293000 CVE-2024-20443,0,0,272afbe0465f6648950651b716899dcfcb722318ac954aaaf0e63544fb83de9e,2024-08-23T15:18:06.347000 -CVE-2024-20446,0,0,a1f458363061be398c6f14b4fa2ac064da5d71cc04c03ec0fa0519fcf8eb70fe,2024-08-28T17:15:09.997000 +CVE-2024-20446,0,1,170308ac86546c99c2d31d486f326554296a9af4794b673e7a60dd04eb019f30,2024-08-29T13:25:27.537000 CVE-2024-2045,0,0,711ac9453656184dc732c4f4633f4f7bda646ec847d7f0c1c60c568976f58aa0,2024-03-01T14:04:26.010000 CVE-2024-20450,0,0,a40597aa01c7c808e6329a0cff711d7709db0a15729885e98911c863c6fe701c,2024-08-23T18:14:43.787000 CVE-2024-20451,0,0,616ab4cb2b50cee49c462941d4d3e48792a6a3c09b725bd97a134b2f4a53bec9,2024-08-23T18:14:11.137000 @@ -243150,7 +243151,7 @@ CVE-2024-20454,0,0,b7df5fe3c7f3ad82ec42e5ba189942703f651e8bba204ff78589b452573f7 CVE-2024-20456,0,0,bf56f0f0f8d3ed0f6616c43fc8ca6a47b6257ec17aaac25185ba7a05790b5cc9,2024-07-11T13:05:54.930000 CVE-2024-20466,0,0,d9adbd7a5cfca4a39494a47969f1c31ae3805a9aa7b4cd0a12535f31685e123d,2024-08-22T12:48:02.790000 CVE-2024-2047,0,0,65f16d2420b90c918e9e57877aac5f0440eb772d779ccbd58288e6312f3c8025,2024-04-01T01:12:59.077000 -CVE-2024-20478,0,0,c7f81a4150a4b8f4abbdfe0686f6cf7280c0fc2d9ab56aa66625f46f1240ded1,2024-08-28T17:15:10.220000 +CVE-2024-20478,0,1,2552b4b9bbc0a5cff57b3b8f7e9d97910094a88aceb9d33bb06e1a51f9db4e5e,2024-08-29T13:25:27.537000 CVE-2024-20479,0,0,ced5b461eb6ab05478119ddf8b399bbc19a6ff248adc19d6fde8eab586c6db76,2024-08-23T15:14:45.913000 CVE-2024-2048,0,0,3fe9d949673d5eedf190595df45c4c7d30c6a66a4722ea0631f740f815dd3cc0,2024-06-10T17:16:25.067000 CVE-2024-20486,0,0,1ec7a6c2a991b67e11827b3b316fed30b5b5340988b303f9088e0f10e2e894f9,2024-08-22T12:48:02.790000 @@ -244659,8 +244660,8 @@ CVE-2024-22421,0,0,99c38d3298b2bf5bb9fdc84d4f8b3a7acace84723f90c65f7cbbc69e6ce9c CVE-2024-22422,0,0,bf1b7db87778b518f08d5155d6846f47fb3f9a9aab63a208beaa67919e005bc9,2024-01-25T22:19:52.030000 CVE-2024-22423,0,0,1b933ba1ea433289dd324786d954661b21d8f6a26a0a0fc3e62a3ada9af9073a,2024-04-10T16:15:09.793000 CVE-2024-22424,0,0,e41de4e5b88e38ba83c521498714241036619afde56b4e9066fe088dbecc1ce9,2024-08-07T15:43:51.540000 -CVE-2024-22425,0,0,becc90df4034aa7c09ca8901fb304afa488477587c07d65355eaeb277dbc4bf5,2024-02-16T13:37:51.433000 -CVE-2024-22426,0,0,6cd1de8ede18aeab9a9939cc46682f0cf77d2044a000263107d14ea6ffb71e98,2024-02-16T13:37:51.433000 +CVE-2024-22425,0,1,4463c1b0099c20240ff7bea74998bf76f153d43547160f7ed0a36a514c3b9410,2024-08-29T13:15:06.060000 +CVE-2024-22426,0,1,a32ba2513e2bc779f1ff66bc538410f6d2c9643a82691085281dc5970ae40e44,2024-08-29T13:15:06.197000 CVE-2024-22428,0,0,8194cae8c0c923050637f1a5eba79b754f48c489fb7501ce28ea36624191c54b,2024-01-23T14:13:19.053000 CVE-2024-22429,0,0,9b68b129a84f9cab77768773f09c47846afa6114c8e83a72039b112e9b26c65f,2024-05-17T18:35:35.070000 CVE-2024-2243,0,0,e9f5bdfaef0b6d760b2375cadd786cd9763c71b1a8987da492d90b75ae347fc1,2024-04-10T13:23:38.787000 @@ -246487,6 +246488,7 @@ CVE-2024-25398,0,0,1ca4a836d24b5db40e48b55b365c5f32c1298501340103a0d376f4b670c71 CVE-2024-25399,0,0,1476dc50a563fb725fe1946b55f2c733462e19d80809e452ba10c245f29defa3,2024-02-28T14:07:00.563000 CVE-2024-25400,0,0,5a1a699f766ac616b34401ab3d26cec4ee9ace8ad79386f513c8e8091e234b3c,2024-08-12T13:38:17.123000 CVE-2024-25407,0,0,acf0dedeaaf5cb4ed513286f293369fa64a4aa24615bdc4521396e5298313ce4,2024-02-13T14:01:40.577000 +CVE-2024-2541,1,1,6831f1071bbe94c2f4ec69bfa8edc308ed0121a7521cce2afeb4bad33c9a82ef,2024-08-29T13:25:27.537000 CVE-2024-25410,0,0,bd9e79518cb72a7506fa003003f0ba0ca5f3409a943529c82b970295f2c8078b,2024-08-16T17:35:06.847000 CVE-2024-25413,0,0,e60164141d6ef6aae483b347bcb438f10cf90b0fdc503439bf774c3a45e4d7f4,2024-08-06T16:35:06.130000 CVE-2024-25414,0,0,e37faede54af522703a4e537065f1d12f9e2e079cddb040df250a6ab47704e37,2024-02-16T13:37:51.433000 @@ -249514,16 +249516,16 @@ CVE-2024-2969,0,0,8544d89f42684c11ff0ce4f59b9b332aa5f1a74abb30a148c14e95ecc35686 CVE-2024-2970,0,0,fc9de7221826a902f3a6cf19f3180d33eaf927389762bf1e23aea5c70762ccb6,2024-03-29T12:45:02.937000 CVE-2024-2971,0,0,9515cf628b34137ac014a8bc7d614bd445c5e05c6a07bb53515b2fc0d7b4fdaa,2024-03-27T12:29:30.307000 CVE-2024-2972,0,0,3771d0e64c82e60dbf132bba6647e15b9ad9d47823c5e525c2ccab39d1c1d845,2024-04-24T13:39:42.883000 -CVE-2024-29723,1,1,60662dc752cc1a09ff6f118d876519ee79cc3236a900a0367a38b995024f9385,2024-08-29T11:15:24.160000 -CVE-2024-29724,1,1,d3e2bbf0f52851408b080e731b358580ebbe3bfdeea9814f108b720166a35689,2024-08-29T11:15:24.383000 -CVE-2024-29725,1,1,b23dc12621aee91d49ab556299065fc76be273f43e7fd079fd855885dd8d24bf,2024-08-29T11:15:24.573000 -CVE-2024-29726,1,1,62ac1f9e68c5a801c0cf0b420311ded633efab76dc9e672b04fe55066ce4bb88,2024-08-29T11:15:24.767000 -CVE-2024-29727,1,1,bdd976ac91609333720d513958387ab60206b47fed70ec004b17bdc8010c4864,2024-08-29T11:15:24.977000 -CVE-2024-29728,1,1,0612477ddc2f1140903f2514cde9794d9858fc7612adc51b4947129d7463b1a3,2024-08-29T11:15:25.163000 -CVE-2024-29729,1,1,4b26fca3ab7503aa250e7292ad6b8b5a2d8a615bc71b99d6008bea2452d983ba,2024-08-29T11:15:25.357000 +CVE-2024-29723,0,1,d90d18dec68160096d5d8dfe7291ac2e321173ef407f20893c32353a492b1783,2024-08-29T13:25:27.537000 +CVE-2024-29724,0,1,55655e448ac09ab62187148fa49304ecc7878e3b2b7b6bc9fc75847841293ed5,2024-08-29T13:25:27.537000 +CVE-2024-29725,0,1,3f7e2d552b76ccb793380759acba73813ddbaa0ce872bd5b5729858789152967,2024-08-29T13:25:27.537000 +CVE-2024-29726,0,1,15877539f604c4c9a4319a993203b09105efe869fa020d0830ed7a0da78c5686,2024-08-29T13:25:27.537000 +CVE-2024-29727,0,1,3ebc5b72e65bb2a0e3db865ba91cf7f4a915534ffbfb9b1c9d1f1f67a509b586,2024-08-29T13:25:27.537000 +CVE-2024-29728,0,1,d8db5affb7332777d23394f536be22de3927aaef635ddf8abf3a63082c848d6a,2024-08-29T13:25:27.537000 +CVE-2024-29729,0,1,d1a3d1fc41f2cf0d86e0e8c32a9b9571ffe5e52fe18df687a65eb45214502a58,2024-08-29T13:25:27.537000 CVE-2024-2973,0,0,e93d65866932c82af8b50e3b7af91564bce393a65c7a315e9b3d7b174fddfb22,2024-06-28T10:27:00.920000 -CVE-2024-29730,1,1,cc3428bf1237d21db1c0aa41665b5df7d063d97b291467ec7a92ec1dfa4509a0,2024-08-29T11:15:25.547000 -CVE-2024-29731,1,1,4c2e56a4faaf5b465568cfd38153d4bc6bec4b5c892d31e301eb615bd3a50c0d,2024-08-29T11:15:25.760000 +CVE-2024-29730,0,1,36c18e11ec13d9f9f90cb1346b81c447389c8ad15e99cd575ebececc4b9d01d8,2024-08-29T13:25:27.537000 +CVE-2024-29731,0,1,0b7c738426eb2fe72ee45316055d3d3e2c8fef65d55c114a3114215f778fb60c,2024-08-29T13:25:27.537000 CVE-2024-29732,0,0,e30fc06180575c1796869bb0b4fa02497c40c6d7939d34aba0362f12c2710f0b,2024-03-21T12:58:51.093000 CVE-2024-29733,0,0,0811972ef853088b726fd2b07316244d1d628e55e310910ac8174bd65d097612,2024-07-03T01:52:30.320000 CVE-2024-29734,0,0,65bb1ba04f673142d3081922c5e4533cd4af140db3cdfbbce09ab73848e3b6c3,2024-04-03T12:38:04.840000 @@ -252756,7 +252758,7 @@ CVE-2024-3418,0,0,502fc54d23469afbe964523306f6a78a43aa4bbda684d42d8a15714665a919 CVE-2024-3419,0,0,55e9e939cce7031c82bff2b248ad3247eb5f6b71fadfe890fcd9e67ed87233e2,2024-05-17T02:39:54.607000 CVE-2024-34191,0,0,dbd580573375fd2d1820adc0049af00ef94f1f54fcce834415d344bda1271c56,2024-05-14T19:17:55.627000 CVE-2024-34193,0,0,e28053bd0a22d022848badc9c3f75e2fb164790fa29e948e479e4871e120d21a,2024-08-20T15:35:11.077000 -CVE-2024-34195,0,0,85b392229a6201caf031923e85b74fa52c56af0784be74d04a74145fdcf21d9f,2024-08-28T20:35:10.893000 +CVE-2024-34195,0,1,185ac0e1be787dd0b34c0629906ac5b9a248622f89ad1f748020dcdc7c100cd2,2024-08-29T13:25:27.537000 CVE-2024-34196,0,0,fa10f060dde56de72ad527f194a43f50d5d3befcfd4eea3294712a1774de38b0,2024-08-01T13:52:15.947000 CVE-2024-34198,0,0,ba93ef8fc5dbbb63bf24a83115f601ac65bb25dbfcfc498c53d09eed142379f4,2024-08-28T15:46:39.613000 CVE-2024-34199,0,0,27f51e6e9a085d1edb0a1380e0bfff4433e52f8f9e25d5bec96a743b9a9ffd85,2024-07-03T01:59:29.647000 @@ -254501,6 +254503,7 @@ CVE-2024-36783,0,0,dbc11dc9218015de97a73e96cb005d8a036c1d720a02ae2fb7f59dd28b9e4 CVE-2024-36787,0,0,26b242769047937307c486de3dde435edbd1d09662a165684d61f83fd541fbdd,2024-08-01T13:53:17.367000 CVE-2024-36788,0,0,ce421f00af3050883a12bce11fefd1ad9628128d70c1a012c0032b203b9673fd,2024-06-07T19:24:09.243000 CVE-2024-36789,0,0,e3781e3969948bd92ae74a8bb78c5b0d32bc5708516429d524b2a965c1c4e0b5,2024-08-15T16:35:11.633000 +CVE-2024-3679,1,1,346d11068b4cc9664c7fd0d677228ce08fea56c2a83a5e0bdba0b0b8a7eb8183,2024-08-29T13:25:27.537000 CVE-2024-36790,0,0,f8247224261f96e31ccf08410164dd4379381055fde60fa853baf6df22465be3,2024-08-14T20:35:14.473000 CVE-2024-36792,0,0,fabceb2ff375c58d64c9553c86e9784f4de9e6f1c14eeb688305657805693eab,2024-07-03T02:03:37.690000 CVE-2024-36795,0,0,421d7caed3f1bfdd012cee0400460351c045d5fa781e1724ee2bfb8de7fe2f98,2024-08-22T16:35:04.130000 @@ -255515,8 +255518,8 @@ CVE-2024-38294,0,0,f88948441f6418893f991fd0ef34dfd45f0e02ebcb8e39fd787f2f64385d5 CVE-2024-38295,0,0,c8378492e2d02be00aeda8d1da5a5ec5803f1a3bcf3481a4ca52e9e0e7261335,2024-08-02T18:10:46.607000 CVE-2024-38301,0,0,0aaba53899fa63c6f65cba4d5faa4104f18194e9cd1a78452f451bbbdb780cd8,2024-08-08T17:01:45.347000 CVE-2024-38302,0,0,e77ca3bd1f42a6aa7992c70d7c2a8c98c0238a3f11a590553b92597fb717d1f6,2024-07-19T13:01:44.567000 -CVE-2024-38303,1,1,ad943e0c1c748fabf9ab0237ca95f69c70ebb55e3dee929ae1d6ef497b14a6ea,2024-08-29T11:15:25.970000 -CVE-2024-38304,1,1,ed1f9b94148fba5a138ff2483dcb4daa5edc5c76370b6213d3becb255499b1de,2024-08-29T11:15:26.187000 +CVE-2024-38303,0,1,c7b5a51817f2a1a0ebc708751d758e8b7c05c5feea59a6e0d9e1abbf65c3c7ce,2024-08-29T13:25:27.537000 +CVE-2024-38304,0,1,1533620b56095e61cefff368d701e3aced2158147e2051c648eac5a7bba0ae3c,2024-08-29T13:25:27.537000 CVE-2024-38305,0,0,50405e5762e7554d2baff98400d3410fc2903bcdf76c1f98cd2e184e9e25e075,2024-08-21T12:30:33.697000 CVE-2024-38306,0,0,302c251894cd8175c95dcaa248535d0e8a6962400e46ca01099390440f888d26,2024-06-25T18:50:42.040000 CVE-2024-3831,0,0,50e818929dc56e84afc0dd8fe8fae7a8b323529f272034386ddae5543191124f,2024-05-14T16:11:39.510000 @@ -256194,7 +256197,7 @@ CVE-2024-39428,0,0,5d03789c96f23918b1ab1ea6fa6e056174329d182d27e72cc9dae9827964f CVE-2024-39429,0,0,e5307c82d36950beba8c9942e931fdf6e3ccb2f9d59fae72d11a48dd470f78ba,2024-08-27T17:44:02.903000 CVE-2024-3943,0,0,fecb7894fc8f71bb1eb318ec20be6409020b761b3221fbb9ca597f81fb48f5da,2024-05-30T13:15:41.297000 CVE-2024-39430,0,0,1e2b9ea56442b26f7737a9950103fafe605e5c7a90c854837eacf7ef42d0ec7f,2024-08-27T17:44:25.593000 -CVE-2024-3944,1,1,43f17057ad560956eabbd9dddfe553c1bbcb0fd738ccdc8e77d3a43e7901f3f3,2024-08-29T11:15:26.403000 +CVE-2024-3944,0,1,0efd517249d5abd23d4ecaaf8b5a788ce65adb9d6631526affc72f12ff9c041b,2024-08-29T13:25:27.537000 CVE-2024-3945,0,0,f529a76504b589632a786b994a7e59172142cd26cd001d628e7f3ff9658da8b1,2024-05-30T13:15:41.297000 CVE-2024-39457,0,0,71348762cda2a65a9fb6ee86fb97ddb6684e341009bf79ffb50846af36c0e45a,2024-08-22T17:33:32.373000 CVE-2024-39458,0,0,057d26d6064abe38c6844996c076741573b3fb5797f6e26a9cfc5dd443dbc18e,2024-06-27T12:47:19.847000 @@ -256879,10 +256882,10 @@ CVE-2024-40905,0,0,96eb254d5f8b6d07fa83b1d2229752059acc8f42da01741b8cbd4eaae0423 CVE-2024-40906,0,0,5c60c6a51bf3d33fb56a478deec3a7b641b4f91617f4ad721d7d102664d4f879,2024-07-12T16:34:58.687000 CVE-2024-40907,0,0,9fa3647e2363eef4d89cec67d70bce284a36061040d50631b9ed8c8182723c64,2024-07-12T16:34:58.687000 CVE-2024-40908,0,0,6cdce7f53523afe33cba2998c01eb82605e728b8ccb05b039038c6b90e3df5fa,2024-07-12T16:34:58.687000 -CVE-2024-40909,0,0,7439be860beb7caa27f7701d646d4a54abf5a05487d6ff27f77b0f869581b93c,2024-07-12T16:34:58.687000 -CVE-2024-40910,0,0,10721ef8cedf0108a8673fb6f73b97dc61083e1d8e3a25618d127b7c7fb2d9dd,2024-07-12T16:34:58.687000 -CVE-2024-40911,0,0,6b8a393d818ce4825af61fa07f730da38f8dc80225b1894e6f1bdd12d0428b70,2024-07-12T16:34:58.687000 -CVE-2024-40912,0,0,20e69bf527c15730bfa83ac2c5bb8c8efb197729fb0911a5831d64a96cd34120,2024-07-12T16:34:58.687000 +CVE-2024-40909,0,1,2557f1e39cb36a28050303053c68b79c667d03c7345936cb7db86b5f125dff39,2024-08-29T13:55:21.407000 +CVE-2024-40910,0,1,05374b2cc6508426828834b80ac481cdb20c9dee38a7e0865e9f298ee5c4422f,2024-08-29T13:55:38.203000 +CVE-2024-40911,0,1,546d040d317b6b7c9416414e4eee09f42366cbc593937a74695c34c2e222e06a,2024-08-29T13:43:49.137000 +CVE-2024-40912,0,1,da1c1eed990176ed17426fbde413bfdbb83ca8327151eb6056781d3a489705ec,2024-08-29T13:44:09.290000 CVE-2024-40913,0,0,3997e19c7b3cd7ab9a9381f30ce7b7d0dbb42c47c662000ec8e5838dc20d7938,2024-07-12T16:34:58.687000 CVE-2024-40914,0,0,b4afd77951959297c83dbfb50090a2075b74a5741768bd41e814f62a3a399323,2024-07-12T16:34:58.687000 CVE-2024-40915,0,0,96e3fc2bef9f34bbdc211b4ce9c2e2f70133f4a644059f65dace33bfbbf79ebf,2024-07-12T16:34:58.687000 @@ -257140,7 +257143,7 @@ CVE-2024-4121,0,0,62ca255cdda2e26a7a0224389681466727634cf0831afab2f14e58a1cb5bd9 CVE-2024-4122,0,0,3d81c7d42348f56045cc538515e4a2e136e243adec928773370fb697e11bd281,2024-06-04T19:20:30.560000 CVE-2024-41226,0,0,0f1b0fab09deb513b318e5339bb250b54a4148cca3ff553dad16500490764bac,2024-08-12T16:01:32.383000 CVE-2024-4123,0,0,b9879b7d0937c162f61c7aeebe9319c3ee0d2290b23cb569d74c82da57c569d5,2024-06-04T19:20:30.660000 -CVE-2024-41236,0,0,c4e6a64b54b2e943aa2644b716126f214c4e5e917f99a2fe950f6695e8ec8574,2024-08-28T18:35:16.790000 +CVE-2024-41236,0,1,3cbbab435b95a57b894a4463aee8e4605d344dcd712f9c37eefe09a1162931d1,2024-08-29T13:25:27.537000 CVE-2024-41237,0,0,8ccb4952f164337b681989e54cc147e9e164fc596c980ba694a928ee7e458af2,2024-08-08T20:53:45.827000 CVE-2024-41238,0,0,f705e2f0b1f5d028406d99f056a8ab6c4a04267fa568b3aa67b3ab220a8ce6db,2024-08-12T15:06:26.557000 CVE-2024-41239,0,0,131b357876f7631347cb4a7eac6921190f3c4ad817f4e0a0fd5e6c6c0d9100d6,2024-08-08T19:04:43.380000 @@ -257248,10 +257251,10 @@ CVE-2024-4155,0,0,9d1d3f06be4be4f0b611f0b92aa6b48510c05900efdf1b1c24851d7c9581a8 CVE-2024-41550,0,0,6726e0c6849e70c536d9bf6936241acc920718305f74521a185836b6b51898fb,2024-08-01T13:58:53.253000 CVE-2024-41551,0,0,a47b3d6d1401636bd7731728d6fcb9c38717d9cec4c98b37b50c290693f43ad0,2024-08-01T13:58:54.023000 CVE-2024-4156,0,0,31cc9500838d0dc99d5959700d84ebbac93048893a2eb67f37ed77d13093550c,2024-05-02T18:00:37.360000 -CVE-2024-41564,0,0,01c34f438e5872694f278c8b8396057a7820fd6f83e9a693a9ecf1988006725d,2024-08-28T17:15:10.693000 -CVE-2024-41565,0,0,ec1d51b0f10f4435436477324f29c544ea70dc92e44967077c96d395a60a6faa,2024-08-28T17:15:10.903000 +CVE-2024-41564,0,1,ed2eb1a56935798a0fef3d91df46815a2d063b1d7caa9d554fe7f607bff6d2c0,2024-08-29T13:25:27.537000 +CVE-2024-41565,0,1,73705e4299029ad2a5306d99d1289512d405841c1f23cb5741b41f59418e695d,2024-08-29T13:25:27.537000 CVE-2024-4157,0,0,ac5ec2e690c76b81403cfa49bc63d1a8caa2fb9d97d28a1055398849720db727,2024-05-22T12:46:53.887000 -CVE-2024-41570,0,0,08f18f006ef075be3e868b6121774877f2111f5f9ca9672280d529a6b344da0d,2024-08-13T01:14:38.880000 +CVE-2024-41570,0,1,548cd2006d0021700d97d9ac462942b0586c18cb85e20f0c023fdc6e3f8676c8,2024-08-29T13:32:21.020000 CVE-2024-41572,0,0,3538ce626eeeb6e9299463c0d735b4d1491706bbb85dc5c5ebc08929e34353d5,2024-08-22T21:15:16.797000 CVE-2024-41577,0,0,1db7c1144df378d1f0197182c3eb7cc1bf4798d90e82fc3037fda80bd09f3f04,2024-08-12T13:41:36.517000 CVE-2024-4158,0,0,9bd0a38e47c5b6d26f1e587737a0ffeb7c251278f38061995fc29ba309646aa6,2024-05-14T16:11:39.510000 @@ -257434,9 +257437,9 @@ CVE-2024-41879,0,0,776d1d630925a5effc005e3c54df4f1e81379153a0d899b1b1392cbd63b7b CVE-2024-4188,0,0,5459733739e7d5773814c2ce2922cf5b8b26c5398a641d72cfafdd22a4667489,2024-07-31T12:57:02.300000 CVE-2024-41880,0,0,fb22214cf23b63ecac791ad54f65d75460df9fd80fc112c0736bcd80f342f363,2024-08-01T13:59:12.507000 CVE-2024-41881,0,0,649cc07cf7de21549ce70eef1f2f35714a84b1ff95e773c0e75090d3c6d27c2e,2024-08-01T13:59:13.313000 -CVE-2024-41888,0,0,f20f89081fac3c34ae7fa6d6db5331497415187ab50d1e6d327647c14571c9f8,2024-08-12T13:41:36.517000 +CVE-2024-41888,0,1,551a193b56683c8a955974406454da46e806e6e58f5cbc2dcb8dc5dd231b91d3,2024-08-29T12:55:09.210000 CVE-2024-41889,0,0,afc718e09b38fea98bf4af598c03af33eb38888a59959d88ad94aa8810cd502c,2024-08-07T19:35:11.473000 -CVE-2024-41890,0,0,da5b4d13bc7e39c8535a50469053d6162e50f634d0dc9974958b5e94f830bd7c,2024-08-12T13:41:36.517000 +CVE-2024-41890,0,1,a90af16c8c7558e5227ebbc511a4c71519b3a4532e07b0a451c0d8da1663fee0,2024-08-29T12:56:47.413000 CVE-2024-4190,0,0,937461468fcd73b26e47070e7d0620ac3009210ef2f47e2156f0b87dd1c21bc4,2024-06-13T18:36:09.013000 CVE-2024-41903,0,0,67dddda11208425a9dbc345fc58604fc5d7cb0caf7e9b81aadfd0fc331e40c63,2024-08-14T18:39:21.207000 CVE-2024-41904,0,0,2a16ff348e5db01cbd9004bb6da7c38aafbed87ec5d8a582eda1208aebd9a27c,2024-08-14T18:39:32.883000 @@ -257452,7 +257455,7 @@ CVE-2024-41913,0,0,c6ad0a1fb279b7b6cd3ae0202ead0c310e4163291803f6da39ff84b133ebe CVE-2024-41914,0,0,cbc550b915270d7e2f2879c2f4d0216e7f6bd6d1cd3a3c180c2f13327702487c,2024-08-01T13:59:14.250000 CVE-2024-41915,0,0,79e27d81a466e27de33128fccf775ada519c090b73b4d198c18c4a0be866e968,2024-08-01T13:59:14.947000 CVE-2024-41916,0,0,a0fecd8d5dfc5244c3f03c29349b89d02348a331ee6a39e9fbc76610f4f83ad0,2024-07-31T12:57:02.300000 -CVE-2024-41918,0,0,6f9721be4b14a6aed1c1092d3ee4da7776fc0419ab9451c5cb3e812df844e93c,2024-08-29T03:15:05.130000 +CVE-2024-41918,0,1,0c40b65e79a7d0e62a7d01300248112aa4d976531b01059734b9300552c86e6f,2024-08-29T13:25:27.537000 CVE-2024-4192,0,0,0768e429bccaed861e82d220deefd437e5feb26a94e95c7a121626318970662c,2024-05-01T13:02:20.750000 CVE-2024-41924,0,0,06cc2d8c551d8fd39f4e2ff31447bb4070ddde2d992cf8f0c8cb1b0035280973,2024-08-01T13:59:15.743000 CVE-2024-41926,0,0,13c43cd281b4a9b74f2496b8daab80f10df1e7e6bc024b50c3c661b49018ccc2,2024-08-01T16:45:25.400000 @@ -257872,7 +257875,7 @@ CVE-2024-4252,0,0,9237a844d9d9b4c175441eb52c39ce07fc14167f47531df4616e5c1079e2e9 CVE-2024-42520,0,0,64dffe6569e4f4099d9df2249ffa95a5cd3b2fdfe3c5c543c43632b62f26d14c,2024-08-13T15:35:16.110000 CVE-2024-42523,0,0,d2390426abd67ed67f70fdd3a2ea610ef369e7528c0dbfbeb874b23ed350a545,2024-08-23T18:35:03.563000 CVE-2024-4253,0,0,c9c68d543bb45de2537aab443ac18ac0d0ac2996dd48a0a792630e0df378eb1e,2024-06-04T16:57:41.053000 -CVE-2024-42531,0,0,fb28ee845e17364e13fddc2ed3da9cd63cdc86755f2fe33fc8cfb1cc2dd0717a,2024-08-23T20:35:18.590000 +CVE-2024-42531,0,1,ede5a120d786ece67387b3c6abd47df9f0913ae8383a64cbc502e8588f56b82a,2024-08-29T13:15:06.843000 CVE-2024-4254,0,0,3b60c29b2fffc26e81ef054aaff64665b1e9fde72fa8de5968c25c437cecbbf1,2024-06-04T16:57:41.053000 CVE-2024-42543,0,0,89bf04af083c2e91e2e9ba214be5b3aa8827ce84405f38705010996fc0353810,2024-08-13T19:35:10.380000 CVE-2024-42545,0,0,f468a16273bd93e60bf7c85edbb037a37f95ddbef27d46e806b8081634956ff0,2024-08-13T15:35:16.993000 @@ -257972,7 +257975,7 @@ CVE-2024-4268,0,0,ed1b7008ff1a2549bc2f685279352d3a8f5b6d435592b2f29fd10fa9328ca7 CVE-2024-42680,0,0,b168ab4cd2e2150be7aaf36c84a318add99cf48e6e7026b9bd7262bb9f167200,2024-08-21T11:06:00.887000 CVE-2024-42681,0,0,38014007bcc5735791461b793967c4dfbe475531f64d8682f14c63500277a9d8,2024-08-19T19:35:08.437000 CVE-2024-4269,0,0,3a0e07c5dbf72b66f7c37e018ba2f8991c2e2b5c26c8f2d595b33767cdbe4e7e,2024-08-01T13:59:29.737000 -CVE-2024-42698,0,0,fe1c83135bf9fc84a6cd49538bca8838b9d9c29d3ca03087dcd64f79c8ed00e0,2024-08-28T16:15:09.210000 +CVE-2024-42698,0,1,798bb21c8e7074071627e495d7f04af8e19b75ed2669314307bb9e91d4b5f426,2024-08-29T13:25:27.537000 CVE-2024-4270,0,0,17133812b9c812b17ff2909d738c8b5ae6f8cc2b39eef016edec8cd05359b195,2024-07-29T16:31:09.117000 CVE-2024-4271,0,0,264c116f07aa10a920ca78d5e9c58bba0fe1e2b31cb4f2cfd0a7a609be29751f,2024-07-03T02:07:19.577000 CVE-2024-4272,0,0,c6d51ebaf4553eb5c8964297a8a6646c1c8e34e58f8be34bef185e25a27d5cec,2024-08-01T13:59:29.913000 @@ -258028,7 +258031,7 @@ CVE-2024-4279,0,0,dfbad3c4052d0097199e5a57f42abb52975c0de3af4475a04c90870b0d97f0 CVE-2024-42790,0,0,7510b4b53ddc671a204c6c9918e039c11322e8be8788350ff1b1615bcf8a1bd2,2024-08-27T14:35:06.047000 CVE-2024-42791,0,0,229b4927d8c73b78aebdb2269dabb59bb0e6061ec8574ac1a3619991917c1649,2024-08-26T19:35:30.910000 CVE-2024-42792,0,0,4eaaa19a355275b40166aa1a2acd468fef8bb5420612bb7385f6e2e1abaacd08,2024-08-26T19:10:09.607000 -CVE-2024-42793,0,0,2fd1699f07cb06cbca846a8c551b761a2dfd05d711fbd58716ff3794ae7bdac7,2024-08-28T20:35:12.570000 +CVE-2024-42793,0,1,510cd9c4d588635a50ff7dc67e5ffcd96c59095ddc7f9dfa239f2609e8b57d87,2024-08-29T13:25:27.537000 CVE-2024-4280,0,0,f46c38f13eff52b4d020fb374e18f92e6528a4bade2042627b2165ccf7b62772,2024-05-14T16:11:39.510000 CVE-2024-4281,0,0,cb48c26c252b1c83fb4810210335ce05e1fcbd94e5804419418b4f73b9d5c028,2024-05-08T13:15:00.690000 CVE-2024-42812,0,0,d754a1b3fa22845b1ec28a5e3b423343f3a09420e9ed62b3cb19e2fa117c33b2,2024-08-20T15:44:20.567000 @@ -258048,8 +258051,8 @@ CVE-2024-4287,0,0,e4eaa9cc0eedd48e962bf47bbdeb2988e2d50ccd6011525ef3609c758b0c26 CVE-2024-4288,0,0,98dba4b61502f5abd6b75fde706ee82a9bae31a5b0be7db458ed8cfdf0d8bfc6,2024-05-16T13:03:05.353000 CVE-2024-4289,0,0,00867bfd0f1ec036543766f70ad029cfafef69b68de16bba7569db7276222c78,2024-05-21T12:37:59.687000 CVE-2024-4290,0,0,96468cd9b26f589eaa99a2991d568962f6532fbc65b02b2950965134d65bb1ac,2024-08-01T13:59:30.177000 -CVE-2024-42900,0,0,03cb4ee58025e2ddb00a8eae086634a9edd3cd52073546780083b1fedebf3f3d,2024-08-28T16:35:24.427000 -CVE-2024-42905,0,0,63b2e3708e6370f68c8f0eab942c4bf94d6d07b2bc063f6d5b24c75cc4e46eeb,2024-08-28T19:35:20.503000 +CVE-2024-42900,0,1,a581afacf971ea3c7e1f415a11d8d3e50a8cfeb83f82ad9071f65c9958d77bb9,2024-08-29T13:25:27.537000 +CVE-2024-42905,0,1,ddc067821c332a4c26091e24326b09fd2b356b1e4a19dc86f0c28846472da9f5,2024-08-29T13:25:27.537000 CVE-2024-42906,0,0,83be373189250265e4f12ae408fac34eb129a889121f0ce4e7f0836727cd3453,2024-08-27T13:02:05.683000 CVE-2024-4291,0,0,3555454673f17bb302e51e81ea2fe7cd049aabde203c094d5792666ddbcea9c8,2024-07-03T02:07:20.773000 CVE-2024-42913,0,0,4ee002af12bf9d3762c244fec3fad984905617a81f77c95a7eb3d308c6c9d288,2024-08-28T20:15:07.880000 @@ -258376,7 +258379,7 @@ CVE-2024-4368,0,0,ebedd608e412600f3409256680729c82fcf5015495435afd7648389243e696 CVE-2024-43688,0,0,f39d1b1cd29869db949f77b65b174936ed5c42e4fb24c070ceb5bc7ef518b2eb,2024-08-26T14:35:06.680000 CVE-2024-4369,0,0,9bcc319f475d5802b53d6dedcfa6ead4761cbf7c42adde8daf6f3ff8c0c17af2,2024-06-19T18:15:11.820000 CVE-2024-4370,0,0,3c1f5b342c087fc6587c8bc9012541b58d80e50fdee9d14eea44daecdec82901,2024-05-15T16:40:19.330000 -CVE-2024-43700,1,1,6471e8749a948c3588d3d424d8acec2f1fd2db820d189a275f990eba7aef1dea,2024-08-29T11:15:26.757000 +CVE-2024-43700,0,1,eaee2db3d723c53e734007fa4e5d3d90ff936878740dca5737bd4995de9e3dcb,2024-08-29T13:25:27.537000 CVE-2024-4371,0,0,a0b0e0fb8c98057b2328743d7da5c32e9a585001a67e08f1632ceab0df487dfa,2024-07-15T16:42:39.107000 CVE-2024-4372,0,0,9ae4f43bf2d0d90214ce2e4715e0031799e31627a4319bb26ad2a73cf60988cf,2024-05-21T12:37:59.687000 CVE-2024-4373,0,0,95ffe3cd6afce20664a5281c9740358c7cd9b7c7a4c9be8031ba5b0e36cac33d,2024-05-15T16:40:19.330000 @@ -258397,7 +258400,7 @@ CVE-2024-43791,0,0,343f2e18bef5efeacf2cd8005024025a5d76578a60f2c9c2f207bc81f2ca8 CVE-2024-43794,0,0,896bb2e8ce2811b7436ee4acf4b9708cca2e72737878d04fdbf593ce2a59df9c,2024-08-23T18:46:31.730000 CVE-2024-43798,0,0,0f4c51b4b2459096a21f79a4c43df1119a11b4e9a3f2bc6fda3ce5410f7de574,2024-08-27T13:01:37.913000 CVE-2024-43802,0,0,e6e6b0823c543afdd24537863512362b0ca92682a64b51ee319640612d5e52b9,2024-08-27T13:02:05.683000 -CVE-2024-43805,0,0,b99c33cd6517c00926284743df2ece4d29840e6987c1cb900e897f113c9998cd,2024-08-28T20:15:07.963000 +CVE-2024-43805,0,1,e9de3af7500f4b69c1539a4468aa5c023c43f557b57ab88b796f849dd26b41b4,2024-08-29T13:25:27.537000 CVE-2024-43806,0,0,541f1dd38cc99ea47f0a1d3247e689afdaff86c352817f08eb0b94af02655385,2024-08-27T13:02:05.683000 CVE-2024-43807,0,0,3f91dd87019f53cf891d3a83100dd5c601626acd9f1336f0bde904afb8c4caa9,2024-08-19T21:09:42.313000 CVE-2024-43808,0,0,5904dacb826507090b9d583058f58aa9b73c36079d8a4861440bfd52d34f3890,2024-08-19T21:10:14.093000 @@ -258524,7 +258527,7 @@ CVE-2024-43966,0,0,cd3d16dd9709908a4a64e6a13b6fef840bd6c4e6049b114619dc3ea375d73 CVE-2024-43967,0,0,dd198820d01657feb4461b4126ff9f2ed88f09f4d5c22ed753dc2e0d9ac5168d,2024-08-26T19:10:09.607000 CVE-2024-4397,0,0,e58140e99ddfaf8bde684cb5f7b842244f11804dcdfb8070d80437acbcb292f3,2024-05-14T16:11:39.510000 CVE-2024-4398,0,0,fee297010492d7a9d0bd198f00369fbc7ee85eff508879444e062d535e0abd54,2024-05-14T16:11:39.510000 -CVE-2024-43986,1,1,7be10f2a00b791bc594589fad7436f54d057b9172032e51f0c7fcf2dc33a1982,2024-08-29T11:15:26.853000 +CVE-2024-43986,0,1,8c6098ff4ca468ef6cb988aff8c48a1d885b4130f177878606668301c5eb4e22,2024-08-29T13:25:27.537000 CVE-2024-4399,0,0,037b40419d6c617c61ec971c9e0affd6b35920b718c94b9e88ff7a43f16d3faf,2024-07-03T02:07:31.827000 CVE-2024-4400,0,0,387fe642c8f26702c425b79a01d9b1ba308ec0bd188f1564ff2c490875133119,2024-05-16T13:03:05.353000 CVE-2024-4403,0,0,07b387e13ed3d47c920433d5f499100d4d5e53ffefe1712d98753a4da5408fe2,2024-06-10T18:06:22.600000 @@ -258551,7 +258554,7 @@ CVE-2024-4424,0,0,f0ec85c26b242f03f1dda01796c703344a9d3cb93681b5b37fa83e955b9558 CVE-2024-4425,0,0,42da9fd06b4c286cf2ec4b279ef4c006e94043f167bd5abbfb6b02300a24e0e6,2024-07-03T02:07:33.267000 CVE-2024-4426,0,0,438c7e77bba5537169c045ba2dc210873849174945e68052d5a8bbbd94b93b11,2024-05-30T13:15:41.297000 CVE-2024-4427,0,0,80d5c9824f4d390f5c719cacd09f3ea81ff1def48bdeaace03a047150cb666b0,2024-05-30T13:15:41.297000 -CVE-2024-4428,1,1,c5d2130f62f50a5e70b9f3ded184abeb6b1a4dfdb68893eb767aa55b04a5d0cb,2024-08-29T11:15:27.200000 +CVE-2024-4428,0,1,2b4b41fe258d57ee7da92c1cce391c13b13ef10754a34280666a4b4743351809,2024-08-29T13:25:27.537000 CVE-2024-4429,0,0,f3c6ad6c7fc3529e6805efa10bcecee8b01db9336bcb1f88fdc476ffd1173766,2024-05-28T17:11:55.903000 CVE-2024-4430,0,0,137066e4356a4d04e3ad731fb42c3579f278eca0ad3e41ea882926334c71093f,2024-05-14T16:11:39.510000 CVE-2024-4431,0,0,8d95de6ec075320f55907047db89835dd68db45859f7bae49d6625b2a3240b6b,2024-05-24T01:15:30.977000 @@ -258614,8 +258617,8 @@ CVE-2024-4471,0,0,44899070168831f8c9dbf9959b26f4abead5dc804569bf5f22dbe3807408cb CVE-2024-4473,0,0,8a0cf4a98efdbfb5770862e11c920028f2e3a9a43c44eb843685fb5ef0c3f72b,2024-05-14T19:17:55.627000 CVE-2024-4474,0,0,f8c1a36ad14efe96f98dae06e1720ed737c744e50cd9a9e3991eaed9f98aef96,2024-07-17T02:48:04.213000 CVE-2024-4475,0,0,b199ea7732b827fa53d53ebb43badb03a8dff248a786cc8d7d2459800e62c08e,2024-07-17T02:47:07.620000 -CVE-2024-44760,0,0,9cf81a9e0ab04798a87becebbd5fde247ae48b2da57114bbb10303113ed6f0ac,2024-08-28T21:35:14.657000 -CVE-2024-44761,0,0,7d80c180501c990311d966122b1346cb700cb148eb429229d3870413a61d343c,2024-08-28T20:35:14.040000 +CVE-2024-44760,0,1,3a00b65146802967692858d01e10be80e485d57c9e1bc6037d8c115ef89dc218,2024-08-29T13:25:27.537000 +CVE-2024-44761,0,1,a7d79c4d2b06f52558db31c99909309cd5baa976e0824d4726ec990dfa036bf1,2024-08-29T13:25:27.537000 CVE-2024-4477,0,0,b275cf91a81ef0e33ced77c1c5ba5e17245e6b33fc991fd87901e463b723d83e,2024-07-12T16:12:03.717000 CVE-2024-4478,0,0,df092e6d564da1ba274f237ab38d20f4d3626835a8920b1b768f819806d6fce1,2024-05-16T13:03:05.353000 CVE-2024-4479,0,0,19a5d52fe32f562c79c648f88a021706b773334e3193aa8af739d9d0094fe357,2024-07-26T13:35:32.397000 @@ -258636,9 +258639,9 @@ CVE-2024-4488,0,0,1067ee59b8b50187d3b6e6dcedd09634fc158d8d3cf8abb63a1cced20ae50a CVE-2024-4489,0,0,982cbf89b6458fc8989b334c07bea5cd0f34b9af1a316c2d08ef53a4dd4e8b8f,2024-06-11T18:07:03.573000 CVE-2024-4490,0,0,46d58037d58f18ff9df6b6b94f91d6beb02adec3983ce96102d15aba21f19fde,2024-05-14T16:11:39.510000 CVE-2024-4491,0,0,fec0fa99feb905362d1059ae18d849f25d02b15efc10c179ce136112d1e08871,2024-06-04T19:20:38.950000 -CVE-2024-44913,0,0,3d0a718f021ba05c36d3cde74252c706d497214671f8cff4d115bea728d16df4,2024-08-28T19:35:21.377000 -CVE-2024-44914,0,0,f9f8ba7025d22966f03b97ab83fc8a2749a603d218d7389ac39cfd20db2d5481,2024-08-28T19:35:22.160000 -CVE-2024-44915,0,0,9030bbe2236b67114df101ba08f9c9855f4e55916353587c850f6e3720a8d862,2024-08-28T19:35:22.957000 +CVE-2024-44913,0,1,b6a472d5fd19f3234cb94f535078ee5f4ccf42464ba38a6cbd2f0b0b0d56c911,2024-08-29T13:25:27.537000 +CVE-2024-44914,0,1,cdab06c38600f9663e7e3d6a83c73bbea13a8eac91f638774262eedf9129b83e,2024-08-29T13:25:27.537000 +CVE-2024-44915,0,1,189fc1c6cfc0d9d55a03d683dcd4ceecbf61c3a051a5df8bd60ce5a5dfbbadd4,2024-08-29T13:25:27.537000 CVE-2024-4492,0,0,0237cea7742a82f916a95c7121fd101b19e30a52d4f326fc68f5db785a621a29,2024-06-04T19:20:39.047000 CVE-2024-4493,0,0,890374eb1d5a1051bad1d8c630ec03ea130ffcf654be5d03c4d1c85a0ebc3c87,2024-06-04T19:20:39.143000 CVE-2024-44931,0,0,a811432be893129eec1153f2a1f5cf79e00f6cda4409f2898f7f29e87e49d41f,2024-08-26T12:47:20.187000 @@ -258668,15 +258671,15 @@ CVE-2024-45036,0,0,b93ba1b942c2a90c7150ffd72c683d09bcb868f6dc285088962d5acc53d2e CVE-2024-45037,0,0,0a75dee24a9a0746d4b594073f73eebe38a0d6b0ee92331f507c53bf54c314fe,2024-08-28T12:57:39.090000 CVE-2024-45038,0,0,9bc86932f350806c3a4bfe09c65e8bf9ee10a426832d16050cb88cd3f58d1bd8,2024-08-28T12:57:39.090000 CVE-2024-4504,0,0,db7504bed7bbf326ed6569d421c20101dbf56fa9ab20eccbe7468f7c026f345b,2024-06-04T19:20:39.947000 -CVE-2024-45043,0,0,64e1d74029a8220ee97cc913320ac0ff74a6720da3a17522c390ec0155ccaf98,2024-08-28T20:15:08.347000 -CVE-2024-45046,0,0,8cdac0b20865765113a8b4b0b2d2ef87a79d79d8e2fc42a7271e4d63391523e6,2024-08-28T21:15:06.603000 -CVE-2024-45048,0,0,f69fdb24175b6f7ace06b9eb02d37b28bd8091a69e42131265e80e387c282be3,2024-08-28T21:15:06.817000 +CVE-2024-45043,0,1,813b7117a1d59d56cbce89ce53b65dfc1ca707523a63233a1be8257ae8cc6c73,2024-08-29T13:25:27.537000 +CVE-2024-45046,0,1,4d7016da74eaf67c450dc439af799ed2952384706074b1964aaa74d9bd45c737,2024-08-29T13:25:27.537000 +CVE-2024-45048,0,1,f84a03b52c4e4737f004ef4638c6c48a715aa1051c897955680d1101538ffe4e,2024-08-29T13:25:27.537000 CVE-2024-45049,0,0,2db7654aac013903b19c74b15111e80acc65bf9e641d52dffa75f446b2d1ef2f,2024-08-28T12:57:39.090000 CVE-2024-4505,0,0,4ef7357f00ff85be3b87c4353ae099f1aed84eaee3f1c1bda33ed5ec6e115293,2024-06-04T19:20:40.050000 -CVE-2024-45054,0,0,a13624c329f0bdd0fd7658e8735d8dc858ccaeb0147d1b3630226002f3177470,2024-08-28T20:15:08.547000 -CVE-2024-45057,0,0,dae225468c5e970563487e367d430f56eab47b0de224e37bbd34b62154462c20,2024-08-28T21:15:07.027000 -CVE-2024-45058,0,0,1d7b030bfdf11ee9e7b86fb4c1f5d13d8fdd33b4e5da1c1474457fed7bc73e59,2024-08-28T21:15:07.283000 -CVE-2024-45059,0,0,1b1554031fc92d503bcd73c79a9939703fac7a68247e1643f55a22d235390e8e,2024-08-28T21:15:07.473000 +CVE-2024-45054,0,1,b9a631b4140dc3b625193d3b302c7a5fbf5e7defa5c6f149bad3cc57b44dfb5d,2024-08-29T13:25:27.537000 +CVE-2024-45057,0,1,9d8b06345321949fa48379fc2183ae1808eec74c9e7dce5df7d16d85f9e3fc50,2024-08-29T13:25:27.537000 +CVE-2024-45058,0,1,7787e6673db22abfd684889eec25f0d15a1228d1d6048ef359937e89120200d3,2024-08-29T13:25:27.537000 +CVE-2024-45059,0,1,1db4a990b2e27521ef605a35909b28cc3d1be1d4c9ec2ad338f6d6fa0c866be3,2024-08-29T13:25:27.537000 CVE-2024-4506,0,0,ddf6bfe33c9fb68b792eae19c37cbcf6030ec7e8a9a0c1f6ead94d2f62170a3f,2024-06-04T19:20:40.150000 CVE-2024-4507,0,0,feffcf27ced8e6be5fca9d21b321343c494624929485135b513ee1c93a346051,2024-06-04T19:20:40.250000 CVE-2024-4508,0,0,26388c420646a8ddc4ee2de628a691e0fa51808e2f848ae0f9b7aad58ccb1298,2024-05-17T02:40:26.220000 @@ -258709,8 +258712,8 @@ CVE-2024-45201,0,0,83db05d7484ca5c2638e18e64e3b5c06d28a9caaae332ad6d01f844ea902b CVE-2024-4521,0,0,a1d240438f25322e21494c2ddd2f5ee26b23410f012534bc2c27a0a49b09a860,2024-06-04T19:20:41.223000 CVE-2024-4522,0,0,acd0b6b231758473c48ed22daa75c2f0d87280406667aa3ced0f39aaa73cb777,2024-06-04T19:20:41.320000 CVE-2024-4523,0,0,e149ff229bd41b5a453469b36d558b5c1f467161b85c2884a74fe2177217c73a,2024-06-04T19:20:41.420000 -CVE-2024-45232,0,0,bc75fd44a589f0d2b28d23aeaf0717be5e8ac2e833776cc2bafe594ebf783a7b,2024-08-29T00:15:09.177000 -CVE-2024-45233,0,0,3ece8e67dd0d46109392740b3f711150f9aaa5e9d16296720033c229886812fd,2024-08-29T00:15:09.293000 +CVE-2024-45232,0,1,3eafdc056b3094c633f899aaaee19b650dd4281516f38479cba8b692a942a11f,2024-08-29T13:25:27.537000 +CVE-2024-45233,0,1,867b02aab716ee2a931910d769a959142fa84b671ca334d56f11c95e815dc218,2024-08-29T13:25:27.537000 CVE-2024-45234,0,0,4b3eecbe75c64cf8d46066aeb4347cf8775538d743d35431815d363ef479920c,2024-08-27T15:45:44.560000 CVE-2024-45235,0,0,12ffac5ccf9101959e31fcf0cfbde69d544eaa4a6e68395ec661cd3f82a2da19,2024-08-26T17:35:17.953000 CVE-2024-45236,0,0,9f46d1e309d244d60318b2e583a075d74d8dfa3f46db84beb50215ce95ea0169,2024-08-27T15:48:05.687000 @@ -258746,10 +258749,10 @@ CVE-2024-4540,0,0,56ac6cff101cc91d96d8daf4bfda0c052b655471dc0698e77d798366d59b91 CVE-2024-4541,0,0,3195b1a81526d9da93cf28b1e1f763238ece2897561011f493b9a3c77f12398c,2024-06-20T12:44:01.637000 CVE-2024-4542,0,0,188546ca483f93e7131261a5bd57b93b03491de5e62247759ac8c05b93c8f51b,2024-05-16T14:15:08.980000 CVE-2024-4543,0,0,cda17786b919b03cc3eee3c735d905916723b9b88a929a8c3a419843d78bdd6c,2024-07-03T18:23:54.237000 -CVE-2024-45435,0,0,63e29a4cb904912ca4f01a5e9170c97b24c12b8406ecda304755170e7138a13d,2024-08-29T03:15:05.357000 -CVE-2024-45436,0,0,3f0def0766ff2b56eca20906568f76d73608112e831c7fa8b8eb60e61d164f2f,2024-08-29T03:15:05.460000 +CVE-2024-45435,0,1,efe8bdd369e15fef4da77fdeb59f8a3d610c809290c60741f9b95cf3a960fe83,2024-08-29T13:25:27.537000 +CVE-2024-45436,0,1,124850a1ee60b7d75fda634076ab196e53d01ace64f5182cba955e31ca2c9d8a,2024-08-29T13:25:27.537000 CVE-2024-4544,0,0,15f8e020f3ae5b19c85909c1ae8a806386c0b6da2837ebed60d92355c70c1564,2024-05-24T13:03:11.993000 -CVE-2024-45440,1,1,2a853f0413b798aea7be65b8d63105bbf333c2d7d9fedadd0a9d9e37f927ea12,2024-08-29T11:15:27.083000 +CVE-2024-45440,0,1,48f137caa1abb077b1075de2faba6a6806a147fc385fe9803d57e1539cd03295,2024-08-29T13:25:27.537000 CVE-2024-4545,0,0,864a22773c6eaa7a20fdb4cf4c4b7a2709a2c8e64cfe98132d05364d67e97af4,2024-05-14T16:11:39.510000 CVE-2024-4546,0,0,da973c82a9042d639d29e7a0c2ffb48d440dea200e6df21027887041c43a68db,2024-05-16T13:03:05.353000 CVE-2024-4547,0,0,e03413ba2a3d643e986abd6a70d4989a4412faae98e55cc280c4859673ba647d,2024-05-06T16:00:59.253000 @@ -259523,7 +259526,7 @@ CVE-2024-5411,0,0,6f38aadf376ed626f84103b80eadf7d4a3da9be020ddcb9fa408be6d4c8307 CVE-2024-5413,0,0,b448c8c4fee794a9903e33e6c17f07ddeb3dd7c0bc677024b75809ef047d2c8a,2024-05-28T14:59:09.827000 CVE-2024-5414,0,0,08acc305e6c9bea4a9589fa3dba157ea62649fb0f8c0ee74aad6ddc09386f1c2,2024-05-28T14:59:09.827000 CVE-2024-5415,0,0,d8ba178a70f3cfb2a3911a07d12ef045cc2ca261b5b8d85db5edc9c9636eef1e,2024-05-28T14:59:09.827000 -CVE-2024-5417,1,1,3dfad3d9ab2045114cbd8aeebf630830e7682cdea6688a175ccc87114a1d8d28,2024-08-29T11:15:27.387000 +CVE-2024-5417,0,1,273cd02a5877f57c3a59c25eb16870230ce5806eb2b0983b88dcbbb1399acdaa,2024-08-29T13:25:27.537000 CVE-2024-5418,0,0,a687af8fa8fe7200b6255f9fba7bdce69460001467d8b2873093024e735e15d4,2024-05-31T13:01:46.727000 CVE-2024-5419,0,0,0d1c725f53c48278ea7823202c4adf24cf8a04c4aff5d8363f101c1d9f2798db,2024-07-03T15:43:09.450000 CVE-2024-5420,0,0,3867de6c80eaebb04ae4def03e9baadba6a4785f9b7d05c922afac144ffa3470,2024-06-10T18:15:38.367000 @@ -259690,9 +259693,9 @@ CVE-2024-5616,0,0,5078c1aa917db98652cc6ffd2b310b244194da0fcbabfd9d4ed8ccf7b99de5 CVE-2024-5618,0,0,ebe36b14a25a2ade3e64c60f6c84014fea87ffe3e6c056e2ec2d4c12a7dbd5bd,2024-07-19T13:01:44.567000 CVE-2024-5619,0,0,1dd4749b6be6d7e6dc7272136e2a3e724b171183a64961a248fdb4990b57a472,2024-07-19T13:01:44.567000 CVE-2024-5620,0,0,e414f2b903fd835e5fe0db0e605e2aee6c78620744a7541756005a422222af46,2024-07-19T13:01:44.567000 -CVE-2024-5622,1,1,6fd3e06055df93cfe6634287751cb5c42d16f05def3d9f379beefa3b12991cbc,2024-08-29T11:15:27.447000 -CVE-2024-5623,1,1,dff3241b25f8044e71b49838a52f3d2fae8ddb456baba620db83318f18dc38ca,2024-08-29T11:15:27.563000 -CVE-2024-5624,1,1,19cba0a1a2c2c061f15f5d757dc46a91f6c58bb228678258a7005eb4a2aca0b3,2024-08-29T11:15:27.673000 +CVE-2024-5622,0,1,18bcf434621ef2e5b1c62688d024dc78322fe74eea4d961814ffeedcd26c673c,2024-08-29T13:25:27.537000 +CVE-2024-5623,0,1,380afc824e185d3fd1e6bfe7558d5275e46b630beb14d56bf89b676c7f7164f1,2024-08-29T13:25:27.537000 +CVE-2024-5624,0,1,ba479b4d74c802ea24354f03030233e41e51677dce449e9a4ed5ffd581df623f,2024-08-29T13:25:27.537000 CVE-2024-5625,0,0,2e44049535f78135e500a8f8d54d8f4d59ba5936e80e3b134df5c51262f22971,2024-07-19T13:01:44.567000 CVE-2024-5626,0,0,3116199e86dacfa5c8c4bfcae9231b5a383289e4e0bd8acb32e36f957ab44c86,2024-08-01T13:59:55.383000 CVE-2024-5627,0,0,b223ea977e14432dc305de4592ca7e0252873a120062584093cd834d6b6d0c82,2024-07-15T13:00:34.853000 @@ -259888,7 +259891,7 @@ CVE-2024-5852,0,0,17ae123c3ebaa5002b861453d278a4e3499e2a8a6baca11a20783ec79d4cdc CVE-2024-5853,0,0,fce39775d007fbc741a3f2bc4fb52875073a382bd362c86e3cd6e44d0a9e6207,2024-06-20T12:44:01.637000 CVE-2024-5855,0,0,470fd388735694b7759ccf5036e6a18639fe074b164bc2d2da9695a799e80c03,2024-07-09T18:19:14.047000 CVE-2024-5856,0,0,6c7682487972a7913d7724c221dec1f8cbbbfbf7a2635cc868862316d948dc72,2024-07-09T18:19:14.047000 -CVE-2024-5857,1,1,fdb79482d5f8f9c2011533dd7235ee7b18235f032fefcb431adfc4ce9d0d59e8,2024-08-29T11:15:27.780000 +CVE-2024-5857,0,1,43ecfa36d095920289d94db3a13a3bdc8b37c88b4d781a0a6bcc2c886f368e6e,2024-08-29T13:25:27.537000 CVE-2024-5858,0,0,63cb7f6cd58686ca5ad3c57990888086a18b2814d4915e424991a00332eb64f9,2024-06-17T12:42:04.623000 CVE-2024-5859,0,0,72e4b113c686d9a3109f00890cd02d7c66daeaf956171b1cfade7c196becbe2c,2024-06-24T19:21:07.943000 CVE-2024-5860,0,0,56b79e1c6d22cf1e6319b4d2696b988928a56f1c09b2a292e92b44a530d0359a,2024-07-05T13:52:14.463000 @@ -259982,7 +259985,7 @@ CVE-2024-5981,0,0,ef1af743cedf4b6b2a243e8210155140211219a91ac8483d52ff9c2f041ab6 CVE-2024-5983,0,0,e453627058811c95a94483155fc84de41a398cc957b204d5491729f060f018a7,2024-07-24T02:39:24.200000 CVE-2024-5984,0,0,89f42ffe1afdcb4773f46da639d99adec4fd2f40289999f555344358fcd06ab2,2024-07-24T02:37:30.717000 CVE-2024-5985,0,0,4b7f0c13c1d049ea5b2816f8e8132ec8aee9a2fb74d5d00bf96c05e553a08b22,2024-07-24T02:34:43.900000 -CVE-2024-5987,1,1,0e0ee96e695aa81cab5437215237337ab38872f58b3ab83ec391f228a32a39af,2024-08-29T11:15:27.977000 +CVE-2024-5987,0,1,59ef1dd47c3a32e79663e3d46a9f8e7914697e67936dad31245855d212c4b5d5,2024-08-29T13:25:27.537000 CVE-2024-5988,0,0,6a93e103554a4b2cea7532bb149420b2c5e22d63c1fab23818b5950d94f50a5e,2024-06-25T18:50:42.040000 CVE-2024-5989,0,0,5b8da9d53fdfd0fd3971e8489f4ae4ce0e952b56f28f99337bb24ad669904afb,2024-06-25T18:50:42.040000 CVE-2024-5990,0,0,815ffdec6ed9055e0c29635260b790d8ae8601700cacf3380cde4c3f20ff7240,2024-06-25T18:50:42.040000 @@ -260032,7 +260035,7 @@ CVE-2024-6047,0,0,85682382a3873811b400f354140b032b3237064163e98177d5be59d88a26c9 CVE-2024-6048,0,0,c67416098261daba4fbb7cd933140c3939f890be764cfd8ea2022f29e8208654,2024-06-17T12:42:04.623000 CVE-2024-6050,0,0,977e3c1d954bb2d407afb4f807be75a02157bd9cd72111a32e132ff13e7f9262,2024-08-15T17:21:21.920000 CVE-2024-6052,0,0,38b34f27bf68c4c46450287788affa9aba60ae6b039318e5898c7b1f92d4d920,2024-08-27T17:56:02.507000 -CVE-2024-6053,0,0,d948e07b8baf864dac71376d31f8ecc578facf82b0fb9781a32c5b912ab40183,2024-08-28T17:15:11.163000 +CVE-2024-6053,0,1,21baf840cdd5a02d6a22a91914ac5039a81a4df892e1d76f92eefb4920e5c35a,2024-08-29T13:25:27.537000 CVE-2024-6054,0,0,dbd3e49036b5938301871d5a6c67ee17ba89370e3288082b00ca89a51a1f06ed,2024-06-28T13:11:58.810000 CVE-2024-6055,0,0,69ea90ebaa7aa8fe33baa786beceb3ec128eecc80f960a60b64b4cba1327c031,2024-06-20T12:44:22.977000 CVE-2024-6056,0,0,7f74134484f6fd18fa58f8938789bdbc0044ca3e8ab999314ec931796600d896,2024-06-20T12:44:22.977000 @@ -260425,7 +260428,7 @@ CVE-2024-6547,0,0,18c84e0486ad4b936dd6fb72fb2fdab2178f5a996a76eecb6a226aad2d913b CVE-2024-6548,0,0,60bfc667942bf486cd849da3893b7634ce066ff37e0b88eef507e7c2b2252b95,2024-07-29T14:12:08.783000 CVE-2024-6549,0,0,cc28409fa4123f9cfa0020a8bd1acbb74b9f694b50039e5c195a43b7390fbf1b,2024-07-29T14:12:08.783000 CVE-2024-6550,0,0,6c4bb046e65a00df1f67c81af4edc0fc3847fdca60c1beea606bf943b5851318,2024-07-11T13:05:54.930000 -CVE-2024-6551,1,1,5e0b9950be056866cf8e8b5667497b893f9ca503fbbb1a2be6c84e9b11108990,2024-08-29T11:15:28.183000 +CVE-2024-6551,0,1,4f1ced20cf55889202b509444f69b6146a29a206020191caf2f0e82360817fe0,2024-08-29T13:25:27.537000 CVE-2024-6552,0,0,c69fea586ad13db8e0f17f3e790d1787fb8eede20c8e873ffff0211dfcfe53f9,2024-08-08T13:04:18.753000 CVE-2024-6553,0,0,70ba64410e40022a47be74c0cb91eccacd959b94b33ca2168d2fb9852aed7506,2024-08-14T19:18:14.797000 CVE-2024-6554,0,0,c39b715167392909a130cc6479af2acca1cb23375ca0bdab5b0fb951f0bce662,2024-07-12T17:01:48.353000 @@ -260661,7 +260664,7 @@ CVE-2024-6917,0,0,4e02075ee95758cd510fbf6b3750273e9262615bb77e37c7873232af68d2c2 CVE-2024-6918,0,0,12d78a0add3426ad16ea6912a9097e8912d0223c4f1b31c268f35e0cd50f94e8,2024-08-20T15:44:20.567000 CVE-2024-6922,0,0,06f94107ca0d2a59d9bc293905aa46a216c7a8ead08ee7b0b3a0f5d8d9c7d0a8,2024-07-29T14:12:08.783000 CVE-2024-6923,0,0,5f80c19d7aba57d9ca3502e05808684f0f6d62047a1b2b6de15ae6be51d0a228,2024-08-07T15:15:56.337000 -CVE-2024-6927,1,1,b11b798824c8bf7659fd54be5bafdf70ae4a12c53d8d96e11ac19e1d51beb7d5,2024-08-29T11:15:28.410000 +CVE-2024-6927,0,1,fc91f7883505fe48251683b91037adf3e44067800dde7ec2b6fe528d778df67e,2024-08-29T13:25:27.537000 CVE-2024-6930,0,0,1339dcde2064efad12400b33b71bb10f58bb3894621d0a104ecb7e997db508bc,2024-08-08T20:06:49.207000 CVE-2024-6932,0,0,67a8aa74150c82de9338c7f5e13237de6a0b3fc058478249ab687a9bbea18d6e,2024-07-22T13:00:31.330000 CVE-2024-6933,0,0,31e003a378d639e27641dced44e726d35d058acd0301a48a16d76976ef2aa1ee,2024-07-22T13:00:31.330000 @@ -260780,7 +260783,7 @@ CVE-2024-7123,0,0,9cd56c5d21be01850838f11a2df252558cd6c9b176bc2485ad2b1b549f072a CVE-2024-7125,0,0,eeabb5486a5ad2f2094206d4f0142bb635fc7a57bcd2279354b026b1e44628c1,2024-08-27T13:01:37.913000 CVE-2024-7127,0,0,2842be40cd41bba2687b1d2d238a3a521369bfe05553f868496bd1f3f7f4951f,2024-08-23T14:00:59.740000 CVE-2024-7128,0,0,22b40e3236f05da8de2b73f629340b5796a3b45429dedc50864bf862ccb583f9,2024-07-29T14:12:08.783000 -CVE-2024-7132,1,1,d14b88a1d4278041aa1a27177495083cbe57b0c3236c04365135631db035b60f,2024-08-29T11:15:28.463000 +CVE-2024-7132,0,1,cbe2c106b94171e6f5b52f022c196c140605df2c815a60d76564f942007bbec7,2024-08-29T13:25:27.537000 CVE-2024-7134,0,0,c5170ada8be1ea583d3dc92d1c0c20ff0ddcfa0f860d82c947cda0aff2380786,2024-08-21T12:30:33.697000 CVE-2024-7135,0,0,31437d1db396166831d3abd18bbeb77eef50ad11110b9df0f25d86e90a9b1fe1,2024-07-31T12:57:02.300000 CVE-2024-7136,0,0,8aada0541fe051e5634e6d0e6056d54d479250830cd49e1b32d308af5a5c28dc,2024-08-19T13:00:23.117000 @@ -260975,7 +260978,7 @@ CVE-2024-7384,0,0,959c51f9d9089f82b75c53d05c8efe51e41a9d17d895f5f42948ac7d882f93 CVE-2024-7388,0,0,f17b6292d40b8d2d9d22865fdbf912ed4604c49db111ea9e78f67fdbb858de85,2024-08-13T12:58:25.437000 CVE-2024-7389,0,0,a5776290ae762be985431158def3f2d002b265ca6a95ce830d8f46206854f21a,2024-08-02T12:59:43.990000 CVE-2024-7390,0,0,7895dab66ddc704219ddf6d579bba9623189661f47faa0372744a2c8c5dc8ef9,2024-08-21T12:30:33.697000 -CVE-2024-7394,0,0,29459446676ebb07a97678c0a588cd4da58f4cf687ed192aec71d6f9cff45400,2024-08-08T18:55:19.180000 +CVE-2024-7394,0,1,311dd8d09f289dca72e294063b3121b4c7fd832b8fb4e9134c8457f94c79d21d,2024-08-29T13:41:24.487000 CVE-2024-7395,0,0,6b93b6db07480e26c0ae715f45aa50cef676fc9c19ea641f155805eb4429ff3f,2024-08-06T16:31:05.780000 CVE-2024-7396,0,0,4ebde91c8a3429e260812e0a142900e161f2137833db297002231fa5cfafb30a,2024-08-06T16:31:05.780000 CVE-2024-7397,0,0,6d2f711820d3e2f3c7573fc7d4d971b3f755ab6406b8b6440f8e39ce24e2f3e7,2024-08-06T16:31:05.780000 @@ -260989,7 +260992,7 @@ CVE-2024-7412,0,0,b7efc7f691385d07c16b9c98953749b4113f5c7d6e2cc5e240ac710642b7a9 CVE-2024-7413,0,0,cc9a3132dbf30c713a640687e195177085da2f3a67f589d16f765a82cdaabb61,2024-08-12T13:41:36.517000 CVE-2024-7414,0,0,ec5a655568a866725caccc407e481351f1a5df496455996ee3102ef3dac59f70,2024-08-12T13:41:36.517000 CVE-2024-7416,0,0,67a9ab6c88d18462429964f1183d705aa9fe2b8f49f4e7e013c20651e7dbf059,2024-08-12T13:41:36.517000 -CVE-2024-7418,1,1,5de48952fff8ceff6db8237b9fad6578ec63e1f5c2db58d9801f4ca5ece93944,2024-08-29T11:15:28.540000 +CVE-2024-7418,0,1,5654c2ea5f680ee7442f7881c310f72c8023f64985fe11e829ea249b0084006d,2024-08-29T13:25:27.537000 CVE-2024-7420,0,0,212201dc70782f8f787a94c9803febdbce3768abc9739a3b9300a43932a4c1b3,2024-08-15T13:01:10.150000 CVE-2024-7422,0,0,36692ebd2df61833999819382a06fe94bffc446bd5a7ed95f5ad6f2f1be17d62,2024-08-19T13:00:23.117000 CVE-2024-7427,0,0,cd98bf118e873980efded7115c454f880130955b5e501512e2f862e15ce253b8,2024-08-23T18:46:31.730000 @@ -261115,8 +261118,8 @@ CVE-2024-7601,0,0,db9958425836572eda0b52c7e651aff0e41e4dc47ec55ea348bc5752e1b198 CVE-2024-7602,0,0,1295ede0549ca488da522cbefe2db5abad88498e69c53af1f38f0ee81eb69b62,2024-08-23T16:36:11.690000 CVE-2024-7603,0,0,026c301c8508bb2890d37936199245036e5a5160d5195c848eb9252477eef559,2024-08-23T16:36:28.327000 CVE-2024-7604,0,0,2ca377c2d37b9340c6f7d1612379ed11f338df19f0e6ffae40ca1da8c016df51,2024-08-23T16:37:09.107000 -CVE-2024-7606,1,1,62ee4733469c5caf7fcb3b22200988055110126a50875bcd59dd98e49b9957cd,2024-08-29T11:15:28.757000 -CVE-2024-7607,1,1,1aaf6f7879fdc88b0e3787379ff19ff5df6ca94d2922854e07697ef03150e28e,2024-08-29T11:15:28.963000 +CVE-2024-7606,0,1,a274c3cb55abf1d09b9eed03004046b3bab57ca9c346c9c7f8eb3d1a43589575,2024-08-29T13:25:27.537000 +CVE-2024-7607,0,1,a22f9e92f7acda9358a9e1022b2325b742d117f4b1e701544a71613f7628ae8f,2024-08-29T13:25:27.537000 CVE-2024-7608,0,0,b8872988f702757177432eab77e95a14e7cc629ce3c064dd49371a09c8fc5a16,2024-08-28T12:15:06.900000 CVE-2024-7610,0,0,a10689bea1d0fbdec4f1b8819e74182773158d5010cb9fbea2ce46532922c645,2024-08-08T13:04:18.753000 CVE-2024-7613,0,0,595ae1d3f56b81eeb34ef1e184ddf7962f3a8fbfc042ff77a8fcf0bd3f10f263,2024-08-21T18:47:11.523000 @@ -261200,8 +261203,8 @@ CVE-2024-7740,0,0,b6b97e22b2a1c91ed733b5ea0db90c7ca386835aea8a2536d78b137aa899a0 CVE-2024-7741,0,0,451b4501bfecb549fed2131350eefedffb5605095818bbd2dc73e6ce30b3b5e5,2024-08-21T19:07:40.757000 CVE-2024-7742,0,0,5026e5c91e6d01ca137577cf715447f5db3eb9e4e96b1b8aca8896a09ee6d170,2024-08-21T19:08:47.707000 CVE-2024-7743,0,0,c910ec910e11d4c23506ee8328b07eddb255cd4474ff1acb5544c0f61f82b883,2024-08-21T19:15:54.553000 -CVE-2024-7744,0,0,1c24802daeb8a1a916eb67627cef6aecd8c9091c1618d772795e5ffee13a4e0c,2024-08-28T17:15:11.380000 -CVE-2024-7745,0,0,e29f9de33b3b1e8fe4a25f6826bc4f6300a7deaa8241cd630860c39d845a5db0,2024-08-28T17:15:11.593000 +CVE-2024-7744,0,1,e8669f8fd5c9f9018e3b86c3a975e398acdc37121a642a8c3a049f4d03772209,2024-08-29T13:25:27.537000 +CVE-2024-7745,0,1,48c3e1f7170ef7640e900d5b015dab81630b73bf8a9f44daf9902b87879253a9,2024-08-29T13:25:27.537000 CVE-2024-7746,0,0,41ddc83547faacdfc7eb4febb4b7b289d12121016bfc1367db838e5c1dc32e37,2024-08-22T14:40:44.167000 CVE-2024-7748,0,0,19a9780c8c3e3580e0507d6a06dfe151328aa44e58ebe3ad1d40e684712edce7,2024-08-15T17:22:53.340000 CVE-2024-7749,0,0,b1dd92bb0312fc7ae82ed3bd4baca9ef6dbf65c2cbb7e0f4fc4cc1353892f66e,2024-08-15T17:23:28.410000 @@ -261256,15 +261259,15 @@ CVE-2024-7851,0,0,a6804e632dae2a5227b1aeec5affef71a5e6512f1f3daab8681dcd169bd0ed CVE-2024-7852,0,0,90686965379176e60723e17deb3351871fe4c0caf2dc6a3e7de2597d0bb591c0,2024-08-28T21:07:30.690000 CVE-2024-7853,0,0,14a48e1ad8f1b546c0c87aa2d80a70dd8973b153912e39385d618671fd730a73,2024-08-28T21:03:35.003000 CVE-2024-7854,0,0,c7d42abb2b322c04201a8af34648ccfdb0ede7da24776e4c0b3ca238a25bf3a0,2024-08-21T12:30:33.697000 -CVE-2024-7856,1,1,4cf3aa430f9ecb44ea0b33cc0daa9345aae971c59c9c6a7ee4c9b6e55fae373a,2024-08-29T11:15:29.173000 -CVE-2024-7857,0,0,fd16b975757f502228f6eab0377cf04875516074c5737fefdf2a5cfed1cc0e0e,2024-08-29T03:15:05.547000 +CVE-2024-7856,0,1,33feb207767ca0a7c11c844a262a4c47fe31800a079ccc95735f9fe6bb170e1c,2024-08-29T13:25:27.537000 +CVE-2024-7857,0,1,b74961afa7dd10dda782bf64e146bf5117eb37327cdce5dd6f430c037eea52b1,2024-08-29T13:25:27.537000 CVE-2024-7866,0,0,4c0cb0c858c0ff2de3d3bc9c6187348080bb51d5934bb16167513e626d441be5,2024-08-20T19:23:02.780000 CVE-2024-7867,0,0,cc4e8e2cbae6cc9c2393332b56b3dc1a7160836d4b3b7919e8d1234e73599a3b,2024-08-28T21:59:33.973000 CVE-2024-7868,0,0,426aac72107d4f020c4b4c2ec1e49b6873953f44556989351b1605a1e98035d8,2024-08-19T13:00:23.117000 CVE-2024-7885,0,0,53926a53ab4f71fc31c04b79b6d61e8c39bb180f373c05a721578db45aa87a6a,2024-08-23T17:05:24.343000 CVE-2024-7886,0,0,b8c1f856b8479c6982faa8a2fc4a6d8b2480e045b8b096d9bd3b8640a06eb6f3,2024-08-19T13:00:23.117000 CVE-2024-7887,0,0,ba2ac28c88e5c856e9fa78c00b11f37e0df98a3508bf609dc9edbaa04a8fdb8e,2024-08-19T12:59:59.177000 -CVE-2024-7895,1,1,2f6aa8188d1329881ea5f289dd845e81e893fbef662b74ca80d85be3ed523ea3,2024-08-29T11:15:29.390000 +CVE-2024-7895,0,1,751537230dd85c922dc90020075e7bad0b718b293dfccd82c96c7e45bafc7da4,2024-08-29T13:25:27.537000 CVE-2024-7896,0,0,d80047a3d1d6cdcff2bc1adb680d3fdbda8db4b01c807c4a42d25c13d72803dc,2024-08-19T17:15:11.543000 CVE-2024-7897,0,0,e1e6bea210133c6b9b950b4aecbbc6a33480bc30160d48b4fd9fe9919d3739ab,2024-08-19T17:15:11.650000 CVE-2024-7898,0,0,8c09771630e516b5f0f9a153f946d68f8ead0f340784a4987dcbcd7e91566a30,2024-08-19T15:15:09.297000 @@ -261413,11 +261416,11 @@ CVE-2024-8174,0,0,8543f0d8f92ea7727c4605df4b165224a3b6d137f11ee710b81d48c311ac7b CVE-2024-8181,0,0,30918501aab4364009bd3804956f0f10b449aad4949fccf3aacccef25d5db4b2,2024-08-27T15:52:01.317000 CVE-2024-8182,0,0,d21b4ee027b5d7ffbba2e6af93024450552ec0bbbe1dfa5ea2b2ec2db0e50d89,2024-08-27T15:52:01.317000 CVE-2024-8188,0,0,bf948f939efb55d2700c81c8fb5cefa3fc31038462bfeb7ac3e161719faca6b2,2024-08-26T20:15:08.760000 -CVE-2024-8193,0,0,587355a2d64199050d05deff77d6e1fe4b5f79d97274de2c0bc9724ad81cf505,2024-08-28T23:15:05.477000 -CVE-2024-8194,0,0,b369892e8111ae1fd095afd85582c5541269a090a57f85d710381349c9130f20,2024-08-28T23:15:06.160000 +CVE-2024-8193,0,1,ff98f1aca00ea2f4f14673823fda0d839c318610a755256f696558b13f2c4f77,2024-08-29T13:25:27.537000 +CVE-2024-8194,0,1,53eae44b106de213de808a1df573211b10618e7c00b2d767c985950bf620a990,2024-08-29T13:25:27.537000 CVE-2024-8195,0,0,690850dad9e9debe83e3b31934e05f3d048da18a5a72ab008b4259527f1aad61,2024-08-28T14:31:24.487000 CVE-2024-8197,0,0,60c1dd5a1a3c5aad3ac938fab8c46d1fa7e711c4df3249376b3e24407eb9fe54,2024-08-27T13:01:37.913000 -CVE-2024-8198,0,0,fbe148306112c49c489e243b916286b977db8a54ffa4b1f7db0e7a9886d7f526,2024-08-28T23:15:06.243000 +CVE-2024-8198,0,1,de980718a9ea6cc588b2d974e2982799ff7ae4aa3d30e607d169215732d9386d,2024-08-29T13:25:27.537000 CVE-2024-8199,0,0,e4e155faf7982af494f6088e1ddff038dcc1d62a5700003ee5b4a40cfdce83b8,2024-08-27T18:33:14.247000 CVE-2024-8200,0,0,d43bb5c61e83498550affa212dfef3001c48e0b48cb46337b88a2d4649830cd9,2024-08-27T18:33:14.247000 CVE-2024-8207,0,0,498323e8227fa40c3fd29b85835950264192b60730f689cfc748d515dfd6f7ad,2024-08-27T13:01:37.913000 @@ -261444,5 +261447,9 @@ CVE-2024-8228,0,0,93a2ed289eaee58adcb93cda42520d2efec521ebb9601fd9e70d3a991a36c9 CVE-2024-8229,0,0,b4e82f248689c551a8c2d56510132af8816aa6c16d8f7b5aa18c38850899c5a7,2024-08-29T00:10:09.807000 CVE-2024-8230,0,0,51972d3a01eef60d4ec2fcebcc43d9f517d40a0a396b61ca7c24bdef0d5fcb4e,2024-08-29T00:08:24.643000 CVE-2024-8231,0,0,19b769716e3fff898a72bf0ee7d68779b61ab99af63bed31a0498759613ebd4e,2024-08-28T12:57:27.610000 -CVE-2024-8250,0,0,8900d64e25e96bc1ae53b39b4f0c995051fa74e8ba32dae7d165904c43a62b8d,2024-08-29T00:15:09.370000 -CVE-2024-8294,1,1,f879bffabf94ff153e219aedfdf7f5e095a8d490ded0d576b72b11dac593e733,2024-08-29T11:15:29.603000 +CVE-2024-8250,0,1,74fb86f8fe2035c18dd497ff04e870378212b13108551159d2a1c3008bad35b8,2024-08-29T13:25:27.537000 +CVE-2024-8294,0,1,4dbc4ed3db14d85852b6f7a6aa39a58fb9813e3a468ce2496730622a4e7e8e20,2024-08-29T13:25:27.537000 +CVE-2024-8295,1,1,f8b1eacce92adcda34eadca7b6a5f9b0537bcb1008b6d197cf25cbc03f38d464,2024-08-29T13:25:27.537000 +CVE-2024-8296,1,1,66346d5f20138091aa1a5c7abd768c7cc1b063d98b4b8f55461cfa2a34a9e06b,2024-08-29T13:25:27.537000 +CVE-2024-8297,1,1,be3630f7076c181ff3a7dd53d449891a972e9958d66bbbdeb816e8e8d932d822,2024-08-29T13:25:27.537000 +CVE-2024-8301,1,1,a320b86a1c6d3602618f46f60fc09d8dff020322bb7a7b0e43fc9a496aef7f93,2024-08-29T13:25:27.537000