Auto-Update: 2024-03-18T15:00:38.809752+00:00

2025-07-09 16:05:11 +00:00 · 2024-03-18 15:03:26 +00:00 · 2024-03-18 15:03:26 +00:00 · e96b632334
commit e96b632334
parent 7bba001308
86 changed files with 1933 additions and 197 deletions
--- a/CVE-2018/CVE-2018-250xx/CVE-2018-25099.json
+++ b/CVE-2018/CVE-2018-250xx/CVE-2018-25099.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "In the CryptX module before 0.062 for Perl, gcm_decrypt_verify() and chacha20poly1305_decrypt_verify() do not verify the tag."
+    },
+    {
+      "lang": "es",
+      "value": "En el m\u00f3dulo CryptX anterior a 0.062 para Perl, gcm_decrypt_verify() y chacha20poly1305_decrypt_verify() no verifican la etiqueta."
    }
  ],
  "metrics": {},
--- a/CVE-2021/CVE-2021-471xx/CVE-2021-47154.json
+++ b/CVE-2021/CVE-2021-471xx/CVE-2021-47154.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "The Net::CIDR::Lite module before 0.22 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses."
+    },
+    {
+      "lang": "es",
+      "value": "El m\u00f3dulo Net::CIDR::Lite anterior a 0.22 para Perl no considera adecuadamente los caracteres cero extra\u00f1os al comienzo de una cadena de direcci\u00f3n IP, lo que (en algunas situaciones) permite a los atacantes eludir el control de acceso basado en direcciones IP."
    }
  ],
  "metrics": {},
--- a/CVE-2021/CVE-2021-471xx/CVE-2021-47155.json
+++ b/CVE-2021/CVE-2021-471xx/CVE-2021-47155.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "The Net::IPV4Addr module 0.10 for Perl does not properly consider extraneous zero characters in an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses."
+    },
+    {
+      "lang": "es",
+      "value": "El m\u00f3dulo Net::IPV4Addr 0.10 para Perl no considera adecuadamente los caracteres cero extra\u00f1os en una cadena de direcci\u00f3n IP, lo que (en algunas situaciones) permite a los atacantes eludir el control de acceso basado en direcciones IP."
    }
  ],
  "metrics": {},
--- a/CVE-2021/CVE-2021-471xx/CVE-2021-47156.json
+++ b/CVE-2021/CVE-2021-471xx/CVE-2021-47156.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "The Net::IPAddress::Util module before 5.000 for Perl does not properly consider extraneous zero characters in an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses."
+    },
+    {
+      "lang": "es",
+      "value": "El m\u00f3dulo Net::IPAddress::Util anterior a 5.000 para Perl no considera adecuadamente los caracteres cero extra\u00f1os en una cadena de direcci\u00f3n IP, lo que (en algunas situaciones) permite a los atacantes eludir el control de acceso basado en direcciones IP."
    }
  ],
  "metrics": {},
--- a/CVE-2021/CVE-2021-471xx/CVE-2021-47157.json
+++ b/CVE-2021/CVE-2021-471xx/CVE-2021-47157.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "The Kossy module before 0.60 for Perl allows JSON hijacking because of X-Requested-With mishandling."
+    },
+    {
+      "lang": "es",
+      "value": "El m\u00f3dulo Kossy anterior a 0.60 para Perl permite el secuestro de JSON debido al mal manejo de X-Requested-With."
    }
  ],
  "metrics": {},
--- a/CVE-2022/CVE-2022-470xx/CVE-2022-47036.json
+++ b/CVE-2022/CVE-2022-470xx/CVE-2022-47036.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "Siklu TG Terragraph devices before approximately 2.1.1 have a hardcoded root password that has been revealed via a brute force attack on an MD5 hash. It can be used for \"debug login\" by an admin. NOTE: the vulnerability is not fixed by the 2.1.1 firmware; instead, it is fixed in newer hardware, which would typically be used with firmware 2.1.1 or later."
+    },
+    {
+      "lang": "es",
+      "value": "Los dispositivos Siklu TG Terragraph anteriores a aproximadamente 2.1.1 tienen una contrase\u00f1a de root codificada que se ha revelado mediante un ataque de fuerza bruta en un hash MD5. Un administrador puede utilizarlo para \"iniciar sesi\u00f3n de depuraci\u00f3n\". NOTA: la vulnerabilidad no se soluciona con el firmware 2.1.1; en cambio, se soluciona en hardware m\u00e1s nuevo, que normalmente se usar\u00eda con el firmware 2.1.1 o posterior."
    }
  ],
  "metrics": {},
--- a/CVE-2022/CVE-2022-470xx/CVE-2022-47037.json
+++ b/CVE-2022/CVE-2022-470xx/CVE-2022-47037.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "Siklu TG Terragraph devices before 2.1.1 allow attackers to discover valid, randomly generated credentials via GetCredentials."
+    },
+    {
+      "lang": "es",
+      "value": "Los dispositivos Siklu TG Terragraph anteriores a 2.1.1 permiten a los atacantes descubrir credenciales v\u00e1lidas generadas aleatoriamente a trav\u00e9s de GetCredentials."
    }
  ],
  "metrics": {},
--- a/CVE-2023/CVE-2023-521xx/CVE-2023-52159.json
+++ b/CVE-2023/CVE-2023-521xx/CVE-2023-52159.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "A stack-based buffer overflow vulnerability in gross 0.9.3 through 1.x before 1.0.4 allows remote attackers to trigger a denial of service (grossd daemon crash) or potentially execute arbitrary code in grossd via crafted SMTP transaction parameters that cause an incorrect strncat for a log entry."
+    },
+    {
+      "lang": "es",
+      "value": "Una vulnerabilidad de desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria  en gross 0.9.3 hasta 1.x anterior a 1.0.4 permite a atacantes remotos desencadenar una denegaci\u00f3n de servicio (ca\u00edda del demonio de grossd) o potencialmente ejecutar c\u00f3digo arbitrario en grossd a trav\u00e9s de par\u00e1metros de transacci\u00f3n SMTP manipulados que causan un error strncat para una entrada de registro."
    }
  ],
  "metrics": {},
--- a/CVE-2023/CVE-2023-526xx/CVE-2023-52609.json
+++ b/CVE-2023/CVE-2023-526xx/CVE-2023-52609.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbinder: fix race between mmput() and do_exit()\n\nTask A calls binder_update_page_range() to allocate and insert pages on\na remote address space from Task B. For this, Task A pins the remote mm\nvia mmget_not_zero() first. This can race with Task B do_exit() and the\nfinal mmput() refcount decrement will come from Task A.\n\n  Task A            | Task B\n  ------------------+------------------\n  mmget_not_zero()  |\n                    |  do_exit()\n                    |    exit_mm()\n                    |      mmput()\n  mmput()           |\n    exit_mmap()     |\n      remove_vma()  |\n        fput()      |\n\nIn this case, the work of ____fput() from Task B is queued up in Task A\nas TWA_RESUME. So in theory, Task A returns to userspace and the cleanup\nwork gets executed. However, Task A instead sleep, waiting for a reply\nfrom Task B that never comes (it's dead).\n\nThis means the binder_deferred_release() is blocked until an unrelated\nbinder event forces Task A to go back to userspace. All the associated\ndeath notifications will also be delayed until then.\n\nIn order to fix this use mmput_async() that will schedule the work in\nthe corresponding mm->async_put_work WQ instead of Task A."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: binder: corrige la ejecuci\u00f3n entre mmput() y do_exit() La tarea A llama a binder_update_page_range() para asignar e insertar p\u00e1ginas en un espacio de direcciones remoto desde la tarea B. Para esto, la tarea A fija el mm remoto a trav\u00e9s de mmget_not_zero() primero. Esto puede competir con la Tarea B do_exit() y la disminuci\u00f3n final del recuento de mmput() provendr\u00e1 de la Tarea A. Tarea A | Tarea B ------------------+------------------ mmget_not_zero() | | hacer_salir() | salida_mm() | mmput() mmput() | salida_mmap() | eliminar_vma() | salida() | En este caso, el trabajo de ____fput() de la Tarea B se pone en cola en la Tarea A como TWA_RESUME. Entonces, en teor\u00eda, la Tarea A regresa al espacio de usuario y se ejecuta el trabajo de limpieza. Sin embargo, la Tarea A duerme, esperando una respuesta de la Tarea B que nunca llega (est\u00e1 muerta). Esto significa que binder_deferred_release() est\u00e1 bloqueado hasta que un evento de carpeta no relacionado obligue a la Tarea A a regresar al espacio de usuario. Todas las notificaciones de defunci\u00f3n asociadas tambi\u00e9n se retrasar\u00e1n hasta entonces. Para solucionar este problema, utilice mmput_async() que programar\u00e1 el trabajo en el mm-&gt;async_put_work WQ correspondiente en lugar de la Tarea A."
    }
  ],
  "metrics": {},
--- a/CVE-2023/CVE-2023-526xx/CVE-2023-52610.json
+++ b/CVE-2023/CVE-2023-526xx/CVE-2023-52610.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_ct: fix skb leak and crash on ooo frags\n\nact_ct adds skb->users before defragmentation. If frags arrive in order,\nthe last frag's reference is reset in:\n\n  inet_frag_reasm_prepare\n    skb_morph\n\nwhich is not straightforward.\n\nHowever when frags arrive out of order, nobody unref the last frag, and\nall frags are leaked. The situation is even worse, as initiating packet\ncapture can lead to a crash[0] when skb has been cloned and shared at the\nsame time.\n\nFix the issue by removing skb_get() before defragmentation. act_ct\nreturns TC_ACT_CONSUMED when defrag failed or in progress.\n\n[0]:\n[  843.804823] ------------[ cut here ]------------\n[  843.809659] kernel BUG at net/core/skbuff.c:2091!\n[  843.814516] invalid opcode: 0000 [#1] PREEMPT SMP\n[  843.819296] CPU: 7 PID: 0 Comm: swapper/7 Kdump: loaded Tainted: G S 6.7.0-rc3 #2\n[  843.824107] Hardware name: XFUSION 1288H V6/BC13MBSBD, BIOS 1.29 11/25/2022\n[  843.828953] RIP: 0010:pskb_expand_head+0x2ac/0x300\n[  843.833805] Code: 8b 70 28 48 85 f6 74 82 48 83 c6 08 bf 01 00 00 00 e8 38 bd ff ff 8b 83 c0 00 00 00 48 03 83 c8 00 00 00 e9 62 ff ff ff 0f 0b <0f> 0b e8 8d d0 ff ff e9 b3 fd ff ff 81 7c 24 14 40 01 00 00 4c 89\n[  843.843698] RSP: 0018:ffffc9000cce07c0 EFLAGS: 00010202\n[  843.848524] RAX: 0000000000000002 RBX: ffff88811a211d00 RCX: 0000000000000820\n[  843.853299] RDX: 0000000000000640 RSI: 0000000000000000 RDI: ffff88811a211d00\n[  843.857974] RBP: ffff888127d39518 R08: 00000000bee97314 R09: 0000000000000000\n[  843.862584] R10: 0000000000000000 R11: ffff8881109f0000 R12: 0000000000000880\n[  843.867147] R13: ffff888127d39580 R14: 0000000000000640 R15: ffff888170f7b900\n[  843.871680] FS:  0000000000000000(0000) GS:ffff889ffffc0000(0000) knlGS:0000000000000000\n[  843.876242] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[  843.880778] CR2: 00007fa42affcfb8 CR3: 000000011433a002 CR4: 0000000000770ef0\n[  843.885336] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[  843.889809] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[  843.894229] PKRU: 55555554\n[  843.898539] Call Trace:\n[  843.902772]  <IRQ>\n[  843.906922]  ? __die_body+0x1e/0x60\n[  843.911032]  ? die+0x3c/0x60\n[  843.915037]  ? do_trap+0xe2/0x110\n[  843.918911]  ? pskb_expand_head+0x2ac/0x300\n[  843.922687]  ? do_error_trap+0x65/0x80\n[  843.926342]  ? pskb_expand_head+0x2ac/0x300\n[  843.929905]  ? exc_invalid_op+0x50/0x60\n[  843.933398]  ? pskb_expand_head+0x2ac/0x300\n[  843.936835]  ? asm_exc_invalid_op+0x1a/0x20\n[  843.940226]  ? pskb_expand_head+0x2ac/0x300\n[  843.943580]  inet_frag_reasm_prepare+0xd1/0x240\n[  843.946904]  ip_defrag+0x5d4/0x870\n[  843.950132]  nf_ct_handle_fragments+0xec/0x130 [nf_conntrack]\n[  843.953334]  tcf_ct_act+0x252/0xd90 [act_ct]\n[  843.956473]  ? tcf_mirred_act+0x516/0x5a0 [act_mirred]\n[  843.959657]  tcf_action_exec+0xa1/0x160\n[  843.962823]  fl_classify+0x1db/0x1f0 [cls_flower]\n[  843.966010]  ? skb_clone+0x53/0xc0\n[  843.969173]  tcf_classify+0x24d/0x420\n[  843.972333]  tc_run+0x8f/0xf0\n[  843.975465]  __netif_receive_skb_core+0x67a/0x1080\n[  843.978634]  ? dev_gro_receive+0x249/0x730\n[  843.981759]  __netif_receive_skb_list_core+0x12d/0x260\n[  843.984869]  netif_receive_skb_list_internal+0x1cb/0x2f0\n[  843.987957]  ? mlx5e_handle_rx_cqe_mpwrq_rep+0xfa/0x1a0 [mlx5_core]\n[  843.991170]  napi_complete_done+0x72/0x1a0\n[  843.994305]  mlx5e_napi_poll+0x28c/0x6d0 [mlx5_core]\n[  843.997501]  __napi_poll+0x25/0x1b0\n[  844.000627]  net_rx_action+0x256/0x330\n[  844.003705]  __do_softirq+0xb3/0x29b\n[  844.006718]  irq_exit_rcu+0x9e/0xc0\n[  844.009672]  common_interrupt+0x86/0xa0\n[  844.012537]  </IRQ>\n[  844.015285]  <TASK>\n[  844.017937]  asm_common_interrupt+0x26/0x40\n[  844.020591] RIP: 0010:acpi_safe_halt+0x1b/0x20\n[  844.023247] Code: ff 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 65 48 8b 04 25 00 18 03 00 48 8b 00 a8 08 75 0c 66 90 0f 00 2d 81 d0 44 00 fb\n---truncated---"
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: net/sched: act_ct: corrige la fuga de skb y falla en ooo frags act_ct agrega usuarios de skb-&gt; antes de la desfragmentaci\u00f3n. Si los fragmentos llegan en orden, la referencia del \u00faltimo fragmento se restablece en: inet_frag_reasm_prepare skb_morph, lo cual no es sencillo. Sin embargo, cuando los fragmentos llegan desordenados, nadie elimina la referencia del \u00faltimo fragmento y todos los fragmentos se filtran. La situaci\u00f3n es a\u00fan peor, ya que iniciar la captura de paquetes puede provocar una falla[0] cuando skb ha sido clonado y compartido al mismo tiempo. Solucione el problema eliminando skb_get() antes de la desfragmentaci\u00f3n. act_ct devuelve TC_ACT_CONSUMED cuando la desfragmentaci\u00f3n falla o est\u00e1 en progreso. [0]: [843.804823] ------------[ cortar aqu\u00ed ]------------ [ 843.809659] ERROR del kernel en net/core/skbuff.c:2091 ! [843.814516] c\u00f3digo de operaci\u00f3n no v\u00e1lido: 0000 [#1] PREEMPT SMP [ 843.819296] CPU: 7 PID: 0 Comm: swapper/7 Kdump: cargado Contaminado: GS 6.7.0-rc3 #2 [ 843.824107] Nombre de hardware: XFUSION 1288H V6/ BC13MBSBD, BIOS 1.29 25/11/2022 [ 843.828953] RIP: 0010:pskb_expand_head+0x2ac/0x300 [ 843.833805] C\u00f3digo: 8b 70 28 48 85 f6 74 82 48 83 c6 08 bf 01 00 0 0 00 e8 38 bd ff ff 8b 83 c0 00 00 00 48 03 83 c8 00 00 00 e9 62 ff ff ff 0f 0b &lt;0f&gt; 0b e8 8d d0 ff ff e9 b3 fd ff ff 81 7c 24 14 40 01 00 00 4c 89 [ 843.843698] RSP: 0 018:ffffc9000cce07c0 EFLAGS: 00010202 [843.848524] RAX: 00000000000000002 RBX: ffff88811a211d00 RCX: 00000000000000820 [843.853299] RDX: 0000000000000640 RSI: 0000000000000000 RDI: ffff88811a211d00 [ 843.857974] RBP: ffff888127d39518 R08: 00000000bee97314 R09: 00000000000000000 [ 843.862584] R10: 00 00000000000000 R11: ffff8881109f0000 R12: 0000000000000880 [ 843.867147] R13: ffff888127d39580 R14: 0000000000000640 R15: ffff888170f7b900 [ 843.871680] FS: 0000000000000000(0 000) GS:ffff889ffffc0000(0000) knlGS:00000000000000000 [ 843.876242] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 843.880778] CR2 : 00007fa42affcfb8 CR3: 000000011433a002 CR4: 0000000000770ef0 [ 843.885336] DR0: 00000000000000000 DR1: 00000000000000000 DR2: 000000000000000 00 [ 843.889809] DR3: 00000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 843.894229] PKRU: 55555554 [ 843.898539] Rastreo de llamadas: [ 843.90277 2]  [843.906922] ? __die_body+0x1e/0x60 [ 843.911032] ? morir+0x3c/0x60 [843.915037]? do_trap+0xe2/0x110 [843.918911]? pskb_expand_head+0x2ac/0x300 [843.922687]? do_error_trap+0x65/0x80 [843.926342]? pskb_expand_head+0x2ac/0x300 [843.929905]? exc_invalid_op+0x50/0x60 [843.933398]? pskb_expand_head+0x2ac/0x300 [843.936835]? asm_exc_invalid_op+0x1a/0x20 [843.940226]? pskb_expand_head+0x2ac/0x300 [ 843.943580] inet_frag_reasm_prepare+0xd1/0x240 [ 843.946904] ip_defrag+0x5d4/0x870 [ 843.950132] nf_ct_handle_fragments+0xec/0x130 [nf_conn pista] [843.953334] tcf_ct_act+0x252/0xd90 [act_ct] [843.956473]? tcf_mirred_act+0x516/0x5a0 [act_mirred] [843.959657] tcf_action_exec+0xa1/0x160 [843.962823] fl_classify+0x1db/0x1f0 [cls_flower] [843.966010] ? skb_clone+0x53/0xc0 [ 843.969173] tcf_classify+0x24d/0x420 [ 843.972333] tc_run+0x8f/0xf0 [ 843.975465] __netif_receive_skb_core+0x67a/0x1080 [ 843.978634 ] ? dev_gro_receive+0x249/0x730 [843.981759] __netif_receive_skb_list_core+0x12d/0x260 [843.984869] netif_receive_skb_list_internal+0x1cb/0x2f0 [843.987957] ? mlx5e_handle_rx_cqe_mpwrq_rep+0xfa/0x1a0 [mlx5_core] [ 843.991170] napi_complete_done+0x72/0x1a0 [ 843.994305] mlx5e_napi_poll+0x28c/0x6d0 [mlx5_core] [ 843.997501] __napi_poll+0x25/0x1b0 [ 844.000627] net_rx_action+0x256/0x330 [ 844.003705] __do_softirq+0xb3/ 0x29b [ 844.006718] irq_exit_rcu+0x9e/0xc0 [ 844.009672] common_interrupt+0x86/0xa0 [ 844.012537]  [ 844.015285]  [ 844.017937] asm_common_interrupt+0x26 /0x40 [844.020591] RIP: 0010:acpi_safe_halt+0x1b/0x20 [ 844.023247] ---truncado ---"
    }
  ],
  "metrics": {},
--- a/CVE-2023/CVE-2023-526xx/CVE-2023-52611.json
+++ b/CVE-2023/CVE-2023-526xx/CVE-2023-52611.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw88: sdio: Honor the host max_req_size in the RX path\n\nLukas reports skb_over_panic errors on his Banana Pi BPI-CM4 which comes\nwith an Amlogic A311D (G12B) SoC and a RTL8822CS SDIO wifi/Bluetooth\ncombo card. The error he observed is identical to what has been fixed\nin commit e967229ead0e (\"wifi: rtw88: sdio: Check the HISR RX_REQUEST\nbit in rtw_sdio_rx_isr()\") but that commit didn't fix Lukas' problem.\n\nLukas found that disabling or limiting RX aggregation works around the\nproblem for some time (but does not fully fix it). In the following\ndiscussion a few key topics have been discussed which have an impact on\nthis problem:\n- The Amlogic A311D (G12B) SoC has a hardware bug in the SDIO controller\n  which prevents DMA transfers. Instead all transfers need to go through\n  the controller SRAM which limits transfers to 1536 bytes\n- rtw88 chips don't split incoming (RX) packets, so if a big packet is\n  received this is forwarded to the host in it's original form\n- rtw88 chips can do RX aggregation, meaning more multiple incoming\n  packets can be pulled by the host from the card with one MMC/SDIO\n  transfer. This Depends on settings in the REG_RXDMA_AGG_PG_TH\n  register (BIT_RXDMA_AGG_PG_TH limits the number of packets that will\n  be aggregated, BIT_DMA_AGG_TO_V1 configures a timeout for aggregation\n  and BIT_EN_PRE_CALC makes the chip honor the limits more effectively)\n\nUse multiple consecutive reads in rtw_sdio_read_port() and limit the\nnumber of bytes which are copied by the host from the card in one\nMMC/SDIO transfer. This allows receiving a buffer that's larger than\nthe hosts max_req_size (number of bytes which can be transferred in\none MMC/SDIO transfer). As a result of this the skb_over_panic error\nis gone as the rtw88 driver is now able to receive more than 1536 bytes\nfrom the card (either because the incoming packet is larger than that\nor because multiple packets have been aggregated).\n\nIn case of an receive errors (-EILSEQ has been observed by Lukas) we\nneed to drain the remaining data from the card's buffer, otherwise the\ncard will return corrupt data for the next rtw_sdio_read_port() call."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: rtw88: sdio: respeta el host max_req_size en la ruta RX. Lukas informa errores skb_over_panic en su Banana Pi BPI-CM4 que viene con un SoC Amlogic A311D (G12B) y un RTL8822CS. Tarjeta combinada SDIO wifi/Bluetooth. El error que observ\u00f3 es id\u00e9ntico a lo que se solucion\u00f3 en el commit e967229ead0e (\"wifi: rtw88: sdio: verifique el bit HISR RX_REQUEST en rtw_sdio_rx_isr()\") pero esa confirmaci\u00f3n no solucion\u00f3 el problema de Lukas. Lukas descubri\u00f3 que deshabilitar o limitar la agregaci\u00f3n de RX soluciona el problema durante alg\u00fan tiempo (pero no lo soluciona por completo). En la siguiente discusi\u00f3n se discutieron algunos temas clave que tienen un impacto en este problema: - El SoC Amlogic A311D (G12B) tiene un error de hardware en el controlador SDIO que impide las transferencias DMA. En lugar de ello, todas las transferencias deben pasar por el controlador SRAM, que limita las transferencias a 1536 bytes. Los chips rtw88 no dividen los paquetes entrantes (RX), por lo que si se recibe un paquete grande, este se reenv\u00eda al host en su forma original. Los chips rtw88 pueden realice la agregaci\u00f3n RX, lo que significa que el host puede extraer m\u00e1s paquetes entrantes de la tarjeta con una transferencia MMC/SDIO. Esto depende de la configuraci\u00f3n en el registro REG_RXDMA_AGG_PG_TH (BIT_RXDMA_AGG_PG_TH limita la cantidad de paquetes que se agregar\u00e1n, BIT_DMA_AGG_TO_V1 configura un tiempo de espera para la agregaci\u00f3n y BIT_EN_PRE_CALC hace que el chip respete los l\u00edmites de manera m\u00e1s efectiva) Use m\u00faltiples lecturas consecutivas en rtw_sdio_read_port() y limite la cantidad de bytes que el host copia desde la tarjeta en una transferencia MMC/SDIO. Esto permite recibir un b\u00fafer que es mayor que el max_req_size del host (n\u00famero de bytes que se pueden transferir en una transferencia MMC/SDIO). Como resultado de esto, el error skb_over_panic desapareci\u00f3 ya que el controlador rtw88 ahora puede recibir m\u00e1s de 1536 bytes de la tarjeta (ya sea porque el paquete entrante es m\u00e1s grande o porque se han agregado varios paquetes). En caso de errores de recepci\u00f3n (Lukas ha observado -EILSEQ), debemos drenar los datos restantes del b\u00fafer de la tarjeta; de lo contrario, la tarjeta devolver\u00e1 datos corruptos para la siguiente llamada a rtw_sdio_read_port()."
    }
  ],
  "metrics": {},
--- a/CVE-2023/CVE-2023-526xx/CVE-2023-52612.json
+++ b/CVE-2023/CVE-2023-526xx/CVE-2023-52612.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: scomp - fix req->dst buffer overflow\n\nThe req->dst buffer size should be checked before copying from the\nscomp_scratch->dst to avoid req->dst buffer overflow problem."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: crypto: scomp - corrige el desbordamiento del b\u00fafer req-&gt;dst. El tama\u00f1o del b\u00fafer req-&gt;dst debe verificarse antes de copiar desde scomp_scratch-&gt;dst para evitar el problema de desbordamiento del b\u00fafer req-&gt;dst. ."
    }
  ],
  "metrics": {},
--- a/CVE-2023/CVE-2023-526xx/CVE-2023-52613.json
+++ b/CVE-2023/CVE-2023-526xx/CVE-2023-52613.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers/thermal/loongson2_thermal: Fix incorrect PTR_ERR() judgment\n\nPTR_ERR() returns -ENODEV when thermal-zones are undefined, and we need\n-ENODEV as the right value for comparison.\n\nOtherwise, tz->type is NULL when thermal-zones is undefined, resulting\nin the following error:\n\n[   12.290030] CPU 1 Unable to handle kernel paging request at virtual address fffffffffffffff1, era == 900000000355f410, ra == 90000000031579b8\n[   12.302877] Oops[#1]:\n[   12.305190] CPU: 1 PID: 181 Comm: systemd-udevd Not tainted 6.6.0-rc7+ #5385\n[   12.312304] pc 900000000355f410 ra 90000000031579b8 tp 90000001069e8000 sp 90000001069eba10\n[   12.320739] a0 0000000000000000 a1 fffffffffffffff1 a2 0000000000000014 a3 0000000000000001\n[   12.329173] a4 90000001069eb990 a5 0000000000000001 a6 0000000000001001 a7 900000010003431c\n[   12.337606] t0 fffffffffffffff1 t1 54567fd5da9b4fd4 t2 900000010614ec40 t3 00000000000dc901\n[   12.346041] t4 0000000000000000 t5 0000000000000004 t6 900000010614ee20 t7 900000000d00b790\n[   12.354472] t8 00000000000dc901 u0 54567fd5da9b4fd4 s9 900000000402ae10 s0 900000010614ec40\n[   12.362916] s1 90000000039fced0 s2 ffffffffffffffed s3 ffffffffffffffed s4 9000000003acc000\n[   12.362931] s5 0000000000000004 s6 fffffffffffff000 s7 0000000000000490 s8 90000001028b2ec8\n[   12.362938]    ra: 90000000031579b8 thermal_add_hwmon_sysfs+0x258/0x300\n[   12.386411]   ERA: 900000000355f410 strscpy+0xf0/0x160\n[   12.391626]  CRMD: 000000b0 (PLV0 -IE -DA +PG DACF=CC DACM=CC -WE)\n[   12.397898]  PRMD: 00000004 (PPLV0 +PIE -PWE)\n[   12.403678]  EUEN: 00000000 (-FPE -SXE -ASXE -BTE)\n[   12.409859]  ECFG: 00071c1c (LIE=2-4,10-12 VS=7)\n[   12.415882] ESTAT: 00010000 [PIL] (IS= ECode=1 EsubCode=0)\n[   12.415907]  BADV: fffffffffffffff1\n[   12.415911]  PRID: 0014a000 (Loongson-64bit, Loongson-2K1000)\n[   12.415917] Modules linked in: loongson2_thermal(+) vfat fat uio_pdrv_genirq uio fuse zram zsmalloc\n[   12.415950] Process systemd-udevd (pid: 181, threadinfo=00000000358b9718, task=00000000ace72fe3)\n[   12.415961] Stack : 0000000000000dc0 54567fd5da9b4fd4 900000000402ae10 9000000002df9358\n[   12.415982]         ffffffffffffffed 0000000000000004 9000000107a10aa8 90000001002a3410\n[   12.415999]         ffffffffffffffed ffffffffffffffed 9000000107a11268 9000000003157ab0\n[   12.416016]         9000000107a10aa8 ffffff80020fc0c8 90000001002a3410 ffffffffffffffed\n[   12.416032]         0000000000000024 ffffff80020cc1e8 900000000402b2a0 9000000003acc000\n[   12.416048]         90000001002a3410 0000000000000000 ffffff80020f4030 90000001002a3410\n[   12.416065]         0000000000000000 9000000002df6808 90000001002a3410 0000000000000000\n[   12.416081]         ffffff80020f4030 0000000000000000 90000001002a3410 9000000002df2ba8\n[   12.416097]         00000000000000b4 90000001002a34f4 90000001002a3410 0000000000000002\n[   12.416114]         ffffff80020f4030 fffffffffffffff0 90000001002a3410 9000000002df2f30\n[   12.416131]         ...\n[   12.416138] Call Trace:\n[   12.416142] [<900000000355f410>] strscpy+0xf0/0x160\n[   12.416167] [<90000000031579b8>] thermal_add_hwmon_sysfs+0x258/0x300\n[   12.416183] [<9000000003157ab0>] devm_thermal_add_hwmon_sysfs+0x50/0xe0\n[   12.416200] [<ffffff80020cc1e8>] loongson2_thermal_probe+0x128/0x200 [loongson2_thermal]\n[   12.416232] [<9000000002df6808>] platform_probe+0x68/0x140\n[   12.416249] [<9000000002df2ba8>] really_probe+0xc8/0x3c0\n[   12.416269] [<9000000002df2f30>] __driver_probe_device+0x90/0x180\n[   12.416286] [<9000000002df3058>] driver_probe_device+0x38/0x160\n[   12.416302] [<9000000002df33a8>] __driver_attach+0xa8/0x200\n[   12.416314] [<9000000002deffec>] bus_for_each_dev+0x8c/0x120\n[   12.416330] [<9000000002df198c>] bus_add_driver+0x10c/0x2a0\n[   12.416346] [<9000000002df46b4>] driver_register+0x74/0x160\n[   12.416358] [<90000000022201a4>] do_one_initcall+0x84/0x220\n[   12.416372] [<90000000022f3ab8>] do_init_module+0x58/0x2c0\n[\n---truncated---"
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: drivers/thermal/loongson2_thermal: corrige el juicio PTR_ERR() incorrecto. PTR_ERR() devuelve -ENODEV cuando las zonas t\u00e9rmicas no est\u00e1n definidas y necesitamos -ENODEV como el valor correcto para comparar. De lo contrario, tz-&gt;type es NULL cuando las zonas t\u00e9rmicas no est\u00e1n definidas, lo que genera el siguiente error: [12.290030] CPU 1 No se puede manejar la solicitud de paginaci\u00f3n del kernel en la direcci\u00f3n virtual ffffffffffffffff1, era == 900000000355f410, ra == 90000000031579b8 [ 12.302877] Ups [#1]: [ 12.305190] CPU: 1 PID: 181 Comm: systemd-udevd No contaminado 6.6.0-rc7+ #5385 [ 12.312304] pc 900000000355f410 ra 90000000031579b8 tp 90000001069e8000 sp 90000001069eba10 [ 12.320739] a0 0000000000000000 a1 ffffffffffffffff1 a2 0000000000000014 a3 0000000000000001 [ 12.329173] a4 90000001069eb990 a5 0000000000000001 a6 0000000000001001 a7 900000010003431c [ 12.337606] t0 ffffffffffffffff1 t1 54567fd5da9b 4fd4 t2 900000010614ec40 t3 00000000000dc901 [ 12.346041] t4 0000000000000000 t5 00000000000000004 t6 900000010614ee20 t7 900000000d00b 790 [ 12.354472] t8 00000000000dc901 u0 54567fd5da9b4fd4 s9 900000000402ae10 s0 900000010614ec40 [ 12.362916] s1 90000000039fced0 s2 ffffffffffffffff s3 ffffffffffffffff s4 9000000003acc000 [ 12.362931] s5 0000000000000004 s6 fffffffffffff000 s7 0000000000000490 s8 90000001028b2ec8 [ 12.362938] ra: 90000000031579b8 Thermal_add_hwmon_sysfs+0x258/0x300 [ 12.386411] ERA: 900000000355f410 strscpy+0xf0/0x160 [ 12.391626] CRMD: 00000 0b0 (PLV0 -IE -DA +PG DACF=CC DACM=CC -WE) [ 12.397898] PRMD: 00000004 (PPLV0 +PIE -PWE) [ 12.403678] EUEN: 00000000 (-FPE -SXE -ASXE -BTE) [ 12.409859] ECFG: 00071c1c (LIE=2 -4,10-12 vs = 7) [12.415882] ESTAT: 00010000 [PIL] (IS = ECODE = 1 ESUBCODE = 0) [12.415907] BADV: FFFFFFFFFFFFFF1 [12.415911] PRID: 0014A000 (Loongson-64bit, Loongson-24000) [12.415917] M\u00f3dulos vinculados en: loongson2_thermal(+) vfat fat uio_pdrv_genirq uio fuse zram zsmalloc [12.415950] Proceso systemd-udevd (pid: 181, threadinfo=00000000358b9718, task=00000000ace72fe3) [ 12.415961] Pila: 0000000000000dc0 54567fd5da9b4fd4 900000000402ae10 9000000002df9358 [12.415982] ffffffffffffff 0000000000000004 9000000107a10aa8 90000001002a3410 [ 12.415999] ffffffffffffff ffffffffffffff 9000000107a11268 9000000003157ab0 [ 12.416016] 9000000107a10aa8 ffffff80020fc0c8 90000001002a3410 ffffffffffffffed [ 12.416032] 00000000000000024 ffffff80020cc1e8 900000000402b2 a0 9000000003acc000 [ 12.416048] 90000001002a3410 0000000000000000 ffffff80020f4030 90000001002a3410 [ 12.416065] 00000000000000000 9000000002df6808 90000001002a3410 0000000000000000 [ 12.416081] ffffff80020f4030 00000000000000000 90000001002a3410 9000000002df2ba 8 [ 12.416097] 00000000000000b4 90000001002a34f4 90000001002a3410 0000000000000002 [ 12.416114] ffffff80020f4030 ffffffffffffff0 90000001002a3410 9000000002df2f30 [ 12 .416131] ... [ 12.416138] Seguimiento de llamadas: [ 12.416142] [&lt;900000000355f410&gt;] strscpy+0xf0/0x160 [ 12.416167] [&lt;90000000031579b8&gt;] Thermal_add_hwmon_sysfs+0x258/0 x300 [12.416183 ] [&lt;9000000003157ab0&gt;] devm_thermal_add_hwmon_sysfs+0x50/0xe0 [ 12.416200] [] loongson2_thermal_probe+0x128/0x200 [loongson2_thermal] [ 12.416232] [&lt;9 000000002df6808&gt;] plataforma_probe+0x68/0x140 [ 12.416249] [&lt;9000000002df2ba8&gt;] realmente_probe+ 0xc8/0x3c0 [ 12.416269] [&lt;9000000002df2f30&gt;] __driver_probe_device+0x90/0x180 [ 12.416286] [&lt;9000000002df3058&gt;] driver_probe_device+0x38/0x160 [ 12.41630 2] [&lt;9000000002df33a8&gt;] __driver_attach+0xa8/0x200 [ 12.416314] [&lt;9000000002deffec&gt;] bus_for_each_dev+0x8c/0x120 [ 12.416330] [&lt;9000000002df198c&gt;] bus_add_driver+0x10c/0x2a0 [ 12.416346] [&lt;9000000002df46b4&gt;] driver_register+0x74/0x160 [ 12.41 6358] [&lt;90000000022201a4&gt;] do_one_initcall+0x84/0x220 [ 12.416372] [&lt;90000000022f3ab8 &gt;] do_init_module+0x58/0x2c0 [ ---truncado---"
    }
  ],
  "metrics": {},
--- a/CVE-2023/CVE-2023-526xx/CVE-2023-52614.json
+++ b/CVE-2023/CVE-2023-526xx/CVE-2023-52614.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM / devfreq: Fix buffer overflow in trans_stat_show\n\nFix buffer overflow in trans_stat_show().\n\nConvert simple snprintf to the more secure scnprintf with size of\nPAGE_SIZE.\n\nAdd condition checking if we are exceeding PAGE_SIZE and exit early from\nloop. Also add at the end a warning that we exceeded PAGE_SIZE and that\nstats is disabled.\n\nReturn -EFBIG in the case where we don't have enough space to write the\nfull transition table.\n\nAlso document in the ABI that this function can return -EFBIG error."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: PM / devfreq: Arreglar desbordamiento de b\u00fafer en trans_stat_show Arreglar desbordamiento de b\u00fafer en trans_stat_show(). Convierta snprintf simple en scnprintf m\u00e1s seguro con un tama\u00f1o de PAGE_SIZE. Agregue verificaci\u00f3n de condiciones si excedemos PAGE_SIZE y salga temprano del ciclo. Tambi\u00e9n agregue al final una advertencia de que excedimos PAGE_SIZE y que las estad\u00edsticas est\u00e1n deshabilitadas. Devuelve -EFBIG en el caso de que no tengamos suficiente espacio para escribir la tabla de transici\u00f3n completa. Tambi\u00e9n documente en la ABI que esta funci\u00f3n puede devolver el error -EFBIG."
    }
  ],
  "metrics": {},
--- a/CVE-2023/CVE-2023-526xx/CVE-2023-52615.json
+++ b/CVE-2023/CVE-2023-526xx/CVE-2023-52615.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwrng: core - Fix page fault dead lock on mmap-ed hwrng\n\nThere is a dead-lock in the hwrng device read path.  This triggers\nwhen the user reads from /dev/hwrng into memory also mmap-ed from\n/dev/hwrng.  The resulting page fault triggers a recursive read\nwhich then dead-locks.\n\nFix this by using a stack buffer when calling copy_to_user."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: hwrng: core: soluciona el bloqueo de falla de p\u00e1gina en mmap-ed hwrng Hay un bloqueo en la ruta de lectura del dispositivo hwrng. Esto se activa cuando el usuario lee desde /dev/hwrng en la memoria y tambi\u00e9n realiza mmap-ed desde /dev/hwrng. El error de p\u00e1gina resultante desencadena una lectura recursiva que luego se bloquea. Solucione este problema utilizando un b\u00fafer de pila al llamar a copy_to_user."
    }
  ],
  "metrics": {},
--- a/CVE-2023/CVE-2023-526xx/CVE-2023-52616.json
+++ b/CVE-2023/CVE-2023-526xx/CVE-2023-52616.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init\n\nWhen the mpi_ec_ctx structure is initialized, some fields are not\ncleared, causing a crash when referencing the field when the\nstructure was released. Initially, this issue was ignored because\nmemory for mpi_ec_ctx is allocated with the __GFP_ZERO flag.\nFor example, this error will be triggered when calculating the\nZa value for SM2 separately."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: crypto: lib/mpi: corrige el acceso inesperado al puntero en mpi_ec_init Cuando se inicializa la estructura mpi_ec_ctx, algunos campos no se borran, lo que provoca un bloqueo al hacer referencia al campo cuando se lanz\u00f3 la estructura. Inicialmente, este problema se ignor\u00f3 porque la memoria para mpi_ec_ctx se asigna con el indicador __GFP_ZERO. Por ejemplo, este error se activar\u00e1 al calcular el valor Za para SM2 por separado."
    }
  ],
  "metrics": {},
--- a/CVE-2023/CVE-2023-526xx/CVE-2023-52617.json
+++ b/CVE-2023/CVE-2023-526xx/CVE-2023-52617.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: switchtec: Fix stdev_release() crash after surprise hot remove\n\nA PCI device hot removal may occur while stdev->cdev is held open. The call\nto stdev_release() then happens during close or exit, at a point way past\nswitchtec_pci_remove(). Otherwise the last ref would vanish with the\ntrailing put_device(), just before return.\n\nAt that later point in time, the devm cleanup has already removed the\nstdev->mmio_mrpc mapping. Also, the stdev->pdev reference was not a counted\none. Therefore, in DMA mode, the iowrite32() in stdev_release() will cause\na fatal page fault, and the subsequent dma_free_coherent(), if reached,\nwould pass a stale &stdev->pdev->dev pointer.\n\nFix by moving MRPC DMA shutdown into switchtec_pci_remove(), after\nstdev_kill(). Counting the stdev->pdev ref is now optional, but may prevent\nfuture accidents.\n\nReproducible via the script at\nhttps://lore.kernel.org/r/20231113212150.96410-1-dns@arista.com"
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: PCI: switchtec: corrige el bloqueo de stdev_release() despu\u00e9s de una eliminaci\u00f3n sorpresa en caliente. Puede ocurrir una eliminaci\u00f3n en caliente del dispositivo PCI mientras stdev-&gt;cdev se mantiene abierto. La llamada a stdev_release() ocurre durante el cierre o la salida, en un punto mucho m\u00e1s all\u00e1 de switchtec_pci_remove(). De lo contrario, la \u00faltima referencia desaparecer\u00eda con el put_device() final, justo antes del retorno. En ese momento posterior, la limpieza devm ya elimin\u00f3 la asignaci\u00f3n stdev-&gt;mmio_mrpc. Adem\u00e1s, la referencia stdev-&gt;pdev no se contaba. Por lo tanto, en modo DMA, iowrite32() en stdev_release() causar\u00e1 un error de p\u00e1gina fatal, y el dma_free_coherent() posterior, si se alcanza, pasar\u00eda un puntero &amp;stdev-&gt;pdev-&gt;dev obsoleto. Para solucionarlo, mueva el apagado de MRPC DMA a switchtec_pci_remove(), despu\u00e9s de stdev_kill(). Contar stdev-&gt;pdev ref ahora es opcional, pero puede evitar accidentes futuros. Reproducible a trav\u00e9s del script en https://lore.kernel.org/r/20231113212150.96410-1-dns@arista.com"
    }
  ],
  "metrics": {},
--- a/CVE-2023/CVE-2023-526xx/CVE-2023-52618.json
+++ b/CVE-2023/CVE-2023-526xx/CVE-2023-52618.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock/rnbd-srv: Check for unlikely string overflow\n\nSince \"dev_search_path\" can technically be as large as PATH_MAX,\nthere was a risk of truncation when copying it and a second string\ninto \"full_path\" since it was also PATH_MAX sized. The W=1 builds were\nreporting this warning:\n\ndrivers/block/rnbd/rnbd-srv.c: In function 'process_msg_open.isra':\ndrivers/block/rnbd/rnbd-srv.c:616:51: warning: '%s' directive output may be truncated writing up to 254 bytes into a region of size between 0 and 4095 [-Wformat-truncation=]\n  616 |                 snprintf(full_path, PATH_MAX, \"%s/%s\",\n      |                                                   ^~\nIn function 'rnbd_srv_get_full_path',\n    inlined from 'process_msg_open.isra' at drivers/block/rnbd/rnbd-srv.c:721:14: drivers/block/rnbd/rnbd-srv.c:616:17: note: 'snprintf' output between 2 and 4351 bytes into a destination of size 4096\n  616 |                 snprintf(full_path, PATH_MAX, \"%s/%s\",\n      |                 ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n  617 |                          dev_search_path, dev_name);\n      |                          ~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nTo fix this, unconditionally check for truncation (as was already done\nfor the case where \"%SESSNAME%\" was present)."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: block/rnbd-srv: Comprueba si hay un desbordamiento de cadena improbable. Dado que \"dev_search_path\" t\u00e9cnicamente puede ser tan grande como PATH_MAX, exist\u00eda el riesgo de truncamiento al copiarlo y una segunda cadena en \" full_path\" ya que tambi\u00e9n ten\u00eda un tama\u00f1o PATH_MAX. Las compilaciones W=1 informaban esta advertencia: drivers/block/rnbd/rnbd-srv.c: En funci\u00f3n 'process_msg_open.isra': drivers/block/rnbd/rnbd-srv.c:616:51: advertencia: '% La salida de la directiva s se puede truncar escribiendo hasta 254 bytes en una regi\u00f3n de tama\u00f1o entre 0 y 4095 [-Wformat-truncation=] 616 | snprintf(full_path, PATH_MAX, \"%s/%s\", | ^~ En la funci\u00f3n 'rnbd_srv_get_full_path', insertada desde 'process_msg_open.isra' en drivers/block/rnbd/rnbd-srv.c:721:14: drivers/block /rnbd/rnbd-srv.c:616:17: nota: 'snprintf' genera entre 2 y 4351 bytes en un destino de tama\u00f1o 4096 616 | snprintf(full_path, PATH_MAX, \"%s/%s\", | ^~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 617 | dev_search_path, dev_name); | ~~~~~~~ ~~~~~~~~~~~~~~~~~~~ Para solucionar este problema, verifique incondicionalmente el truncamiento (como ya se hizo en el caso en el que \"%SESSNAME%\" estaba presente)."
    }
  ],
  "metrics": {},
--- a/CVE-2023/CVE-2023-526xx/CVE-2023-52619.json
+++ b/CVE-2023/CVE-2023-526xx/CVE-2023-52619.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npstore/ram: Fix crash when setting number of cpus to an odd number\n\nWhen the number of cpu cores is adjusted to 7 or other odd numbers,\nthe zone size will become an odd number.\nThe address of the zone will become:\n    addr of zone0 = BASE\n    addr of zone1 = BASE + zone_size\n    addr of zone2 = BASE + zone_size*2\n    ...\nThe address of zone1/3/5/7 will be mapped to non-alignment va.\nEventually crashes will occur when accessing these va.\n\nSo, use ALIGN_DOWN() to make sure the zone size is even\nto avoid this bug."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: pstore/ram: soluciona el fallo al establecer el n\u00famero de CPU en un n\u00famero impar. Cuando el n\u00famero de n\u00facleos de CPU se ajusta a 7 u otros n\u00fameros impares, el tama\u00f1o de la zona se convertir\u00e1 en un n\u00famero impar. La direcci\u00f3n de la zona se convertir\u00e1 en: direcci\u00f3n de zona0 = BASE direcci\u00f3n de zona1 = BASE + tama\u00f1o_zona direcci\u00f3n de zona2 = BASE + tama\u00f1o_zona*2 ... La direcci\u00f3n de zona1/3/5/7 se asignar\u00e1 a va no alineada . Eventualmente se producir\u00e1n fallas al acceder a estos va. Entonces, use ALIGN_DOWN() para asegurarse de que el tama\u00f1o de la zona sea uniforme para evitar este error."
    }
  ],
  "metrics": {},
--- a/CVE-2023/CVE-2023-72xx/CVE-2023-7250.json
+++ b/CVE-2023/CVE-2023-72xx/CVE-2023-7250.json
@ -0,0 +1,59 @@
+{
+  "id": "CVE-2023-7250",
+  "sourceIdentifier": "secalert@redhat.com",
+  "published": "2024-03-18T13:15:06.910",
+  "lastModified": "2024-03-18T13:15:06.910",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A flaw was found in iperf, a utility for testing network performance using TCP, UDP, and SCTP. A malicious or malfunctioning client can send less than the expected amount of data to the iperf server, which can cause the server to hang indefinitely waiting for the remainder or until the connection gets closed. This will prevent other connections to the server, leading to a denial of service."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "secalert@redhat.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "LOW",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "secalert@redhat.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-183"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://access.redhat.com/security/cve/CVE-2023-7250",
+      "source": "secalert@redhat.com"
+    },
+    {
+      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2244707",
+      "source": "secalert@redhat.com"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-02xx/CVE-2024-0227.json
+++ b/CVE-2024/CVE-2024-02xx/CVE-2024-0227.json
@ -2,110 +2,14 @@
  "id": "CVE-2024-0227",
  "sourceIdentifier": "disclosure@synopsys.com",
  "published": "2024-01-11T20:15:44.003",
-  "lastModified": "2024-01-18T18:32:10.307",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2024-03-18T14:15:07.283",
+  "vulnStatus": "Rejected",
  "descriptions": [
    {
      "lang": "en",
-      "value": "\nDevise-Two-Factor does not throttle or otherwise restrict login attempts at the server by default. When combined with the Time-based One Time Password algorithm's (TOTP) inherent entropy limitations, it's possible for an attacker to bypass the 2FA mechanism through brute-force attacks.\n\n"
-    },
-    {
-      "lang": "es",
-      "value": "Devise-Two-Factor no acelera ni restringe los intentos de inicio de sesi\u00f3n en el servidor de forma predeterminada. Cuando se combina con las limitaciones de entrop\u00eda inherentes del algoritmo de Time-based One Time Password (TOTP), es posible que un atacante evite el mecanismo 2FA mediante ataques de fuerza bruta."
+      "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
    }
  ],
-  "metrics": {
-    "cvssMetricV31": [
-      {
-        "source": "nvd@nist.gov",
-        "type": "Primary",
-        "cvssData": {
-          "version": "3.1",
-          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
-          "attackVector": "NETWORK",
-          "attackComplexity": "HIGH",
-          "privilegesRequired": "NONE",
-          "userInteraction": "NONE",
-          "scope": "UNCHANGED",
-          "confidentialityImpact": "HIGH",
-          "integrityImpact": "HIGH",
-          "availabilityImpact": "HIGH",
-          "baseScore": 8.1,
-          "baseSeverity": "HIGH"
-        },
-        "exploitabilityScore": 2.2,
-        "impactScore": 5.9
-      },
-      {
-        "source": "disclosure@synopsys.com",
-        "type": "Secondary",
-        "cvssData": {
-          "version": "3.1",
-          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
-          "attackVector": "NETWORK",
-          "attackComplexity": "HIGH",
-          "privilegesRequired": "LOW",
-          "userInteraction": "NONE",
-          "scope": "UNCHANGED",
-          "confidentialityImpact": "LOW",
-          "integrityImpact": "LOW",
-          "availabilityImpact": "LOW",
-          "baseScore": 5.0,
-          "baseSeverity": "MEDIUM"
-        },
-        "exploitabilityScore": 1.6,
-        "impactScore": 3.4
-      }
-    ]
-  },
-  "weaknesses": [
-    {
-      "source": "nvd@nist.gov",
-      "type": "Primary",
-      "description": [
-        {
-          "lang": "en",
-          "value": "CWE-307"
-        }
-      ]
-    },
-    {
-      "source": "disclosure@synopsys.com",
-      "type": "Secondary",
-      "description": [
-        {
-          "lang": "en",
-          "value": "CWE-307"
-        }
-      ]
-    }
-  ],
-  "configurations": [
-    {
-      "nodes": [
-        {
-          "operator": "OR",
-          "negate": false,
-          "cpeMatch": [
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:a:tinfoilsecurity:devise-two-factor:*:*:*:*:*:*:*:*",
-              "versionStartIncluding": "1.0.0",
-              "matchCriteriaId": "DF8EF295-A0A5-43B8-8439-5D2D24124D07"
-            }
-          ]
-        }
-      ]
-    }
-  ],
-  "references": [
-    {
-      "url": "https://github.com/devise-two-factor/devise-two-factor/security/advisories/GHSA-chcr-x7hc-8fp8",
-      "source": "disclosure@synopsys.com",
-      "tags": [
-        "Mitigation",
-        "Vendor Advisory"
-      ]
-    }
-  ]
+  "metrics": {},
+  "references": []
 }
--- a/CVE-2024/CVE-2024-10xx/CVE-2024-1013.json
+++ b/CVE-2024/CVE-2024-10xx/CVE-2024-1013.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "An out-of-bounds stack write flaw was found in unixODBC on 64-bit architectures where the caller has 4 bytes and callee writes 8 bytes. This issue may go unnoticed on little-endian architectures, while big-endian architectures can be broken."
+    },
+    {
+      "lang": "es",
+      "value": "Se encontr\u00f3 una falla de escritura de pila fuera de los l\u00edmites en unixODBC en arquitecturas de 64 bits donde la persona que llama tiene 4 bytes y la persona que llama escribe 8 bytes. Este problema puede pasar desapercibido en las arquitecturas little-endian, mientras que las arquitecturas big-endian pueden romperse."
    }
  ],
  "metrics": {
--- a/CVE-2024/CVE-2024-16xx/CVE-2024-1604.json
+++ b/CVE-2024/CVE-2024-16xx/CVE-2024-1604.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "Improper authorization in the report management and creation module of BMC Control-M branches\u00a09.0.20 and 9.0.21 allows logged-in users to read and make unauthorized changes to any reports available within the application, even without proper permissions. The attacker must know the unique identifier of the report they want to manipulate.\n\nFix for 9.0.20 branch was released in version 9.0.20.238.\u00a0Fix for 9.0.21 branch was released in version 9.0.21.201. \n"
+    },
+    {
+      "lang": "es",
+      "value": "La autorizaci\u00f3n inadecuada en el m\u00f3dulo de creaci\u00f3n y gesti\u00f3n de informes de las ramas 9.0.20 y 9.0.21 de BMC Control-M permite a los usuarios registrados leer y realizar cambios no autorizados en cualquier informe disponible dentro de la aplicaci\u00f3n, incluso sin los permisos adecuados. El atacante debe conocer el identificador \u00fanico del informe que quiere manipular. La soluci\u00f3n para la rama 9.0.20 se lanz\u00f3 en la versi\u00f3n 9.0.20.238. La soluci\u00f3n para la rama 9.0.21 se lanz\u00f3 en la versi\u00f3n 9.0.21.201."
    }
  ],
  "metrics": {
--- a/CVE-2024/CVE-2024-16xx/CVE-2024-1605.json
+++ b/CVE-2024/CVE-2024-16xx/CVE-2024-1605.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "BMC Control-M  branches 9.0.20 and 9.0.21 upon user login load all Dynamic Link Libraries (DLL)  from a directory that grants Write and Read permissions to all users. Leveraging it leads to loading of a potentially malicious libraries, which will execute with the application's privileges. \n\nFix for 9.0.20 branch was released in version 9.0.20.238.\u00a0Fix for 9.0.21 branch was released in version 9.0.21.201. \n\n"
+    },
+    {
+      "lang": "es",
+      "value": "BMC Control-M ramificaciones 9.0.20 y 9.0.21 al iniciar sesi\u00f3n el usuario carga todas las librer\u00edas de v\u00ednculos din\u00e1micos (DLL) desde un directorio que otorga permisos de escritura y lectura a todos los usuarios. Aprovecharlo conduce a la carga de librer\u00edas potencialmente maliciosas, que se ejecutar\u00e1n con los privilegios de la aplicaci\u00f3n. La soluci\u00f3n para la rama 9.0.20 se lanz\u00f3 en la versi\u00f3n 9.0.20.238. La soluci\u00f3n para la rama 9.0.21 se lanz\u00f3 en la versi\u00f3n 9.0.21.201."
    }
  ],
  "metrics": {
--- a/CVE-2024/CVE-2024-16xx/CVE-2024-1606.json
+++ b/CVE-2024/CVE-2024-16xx/CVE-2024-1606.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "Lack of input sanitization in BMC Control-M  branches 9.0.20 and 9.0.21 allows logged-in users for\u00a0manipulation of generated  web pages via injection of  HTML code. This might lead to a successful phishing attack for example by tricking users into using a hyperlink pointing to a website controlled by an attacker.\n\nFix for 9.0.20 branch was released in version 9.0.20.238.\u00a0Fix for 9.0.21 branch was released in version 9.0.21.200. \n\n"
+    },
+    {
+      "lang": "es",
+      "value": "La falta de sanitizaci\u00f3n de entradas en las ramas 9.0.20 y 9.0.21 de BMC Control-M permite a los usuarios registrados manipular las p\u00e1ginas web generadas mediante la inyecci\u00f3n de c\u00f3digo HTML. Esto podr\u00eda conducir a un ataque de phishing exitoso, por ejemplo, enga\u00f1ando a los usuarios para que utilicen un hiperv\u00ednculo que apunte a un sitio web controlado por un atacante. La soluci\u00f3n para la rama 9.0.20 se lanz\u00f3 en la versi\u00f3n 9.0.20.238. La soluci\u00f3n para la rama 9.0.21 se lanz\u00f3 en la versi\u00f3n 9.0.21.200."
    }
  ],
  "metrics": {
--- a/CVE-2024/CVE-2024-207xx/CVE-2024-20767.json
+++ b/CVE-2024/CVE-2024-207xx/CVE-2024-20767.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Access Control vulnerability that could lead to arbitrary file system read. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access to sensitive files and perform arbitrary file system write. Exploitation of this issue does not require user interaction."
+    },
+    {
+      "lang": "es",
+      "value": "Las versiones 2023.6, 2021.12 y anteriores de ColdFusion se ven afectadas por una vulnerabilidad de control de acceso inadecuado que podr\u00eda provocar una lectura arbitraria del sistema de archivos. Un atacante podr\u00eda aprovechar esta vulnerabilidad para eludir las medidas de seguridad y obtener acceso no autorizado a archivos confidenciales y realizar escrituras arbitrarias en el sistema de archivos. La explotaci\u00f3n de este problema no requiere la interacci\u00f3n del usuario."
    }
  ],
  "metrics": {
--- a/CVE-2024/CVE-2024-20xx/CVE-2024-2002.json
+++ b/CVE-2024/CVE-2024-20xx/CVE-2024-2002.json
@ -0,0 +1,63 @@
+{
+  "id": "CVE-2024-2002",
+  "sourceIdentifier": "secalert@redhat.com",
+  "published": "2024-03-18T13:15:07.657",
+  "lastModified": "2024-03-18T13:15:07.657",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf may try to dealloc(free) an allocation twice, potentially causing unpredictable and various results."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "secalert@redhat.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH",
+          "baseScore": 7.5,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "secalert@redhat.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-415"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://access.redhat.com/security/cve/CVE-2024-2002",
+      "source": "secalert@redhat.com"
+    },
+    {
+      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267700",
+      "source": "secalert@redhat.com"
+    },
+    {
+      "url": "https://github.com/davea42/libdwarf-code/blob/main/bugxml/data.txt",
+      "source": "secalert@redhat.com"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-218xx/CVE-2024-21824.json
+++ b/CVE-2024/CVE-2024-218xx/CVE-2024-21824.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "Improper authentication vulnerability in exists in multiple printers and scanners which implement Web Based Management provided by BROTHER INDUSTRIES, LTD. If this vulnerability is exploited, a network-adjacent user who can access the product may impersonate an administrative user. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References]."
+    },
+    {
+      "lang": "es",
+      "value": "Existe una vulnerabilidad de autenticaci\u00f3n incorrecta en varias impresoras y esc\u00e1neres que implementan la administraci\u00f3n basada en web proporcionada por BROTHER INDUSTRIES, LTD. Si se explota esta vulnerabilidad, un usuario adyacente a la red que pueda acceder al producto puede hacerse pasar por un usuario administrativo. En cuanto a los detalles de los nombres de productos, n\u00fameros de modelo y versiones afectados, consulte la informaci\u00f3n proporcionada por los respectivos proveedores que figuran en [Referencias]."
    }
  ],
  "metrics": {},
--- a/CVE-2024/CVE-2024-224xx/CVE-2024-22475.json
+++ b/CVE-2024/CVE-2024-224xx/CVE-2024-22475.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "Cross-site request forgery vulnerability in multiple printers and scanners which implement Web Based Management provided by BROTHER INDUSTRIES, LTD. allows a remote unauthenticated attacker to perform unintended operations on the affected product. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References]."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de Cross-Site Request Forgery en m\u00faltiples impresoras y esc\u00e1neres que implementan administraci\u00f3n basada en web proporcionada por BROTHER INDUSTRIES, LTD. permite que un atacante remoto no autenticado realice operaciones no deseadas en el producto afectado. En cuanto a los detalles de los nombres de productos, n\u00fameros de modelo y versiones afectados, consulte la informaci\u00f3n proporcionada por los respectivos proveedores que figuran en [Referencias]."
    }
  ],
  "metrics": {},
--- a/CVE-2024/CVE-2024-236xx/CVE-2024-23604.json
+++ b/CVE-2024/CVE-2024-236xx/CVE-2024-23604.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "Cross-site scripting vulnerability exists in FitNesse all releases, which may allow a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is using the product and accessing a link with specially crafted multiple parameters."
+    },
+    {
+      "lang": "es",
+      "value": "Existe una vulnerabilidad de cross-site scripting en todas las versiones de FitNesse, lo que puede permitir que un atacante remoto no autenticado ejecute un script arbitrario en el navegador web del usuario que utiliza el producto y accede a un enlace con m\u00faltiples par\u00e1metros especialmente manipulados."
    }
  ],
  "metrics": {},
--- a/CVE-2024/CVE-2024-242xx/CVE-2024-24230.json
+++ b/CVE-2024/CVE-2024-242xx/CVE-2024-24230.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "Komm.One CMS 10.4.2.14 has a Server-Side Template Injection (SSTI) vulnerability via the Velocity template engine. It allows remote attackers to execute arbitrary code via a URL that specifies java.lang.Runtime in conjunction with getRuntime().exec followed by an OS command."
+    },
+    {
+      "lang": "es",
+      "value": "Komm.One CMS 10.4.2.14 tiene una vulnerabilidad de inyecci\u00f3n de plantilla del lado del servidor (SSTI) a trav\u00e9s del motor de plantillas Velocity. Permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de una URL que especifica java.lang.Runtime junto con getRuntime().exec seguido de un comando del sistema operativo."
    }
  ],
  "metrics": {},
--- a/CVE-2024/CVE-2024-245xx/CVE-2024-24539.json
+++ b/CVE-2024/CVE-2024-245xx/CVE-2024-24539.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "FusionPBX before 5.2.0 does not validate a session."
+    },
+    {
+      "lang": "es",
+      "value": "FusionPBX anterior a 5.2.0 no valida una sesi\u00f3n."
    }
  ],
  "metrics": {},
--- a/CVE-2024/CVE-2024-24xx/CVE-2024-2496.json
+++ b/CVE-2024/CVE-2024-24xx/CVE-2024-2496.json
@ -0,0 +1,59 @@
+{
+  "id": "CVE-2024-2496",
+  "sourceIdentifier": "secalert@redhat.com",
+  "published": "2024-03-18T13:15:08.207",
+  "lastModified": "2024-03-18T13:15:08.207",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces() function in libvirt. This issue can occur when detaching a host interface while at the same time collecting the list of interfaces via virConnectListAllInterfaces API. This flaw could be used to perform a denial of service attack by causing the libvirt daemon to crash."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "secalert@redhat.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH",
+          "baseScore": 5.0,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 1.3,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "secalert@redhat.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-476"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://access.redhat.com/security/cve/CVE-2024-2496",
+      "source": "secalert@redhat.com"
+    },
+    {
+      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269672",
+      "source": "secalert@redhat.com"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-25xx/CVE-2024-2574.json
+++ b/CVE-2024/CVE-2024-25xx/CVE-2024-2574.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "A vulnerability classified as critical was found in SourceCodester Employee Task Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /edit-task.php. The manipulation of the argument task_id leads to authorization bypass. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257077 was assigned to this vulnerability."
+    },
+    {
+      "lang": "es",
+      "value": "Una vulnerabilidad fue encontrada en SourceCodester Employee Task Management System 1.0 y clasificada como cr\u00edtica. Una funci\u00f3n desconocida del archivo /edit-task.php es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento task_id conduce a la omisi\u00f3n de autorizaci\u00f3n. El ataque se puede lanzar de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. A esta vulnerabilidad se le asign\u00f3 el identificador VDB-257077."
    }
  ],
  "metrics": {
--- a/CVE-2024/CVE-2024-25xx/CVE-2024-2575.json
+++ b/CVE-2024/CVE-2024-25xx/CVE-2024-2575.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "A vulnerability, which was classified as critical, has been found in SourceCodester Employee Task Management System 1.0. Affected by this issue is some unknown functionality of the file /task-details.php. The manipulation of the argument task_id leads to authorization bypass. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-257078 is the identifier assigned to this vulnerability."
+    },
+    {
+      "lang": "es",
+      "value": "Una vulnerabilidad fue encontrada en SourceCodester Employee Task Management System 1.0 y clasificada como cr\u00edtica. Una funci\u00f3n desconocida del archivo /task-details.php es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento task_id conduce a la omisi\u00f3n de autorizaci\u00f3n. El ataque puede lanzarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. VDB-257078 es el identificador asignado a esta vulnerabilidad."
    }
  ],
  "metrics": {
--- a/CVE-2024/CVE-2024-25xx/CVE-2024-2576.json
+++ b/CVE-2024/CVE-2024-25xx/CVE-2024-2576.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "A vulnerability, which was classified as critical, was found in SourceCodester Employee Task Management System 1.0. This affects an unknown part of the file /update-admin.php. The manipulation of the argument admin_id leads to authorization bypass. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257079."
+    },
+    {
+      "lang": "es",
+      "value": "Una vulnerabilidad fue encontrada en SourceCodester Employee Task Management System 1.0 y clasificada como cr\u00edtica. Esto afecta a una parte desconocida del archivo /update-admin.php. La manipulaci\u00f3n del argumento admin_id conduce a la omisi\u00f3n de autorizaci\u00f3n. Es posible iniciar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-257079."
    }
  ],
  "metrics": {
--- a/CVE-2024/CVE-2024-25xx/CVE-2024-2577.json
+++ b/CVE-2024/CVE-2024-25xx/CVE-2024-2577.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "A vulnerability has been found in SourceCodester Employee Task Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /update-employee.php. The manipulation of the argument admin_id leads to authorization bypass. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257080."
+    },
+    {
+      "lang": "es",
+      "value": "Una vulnerabilidad fue encontrada en SourceCodester Employee Task Management System 1.0 y clasificada como cr\u00edtica. Esta vulnerabilidad afecta a un c\u00f3digo desconocido del archivo /update-employee.php. La manipulaci\u00f3n del argumento admin_id conduce a la omisi\u00f3n de autorizaci\u00f3n. El ataque se puede iniciar de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-257080."
    }
  ],
  "metrics": {
--- a/CVE-2024/CVE-2024-25xx/CVE-2024-2581.json
+++ b/CVE-2024/CVE-2024-25xx/CVE-2024-2581.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. This issue affects the function fromSetRouteStatic of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257081 was assigned to this vulnerability."
+    },
+    {
+      "lang": "es",
+      "value": "Una vulnerabilidad fue encontrada en Tenda AC10 16.03.10.13 y clasificada como cr\u00edtica. Este problema afecta la funci\u00f3n fromSetRouteStatic del archivo /goform/SetStaticRouteCfg. La manipulaci\u00f3n de la lista de argumentos provoca un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. A esta vulnerabilidad se le asign\u00f3 el identificador VDB-257081."
    }
  ],
  "metrics": {
--- a/CVE-2024/CVE-2024-25xx/CVE-2024-2584.json
+++ b/CVE-2024/CVE-2024-25xx/CVE-2024-2584.json
@ -0,0 +1,55 @@
+{
+  "id": "CVE-2024-2584",
+  "sourceIdentifier": "cve-coordination@incibe.es",
+  "published": "2024-03-18T14:15:10.060",
+  "lastModified": "2024-03-18T14:15:10.060",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/select_send.php, in the 'sd_index' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve-coordination@incibe.es",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 8.2,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 4.2
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve-coordination@incibe.es",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
+      "source": "cve-coordination@incibe.es"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-25xx/CVE-2024-2585.json
+++ b/CVE-2024/CVE-2024-25xx/CVE-2024-2585.json
@ -0,0 +1,55 @@
+{
+  "id": "CVE-2024-2585",
+  "sourceIdentifier": "cve-coordination@incibe.es",
+  "published": "2024-03-18T14:15:10.290",
+  "lastModified": "2024-03-18T14:15:10.290",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/select_send_2.php, in the 'sd_index' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve-coordination@incibe.es",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 8.2,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 4.2
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve-coordination@incibe.es",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
+      "source": "cve-coordination@incibe.es"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-25xx/CVE-2024-2586.json
+++ b/CVE-2024/CVE-2024-25xx/CVE-2024-2586.json
@ -0,0 +1,55 @@
+{
+  "id": "CVE-2024-2586",
+  "sourceIdentifier": "cve-coordination@incibe.es",
+  "published": "2024-03-18T14:15:10.540",
+  "lastModified": "2024-03-18T14:15:10.540",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/index.php, in the 'username' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve-coordination@incibe.es",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 8.2,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 4.2
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve-coordination@incibe.es",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
+      "source": "cve-coordination@incibe.es"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-25xx/CVE-2024-2587.json
+++ b/CVE-2024/CVE-2024-25xx/CVE-2024-2587.json
@ -0,0 +1,55 @@
+{
+  "id": "CVE-2024-2587",
+  "sourceIdentifier": "cve-coordination@incibe.es",
+  "published": "2024-03-18T14:15:10.763",
+  "lastModified": "2024-03-18T14:15:10.763",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/bookdetail_khet_person.php, in multiple\u00a0parameters. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve-coordination@incibe.es",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 8.2,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 4.2
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve-coordination@incibe.es",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
+      "source": "cve-coordination@incibe.es"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-25xx/CVE-2024-2588.json
+++ b/CVE-2024/CVE-2024-25xx/CVE-2024-2588.json
@ -0,0 +1,55 @@
+{
+  "id": "CVE-2024-2588",
+  "sourceIdentifier": "cve-coordination@incibe.es",
+  "published": "2024-03-18T14:15:10.993",
+  "lastModified": "2024-03-18T14:15:10.993",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/admin/index.php, in the 'id'\u00a0parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve-coordination@incibe.es",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 8.2,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 4.2
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve-coordination@incibe.es",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
+      "source": "cve-coordination@incibe.es"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-25xx/CVE-2024-2589.json
+++ b/CVE-2024/CVE-2024-25xx/CVE-2024-2589.json
@ -0,0 +1,55 @@
+{
+  "id": "CVE-2024-2589",
+  "sourceIdentifier": "cve-coordination@incibe.es",
+  "published": "2024-03-18T14:15:11.230",
+  "lastModified": "2024-03-18T14:15:11.230",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/bookdetail_school_person.php, in multiple parameters. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve-coordination@incibe.es",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 8.2,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 4.2
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve-coordination@incibe.es",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
+      "source": "cve-coordination@incibe.es"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-25xx/CVE-2024-2590.json
+++ b/CVE-2024/CVE-2024-25xx/CVE-2024-2590.json
@ -0,0 +1,55 @@
+{
+  "id": "CVE-2024-2590",
+  "sourceIdentifier": "cve-coordination@incibe.es",
+  "published": "2024-03-18T14:15:11.517",
+  "lastModified": "2024-03-18T14:15:11.517",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/mail/main/select_send.php, in the\u00a0'sd_index' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve-coordination@incibe.es",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 8.2,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 4.2
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve-coordination@incibe.es",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
+      "source": "cve-coordination@incibe.es"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-25xx/CVE-2024-2591.json
+++ b/CVE-2024/CVE-2024-25xx/CVE-2024-2591.json
@ -0,0 +1,55 @@
+{
+  "id": "CVE-2024-2591",
+  "sourceIdentifier": "cve-coordination@incibe.es",
+  "published": "2024-03-18T14:15:11.747",
+  "lastModified": "2024-03-18T14:15:11.747",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/bookdetail_group.php, in multiple\u00a0parameters. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve-coordination@incibe.es",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 8.2,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 4.2
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve-coordination@incibe.es",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
+      "source": "cve-coordination@incibe.es"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-25xx/CVE-2024-2592.json
+++ b/CVE-2024/CVE-2024-25xx/CVE-2024-2592.json
@ -0,0 +1,55 @@
+{
+  "id": "CVE-2024-2592",
+  "sourceIdentifier": "cve-coordination@incibe.es",
+  "published": "2024-03-18T14:15:11.987",
+  "lastModified": "2024-03-18T14:15:11.987",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/person/pic_show.php, in the 'person_id' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve-coordination@incibe.es",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 8.2,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 4.2
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve-coordination@incibe.es",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
+      "source": "cve-coordination@incibe.es"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-25xx/CVE-2024-2593.json
+++ b/CVE-2024/CVE-2024-25xx/CVE-2024-2593.json
@ -0,0 +1,55 @@
+{
+  "id": "CVE-2024-2593",
+  "sourceIdentifier": "cve-coordination@incibe.es",
+  "published": "2024-03-18T14:15:12.233",
+  "lastModified": "2024-03-18T14:15:12.233",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Vulnerability in AMSS++ version 4.31, which does not sufficiently encode user-controlled input, resulting in a Cross-Site Scripting (XSS) vulnerability\u00a0through /amssplus/modules/book/main/bookdetail_group.php, in the 'b_id' parameter. This vulnerability could allow a remote attacker to send a specially crafted URL to an authenticated user and steal their session cookie credentials."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve-coordination@incibe.es",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 7.1,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve-coordination@incibe.es",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
+      "source": "cve-coordination@incibe.es"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-25xx/CVE-2024-2594.json
+++ b/CVE-2024/CVE-2024-25xx/CVE-2024-2594.json
@ -0,0 +1,55 @@
+{
+  "id": "CVE-2024-2594",
+  "sourceIdentifier": "cve-coordination@incibe.es",
+  "published": "2024-03-18T14:15:12.463",
+  "lastModified": "2024-03-18T14:15:12.463",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Vulnerability in AMSS++ version 4.31, which does not sufficiently encode user-controlled input, resulting in a Cross-Site Scripting (XSS) vulnerability\u00a0through /amssplus/admin/index.php, in multiple parameters. This vulnerability could allow a remote attacker to send a specially crafted URL to an authenticated user and steal their session cookie credentials."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve-coordination@incibe.es",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 7.1,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve-coordination@incibe.es",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
+      "source": "cve-coordination@incibe.es"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-25xx/CVE-2024-2595.json
+++ b/CVE-2024/CVE-2024-25xx/CVE-2024-2595.json
@ -0,0 +1,55 @@
+{
+  "id": "CVE-2024-2595",
+  "sourceIdentifier": "cve-coordination@incibe.es",
+  "published": "2024-03-18T14:15:12.673",
+  "lastModified": "2024-03-18T14:15:12.673",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Vulnerability in AMSS++ version 4.31, which does not sufficiently encode user-controlled input, resulting in a Cross-Site Scripting (XSS) vulnerability\u00a0through /amssplus/modules/book/main/bookdetail_khet_person.php, in the 'b_id' parameter. This vulnerability could allow a remote attacker to send a specially crafted URL to an authenticated user and steal their session cookie credentials."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve-coordination@incibe.es",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 7.1,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve-coordination@incibe.es",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
+      "source": "cve-coordination@incibe.es"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-25xx/CVE-2024-2596.json
+++ b/CVE-2024/CVE-2024-25xx/CVE-2024-2596.json
@ -0,0 +1,55 @@
+{
+  "id": "CVE-2024-2596",
+  "sourceIdentifier": "cve-coordination@incibe.es",
+  "published": "2024-03-18T14:15:12.893",
+  "lastModified": "2024-03-18T14:15:12.893",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Vulnerability in AMSS++ version 4.31, which does not sufficiently encode user-controlled input, resulting in a Cross-Site Scripting (XSS) vulnerability\u00a0through /amssplus/modules/mail/main/select_send.php, in multiple\u00a0parameters. This vulnerability could allow a remote attacker to send a specially crafted URL to an authenticated user and steal their session cookie credentials."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve-coordination@incibe.es",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 7.1,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve-coordination@incibe.es",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
+      "source": "cve-coordination@incibe.es"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-25xx/CVE-2024-2597.json
+++ b/CVE-2024/CVE-2024-25xx/CVE-2024-2597.json
@ -0,0 +1,55 @@
+{
+  "id": "CVE-2024-2597",
+  "sourceIdentifier": "cve-coordination@incibe.es",
+  "published": "2024-03-18T14:15:13.140",
+  "lastModified": "2024-03-18T14:15:13.140",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Vulnerability in AMSS++ version 4.31, which does not sufficiently encode user-controlled input, resulting in a Cross-Site Scripting (XSS) vulnerability\u00a0through /amssplus/modules/book/main/bookdetail_school_person.php, in the 'b_id' parameter. This vulnerability could allow a remote attacker to send a specially crafted URL to an authenticated user and steal their session cookie credentials."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve-coordination@incibe.es",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 7.1,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve-coordination@incibe.es",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
+      "source": "cve-coordination@incibe.es"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-25xx/CVE-2024-2598.json
+++ b/CVE-2024/CVE-2024-25xx/CVE-2024-2598.json
@ -0,0 +1,55 @@
+{
+  "id": "CVE-2024-2598",
+  "sourceIdentifier": "cve-coordination@incibe.es",
+  "published": "2024-03-18T14:15:13.383",
+  "lastModified": "2024-03-18T14:15:13.383",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Vulnerability in AMSS++ version 4.31, which does not sufficiently encode user-controlled input, resulting in a Cross-Site Scripting (XSS) vulnerability\u00a0through /amssplus/modules/book/main/select_send_2.php, in multiple\u00a0parameters. This vulnerability could allow a remote attacker to send a specially crafted URL to an authenticated user and steal their session cookie credentials."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve-coordination@incibe.es",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 7.1,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve-coordination@incibe.es",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
+      "source": "cve-coordination@incibe.es"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-25xx/CVE-2024-2599.json
+++ b/CVE-2024/CVE-2024-25xx/CVE-2024-2599.json
@ -0,0 +1,55 @@
+{
+  "id": "CVE-2024-2599",
+  "sourceIdentifier": "cve-coordination@incibe.es",
+  "published": "2024-03-18T14:15:13.643",
+  "lastModified": "2024-03-18T14:15:13.643",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "File upload restriction evasion vulnerability in AMSS++ version 4.31. This vulnerability could allow an authenticated user to potentially obtain RCE through webshell, compromising the entire infrastructure."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve-coordination@incibe.es",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 9.9,
+          "baseSeverity": "CRITICAL"
+        },
+        "exploitabilityScore": 3.1,
+        "impactScore": 6.0
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve-coordination@incibe.es",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-434"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
+      "source": "cve-coordination@incibe.es"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-266xx/CVE-2024-26631.json
+++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26631.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: mcast: fix data-race in ipv6_mc_down / mld_ifc_work\n\nidev->mc_ifc_count can be written over without proper locking.\n\nOriginally found by syzbot [1], fix this issue by encapsulating calls\nto mld_ifc_stop_work() (and mld_gq_stop_work() for good measure) with\nmutex_lock() and mutex_unlock() accordingly as these functions\nshould only be called with mc_lock per their declarations.\n\n[1]\nBUG: KCSAN: data-race in ipv6_mc_down / mld_ifc_work\n\nwrite to 0xffff88813a80c832 of 1 bytes by task 3771 on cpu 0:\n mld_ifc_stop_work net/ipv6/mcast.c:1080 [inline]\n ipv6_mc_down+0x10a/0x280 net/ipv6/mcast.c:2725\n addrconf_ifdown+0xe32/0xf10 net/ipv6/addrconf.c:3949\n addrconf_notify+0x310/0x980\n notifier_call_chain kernel/notifier.c:93 [inline]\n raw_notifier_call_chain+0x6b/0x1c0 kernel/notifier.c:461\n __dev_notify_flags+0x205/0x3d0\n dev_change_flags+0xab/0xd0 net/core/dev.c:8685\n do_setlink+0x9f6/0x2430 net/core/rtnetlink.c:2916\n rtnl_group_changelink net/core/rtnetlink.c:3458 [inline]\n __rtnl_newlink net/core/rtnetlink.c:3717 [inline]\n rtnl_newlink+0xbb3/0x1670 net/core/rtnetlink.c:3754\n rtnetlink_rcv_msg+0x807/0x8c0 net/core/rtnetlink.c:6558\n netlink_rcv_skb+0x126/0x220 net/netlink/af_netlink.c:2545\n rtnetlink_rcv+0x1c/0x20 net/core/rtnetlink.c:6576\n netlink_unicast_kernel net/netlink/af_netlink.c:1342 [inline]\n netlink_unicast+0x589/0x650 net/netlink/af_netlink.c:1368\n netlink_sendmsg+0x66e/0x770 net/netlink/af_netlink.c:1910\n ...\n\nwrite to 0xffff88813a80c832 of 1 bytes by task 22 on cpu 1:\n mld_ifc_work+0x54c/0x7b0 net/ipv6/mcast.c:2653\n process_one_work kernel/workqueue.c:2627 [inline]\n process_scheduled_works+0x5b8/0xa30 kernel/workqueue.c:2700\n worker_thread+0x525/0x730 kernel/workqueue.c:2781\n ..."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: ipv6: mcast: corrige data-race en ipv6_mc_down / mld_ifc_work idev-&gt;mc_ifc_count se puede sobrescribir sin el bloqueo adecuado. Originalmente encontrado por syzbot [1], solucione este problema encapsulando las llamadas a mld_ifc_stop_work() (y mld_gq_stop_work() por si acaso) con mutex_lock() y mutex_unlock() en consecuencia, ya que estas funciones solo deben llamarse con mc_lock seg\u00fan sus declaraciones. [1] ERROR: KCSAN: carrera de datos en ipv6_mc_down / mld_ifc_work escribir en 0xffff88813a80c832 de 1 bytes por tarea 3771 en la CPU 0: mld_ifc_stop_work net/ipv6/mcast.c:1080 [en l\u00ednea] ipv6_mc_down+0x10a/0x280 net/ipv6/mcast .c:2725 addrconf_ifdown+0xe32/0xf10 net/ipv6/addrconf.c:3949 addrconf_notify+0x310/0x980 notifier_call_chain kernel/notifier.c:93 [en l\u00ednea] raw_notifier_call_chain+0x6b/0x1c0 kernel/notifier.c:461 __dev_notify_flag s+0x205/ 0x3d0 dev_change_flags+0xab/0xd0 net/core/dev.c:8685 do_setlink+0x9f6/0x2430 net/core/rtnetlink.c:2916 rtnl_group_changelink net/core/rtnetlink.c:3458 [en l\u00ednea] __rtnl_newlink net/core/rtnetlink.c :3717 [en l\u00ednea] rtnl_newlink+0xbb3/0x1670 net/core/rtnetlink.c:3754 rtnetlink_rcv_msg+0x807/0x8c0 net/core/rtnetlink.c:6558 netlink_rcv_skb+0x126/0x220 net/netlink/af_netlink.c:2545 rtnetlink_rcv+0 x1c /0x20 net/core/rtnetlink.c:6576 netlink_unicast_kernel net/netlink/af_netlink.c:1342 [en l\u00ednea] netlink_unicast+0x589/0x650 net/netlink/af_netlink.c:1368 netlink_sendmsg+0x66e/0x770 net/netlink/af_netlink.c :1910 ... escriba en 0xffff88813a80c832 de 1 bytes por tarea 22 en la CPU 1: mld_ifc_work+0x54c/0x7b0 net/ipv6/mcast.c:2653 Process_one_work kernel/workqueue.c:2627 [en l\u00ednea] Process_scheduled_works+0x5b8/0xa30 kernel/ workqueue.c:2700 trabajador_thread+0x525/0x730 kernel/workqueue.c:2781 ..."
    }
  ],
  "metrics": {},
--- a/CVE-2024/CVE-2024-266xx/CVE-2024-26632.json
+++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26632.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: Fix iterating over an empty bio with bio_for_each_folio_all\n\nIf the bio contains no data, bio_first_folio() calls page_folio() on a\nNULL pointer and oopses.  Move the test that we've reached the end of\nthe bio from bio_next_folio() to bio_first_folio().\n\n[axboe: add unlikely() to error case]"
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: bloque: corrige la iteraci\u00f3n sobre una biograf\u00eda vac\u00eda con bio_for_each_folio_all Si la biograf\u00eda no contiene datos, bio_first_folio() llama a page_folio() en un puntero NULL y \u00a1vaya! Mueve la prueba de que hemos llegado al final de la biograf\u00eda de bio_next_folio() a bio_first_folio(). [axboe: agregue improbable() al caso de error]"
    }
  ],
  "metrics": {},
--- a/CVE-2024/CVE-2024-266xx/CVE-2024-26633.json
+++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26633.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim()\n\nsyzbot pointed out [1] that NEXTHDR_FRAGMENT handling is broken.\n\nReading frag_off can only be done if we pulled enough bytes\nto skb->head. Currently we might access garbage.\n\n[1]\nBUG: KMSAN: uninit-value in ip6_tnl_parse_tlv_enc_lim+0x94f/0xbb0\nip6_tnl_parse_tlv_enc_lim+0x94f/0xbb0\nipxip6_tnl_xmit net/ipv6/ip6_tunnel.c:1326 [inline]\nip6_tnl_start_xmit+0xab2/0x1a70 net/ipv6/ip6_tunnel.c:1432\n__netdev_start_xmit include/linux/netdevice.h:4940 [inline]\nnetdev_start_xmit include/linux/netdevice.h:4954 [inline]\nxmit_one net/core/dev.c:3548 [inline]\ndev_hard_start_xmit+0x247/0xa10 net/core/dev.c:3564\n__dev_queue_xmit+0x33b8/0x5130 net/core/dev.c:4349\ndev_queue_xmit include/linux/netdevice.h:3134 [inline]\nneigh_connected_output+0x569/0x660 net/core/neighbour.c:1592\nneigh_output include/net/neighbour.h:542 [inline]\nip6_finish_output2+0x23a9/0x2b30 net/ipv6/ip6_output.c:137\nip6_finish_output+0x855/0x12b0 net/ipv6/ip6_output.c:222\nNF_HOOK_COND include/linux/netfilter.h:303 [inline]\nip6_output+0x323/0x610 net/ipv6/ip6_output.c:243\ndst_output include/net/dst.h:451 [inline]\nip6_local_out+0xe9/0x140 net/ipv6/output_core.c:155\nip6_send_skb net/ipv6/ip6_output.c:1952 [inline]\nip6_push_pending_frames+0x1f9/0x560 net/ipv6/ip6_output.c:1972\nrawv6_push_pending_frames+0xbe8/0xdf0 net/ipv6/raw.c:582\nrawv6_sendmsg+0x2b66/0x2e70 net/ipv6/raw.c:920\ninet_sendmsg+0x105/0x190 net/ipv4/af_inet.c:847\nsock_sendmsg_nosec net/socket.c:730 [inline]\n__sock_sendmsg net/socket.c:745 [inline]\n____sys_sendmsg+0x9c2/0xd60 net/socket.c:2584\n___sys_sendmsg+0x28d/0x3c0 net/socket.c:2638\n__sys_sendmsg net/socket.c:2667 [inline]\n__do_sys_sendmsg net/socket.c:2676 [inline]\n__se_sys_sendmsg net/socket.c:2674 [inline]\n__x64_sys_sendmsg+0x307/0x490 net/socket.c:2674\ndo_syscall_x64 arch/x86/entry/common.c:52 [inline]\ndo_syscall_64+0x44/0x110 arch/x86/entry/common.c:83\nentry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nUninit was created at:\nslab_post_alloc_hook+0x129/0xa70 mm/slab.h:768\nslab_alloc_node mm/slub.c:3478 [inline]\n__kmem_cache_alloc_node+0x5c9/0x970 mm/slub.c:3517\n__do_kmalloc_node mm/slab_common.c:1006 [inline]\n__kmalloc_node_track_caller+0x118/0x3c0 mm/slab_common.c:1027\nkmalloc_reserve+0x249/0x4a0 net/core/skbuff.c:582\npskb_expand_head+0x226/0x1a00 net/core/skbuff.c:2098\n__pskb_pull_tail+0x13b/0x2310 net/core/skbuff.c:2655\npskb_may_pull_reason include/linux/skbuff.h:2673 [inline]\npskb_may_pull include/linux/skbuff.h:2681 [inline]\nip6_tnl_parse_tlv_enc_lim+0x901/0xbb0 net/ipv6/ip6_tunnel.c:408\nipxip6_tnl_xmit net/ipv6/ip6_tunnel.c:1326 [inline]\nip6_tnl_start_xmit+0xab2/0x1a70 net/ipv6/ip6_tunnel.c:1432\n__netdev_start_xmit include/linux/netdevice.h:4940 [inline]\nnetdev_start_xmit include/linux/netdevice.h:4954 [inline]\nxmit_one net/core/dev.c:3548 [inline]\ndev_hard_start_xmit+0x247/0xa10 net/core/dev.c:3564\n__dev_queue_xmit+0x33b8/0x5130 net/core/dev.c:4349\ndev_queue_xmit include/linux/netdevice.h:3134 [inline]\nneigh_connected_output+0x569/0x660 net/core/neighbour.c:1592\nneigh_output include/net/neighbour.h:542 [inline]\nip6_finish_output2+0x23a9/0x2b30 net/ipv6/ip6_output.c:137\nip6_finish_output+0x855/0x12b0 net/ipv6/ip6_output.c:222\nNF_HOOK_COND include/linux/netfilter.h:303 [inline]\nip6_output+0x323/0x610 net/ipv6/ip6_output.c:243\ndst_output include/net/dst.h:451 [inline]\nip6_local_out+0xe9/0x140 net/ipv6/output_core.c:155\nip6_send_skb net/ipv6/ip6_output.c:1952 [inline]\nip6_push_pending_frames+0x1f9/0x560 net/ipv6/ip6_output.c:1972\nrawv6_push_pending_frames+0xbe8/0xdf0 net/ipv6/raw.c:582\nrawv6_sendmsg+0x2b66/0x2e70 net/ipv6/raw.c:920\ninet_sendmsg+0x105/0x190 net/ipv4/af_inet.c:847\nsock_sendmsg_nosec net/socket.c:730 [inline]\n__sock_sendmsg net/socket.c:745 [inline]\n____sys_sendmsg+0x9c2/0xd60 net/socket.c:2584\n___sys_sendmsg+0x28d/0x3c0 net/socket.c:2638\n__sys_sendmsg net/socket.c:2667 [inline]\n__do_sys_sendms\n---truncated---"
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: ip6_tunnel: corrige el manejo de NEXTHDR_FRAGMENT en ip6_tnl_parse_tlv_enc_lim() syzbot se\u00f1al\u00f3 [1] que el manejo de NEXTHDR_FRAGMENT no funciona. La lectura de frag_off solo se puede realizar si extraemos suficientes bytes para skb-&gt;head. Actualmente podr\u00edamos acceder a basura. [1] ERROR: KMSAN: valor uninit en ip6_tnl_parse_tlv_enc_lim+0x94f/0xbb0 ip6_tnl_parse_tlv_enc_lim+0x94f/0xbb0 ipxip6_tnl_xmit net/ipv6/ip6_tunnel.c:1326 [en l\u00ednea] ip6_tnl_start_xmit+0x ab2/0x1a70 net/ipv6/ip6_tunnel.c:1432 __netdev_start_xmit incluye /linux/netdevice.h:4940 [en l\u00ednea] netdev_start_xmit include/linux/netdevice.h:4954 [en l\u00ednea] xmit_one net/core/dev.c:3548 [en l\u00ednea] dev_hard_start_xmit+0x247/0xa10 net/core/dev.c: 3564 __dev_queue_xmit+0x33b8/0x5130 net/core/dev.c:4349 dev_queue_xmit include/linux/netdevice.h:3134 [en l\u00ednea] neigh_connected_output+0x569/0x660 net/core/neighbour.c:1592 neigh_output include/net/neighbour.h :542 [en l\u00ednea] ip6_finish_output2+0x23a9/0x2b30 net/ipv6/ip6_output.c:137 ip6_finish_output+0x855/0x12b0 net/ipv6/ip6_output.c:222 NF_HOOK_COND include/linux/netfilter.h:303 [en l\u00ednea] ip6_output+0x3 23/ 0x610 net/ipv6/ip6_output.c:243 dst_output include/net/dst.h:451 [en l\u00ednea] ip6_local_out+0xe9/0x140 net/ipv6/output_core.c:155 ip6_send_skb net/ipv6/ip6_output.c:1952 [en l\u00ednea] ip6_push_pending_frames+0x1f9/0x560 net/ipv6/ip6_output.c:1972 rawv6_push_pending_frames+0xbe8/0xdf0 net/ipv6/raw.c:582 rawv6_sendmsg+0x2b66/0x2e70 net/ipv6/raw.c:920 inet_sendmsg+0 x105/0x190 neto/ipv4 /af_inet.c:847 sock_sendmsg_nosec net/socket.c:730 [en l\u00ednea] __sock_sendmsg net/socket.c:745 [en l\u00ednea] ____sys_sendmsg+0x9c2/0xd60 net/socket.c:2584 ___sys_sendmsg+0x28d/0x3c0 net/socket.c :2638 __sys_sendmsg net/socket.c:2667 [en l\u00ednea] __do_sys_sendmsg net/socket.c:2676 [en l\u00ednea] __se_sys_sendmsg net/socket.c:2674 [en l\u00ednea] __x64_sys_sendmsg+0x307/0x490 net/socket.c:267 4 do_syscall_x64 arco/ x86/entry/common.c:52 [en l\u00ednea] do_syscall_64+0x44/0x110 arch/x86/entry/common.c:83 Entry_SYSCALL_64_after_hwframe+0x63/0x6b Uninit se cre\u00f3 en: slab_post_alloc_hook+0x129/0xa70 mm/slab.h:768 slab_alloc_node mm/slub.c:3478 [en l\u00ednea] __kmem_cache_alloc_node+0x5c9/0x970 mm/slub.c:3517 __do_kmalloc_node mm/slab_common.c:1006 [en l\u00ednea] __kmalloc_node_track_caller+0x118/0x3c0 mm/slab_common.c :1027 kmalloc_reserve+0x249/ 0x4a0 net/core/skbuff.c:582 pskb_expand_head+0x226/0x1a00 net/core/skbuff.c:2098 __pskb_pull_tail+0x13b/0x2310 net/core/skbuff.c:2655 pskb_may_pull_reason include/linux/skbuff.h:2673 [en l\u00ednea ] pskb_may_pull include/linux/skbuff.h:2681 [en l\u00ednea] ip6_tnl_parse_tlv_enc_lim+0x901/0xbb0 net/ipv6/ip6_tunnel.c:408 ipxip6_tnl_xmit net/ipv6/ip6_tunnel.c:1326 [en l\u00ednea] ip6_tnl_start_xmit+0xab 2/0x1a70 neto/ipv6/ ip6_tunnel.c:1432 __netdev_start_xmit include/linux/netdevice.h:4940 [en l\u00ednea] netdev_start_xmit include/linux/netdevice.h:4954 [en l\u00ednea] xmit_one net/core/dev.c:3548 [en l\u00ednea] dev_hard_start_xmit+0x247/0xa10 net /core/dev.c:3564 __dev_queue_xmit+0x33b8/0x5130 net/core/dev.c:4349 dev_queue_xmit include/linux/netdevice.h:3134 [en l\u00ednea] neigh_connected_output+0x569/0x660 net/core/neighbour.c:1592 neigh_output include/net/neighbour.h:542 [en l\u00ednea] ip6_finish_output2+0x23a9/0x2b30 net/ipv6/ip6_output.c:137 ip6_finish_output+0x855/0x12b0 net/ipv6/ip6_output.c:222 NF_HOOK_COND include/linux/netfilter.h:303 [en l\u00ednea] ip6_output+0x323/0x610 net/ipv6/ip6_output.c:243 dst_output include/net/dst.h:451 [en l\u00ednea] ip6_local_out+0xe9/0x140 net/ipv6/output_core.c:155 ip6_send_skb net/ipv6/ip6_output .c:1952 [en l\u00ednea] ip6_push_pending_frames+0x1f9/0x560 net/ipv6/ip6_output.c:1972 rawv6_push_pending_frames+0xbe8/0xdf0 net/ipv6/raw.c:582 rawv6_sendmsg+0x2b66/0x2e70 net/ipv6/raw.c:9 20 inet_sendmsg +0x105/0x190 net/ipv4/af_inet.c:847 sock_sendmsg_nosec net/socket.c:730 [en l\u00ednea] __sock_sendmsg net/socket.c:745 [en l\u00ednea]---truncado---"
    }
  ],
  "metrics": {},
--- a/CVE-2024/CVE-2024-266xx/CVE-2024-26634.json
+++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26634.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix removing a namespace with conflicting altnames\n\nMark reports a BUG() when a net namespace is removed.\n\n    kernel BUG at net/core/dev.c:11520!\n\nPhysical interfaces moved outside of init_net get \"refunded\"\nto init_net when that namespace disappears. The main interface\nname may get overwritten in the process if it would have\nconflicted. We need to also discard all conflicting altnames.\nRecent fixes addressed ensuring that altnames get moved\nwith the main interface, which surfaced this problem."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: net: corrige la eliminaci\u00f3n de un espacio de nombres con nombres alternativos en conflicto. Mark informa un ERROR() cuando se elimina un espacio de nombres de red. \u00a1ERROR del kernel en net/core/dev.c:11520! Las interfaces f\u00edsicas movidas fuera de init_net se \"reembolsan\" a init_net cuando ese espacio de nombres desaparece. El nombre de la interfaz principal puede sobrescribirse en el proceso si hubiera entrado en conflicto. Tambi\u00e9n debemos descartar todos los nombres alternativos en conflicto. Las correcciones recientes abordaron garantizar que los nombres alternativos se movieran con la interfaz principal, lo que provoc\u00f3 este problema."
    }
  ],
  "metrics": {},
--- a/CVE-2024/CVE-2024-266xx/CVE-2024-26635.json
+++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26635.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nllc: Drop support for ETH_P_TR_802_2.\n\nsyzbot reported an uninit-value bug below. [0]\n\nllc supports ETH_P_802_2 (0x0004) and used to support ETH_P_TR_802_2\n(0x0011), and syzbot abused the latter to trigger the bug.\n\n  write$tun(r0, &(0x7f0000000040)={@val={0x0, 0x11}, @val, @mpls={[], @llc={@snap={0xaa, 0x1, ')', \"90e5dd\"}}}}, 0x16)\n\nllc_conn_handler() initialises local variables {saddr,daddr}.mac\nbased on skb in llc_pdu_decode_sa()/llc_pdu_decode_da() and passes\nthem to __llc_lookup().\n\nHowever, the initialisation is done only when skb->protocol is\nhtons(ETH_P_802_2), otherwise, __llc_lookup_established() and\n__llc_lookup_listener() will read garbage.\n\nThe missing initialisation existed prior to commit 211ed865108e\n(\"net: delete all instances of special processing for token ring\").\n\nIt removed the part to kick out the token ring stuff but forgot to\nclose the door allowing ETH_P_TR_802_2 packets to sneak into llc_rcv().\n\nLet's remove llc_tr_packet_type and complete the deprecation.\n\n[0]:\nBUG: KMSAN: uninit-value in __llc_lookup_established+0xe9d/0xf90\n __llc_lookup_established+0xe9d/0xf90\n __llc_lookup net/llc/llc_conn.c:611 [inline]\n llc_conn_handler+0x4bd/0x1360 net/llc/llc_conn.c:791\n llc_rcv+0xfbb/0x14a0 net/llc/llc_input.c:206\n __netif_receive_skb_one_core net/core/dev.c:5527 [inline]\n __netif_receive_skb+0x1a6/0x5a0 net/core/dev.c:5641\n netif_receive_skb_internal net/core/dev.c:5727 [inline]\n netif_receive_skb+0x58/0x660 net/core/dev.c:5786\n tun_rx_batched+0x3ee/0x980 drivers/net/tun.c:1555\n tun_get_user+0x53af/0x66d0 drivers/net/tun.c:2002\n tun_chr_write_iter+0x3af/0x5d0 drivers/net/tun.c:2048\n call_write_iter include/linux/fs.h:2020 [inline]\n new_sync_write fs/read_write.c:491 [inline]\n vfs_write+0x8ef/0x1490 fs/read_write.c:584\n ksys_write+0x20f/0x4c0 fs/read_write.c:637\n __do_sys_write fs/read_write.c:649 [inline]\n __se_sys_write fs/read_write.c:646 [inline]\n __x64_sys_write+0x93/0xd0 fs/read_write.c:646\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x44/0x110 arch/x86/entry/common.c:82\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nLocal variable daddr created at:\n llc_conn_handler+0x53/0x1360 net/llc/llc_conn.c:783\n llc_rcv+0xfbb/0x14a0 net/llc/llc_input.c:206\n\nCPU: 1 PID: 5004 Comm: syz-executor994 Not tainted 6.6.0-syzkaller-14500-g1c41041124bd #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023"
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: llc: Eliminaci\u00f3n del soporte para ETH_P_TR_802_2. syzbot inform\u00f3 un error de valor uninit a continuaci\u00f3n. [0] llc admite ETH_P_802_2 (0x0004) y sol\u00eda admitir ETH_P_TR_802_2 (0x0011), y syzbot abus\u00f3 de este \u00faltimo para desencadenar el error. escribir$tun(r0, &amp;(0x7f0000000040)={@val={0x0, 0x11}, @val, @mpls={[], @llc={@snap={0xaa, 0x1, ')', \"90e5dd\" }}}}, 0x16) llc_conn_handler() inicializa las variables locales {saddr,daddr}.mac basadas en skb en llc_pdu_decode_sa()/llc_pdu_decode_da() y las pasa a __llc_lookup(). Sin embargo, la inicializaci\u00f3n se realiza solo cuando skb-&gt;protocol es htons(ETH_P_802_2); de lo contrario, __llc_lookup_establecido() y __llc_lookup_listener() leer\u00e1n basura. La inicializaci\u00f3n faltante exist\u00eda antes de el commit 211ed865108e (\"net: eliminar todas las instancias de procesamiento especial para Token Ring\"). Quit\u00f3 la parte para expulsar el token ring, pero se olvid\u00f3 de cerrar la puerta permitiendo que los paquetes ETH_P_TR_802_2 se colaran en llc_rcv(). Eliminemos llc_tr_packet_type y completemos la desaprobaci\u00f3n. [0]: ERROR: KMSAN: valor uninit en __llc_lookup_establecido+0xe9d/0xf90 __llc_lookup_establecido+0xe9d/0xf90 __llc_lookup net/llc/llc_conn.c:611 [en l\u00ednea] llc_conn_handler+0x4bd/0x1360 net/llc/llc_conn.c:79 1 llc_rcv +0xfbb/0x14a0 net/llc/llc_input.c:206 __netif_receive_skb_one_core net/core/dev.c:5527 [en l\u00ednea] __netif_receive_skb+0x1a6/0x5a0 net/core/dev.c:5641 netif_receive_skb_internal net/core/dev.c:5727 [en l\u00ednea] netif_receive_skb+0x58/0x660 net/core/dev.c:5786 tun_rx_batched+0x3ee/0x980 drivers/net/tun.c:1555 tun_get_user+0x53af/0x66d0 drivers/net/tun.c:2002 tun_chr_write_iter+0x3af/0x5d0 drivers/net/tun.c:2048 call_write_iter include/linux/fs.h:2020 [en l\u00ednea] new_sync_write fs/read_write.c:491 [en l\u00ednea] vfs_write+0x8ef/0x1490 fs/read_write.c:584 ksys_write+0x20f/0x4c0 fs/read_write.c:637 __do_sys_write fs/read_write.c:649 [en l\u00ednea] __se_sys_write fs/read_write.c:646 [en l\u00ednea] __x64_sys_write+0x93/0xd0 fs/read_write.c:646 do_syscall_x64 arch/x86/entry/common. c: 51 [en l\u00ednea] do_syscall_64+0x44/0x110 arch/x86/entry/comunes.c: 82 entry_syscall_64_after_hwframe+0x63/0x6b local variable daddr creado FBB /0x14a0 net/llc/llc_input.c:206 CPU: 1 PID: 5004 Comm: syz-executor994 No contaminado 6.6.0-syzkaller-14500-g1c41041124bd #0 Nombre de hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 10 /09/2023"
    }
  ],
  "metrics": {},
--- a/CVE-2024/CVE-2024-266xx/CVE-2024-26636.json
+++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26636.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nllc: make llc_ui_sendmsg() more robust against bonding changes\n\nsyzbot was able to trick llc_ui_sendmsg(), allocating an skb with no\nheadroom, but subsequently trying to push 14 bytes of Ethernet header [1]\n\nLike some others, llc_ui_sendmsg() releases the socket lock before\ncalling sock_alloc_send_skb().\nThen it acquires it again, but does not redo all the sanity checks\nthat were performed.\n\nThis fix:\n\n- Uses LL_RESERVED_SPACE() to reserve space.\n- Check all conditions again after socket lock is held again.\n- Do not account Ethernet header for mtu limitation.\n\n[1]\n\nskbuff: skb_under_panic: text:ffff800088baa334 len:1514 put:14 head:ffff0000c9c37000 data:ffff0000c9c36ff2 tail:0x5dc end:0x6c0 dev:bond0\n\n kernel BUG at net/core/skbuff.c:193 !\nInternal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\nModules linked in:\nCPU: 0 PID: 6875 Comm: syz-executor.0 Not tainted 6.7.0-rc8-syzkaller-00101-g0802e17d9aca-dirty #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023\npstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : skb_panic net/core/skbuff.c:189 [inline]\n pc : skb_under_panic+0x13c/0x140 net/core/skbuff.c:203\n lr : skb_panic net/core/skbuff.c:189 [inline]\n lr : skb_under_panic+0x13c/0x140 net/core/skbuff.c:203\nsp : ffff800096f97000\nx29: ffff800096f97010 x28: ffff80008cc8d668 x27: dfff800000000000\nx26: ffff0000cb970c90 x25: 00000000000005dc x24: ffff0000c9c36ff2\nx23: ffff0000c9c37000 x22: 00000000000005ea x21: 00000000000006c0\nx20: 000000000000000e x19: ffff800088baa334 x18: 1fffe000368261ce\nx17: ffff80008e4ed000 x16: ffff80008a8310f8 x15: 0000000000000001\nx14: 1ffff00012df2d58 x13: 0000000000000000 x12: 0000000000000000\nx11: 0000000000000001 x10: 0000000000ff0100 x9 : e28a51f1087e8400\nx8 : e28a51f1087e8400 x7 : ffff80008028f8d0 x6 : 0000000000000000\nx5 : 0000000000000001 x4 : 0000000000000001 x3 : ffff800082b78714\nx2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000089\nCall trace:\n  skb_panic net/core/skbuff.c:189 [inline]\n  skb_under_panic+0x13c/0x140 net/core/skbuff.c:203\n  skb_push+0xf0/0x108 net/core/skbuff.c:2451\n  eth_header+0x44/0x1f8 net/ethernet/eth.c:83\n  dev_hard_header include/linux/netdevice.h:3188 [inline]\n  llc_mac_hdr_init+0x110/0x17c net/llc/llc_output.c:33\n  llc_sap_action_send_xid_c+0x170/0x344 net/llc/llc_s_ac.c:85\n  llc_exec_sap_trans_actions net/llc/llc_sap.c:153 [inline]\n  llc_sap_next_state net/llc/llc_sap.c:182 [inline]\n  llc_sap_state_process+0x1ec/0x774 net/llc/llc_sap.c:209\n  llc_build_and_send_xid_pkt+0x12c/0x1c0 net/llc/llc_sap.c:270\n  llc_ui_sendmsg+0x7bc/0xb1c net/llc/af_llc.c:997\n  sock_sendmsg_nosec net/socket.c:730 [inline]\n  __sock_sendmsg net/socket.c:745 [inline]\n  sock_sendmsg+0x194/0x274 net/socket.c:767\n  splice_to_socket+0x7cc/0xd58 fs/splice.c:881\n  do_splice_from fs/splice.c:933 [inline]\n  direct_splice_actor+0xe4/0x1c0 fs/splice.c:1142\n  splice_direct_to_actor+0x2a0/0x7e4 fs/splice.c:1088\n  do_splice_direct+0x20c/0x348 fs/splice.c:1194\n  do_sendfile+0x4bc/0xc70 fs/read_write.c:1254\n  __do_sys_sendfile64 fs/read_write.c:1322 [inline]\n  __se_sys_sendfile64 fs/read_write.c:1308 [inline]\n  __arm64_sys_sendfile64+0x160/0x3b4 fs/read_write.c:1308\n  __invoke_syscall arch/arm64/kernel/syscall.c:37 [inline]\n  invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:51\n  el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:136\n  do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:155\n  el0_svc+0x54/0x158 arch/arm64/kernel/entry-common.c:678\n  el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:696\n  el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:595\nCode: aa1803e6 aa1903e7 a90023f5 94792f6a (d4210000)"
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: llc: hacer que llc_ui_sendmsg() sea m\u00e1s robusto contra cambios de vinculaci\u00f3n syzbot pudo enga\u00f1ar a llc_ui_sendmsg(), asignando un skb sin espacio libre, pero posteriormente intent\u00f3 enviar 14 bytes de encabezado Ethernet [ 1] Como otros, llc_ui_sendmsg() libera el bloqueo del socket antes de llamar a sock_alloc_send_skb(). Luego lo adquiere nuevamente, pero no rehace todas las comprobaciones de cordura que se realizaron. Esta soluci\u00f3n: - Utiliza LL_RESERVED_SPACE() para reservar espacio. - Verifique todas las condiciones nuevamente despu\u00e9s de mantener nuevamente el bloqueo del casquillo. - No tenga en cuenta el encabezado Ethernet para la limitaci\u00f3n de mtu. [1] skbuff: skb_under_panic: text:ffff800088baa334 len:1514 put:14 head:ffff0000c9c37000 data:ffff0000c9c36ff2 tail:0x5dc end:0x6c0 dev:bond0 ERROR del kernel en net/core/skbuff.c:193. Error interno: Ups - ERROR: 00000000f2000800 [#1] PREEMPT M\u00f3dulos SMP vinculados en: CPU: 0 PID: 6875 Comm: syz-executor.0 No contaminado 6.7.0-rc8-syzkaller-00101-g0802e17d9aca-dirty #0 Nombre del hardware : Google Google Compute Engine/Google Compute Engine, BIOS Google 17/11/2023 pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc: skb_panic net/core/skbuff.c:189 [en l\u00ednea] pc: skb_under_panic+0x13c/0x140 net/core/skbuff.c:203 lr: skb_panic net/core/skbuff.c:189 [en l\u00ednea] lr: skb_under_panic+0x13c/0x140 net/core/skbuff.c:203 sp: ffff800096f97000 x29: ffff800096f97010 x28: ffff80008cc8d668 x27: dfff800000000000 x26: ffff0000cb970c90 x25: 00000000000005dc x24: ffff0000c 9c36ff2 x23: ffff0000c9c37000 x22: 00000000000005ea x21: 00000000000006c0 x20: 000000000000000e x19: ffff800088baa334 x18: 1fffe000368261ce x1 7: ffff80008e4ed000 x16: ffff80008a8310f8 x15: 0000000000000001 x14: 1ffff00012df2d58 x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000000001 x10: 0000000000ff0100 x9: e28a51f1087e8400 x8: e28a 51f1087e8400 x7: ffff80008028f8d0 x6: 0000000000000000 x5: 0000000000000001 x4: 0000000000000001 x3: ffff800082b78714 x2: 00000000000000 001 x1: 0000000100000000 x0: 0000000000000089 Rastreo de llamadas: skb_panic net/core /skbuff.c:189 [en l\u00ednea] skb_under_panic+0x13c/0x140 net/core/skbuff.c:203 skb_push+0xf0/0x108 net/core/skbuff.c:2451 eth_header+0x44/0x1f8 net/ethernet/eth.c: 83 dev_hard_header include/linux/netdevice.h:3188 [en l\u00ednea] llc_mac_hdr_init+0x110/0x17c net/llc/llc_output.c:33 llc_sap_action_send_xid_c+0x170/0x344 net/llc/llc_s_ac.c:85 llc_exec_sap_trans_ acciones net/llc/llc_sap.c :153 [en l\u00ednea] llc_sap_next_state net/llc/llc_sap.c:182 [en l\u00ednea] llc_sap_state_process+0x1ec/0x774 net/llc/llc_sap.c:209 llc_build_and_send_xid_pkt+0x12c/0x1c0 net/llc/llc_sap.c:270 llc_ ui_sendmsg+0x7bc/ 0xb1c net/llc/af_llc.c:997 sock_sendmsg_nosec net/socket.c:730 [en l\u00ednea] __sock_sendmsg net/socket.c:745 [en l\u00ednea] sock_sendmsg+0x194/0x274 net/socket.c:767 splice_to_socket+0x7cc/0xd58 fs /splice.c:881 do_splice_from fs/splice.c:933 [en l\u00ednea] direct_splice_actor+0xe4/0x1c0 fs/splice.c:1142 splice_direct_to_actor+0x2a0/0x7e4 fs/splice.c:1088 do_splice_direct+0x20c/0x348 fs/splice. c:1194 do_sendfile+0x4bc/0xc70 fs/read_write.c:1254 __do_sys_sendfile64 fs/read_write.c:1322 [en l\u00ednea] __se_sys_sendfile64 fs/read_write.c:1308 [en l\u00ednea] __arm64_sys_sendfile64+0x160/0x3b4 fs /read_write.c:1308 __invoke_syscall arch/arm64/kernel/syscall.c:37 [en l\u00ednea] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:51 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:136 do_el0_svc+0x48/ 0x58 arch/arm64/kernel/syscall.c:155 el0_svc+0x54/0x158 arch/arm64/kernel/entry-common.c:678 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:696 el0t_64_sync+ 0x190/0x194 arch/arm64/kernel/entry.S:595 C\u00f3digo: aa1803e6 aa1903e7 a90023f5 94792f6a (d4210000)"
    }
  ],
  "metrics": {},
--- a/CVE-2024/CVE-2024-266xx/CVE-2024-26637.json
+++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26637.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: rely on mac80211 debugfs handling for vif\n\nmac80211 started to delete debugfs entries in certain cases, causing a\nath11k to crash when it tried to delete the entries later. Fix this by\nrelying on mac80211 to delete the entries when appropriate and adding\nthem from the vif_add_debugfs handler."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: wifi: ath11k: conf\u00eda en el manejo de debugfs de mac80211 para vif mac80211 comenz\u00f3 a eliminar entradas de debugfs en ciertos casos, lo que provoc\u00f3 que ath11k fallara cuando intent\u00f3 eliminar las entradas m\u00e1s tarde. Solucione este problema confiando en mac80211 para eliminar las entradas cuando corresponda y agreg\u00e1ndolas desde el controlador vif_add_debugfs."
    }
  ],
  "metrics": {},
--- a/CVE-2024/CVE-2024-266xx/CVE-2024-26638.json
+++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26638.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: always initialize struct msghdr completely\n\nsyzbot complains that msg->msg_get_inq value can be uninitialized [1]\n\nstruct msghdr got many new fields recently, we should always make\nsure their values is zero by default.\n\n[1]\n BUG: KMSAN: uninit-value in tcp_recvmsg+0x686/0xac0 net/ipv4/tcp.c:2571\n  tcp_recvmsg+0x686/0xac0 net/ipv4/tcp.c:2571\n  inet_recvmsg+0x131/0x580 net/ipv4/af_inet.c:879\n  sock_recvmsg_nosec net/socket.c:1044 [inline]\n  sock_recvmsg+0x12b/0x1e0 net/socket.c:1066\n  __sock_xmit+0x236/0x5c0 drivers/block/nbd.c:538\n  nbd_read_reply drivers/block/nbd.c:732 [inline]\n  recv_work+0x262/0x3100 drivers/block/nbd.c:863\n  process_one_work kernel/workqueue.c:2627 [inline]\n  process_scheduled_works+0x104e/0x1e70 kernel/workqueue.c:2700\n  worker_thread+0xf45/0x1490 kernel/workqueue.c:2781\n  kthread+0x3ed/0x540 kernel/kthread.c:388\n  ret_from_fork+0x66/0x80 arch/x86/kernel/process.c:147\n  ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:242\n\nLocal variable msg created at:\n  __sock_xmit+0x4c/0x5c0 drivers/block/nbd.c:513\n  nbd_read_reply drivers/block/nbd.c:732 [inline]\n  recv_work+0x262/0x3100 drivers/block/nbd.c:863\n\nCPU: 1 PID: 7465 Comm: kworker/u5:1 Not tainted 6.7.0-rc7-syzkaller-00041-gf016f7547aee #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023\nWorkqueue: nbd5-recv recv_work"
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nbd: siempre inicializa completamente la estructura msghdr syzbot se queja de que el valor msg-&gt;msg_get_inq puede no estar inicializado [1] la estructura msghdr obtuvo muchos campos nuevos recientemente, siempre debemos asegurarnos de que sus valores sean cero por defecto. [1] ERROR: KMSAN: valor uninit en tcp_recvmsg+0x686/0xac0 net/ipv4/tcp.c:2571 tcp_recvmsg+0x686/0xac0 net/ipv4/tcp.c:2571 inet_recvmsg+0x131/0x580 net/ipv4/af_inet. c:879 sock_recvmsg_nosec net/socket.c:1044 [en l\u00ednea] sock_recvmsg+0x12b/0x1e0 net/socket.c:1066 __sock_xmit+0x236/0x5c0 drivers/block/nbd.c:538 nbd_read_reply drivers/block/nbd.c:732 [en l\u00ednea] recv_work+0x262/0x3100 drivers/block/nbd.c:863 Process_one_work kernel/workqueue.c:2627 [en l\u00ednea] Process_scheduled_works+0x104e/0x1e70 kernel/workqueue.c:2700 workqueue.c :2781 kthread+0x3ed/0x540 kernel/kthread.c:388 ret_from_fork+0x66/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:242 Mensaje de variable local creado en: __sock_xmit+0x4c/0x5c0 drivers/block/nbd.c:513 nbd_read_reply drivers/block/nbd.c:732 [en l\u00ednea] recv_work+0x262/0x3100 drivers/block/nbd.c:863 CPU: 1 PID: 7465 Comm : kworker/u5:1 No contaminado 6.7.0-rc7-syzkaller-00041-gf016f7547aee #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 17/11/2023 Cola de trabajo: nbd5-recv recv_work"
    }
  ],
  "metrics": {},
--- a/CVE-2024/CVE-2024-266xx/CVE-2024-26639.json
+++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26639.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm, kmsan: fix infinite recursion due to RCU critical section\n\nAlexander Potapenko writes in [1]: \"For every memory access in the code\ninstrumented by KMSAN we call kmsan_get_metadata() to obtain the metadata\nfor the memory being accessed.  For virtual memory the metadata pointers\nare stored in the corresponding `struct page`, therefore we need to call\nvirt_to_page() to get them.\n\nAccording to the comment in arch/x86/include/asm/page.h,\nvirt_to_page(kaddr) returns a valid pointer iff virt_addr_valid(kaddr) is\ntrue, so KMSAN needs to call virt_addr_valid() as well.\n\nTo avoid recursion, kmsan_get_metadata() must not call instrumented code,\ntherefore ./arch/x86/include/asm/kmsan.h forks parts of\narch/x86/mm/physaddr.c to check whether a virtual address is valid or not.\n\nBut the introduction of rcu_read_lock() to pfn_valid() added instrumented\nRCU API calls to virt_to_page_or_null(), which is called by\nkmsan_get_metadata(), so there is an infinite recursion now.  I do not\nthink it is correct to stop that recursion by doing\nkmsan_enter_runtime()/kmsan_exit_runtime() in kmsan_get_metadata(): that\nwould prevent instrumented functions called from within the runtime from\ntracking the shadow values, which might introduce false positives.\"\n\nFix the issue by switching pfn_valid() to the _sched() variant of\nrcu_read_lock/unlock(), which does not require calling into RCU.  Given\nthe critical section in pfn_valid() is very small, this is a reasonable\ntrade-off (with preemptible RCU).\n\nKMSAN further needs to be careful to suppress calls into the scheduler,\nwhich would be another source of recursion.  This can be done by wrapping\nthe call to pfn_valid() into preempt_disable/enable_no_resched().  The\ndownside is that this sacrifices breaking scheduling guarantees; however,\na kernel compiled with KMSAN has already given up any performance\nguarantees due to being heavily instrumented.\n\nNote, KMSAN code already disables tracing via Makefile, and since mmzone.h\nis included, it is not necessary to use the notrace variant, which is\ngenerally preferred in all other cases."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mm, kmsan: corrige la recursividad infinita debido a la secci\u00f3n cr\u00edtica de RCU Alexander Potapenko escribe en [1]: \"Para cada acceso a memoria en el c\u00f3digo instrumentado por KMSAN llamamos kmsan_get_metadata() para obtener los metadatos de la memoria a la que se accede. Para la memoria virtual, los punteros de metadatos se almacenan en la `p\u00e1gina de estructura` correspondiente, por lo tanto, necesitamos llamar a virt_to_page() para obtenerlos. De acuerdo con el comentario en arch/x86/include/asm/page .h, virt_to_page(kaddr) devuelve un puntero v\u00e1lido si virt_addr_valid(kaddr) es verdadero, por lo que KMSAN tambi\u00e9n necesita llamar a virt_addr_valid(). Para evitar la recursividad, kmsan_get_metadata() no debe llamar al c\u00f3digo instrumentado, por lo tanto ./arch/x86/ include/asm/kmsan.h bifurca partes de arch/x86/mm/physaddr.c para verificar si una direcci\u00f3n virtual es v\u00e1lida o no, pero la introducci\u00f3n de rcu_read_lock() a pfn_valid() agreg\u00f3 llamadas API de RCU instrumentadas a virt_to_page_or_null() , que es llamado por kmsan_get_metadata(), por lo que ahora hay una recursividad infinita. No creo que sea correcto detener esa recursividad haciendo kmsan_enter_runtime()/kmsan_exit_runtime() en kmsan_get_metadata(): eso evitar\u00eda que las funciones instrumentadas llamadas desde el tiempo de ejecuci\u00f3n rastreen los valores ocultos, lo que podr\u00eda introducir falsos positivos. problema al cambiar pfn_valid() a la variante _sched() de rcu_read_lock/unlock(), que no requiere llamar a RCU. Dado que la secci\u00f3n cr\u00edtica en pfn_valid() es muy peque\u00f1a, esta es una compensaci\u00f3n razonable (con RCU interrumpible ). Adem\u00e1s, KMSAN debe tener cuidado de suprimir las llamadas al programador, lo que ser\u00eda otra fuente de recursividad. Esto se puede hacer envolviendo la llamada a pfn_valid() en preempt_disable/enable_no_resched(). La desventaja es que esto sacrifica la interrupci\u00f3n de la programaci\u00f3n. garant\u00edas; sin embargo, un kernel compilado con KMSAN ya ha renunciado a cualquier garant\u00eda de rendimiento debido a que est\u00e1 fuertemente instrumentado. Tenga en cuenta que el c\u00f3digo KMSAN ya deshabilita el seguimiento a trav\u00e9s de Makefile y, dado que mmzone.h est\u00e1 incluido, no es necesario usar la variante notrace, que generalmente se prefiere en todos los dem\u00e1s casos."
    }
  ],
  "metrics": {},
--- a/CVE-2024/CVE-2024-266xx/CVE-2024-26640.json
+++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26640.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: add sanity checks to rx zerocopy\n\nTCP rx zerocopy intent is to map pages initially allocated\nfrom NIC drivers, not pages owned by a fs.\n\nThis patch adds to can_map_frag() these additional checks:\n\n- Page must not be a compound one.\n- page->mapping must be NULL.\n\nThis fixes the panic reported by ZhangPeng.\n\nsyzbot was able to loopback packets built with sendfile(),\nmapping pages owned by an ext4 file to TCP rx zerocopy.\n\nr3 = socket$inet_tcp(0x2, 0x1, 0x0)\nmmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x12, r3, 0x0)\nr4 = socket$inet_tcp(0x2, 0x1, 0x0)\nbind$inet(r4, &(0x7f0000000000)={0x2, 0x4e24, @multicast1}, 0x10)\nconnect$inet(r4, &(0x7f00000006c0)={0x2, 0x4e24, @empty}, 0x10)\nr5 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\\x00',\n    0x181e42, 0x0)\nfallocate(r5, 0x0, 0x0, 0x85b8)\nsendfile(r4, r5, 0x0, 0x8ba0)\ngetsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r4, 0x6, 0x23,\n    &(0x7f00000001c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0,\n    0x0, 0x0, 0x0, 0x0}, &(0x7f0000000440)=0x40)\nr6 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\\x00',\n    0x181e42, 0x0)"
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: tcp: agregue controles de seguridad a rx zerocopy La intenci\u00f3n de TCP rx zerocopy es mapear p\u00e1ginas inicialmente asignadas desde controladores NIC, no p\u00e1ginas propiedad de un fs. Este parche a\u00f1ade a can_map_frag() estas comprobaciones adicionales: - La p\u00e1gina no debe ser compuesta. - p\u00e1gina-&gt;mapeo debe ser NULL. Esto soluciona el p\u00e1nico informado por ZhangPeng. syzbot pudo realizar un loopback de paquetes creados con sendfile(), asignando p\u00e1ginas propiedad de un archivo ext4 a TCP rx zerocopy. r3 = socket$inet_tcp(0x2, 0x1, 0x0) mmap(&amp;(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x12, r3, 0x0) r4 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r4 , &amp;(0x7f0000000000)={0x2, 0x4e24, @multicast1}, 0x10) connect$inet(r4, &amp;(0x7f00000006c0)={0x2, 0x4e24, @empty}, 0x10) r5 = openat$dir(0xffffffffffffff9c, &amp;(0x7f00) 000000c0 )='./file0\\x00', 0x181e42, 0x0) fallocate(r5, 0x0, 0x0, 0x85b8) sendfile(r4, r5, 0x0, 0x8ba0) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r4, 0x6, 0x23, &amp;(0x7f00000) 001c0)={ &amp;(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &amp;(0x7f0000000440)=0x40) r6 = openat$dir(0xffffffffffffff9c, &amp;(0x7f000) 00000c0)='./archivo0 \\x00', 0x181e42, 0x0)"
    }
  ],
  "metrics": {},
--- a/CVE-2024/CVE-2024-266xx/CVE-2024-26641.json
+++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26641.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()\n\nsyzbot found __ip6_tnl_rcv() could access unitiliazed data [1].\n\nCall pskb_inet_may_pull() to fix this, and initialize ipv6h\nvariable after this call as it can change skb->head.\n\n[1]\n BUG: KMSAN: uninit-value in __INET_ECN_decapsulate include/net/inet_ecn.h:253 [inline]\n BUG: KMSAN: uninit-value in INET_ECN_decapsulate include/net/inet_ecn.h:275 [inline]\n BUG: KMSAN: uninit-value in IP6_ECN_decapsulate+0x7df/0x1e50 include/net/inet_ecn.h:321\n  __INET_ECN_decapsulate include/net/inet_ecn.h:253 [inline]\n  INET_ECN_decapsulate include/net/inet_ecn.h:275 [inline]\n  IP6_ECN_decapsulate+0x7df/0x1e50 include/net/inet_ecn.h:321\n  ip6ip6_dscp_ecn_decapsulate+0x178/0x1b0 net/ipv6/ip6_tunnel.c:727\n  __ip6_tnl_rcv+0xd4e/0x1590 net/ipv6/ip6_tunnel.c:845\n  ip6_tnl_rcv+0xce/0x100 net/ipv6/ip6_tunnel.c:888\n gre_rcv+0x143f/0x1870\n  ip6_protocol_deliver_rcu+0xda6/0x2a60 net/ipv6/ip6_input.c:438\n  ip6_input_finish net/ipv6/ip6_input.c:483 [inline]\n  NF_HOOK include/linux/netfilter.h:314 [inline]\n  ip6_input+0x15d/0x430 net/ipv6/ip6_input.c:492\n  ip6_mc_input+0xa7e/0xc80 net/ipv6/ip6_input.c:586\n  dst_input include/net/dst.h:461 [inline]\n  ip6_rcv_finish+0x5db/0x870 net/ipv6/ip6_input.c:79\n  NF_HOOK include/linux/netfilter.h:314 [inline]\n  ipv6_rcv+0xda/0x390 net/ipv6/ip6_input.c:310\n  __netif_receive_skb_one_core net/core/dev.c:5532 [inline]\n  __netif_receive_skb+0x1a6/0x5a0 net/core/dev.c:5646\n  netif_receive_skb_internal net/core/dev.c:5732 [inline]\n  netif_receive_skb+0x58/0x660 net/core/dev.c:5791\n  tun_rx_batched+0x3ee/0x980 drivers/net/tun.c:1555\n  tun_get_user+0x53af/0x66d0 drivers/net/tun.c:2002\n  tun_chr_write_iter+0x3af/0x5d0 drivers/net/tun.c:2048\n  call_write_iter include/linux/fs.h:2084 [inline]\n  new_sync_write fs/read_write.c:497 [inline]\n  vfs_write+0x786/0x1200 fs/read_write.c:590\n  ksys_write+0x20f/0x4c0 fs/read_write.c:643\n  __do_sys_write fs/read_write.c:655 [inline]\n  __se_sys_write fs/read_write.c:652 [inline]\n  __x64_sys_write+0x93/0xd0 fs/read_write.c:652\n  do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n  do_syscall_64+0x6d/0x140 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nUninit was created at:\n  slab_post_alloc_hook+0x129/0xa70 mm/slab.h:768\n  slab_alloc_node mm/slub.c:3478 [inline]\n  kmem_cache_alloc_node+0x5e9/0xb10 mm/slub.c:3523\n  kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:560\n  __alloc_skb+0x318/0x740 net/core/skbuff.c:651\n  alloc_skb include/linux/skbuff.h:1286 [inline]\n  alloc_skb_with_frags+0xc8/0xbd0 net/core/skbuff.c:6334\n  sock_alloc_send_pskb+0xa80/0xbf0 net/core/sock.c:2787\n  tun_alloc_skb drivers/net/tun.c:1531 [inline]\n  tun_get_user+0x1e8a/0x66d0 drivers/net/tun.c:1846\n  tun_chr_write_iter+0x3af/0x5d0 drivers/net/tun.c:2048\n  call_write_iter include/linux/fs.h:2084 [inline]\n  new_sync_write fs/read_write.c:497 [inline]\n  vfs_write+0x786/0x1200 fs/read_write.c:590\n  ksys_write+0x20f/0x4c0 fs/read_write.c:643\n  __do_sys_write fs/read_write.c:655 [inline]\n  __se_sys_write fs/read_write.c:652 [inline]\n  __x64_sys_write+0x93/0xd0 fs/read_write.c:652\n  do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n  do_syscall_64+0x6d/0x140 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nCPU: 0 PID: 5034 Comm: syz-executor331 Not tainted 6.7.0-syzkaller-00562-g9f8413c4a66f #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023"
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: ip6_tunnel: aseg\u00farese de extraer el encabezado interno en __ip6_tnl_rcv(). El syzbot encontr\u00f3 que __ip6_tnl_rcv() pod\u00eda acceder a datos unificados [1]. Llame a pskb_inet_may_pull() para solucionar este problema e inicialice la variable ipv6h despu\u00e9s de esta llamada, ya que puede cambiar skb-&gt;head. [1] ERROR: KMSAN: valor uninit en __INET_ECN_decapsulate include/net/inet_ecn.h:253 [en l\u00ednea] ERROR: KMSAN: valor uninit en INET_ECN_decapsulate include/net/inet_ecn.h:275 [en l\u00ednea] ERROR: KMSAN: uninit -valor en IP6_ECN_decapsulate+0x7df/0x1e50 include/net/inet_ecn.h:321 __INET_ECN_decapsulate include/net/inet_ecn.h:253 [en l\u00ednea] INET_ECN_decapsulate include/net/inet_ecn.h:275 [en l\u00ednea] IP6_ECN_decapsulate+0x7df/0x1e50 include/ net/inet_ecn.h:321 ip6ip6_dscp_ecn_decapsulate+0x178/0x1b0 net/ipv6/ip6_tunnel.c:727 __ip6_tnl_rcv+0xd4e/0x1590 net/ipv6/ip6_tunnel.c:845 ip6_tnl_rcv+0xce/0x100 net/ipv 6/ip6_tunnel.c:888 gre_rcv +0x143f/0x1870 ip6_protocol_deliver_rcu+0xda6/0x2a60 net/ipv6/ip6_input.c:438 ip6_input_finish net/ipv6/ip6_input.c:483 [en l\u00ednea] NF_HOOK include/linux/netfilter.h:314 [en l\u00ednea] ip6_input+0x15d/0x 430 netos /ipv6/ip6_input.c:492 ip6_mc_input+0xa7e/0xc80 net/ipv6/ip6_input.c:586 dst_input include/net/dst.h:461 [en l\u00ednea] ip6_rcv_finish+0x5db/0x870 net/ipv6/ip6_input.c:79 NF_HOOK include/linux/netfilter.h:314 [en l\u00ednea] ipv6_rcv+0xda/0x390 net/ipv6/ip6_input.c:310 __netif_receive_skb_one_core net/core/dev.c:5532 [en l\u00ednea] __netif_receive_skb+0x1a6/0x5a0 net/core/dev. c:5646 netif_receive_skb_internal net/core/dev.c:5732 [en l\u00ednea] netif_receive_skb+0x58/0x660 net/core/dev.c:5791 tun_rx_batched+0x3ee/0x980 drivers/net/tun.c:1555 tun_get_user+0x53af/0x66d0 drivers /net/tun.c:2002 tun_chr_write_iter+0x3af/0x5d0 drivers/net/tun.c:2048 call_write_iter include/linux/fs.h:2084 [en l\u00ednea] new_sync_write fs/read_write.c:497 [en l\u00ednea] vfs_write+0x786/ 0x1200 fs/read_write.c:590 ksys_write+0x20f/0x4c0 fs/read_write.c:643 __do_sys_write fs/read_write.c:655 [en l\u00ednea] __se_sys_write fs/read_write.c:652 [en l\u00ednea] __x64_sys_write+0x93/0xd0 fs/read _escribir .c:652 do_syscall_x64 arch/x86/entry/common.c:52 [en l\u00ednea] do_syscall_64+0x6d/0x140 arch/x86/entry/common.c:83 Entry_SYSCALL_64_after_hwframe+0x63/0x6b Uninit se cre\u00f3 en: slab_post_alloc_hook+0x129/0xa 70 mm/slab.h:768 slab_alloc_node mm/slub.c:3478 [en l\u00ednea] kmem_cache_alloc_node+0x5e9/0xb10 mm/slub.c:3523 kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:560 __alloc_skb+0x318/0x740 net /core/skbuff.c:651 alloc_skb include/linux/skbuff.h:1286 [en l\u00ednea] alloc_skb_with_frags+0xc8/0xbd0 net/core/skbuff.c:6334 sock_alloc_send_pskb+0xa80/0xbf0 net/core/sock.c:2787 tun_alloc_skb drivers/net/tun.c:1531 [en l\u00ednea] tun_get_user+0x1e8a/0x66d0 drivers/net/tun.c:1846 tun_chr_write_iter+0x3af/0x5d0 drivers/net/tun.c:2048 call_write_iter include/linux/fs.h:2084 [en l\u00ednea] new_sync_write fs/read_write.c:497 [en l\u00ednea] vfs_write+0x786/0x1200 fs/read_write.c:590 ksys_write+0x20f/0x4c0 fs/read_write.c:643 __do_sys_write fs/read_write.c:655 [en l\u00ednea] __se_sys_write fs/read_write.c:652 [en l\u00ednea] __x64_sys_write+0x93/0xd0 fs/read_write.c:652 do_syscall_x64 arch/x86/entry/common.c:52 [en l\u00ednea] do_syscall_64+0x6d/0x140 arch/x86/entry/common. c:83 Entry_SYSCALL_64_after_hwframe+0x63/0x6b CPU: 0 PID: 5034 Comm: syz-executor331 No contaminado 6.7.0-syzkaller-00562-g9f8413c4a66f #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/ 2023"
    }
  ],
  "metrics": {},
--- a/CVE-2024/CVE-2024-277xx/CVE-2024-27757.json
+++ b/CVE-2024/CVE-2024-277xx/CVE-2024-27757.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "flusity CMS through 2.45 allows tools/addons_model.php Gallery Name XSS. The reporter indicates that this product \"ceased its development as of February 2024.\""
+    },
+    {
+      "lang": "es",
+      "value": "Flusity CMS hasta 2.45 permite herramientas/addons_model.php Nombre de galer\u00eda XSS. El reportero indica que este producto \u201cces\u00f3 su desarrollo a partir de febrero de 2024\u201d."
    }
  ],
  "metrics": {},
--- a/CVE-2024/CVE-2024-277xx/CVE-2024-27767.json
+++ b/CVE-2024/CVE-2024-277xx/CVE-2024-27767.json
@ -0,0 +1,55 @@
+{
+  "id": "CVE-2024-27767",
+  "sourceIdentifier": "cna@cyber.gov.il",
+  "published": "2024-03-18T14:15:08.050",
+  "lastModified": "2024-03-18T14:15:08.050",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "\nCWE-287: Improper Authentication may allow Authentication Bypass\n\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@cyber.gov.il",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 10.0,
+          "baseSeverity": "CRITICAL"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 6.0
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@cyber.gov.il",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-287"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.gov.il/en/departments/dynamiccollectors/cve_advisories_listing?skip=0",
+      "source": "cna@cyber.gov.il"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-277xx/CVE-2024-27768.json
+++ b/CVE-2024/CVE-2024-277xx/CVE-2024-27768.json
@ -0,0 +1,59 @@
+{
+  "id": "CVE-2024-27768",
+  "sourceIdentifier": "cna@cyber.gov.il",
+  "published": "2024-03-18T14:15:08.290",
+  "lastModified": "2024-03-18T14:15:08.290",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "\nUnitronics Unistream Unilogic \u2013 Versions prior to 1.35.227 - CWE-22: 'Path Traversal' may allow RCE\n\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@cyber.gov.il",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 9.8,
+          "baseSeverity": "CRITICAL"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@cyber.gov.il",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-22"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://claroty.com/team82/blog/new-critical-vulnerabilities-in-unitronics-unistream-devices-uncovered",
+      "source": "cna@cyber.gov.il"
+    },
+    {
+      "url": "https://www.gov.il/en/departments/dynamiccollectors/cve_advisories_listing?skip=0",
+      "source": "cna@cyber.gov.il"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-277xx/CVE-2024-27769.json
+++ b/CVE-2024/CVE-2024-277xx/CVE-2024-27769.json
@ -0,0 +1,59 @@
+{
+  "id": "CVE-2024-27769",
+  "sourceIdentifier": "cna@cyber.gov.il",
+  "published": "2024-03-18T14:15:08.547",
+  "lastModified": "2024-03-18T14:15:08.547",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "\nUnitronics Unistream Unilogic \u2013 Versions prior to 1.35.227 - \n\nCWE-200: Exposure of Sensitive Information to an Unauthorized Actor may allow Taking Ownership Over Devices\n\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@cyber.gov.il",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 8.8,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@cyber.gov.il",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-200"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://claroty.com/team82/blog/new-critical-vulnerabilities-in-unitronics-unistream-devices-uncovered",
+      "source": "cna@cyber.gov.il"
+    },
+    {
+      "url": "https://www.gov.il/en/departments/dynamiccollectors/cve_advisories_listing?skip=0",
+      "source": "cna@cyber.gov.il"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-277xx/CVE-2024-27770.json
+++ b/CVE-2024/CVE-2024-277xx/CVE-2024-27770.json
@ -0,0 +1,59 @@
+{
+  "id": "CVE-2024-27770",
+  "sourceIdentifier": "cna@cyber.gov.il",
+  "published": "2024-03-18T14:15:08.767",
+  "lastModified": "2024-03-18T14:15:08.767",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "\nUnitronics Unistream Unilogic \u2013 Versions prior to 1.35.227 - \n\nCWE-23: Relative Path Traversal\n\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@cyber.gov.il",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 8.8,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@cyber.gov.il",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-23"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://claroty.com/team82/blog/new-critical-vulnerabilities-in-unitronics-unistream-devices-uncovered",
+      "source": "cna@cyber.gov.il"
+    },
+    {
+      "url": "https://www.gov.il/en/departments/dynamiccollectors/cve_advisories_listing?skip=0",
+      "source": "cna@cyber.gov.il"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-277xx/CVE-2024-27771.json
+++ b/CVE-2024/CVE-2024-277xx/CVE-2024-27771.json
@ -0,0 +1,59 @@
+{
+  "id": "CVE-2024-27771",
+  "sourceIdentifier": "cna@cyber.gov.il",
+  "published": "2024-03-18T14:15:08.997",
+  "lastModified": "2024-03-18T14:15:08.997",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "\nUnitronics Unistream Unilogic \u2013 Versions prior to 1.35.227 -\n\nCWE-22: 'Path Traversal'\u00a0may allow RCE\n\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@cyber.gov.il",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 8.8,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@cyber.gov.il",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-22"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://claroty.com/team82/blog/new-critical-vulnerabilities-in-unitronics-unistream-devices-uncovered",
+      "source": "cna@cyber.gov.il"
+    },
+    {
+      "url": "https://www.gov.il/en/departments/dynamiccollectors/cve_advisories_listing?skip=0",
+      "source": "cna@cyber.gov.il"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-277xx/CVE-2024-27772.json
+++ b/CVE-2024/CVE-2024-277xx/CVE-2024-27772.json
@ -0,0 +1,59 @@
+{
+  "id": "CVE-2024-27772",
+  "sourceIdentifier": "cna@cyber.gov.il",
+  "published": "2024-03-18T14:15:09.210",
+  "lastModified": "2024-03-18T14:15:09.210",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "\nUnitronics Unistream Unilogic \u2013 Versions prior to 1.35.227 -\n\nCWE-78: 'OS Command Injection' may allow RCE\n\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@cyber.gov.il",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 8.8,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@cyber.gov.il",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-78"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://claroty.com/team82/blog/new-critical-vulnerabilities-in-unitronics-unistream-devices-uncovered",
+      "source": "cna@cyber.gov.il"
+    },
+    {
+      "url": "https://www.gov.il/en/departments/dynamiccollectors/cve_advisories_listing?skip=0",
+      "source": "cna@cyber.gov.il"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-277xx/CVE-2024-27773.json
+++ b/CVE-2024/CVE-2024-277xx/CVE-2024-27773.json
@ -0,0 +1,59 @@
+{
+  "id": "CVE-2024-27773",
+  "sourceIdentifier": "cna@cyber.gov.il",
+  "published": "2024-03-18T14:15:09.447",
+  "lastModified": "2024-03-18T14:15:09.447",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "\nUnitronics Unistream Unilogic \u2013 Versions prior to 1.35.227 -\n\nCWE-348: Use of Less Trusted Source may allow RCE\n\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@cyber.gov.il",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 8.8,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@cyber.gov.il",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-348"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://claroty.com/team82/blog/new-critical-vulnerabilities-in-unitronics-unistream-devices-uncovered",
+      "source": "cna@cyber.gov.il"
+    },
+    {
+      "url": "https://www.gov.il/en/departments/dynamiccollectors/cve_advisories_listing?skip=0",
+      "source": "cna@cyber.gov.il"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-277xx/CVE-2024-27774.json
+++ b/CVE-2024/CVE-2024-277xx/CVE-2024-27774.json
@ -0,0 +1,59 @@
+{
+  "id": "CVE-2024-27774",
+  "sourceIdentifier": "cna@cyber.gov.il",
+  "published": "2024-03-18T14:15:09.703",
+  "lastModified": "2024-03-18T14:15:09.703",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "\nUnitronics Unistream Unilogic \u2013 Versions prior to 1.35.227 -\n\nCWE-259: Use of Hard-coded Password may allow disclosing Sensitive Information Embedded inside Device's Firmware\n\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@cyber.gov.il",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 7.5,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 1.6,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@cyber.gov.il",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-259"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://claroty.com/team82/blog/new-critical-vulnerabilities-in-unitronics-unistream-devices-uncovered",
+      "source": "cna@cyber.gov.il"
+    },
+    {
+      "url": "https://www.gov.il/en/departments/dynamiccollectors/cve_advisories_listing?skip=0",
+      "source": "cna@cyber.gov.il"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-279xx/CVE-2024-27974.json
+++ b/CVE-2024/CVE-2024-279xx/CVE-2024-27974.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "Cross-site request forgery vulnerability in FUJIFILM printers which implement CentreWare Internet Services or Internet Services allows a remote unauthenticated attacker to alter user information. In the case the user is an administrator, the settings such as the administrator's ID, password, etc. may be altered. As for the details of affected product names, model numbers, and versions, refer to the information provided by the vendor listed under [References]."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de Cross-Site Request Forgery en impresoras FUJIFILM que implementan CentreWare Internet Services o Internet Services permite que un atacante remoto no autenticado altere la informaci\u00f3n del usuario. En el caso de que el usuario sea administrador, se podr\u00e1n alterar configuraciones como ID de administrador, contrase\u00f1a, etc. En cuanto a los detalles de los nombres de los productos, n\u00fameros de modelo y versiones afectados, consulte la informaci\u00f3n proporcionada por el proveedor que figura en [Referencias]."
    }
  ],
  "metrics": {},
--- a/CVE-2024/CVE-2024-280xx/CVE-2024-28039.json
+++ b/CVE-2024/CVE-2024-280xx/CVE-2024-28039.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "Improper restriction of XML external entity references vulnerability exists in FitNesse all releases, which allows a remote unauthenticated attacker to obtain sensitive information, alter data, or cause a denial-of-service (DoS) condition."
+    },
+    {
+      "lang": "es",
+      "value": "Existe una vulnerabilidad de restricci\u00f3n inadecuada de referencias de entidades externas XML en todas las versiones de FitNesse, lo que permite a un atacante remoto no autenticado obtener informaci\u00f3n confidencial, alterar datos o provocar una condici\u00f3n de denegaci\u00f3n de servicio (DoS)."
    }
  ],
  "metrics": {},
--- a/CVE-2024/CVE-2024-281xx/CVE-2024-28125.json
+++ b/CVE-2024/CVE-2024-281xx/CVE-2024-28125.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "FitNesse all releases allows a remote authenticated attacker to execute arbitrary OS commands."
+    },
+    {
+      "lang": "es",
+      "value": "Todas las versiones de FitNesse permiten que un atacante remoto autenticado ejecute comandos arbitrarios del sistema operativo."
    }
  ],
  "metrics": {},
--- a/CVE-2024/CVE-2024-285xx/CVE-2024-28537.json
+++ b/CVE-2024/CVE-2024-285xx/CVE-2024-28537.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2024-28537",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-03-18T14:15:09.960",
+  "lastModified": "2024-03-18T14:15:09.960",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the page parameter of fromNatStaticSetting function."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/fromNatStaticSetting.md",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-285xx/CVE-2024-28547.json
+++ b/CVE-2024/CVE-2024-285xx/CVE-2024-28547.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2024-28547",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-03-18T14:15:10.010",
+  "lastModified": "2024-03-18T14:15:10.010",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the firewallEn parameter of formSetFirewallCfg function."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/formSetFirewallCfg.md",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-285xx/CVE-2024-28550.json
+++ b/CVE-2024/CVE-2024-285xx/CVE-2024-28550.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2024-28550",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-03-18T13:15:07.490",
+  "lastModified": "2024-03-18T13:15:07.490",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the filePath parameter of formExpandDlnaFile function."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/formExpandDlnaFile.md",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-287xx/CVE-2024-28745.json
+++ b/CVE-2024/CVE-2024-287xx/CVE-2024-28745.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "Improper export of Android application components issue exists in 'ABEMA' App for Android prior to 10.65.0 allowing another app installed on the user's device to access an arbitrary URL on 'ABEMA' App for Android via Intent. If this vulnerability is exploited, an arbitrary website may be displayed on the app, and as a result, the user may become a victim of a phishing attack."
+    },
+    {
+      "lang": "es",
+      "value": "Existe un problema de exportaci\u00f3n incorrecta de los componentes de la aplicaci\u00f3n de Android en la aplicaci\u00f3n 'ABEMA' para Android anterior a 10.65.0, lo que permite que otra aplicaci\u00f3n instalada en el dispositivo del usuario acceda a una URL arbitraria en la aplicaci\u00f3n 'ABEMA' para Android a trav\u00e9s de Intent. Si se explota esta vulnerabilidad, es posible que se muestre un sitio web arbitrario en la aplicaci\u00f3n y, como resultado, el usuario puede convertirse en v\u00edctima de un ataque de phishing."
    }
  ],
  "metrics": {},
--- a/CVE-2024/CVE-2024-291xx/CVE-2024-29151.json
+++ b/CVE-2024/CVE-2024-291xx/CVE-2024-29151.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "Rocket.Chat.Audit through 5ad78e8 depends on filecachetools, which does not exist in PyPI."
+    },
+    {
+      "lang": "es",
+      "value": "Rocket.Chat.Audit hasta 5ad78e8 depende de filecachetools, que no existe en PyPI."
    }
  ],
  "metrics": {},
--- a/CVE-2024/CVE-2024-291xx/CVE-2024-29154.json
+++ b/CVE-2024/CVE-2024-291xx/CVE-2024-29154.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "danielmiessler fabric through 1.3.0 allows installer/client/gui/static/js/index.js XSS because of innerHTML mishandling, such as in htmlToPlainText."
+    },
+    {
+      "lang": "es",
+      "value": "danielmiessler fabric hasta 1.3.0 permite installer/client/gui/static/js/index.js XSS debido al mal manejo de internalHTML, como en htmlToPlainText."
    }
  ],
  "metrics": {
--- a/CVE-2024/CVE-2024-291xx/CVE-2024-29156.json
+++ b/CVE-2024/CVE-2024-291xx/CVE-2024-29156.json
@ -8,6 +8,10 @@
    {
      "lang": "en",
      "value": "In OpenStack Murano through 16.0.0, when YAQL before 3.0.0 is used, the Murano service's MuranoPL extension to the YAQL language fails to sanitize the supplied environment, leading to potential leakage of sensitive service account information."
+    },
+    {
+      "lang": "es",
+      "value": "En OpenStack Murano hasta 16.0.0, cuando se utiliza YAQL anterior a 3.0.0, la extensi\u00f3n MuranoPL del servicio Murano para el lenguaje YAQL no logra sanitizar el entorno proporcionado, lo que genera una posible fuga de informaci\u00f3n confidencial de la cuenta de servicio."
    }
  ],
  "metrics": {},
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-03-18T13:00:39.107263+00:00
+2024-03-18T15:00:38.809752+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-03-18T12:38:25.490000+00:00
+2024-03-18T14:15:13.643000+00:00
 ```

 ### Last Data Feed Release
@ -29,64 +29,65 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-241809
+241839
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `24`
+Recently added CVEs: `30`

-* [CVE-2023-52609](CVE-2023/CVE-2023-526xx/CVE-2023-52609.json) (`2024-03-18T11:15:07.743`)
-* [CVE-2023-52610](CVE-2023/CVE-2023-526xx/CVE-2023-52610.json) (`2024-03-18T11:15:07.943`)
-* [CVE-2023-52611](CVE-2023/CVE-2023-526xx/CVE-2023-52611.json) (`2024-03-18T11:15:08.157`)
-* [CVE-2023-52612](CVE-2023/CVE-2023-526xx/CVE-2023-52612.json) (`2024-03-18T11:15:08.317`)
-* [CVE-2023-52613](CVE-2023/CVE-2023-526xx/CVE-2023-52613.json) (`2024-03-18T11:15:08.477`)
-* [CVE-2023-52614](CVE-2023/CVE-2023-526xx/CVE-2023-52614.json) (`2024-03-18T11:15:08.640`)
-* [CVE-2023-52615](CVE-2023/CVE-2023-526xx/CVE-2023-52615.json) (`2024-03-18T11:15:08.797`)
-* [CVE-2023-52616](CVE-2023/CVE-2023-526xx/CVE-2023-52616.json) (`2024-03-18T11:15:08.967`)
-* [CVE-2023-52617](CVE-2023/CVE-2023-526xx/CVE-2023-52617.json) (`2024-03-18T11:15:09.057`)
-* [CVE-2023-52618](CVE-2023/CVE-2023-526xx/CVE-2023-52618.json) (`2024-03-18T11:15:09.110`)
-* [CVE-2023-52619](CVE-2023/CVE-2023-526xx/CVE-2023-52619.json) (`2024-03-18T11:15:09.170`)
-* [CVE-2024-1013](CVE-2024/CVE-2024-10xx/CVE-2024-1013.json) (`2024-03-18T11:15:09.227`)
-* [CVE-2024-20767](CVE-2024/CVE-2024-207xx/CVE-2024-20767.json) (`2024-03-18T12:15:06.870`)
-* [CVE-2024-26631](CVE-2024/CVE-2024-266xx/CVE-2024-26631.json) (`2024-03-18T11:15:09.483`)
-* [CVE-2024-26632](CVE-2024/CVE-2024-266xx/CVE-2024-26632.json) (`2024-03-18T11:15:09.697`)
-* [CVE-2024-26633](CVE-2024/CVE-2024-266xx/CVE-2024-26633.json) (`2024-03-18T11:15:09.867`)
-* [CVE-2024-26634](CVE-2024/CVE-2024-266xx/CVE-2024-26634.json) (`2024-03-18T11:15:10.053`)
-* [CVE-2024-26635](CVE-2024/CVE-2024-266xx/CVE-2024-26635.json) (`2024-03-18T11:15:10.203`)
-* [CVE-2024-26636](CVE-2024/CVE-2024-266xx/CVE-2024-26636.json) (`2024-03-18T11:15:10.363`)
-* [CVE-2024-26637](CVE-2024/CVE-2024-266xx/CVE-2024-26637.json) (`2024-03-18T11:15:10.550`)
-* [CVE-2024-26638](CVE-2024/CVE-2024-266xx/CVE-2024-26638.json) (`2024-03-18T11:15:10.720`)
-* [CVE-2024-26639](CVE-2024/CVE-2024-266xx/CVE-2024-26639.json) (`2024-03-18T11:15:10.880`)
-* [CVE-2024-26640](CVE-2024/CVE-2024-266xx/CVE-2024-26640.json) (`2024-03-18T11:15:11.043`)
-* [CVE-2024-26641](CVE-2024/CVE-2024-266xx/CVE-2024-26641.json) (`2024-03-18T11:15:11.193`)
+* [CVE-2024-2586](CVE-2024/CVE-2024-25xx/CVE-2024-2586.json) (`2024-03-18T14:15:10.540`)
+* [CVE-2024-2587](CVE-2024/CVE-2024-25xx/CVE-2024-2587.json) (`2024-03-18T14:15:10.763`)
+* [CVE-2024-2588](CVE-2024/CVE-2024-25xx/CVE-2024-2588.json) (`2024-03-18T14:15:10.993`)
+* [CVE-2024-2589](CVE-2024/CVE-2024-25xx/CVE-2024-2589.json) (`2024-03-18T14:15:11.230`)
+* [CVE-2024-2590](CVE-2024/CVE-2024-25xx/CVE-2024-2590.json) (`2024-03-18T14:15:11.517`)
+* [CVE-2024-2591](CVE-2024/CVE-2024-25xx/CVE-2024-2591.json) (`2024-03-18T14:15:11.747`)
+* [CVE-2024-2592](CVE-2024/CVE-2024-25xx/CVE-2024-2592.json) (`2024-03-18T14:15:11.987`)
+* [CVE-2024-2593](CVE-2024/CVE-2024-25xx/CVE-2024-2593.json) (`2024-03-18T14:15:12.233`)
+* [CVE-2024-2594](CVE-2024/CVE-2024-25xx/CVE-2024-2594.json) (`2024-03-18T14:15:12.463`)
+* [CVE-2024-2595](CVE-2024/CVE-2024-25xx/CVE-2024-2595.json) (`2024-03-18T14:15:12.673`)
+* [CVE-2024-2596](CVE-2024/CVE-2024-25xx/CVE-2024-2596.json) (`2024-03-18T14:15:12.893`)
+* [CVE-2024-2597](CVE-2024/CVE-2024-25xx/CVE-2024-2597.json) (`2024-03-18T14:15:13.140`)
+* [CVE-2024-2598](CVE-2024/CVE-2024-25xx/CVE-2024-2598.json) (`2024-03-18T14:15:13.383`)
+* [CVE-2024-2599](CVE-2024/CVE-2024-25xx/CVE-2024-2599.json) (`2024-03-18T14:15:13.643`)
+* [CVE-2024-27767](CVE-2024/CVE-2024-277xx/CVE-2024-27767.json) (`2024-03-18T14:15:08.050`)
+* [CVE-2024-27768](CVE-2024/CVE-2024-277xx/CVE-2024-27768.json) (`2024-03-18T14:15:08.290`)
+* [CVE-2024-27769](CVE-2024/CVE-2024-277xx/CVE-2024-27769.json) (`2024-03-18T14:15:08.547`)
+* [CVE-2024-27770](CVE-2024/CVE-2024-277xx/CVE-2024-27770.json) (`2024-03-18T14:15:08.767`)
+* [CVE-2024-27771](CVE-2024/CVE-2024-277xx/CVE-2024-27771.json) (`2024-03-18T14:15:08.997`)
+* [CVE-2024-27772](CVE-2024/CVE-2024-277xx/CVE-2024-27772.json) (`2024-03-18T14:15:09.210`)
+* [CVE-2024-27773](CVE-2024/CVE-2024-277xx/CVE-2024-27773.json) (`2024-03-18T14:15:09.447`)
+* [CVE-2024-27774](CVE-2024/CVE-2024-277xx/CVE-2024-27774.json) (`2024-03-18T14:15:09.703`)
+* [CVE-2024-28537](CVE-2024/CVE-2024-285xx/CVE-2024-28537.json) (`2024-03-18T14:15:09.960`)
+* [CVE-2024-28547](CVE-2024/CVE-2024-285xx/CVE-2024-28547.json) (`2024-03-18T14:15:10.010`)
+* [CVE-2024-28550](CVE-2024/CVE-2024-285xx/CVE-2024-28550.json) (`2024-03-18T13:15:07.490`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `31`
+Recently modified CVEs: `54`

-* [CVE-2022-47036](CVE-2022/CVE-2022-470xx/CVE-2022-47036.json) (`2024-03-18T12:38:25.490`)
-* [CVE-2022-47037](CVE-2022/CVE-2022-470xx/CVE-2022-47037.json) (`2024-03-18T12:38:25.490`)
-* [CVE-2023-52159](CVE-2023/CVE-2023-521xx/CVE-2023-52159.json) (`2024-03-18T12:38:25.490`)
-* [CVE-2024-1604](CVE-2024/CVE-2024-16xx/CVE-2024-1604.json) (`2024-03-18T12:38:25.490`)
-* [CVE-2024-1605](CVE-2024/CVE-2024-16xx/CVE-2024-1605.json) (`2024-03-18T12:38:25.490`)
-* [CVE-2024-1606](CVE-2024/CVE-2024-16xx/CVE-2024-1606.json) (`2024-03-18T12:38:25.490`)
-* [CVE-2024-21824](CVE-2024/CVE-2024-218xx/CVE-2024-21824.json) (`2024-03-18T12:38:25.490`)
-* [CVE-2024-22475](CVE-2024/CVE-2024-224xx/CVE-2024-22475.json) (`2024-03-18T12:38:25.490`)
-* [CVE-2024-23604](CVE-2024/CVE-2024-236xx/CVE-2024-23604.json) (`2024-03-18T12:38:25.490`)
-* [CVE-2024-24230](CVE-2024/CVE-2024-242xx/CVE-2024-24230.json) (`2024-03-18T12:38:25.490`)
 * [CVE-2024-24539](CVE-2024/CVE-2024-245xx/CVE-2024-24539.json) (`2024-03-18T12:38:25.490`)
 * [CVE-2024-2574](CVE-2024/CVE-2024-25xx/CVE-2024-2574.json) (`2024-03-18T12:38:25.490`)
 * [CVE-2024-2575](CVE-2024/CVE-2024-25xx/CVE-2024-2575.json) (`2024-03-18T12:38:25.490`)
 * [CVE-2024-2576](CVE-2024/CVE-2024-25xx/CVE-2024-2576.json) (`2024-03-18T12:38:25.490`)
 * [CVE-2024-2577](CVE-2024/CVE-2024-25xx/CVE-2024-2577.json) (`2024-03-18T12:38:25.490`)
 * [CVE-2024-2581](CVE-2024/CVE-2024-25xx/CVE-2024-2581.json) (`2024-03-18T12:38:25.490`)
+* [CVE-2024-26631](CVE-2024/CVE-2024-266xx/CVE-2024-26631.json) (`2024-03-18T12:38:25.490`)
+* [CVE-2024-26632](CVE-2024/CVE-2024-266xx/CVE-2024-26632.json) (`2024-03-18T12:38:25.490`)
+* [CVE-2024-26633](CVE-2024/CVE-2024-266xx/CVE-2024-26633.json) (`2024-03-18T12:38:25.490`)
+* [CVE-2024-26634](CVE-2024/CVE-2024-266xx/CVE-2024-26634.json) (`2024-03-18T12:38:25.490`)
+* [CVE-2024-26635](CVE-2024/CVE-2024-266xx/CVE-2024-26635.json) (`2024-03-18T12:38:25.490`)
+* [CVE-2024-26636](CVE-2024/CVE-2024-266xx/CVE-2024-26636.json) (`2024-03-18T12:38:25.490`)
+* [CVE-2024-26637](CVE-2024/CVE-2024-266xx/CVE-2024-26637.json) (`2024-03-18T12:38:25.490`)
+* [CVE-2024-26638](CVE-2024/CVE-2024-266xx/CVE-2024-26638.json) (`2024-03-18T12:38:25.490`)
+* [CVE-2024-26639](CVE-2024/CVE-2024-266xx/CVE-2024-26639.json) (`2024-03-18T12:38:25.490`)
+* [CVE-2024-26640](CVE-2024/CVE-2024-266xx/CVE-2024-26640.json) (`2024-03-18T12:38:25.490`)
+* [CVE-2024-26641](CVE-2024/CVE-2024-266xx/CVE-2024-26641.json) (`2024-03-18T12:38:25.490`)
 * [CVE-2024-27757](CVE-2024/CVE-2024-277xx/CVE-2024-27757.json) (`2024-03-18T12:38:25.490`)
 * [CVE-2024-27974](CVE-2024/CVE-2024-279xx/CVE-2024-27974.json) (`2024-03-18T12:38:25.490`)
 * [CVE-2024-28039](CVE-2024/CVE-2024-280xx/CVE-2024-28039.json) (`2024-03-18T12:38:25.490`)
 * [CVE-2024-28125](CVE-2024/CVE-2024-281xx/CVE-2024-28125.json) (`2024-03-18T12:38:25.490`)
-* [CVE-2024-28128](CVE-2024/CVE-2024-281xx/CVE-2024-28128.json) (`2024-03-18T12:38:25.490`)
 * [CVE-2024-28745](CVE-2024/CVE-2024-287xx/CVE-2024-28745.json) (`2024-03-18T12:38:25.490`)
 * [CVE-2024-29151](CVE-2024/CVE-2024-291xx/CVE-2024-29151.json) (`2024-03-18T12:38:25.490`)
 * [CVE-2024-29154](CVE-2024/CVE-2024-291xx/CVE-2024-29154.json) (`2024-03-18T12:38:25.490`)
--- a/_state.csv
+++ b/_state.csv
@ -121368,7 +121368,7 @@ CVE-2018-25095,0,0,fb73a2ca07bc0b1c3648dd352ef5d63d5e38141d3163c348c092eb2180763
 CVE-2018-25096,0,0,65946b951ad2c28cc99779b55c9189a3eff50639dbf842e942c8a91e53b437eb,2024-02-29T01:23:15.437000
 CVE-2018-25097,0,0,2c5fa32a0d772992a56fb020de703568956d2982c6480d087346ecda7afe11fd,2024-02-29T01:23:15.543000
 CVE-2018-25098,0,0,37d4c449b9e769fa372d3a284d5f7c94226d641b16e61e76e9d5cd58b62d1343,2024-02-29T01:23:15.647000
-CVE-2018-25099,0,1,d735b1e1efe1c691d95c6f3f3364dd85854197ddc01aa598bf0b31d51ccd7052,2024-03-18T12:38:25.490000
+CVE-2018-25099,0,1,4477c16cb5a3503e957873dbddbd3b50ffb7092ffd27acf2a352c93f686dfb7f,2024-03-18T12:38:25.490000
 CVE-2018-2515,0,0,158f882e4275a7485a2b9ce17e7e57c4ea22cf74c55a78a9900c73a4caa327c0,2023-11-07T02:57:57.887000
 CVE-2018-2560,0,0,0bb1a26d6c05fddeb488697adb0bbe667a3dd77c1a5bc7af495c8721df5b1197,2020-08-24T17:37:01.140000
 CVE-2018-2561,0,0,b76feaa260e2f54fc8eeb8d50d578ffdd22b603f486ac4f8f5b3bc42df22fa45,2018-01-25T13:53:15.120000
@ -186819,7 +186819,7 @@ CVE-2021-47111,0,0,4c6d7f8e2ead540fb0466d815466662a005fab2f4031af315699a1765895c
 CVE-2021-47112,0,0,ef3a3e380c8ada0d435f747145102854eb6709678939c7dd53a2655dec90b8bf,2024-03-17T22:38:29.433000
 CVE-2021-47113,0,0,9d09116e6373fa7bcc34c1e6cf39477e57ad53cc498118b2c620dd8cb1fd917a,2024-03-17T22:38:29.433000
 CVE-2021-47114,0,0,f5813d25bee050c532c2ccb4b387e41f4cbb05e6ea107b39f7cf36e459515eeb,2024-03-17T22:38:29.433000
-CVE-2021-47115,0,1,49756cf61db16dbbdfddc93156bf4dc1ab50dec73c144a78168f769329c96b5d,2024-03-18T11:15:07.400000
+CVE-2021-47115,0,0,49756cf61db16dbbdfddc93156bf4dc1ab50dec73c144a78168f769329c96b5d,2024-03-18T11:15:07.400000
 CVE-2021-47116,0,0,c48e06418b0b118ca22950b67b38f3f54a74fdd6b5e133cecb48e88f0d85752d,2024-03-17T22:38:29.433000
 CVE-2021-47117,0,0,793b6ef69840b6724f086df3c240a12b855b373684b21d34236523cd515af073,2024-03-17T22:38:29.433000
 CVE-2021-47118,0,0,f5bdd0fd152f2c6bba595adb8fe6b7a19e5810e3cd44162d6db75d729a87359a,2024-03-17T22:38:29.433000
@ -186840,10 +186840,10 @@ CVE-2021-47132,0,0,1547d2dc3a369b3f7e76a4c03ab3a2a4cba2c1bffe45a54c111488733e6a6
 CVE-2021-47133,0,0,7b6345e898b3e10a871129b85c8e095f10e5f051f1b15bf60f334c8709116bdd,2024-03-17T22:38:29.433000
 CVE-2021-47134,0,0,8a7c141a2170c4a86e59cf8803a362f8506e9aca7f6918b58c8cce087c1666ed,2024-03-17T22:38:29.433000
 CVE-2021-47135,0,0,a29c3bbac0a96b9549a1fb1c3113013df387a88d8966ee7b2759c5051b5c4adf,2024-03-17T22:38:29.433000
-CVE-2021-47154,0,1,6f3a77fc4eba272ac7ca8c198e6c7a5888f680d671d07339b643b3281c849444,2024-03-18T12:38:25.490000
-CVE-2021-47155,0,1,bee494eb829200ce197a81001bf6f873f4a081da3e2129bb7d4b020992031289,2024-03-18T12:38:25.490000
-CVE-2021-47156,0,1,75fd63fb5ac8e458da495960e06e713feb6719d51d4702ce727e2c406aac37b5,2024-03-18T12:38:25.490000
-CVE-2021-47157,0,1,39163a926229df1ebe51a3fc386748b3ee02182007a091017d976eab8239a6c0,2024-03-18T12:38:25.490000
+CVE-2021-47154,0,1,8309ebe3073d84cfe5ecb8666f09b0e82732cb2fc877e4509166e5d7d54448f8,2024-03-18T12:38:25.490000
+CVE-2021-47155,0,1,c0a7a97bc396f5ab0374a2fb0aee4ad5d8cee65fdaee7c89734d651655a8599b,2024-03-18T12:38:25.490000
+CVE-2021-47156,0,1,296f10d8deb633a4526261eeba5e15fdbb9698ef1819ea9aada787bdd3dae36a,2024-03-18T12:38:25.490000
+CVE-2021-47157,0,1,319673d3583f829d4d14b5d4679a0a91d267220b68a78141b60d32a491f4cf59,2024-03-18T12:38:25.490000
 CVE-2022-0001,0,0,eef83f8ee034200b042b5eda26b679b982266672cf1407daf8d9fbe1ba7937b5,2022-08-19T12:28:32.903000
 CVE-2022-0002,0,0,4ba989879ca817729e7cddc36d35dc20834fb13fd71d0cce189890fe2defbd53,2022-08-19T12:28:50.667000
 CVE-2022-0004,0,0,4891f62a2edc2f307dec62ec3f2089232f3fddba4652b7ef635786ed0f8a2286,2022-06-10T20:52:37.810000
@ -210330,8 +210330,8 @@ CVE-2022-47029,0,0,6711d7ceb115fd6a5fbadd5fd10d1d6bf8dce32543d421aee1cee97e3de99
 CVE-2022-4703,0,0,04fd529fd214a0ee7797e781b2cb706147a8cd1fa8d3cd1a0b2b027baebf6129,2023-11-07T03:58:37.930000
 CVE-2022-47034,0,0,5ac67aa163553be867a866364afa18b92dc4bc7f840a7a175875590efa8c950d,2023-02-22T20:14:11.913000
 CVE-2022-47035,0,0,aa806af6e8b40d416e03065c0212e2a0473d848363c34ed069117e45409d8bfd,2023-02-07T21:48:39.107000
-CVE-2022-47036,0,1,9bbe50d7c7e651f6f38e707fdc31a6ac4f54683556035faaca683fa85a311228,2024-03-18T12:38:25.490000
-CVE-2022-47037,0,1,72cf2244460ffdc281a6c91818d5583d58f2057f1518ae4cb3f39eb5dd39d6e3,2024-03-18T12:38:25.490000
+CVE-2022-47036,0,1,53d34e8273024b8eeecffd8025a771d55583aff98ad4183453458594b15cc520,2024-03-18T12:38:25.490000
+CVE-2022-47037,0,1,8af84159876ef48f4d2397e25359477dba2e59fe1fdb8facaaf83dcebc18eb57,2024-03-18T12:38:25.490000
 CVE-2022-4704,0,0,84b343d6897ec65299cf51bae586ccb120c16f50abcda275762c71d63050680b,2023-11-07T03:58:38.160000
 CVE-2022-47040,0,0,9ae2dd2965fd1fe7d23b5e824c080ca835a2b6315c4b7e40e407cf6ffc8d9ff4,2023-02-06T16:23:30.867000
 CVE-2022-47042,0,0,23eeda5f6d3ef78633c762345fe7efe3a9fda0099f5033544f0151a84183269c,2023-02-01T15:55:27.787000
@ -235731,7 +235731,7 @@ CVE-2023-52152,0,0,e56fa2d2c1e141f8041fc8c88a612bb4ba95742ec4640f573ab4ba7b04743
 CVE-2023-52153,0,0,0c2ecbcd7f13f6c7a2e779421c57cd39c3bb12a281b05ae9cded4398a2a9234b,2024-02-22T19:07:27.197000
 CVE-2023-52154,0,0,4fcc7827557b88433f869eead3b4c25d57fe62a3f5aad2c73cc5b9f30781be75,2024-02-22T19:07:27.197000
 CVE-2023-52155,0,0,2d124c7a3937e95fe09338bcde4297ee381aa5672d319a6218dc245e972781e4,2024-02-22T19:07:27.197000
-CVE-2023-52159,0,1,41421be2ebaeeb7ef7d7c43552644b2dc0056ba0b234467156aa851224a19b02,2024-03-18T12:38:25.490000
+CVE-2023-52159,0,1,bf255e378f9b666383496e609984d7412256d835b7aea05fa60df8bfc8b578fa,2024-03-18T12:38:25.490000
 CVE-2023-52160,0,0,26d003b98163e2d30bad3b1985c8060a1ba805b634cf011a494792cd39c5f541,2024-03-10T04:15:06.897000
 CVE-2023-52161,0,0,b966a3a69a610f6ff3a56147c89455f884597e29aebe81d8c5dff7de80fd83ac,2024-03-16T02:15:08.023000
 CVE-2023-5217,0,0,eb72b7bf45cf830e8dfea06ca9df4012d36de44c17fe08c39232c1c398d1ba15,2024-02-15T02:00:01.650000
@ -236055,18 +236055,18 @@ CVE-2023-52605,0,0,b5af21151183e023d24583c3bc040b304802944a7a957d88eaa5a84d6f115
 CVE-2023-52606,0,0,af178db0080c3115d91a437ab5b42adac2141a98dadd572d3736b5223567f757,2024-03-06T15:18:08.093000
 CVE-2023-52607,0,0,cd279ac76807826cb38ca9326be0382c8b742bd78a6b07422163f9ab0e29e5d3,2024-03-06T15:18:08.093000
 CVE-2023-52608,0,0,cf7b7e55e8f4282fe3aa5b5ec270126b4956cd8a6e010ac62f6f0d8d8eda977e,2024-03-13T14:28:45.217000
-CVE-2023-52609,1,1,1ec7b2b7f0b5830398bf496ede77a85c956636f5efebb34c5821c74e87de59fb,2024-03-18T12:38:25.490000
+CVE-2023-52609,0,1,5a93294229995e2a4fd0c0710115cb39659d67dc947f3e36c05eed8712d40cb2,2024-03-18T12:38:25.490000
 CVE-2023-5261,0,0,b9a5d5c1665b23d8f490ac5c803287da98c60050898a52b85f908d7910feaa98,2024-02-29T01:42:14.327000
-CVE-2023-52610,1,1,ee1e0c855b5086ee8a6cd69476a115a967c2be78afb4e6bd5609c72193b33174,2024-03-18T12:38:25.490000
-CVE-2023-52611,1,1,40845ba9316514441d1feadb87e0cae62c231f80f18083575a7589f436d9c88a,2024-03-18T12:38:25.490000
-CVE-2023-52612,1,1,86116ad5501f8e16e34b2278435e9f6615fe4c5eca8db57af8a92ccd01f4aeb9,2024-03-18T12:38:25.490000
-CVE-2023-52613,1,1,2559e9a47d0865c6ed91b9b97353a357d5bdc1bc0874c4528461888eaa82e4b0,2024-03-18T12:38:25.490000
-CVE-2023-52614,1,1,9a47e5fa010c233eb65cf265083158848e74b2ac98bc88ba47dba336f5d6f864,2024-03-18T12:38:25.490000
-CVE-2023-52615,1,1,ae2f588dd944919ccefd8f117b5857b1dee371d6c0136e4afa363298576cdb9d,2024-03-18T12:38:25.490000
-CVE-2023-52616,1,1,d46a36daaf39a6933f1934dcc804e0dde6c24dd892af8eba3e365f7799c5e226,2024-03-18T12:38:25.490000
-CVE-2023-52617,1,1,f0d1845e58ea02c738b1ec1e2d288afdea54a1b7b0560563e591cbf8a94d7b1a,2024-03-18T12:38:25.490000
-CVE-2023-52618,1,1,b5911b883516cbd2f5cf14b99d902d8a0925341159df16255394d123241b138c,2024-03-18T12:38:25.490000
-CVE-2023-52619,1,1,f46462caad2b4e4fe7d002d9098d4ea67efe389e422897ccb9b563c086ee66f9,2024-03-18T12:38:25.490000
+CVE-2023-52610,0,1,ebaaf65a540d2d00c4af03f0e9706e60a1009d9da7920c40e2c8ec7ab71ca2b6,2024-03-18T12:38:25.490000
+CVE-2023-52611,0,1,adfea1110379d41eef258374943e124ecab67c2f114c78e000c2827978075fff,2024-03-18T12:38:25.490000
+CVE-2023-52612,0,1,be8ed4f9689fee6a6f6e71f10685bce50996952b147db667defb3c11e0b94b65,2024-03-18T12:38:25.490000
+CVE-2023-52613,0,1,2a6a775fa4fd80939ff842c405dbd6a4a567d8e153ce0381397d1e3184eb21ad,2024-03-18T12:38:25.490000
+CVE-2023-52614,0,1,46ab5264b70e132f94b0fa333da828368515b593552f3aef5f7a80cad8fc4ef6,2024-03-18T12:38:25.490000
+CVE-2023-52615,0,1,b03f1c20882d93ba4b42bf55c3ee735bb7dd825a67b076e419d8b9cf0c5ffa93,2024-03-18T12:38:25.490000
+CVE-2023-52616,0,1,731b6afefc6a8d9bec529131375a0b58acf488391c57bbd120c7bdf51049fbac,2024-03-18T12:38:25.490000
+CVE-2023-52617,0,1,0af55b403517bed7905346887f3a1061bb99bf76dd43932b8429b5d4200ff19c,2024-03-18T12:38:25.490000
+CVE-2023-52618,0,1,140362ac707afd65a2d2b4e8d63e0c86c60c3017e34a4d1e40b3e8d76d4596ad,2024-03-18T12:38:25.490000
+CVE-2023-52619,0,1,af9aacad25e5d44645425bb3e7286e581cb4e42ee1fef053b65f380d7170e82a,2024-03-18T12:38:25.490000
 CVE-2023-5262,0,0,894fcd8d03366c3f74f7ca422533c84f8d2347a01347f60fdf2b57148937c32b,2024-02-29T01:42:14.413000
 CVE-2023-5263,0,0,f725be7f729eda7e17d61afdbcbca4a8848bfa1b71076de4cfece717f5e6d50f,2024-02-29T01:42:14.507000
 CVE-2023-5264,0,0,32d08cc44c26da535bf45da918c6c375eb3bc38f07506a97a8067a4cdac008b2,2024-02-29T01:42:14.613000
@ -237696,6 +237696,7 @@ CVE-2023-7244,0,0,ba207e3262e0671e0b0b028bd6f1a9cad89868b7212853a50edc68e0c8b308
 CVE-2023-7245,0,0,c2b129587df81b933ff7a681e47b41470d61b90df3071adf7be4cf4925974850,2024-02-20T19:50:53.960000
 CVE-2023-7247,0,0,8d068f02ebaf5bd72643a32a0d689f2cf868fd5ca5d3e65bc43aa7d79a215ea3,2024-03-12T12:40:13.500000
 CVE-2023-7248,0,0,09e734b1295b2237baa6a5044b67d7934d675719dcfc6a35e8af5a9e918f8fbb,2024-03-17T22:38:29.433000
+CVE-2023-7250,1,1,66a632d4c0527420525942efb64fa7af3193bd65e91b8b93382c3d7f13965f21,2024-03-18T13:15:06.910000
 CVE-2024-0007,0,0,1173dcf63e36e77ef1ebddafdf32fafcec606695fbc0816f54b661f0aac88aac,2024-02-15T06:23:39.303000
 CVE-2024-0008,0,0,9c41805289fe313f8323749103b11eb8b3211483db37513fd0baf5ed76da3178,2024-02-15T06:23:39.303000
 CVE-2024-0009,0,0,23e936b7b54a2f1e04c46b6a36886ee0c71ffa20e63d224ee54049120613eeaa,2024-02-15T06:23:39.303000
@ -237792,7 +237793,7 @@ CVE-2024-0223,0,0,82b8549c83275d5e5e440d06d3ea99ab688fc5d357cf11f682bf005ee15491
 CVE-2024-0224,0,0,0b1b13349322a1b1a348ce01c31a12cbb5b6bcad47f913ac2b385c629441f3cb,2024-01-31T17:15:30.873000
 CVE-2024-0225,0,0,7271e667ef495355eff72b02b9b3b74f5c9ea735115ad03036da50eae85eb1ab,2024-01-31T17:15:31.230000
 CVE-2024-0226,0,0,e9fe0cef48b7ede56b193a37200026b8d590ab7a37bf0c9ba820a5fea0cd07ab,2024-01-12T20:04:24.130000
-CVE-2024-0227,0,0,293cc6e11acf30e33ff683670fd3450332b171ef136e33bb5c8e28161457aede,2024-01-18T18:32:10.307000
+CVE-2024-0227,0,1,46001c131f6e8b3e1b6b2c76df780095dc7e34f8a17e1dac19dc23c36182f6ba,2024-03-18T14:15:07.283000
 CVE-2024-0228,0,0,ce6c89afac41f61c47db4c38fe10e22e0a81a5c45ffdb1b44ab12c9bd9185c4b,2024-01-09T17:15:12.223000
 CVE-2024-0229,0,0,e6bf7db3b09f9868a2b3df4f8f27cb4ed3c692375e7efc4fb03d84e5d778908f,2024-02-09T14:31:23.603000
 CVE-2024-0230,0,0,0ed95f328d6a9b1575e5cfa228e1d818590393567da3497a9c16bfb4b412b523,2024-01-19T18:35:52.493000
@ -238419,7 +238420,7 @@ CVE-2024-1009,0,0,e9886f135a1904513c5492584e93b480f8123ea54a5646cc63ad7979a09156
 CVE-2024-1010,0,0,21de2d13dbbe9aa75a4792fd36a3d02bbd63262ac6495868a67338c19b09d8b7,2024-02-29T01:43:36.437000
 CVE-2024-1011,0,0,669595c30eb4657a25bcf3a638abdfae088c17340bebe30f08014dbb9d8968c7,2024-02-29T01:43:36.520000
 CVE-2024-1012,0,0,5f9b49ca4d9113130e1f5bff1f097fc59594bf2267da99bbbd213167113297fd,2024-02-29T01:43:36.610000
-CVE-2024-1013,1,1,e150b03e8effe5d408e609c52edc2a97a672ec71e37b752ba81390ace6e6c4a5,2024-03-18T12:38:25.490000
+CVE-2024-1013,0,1,a5be89e9a2d801c7925099c75e9a62fb32eba4a79390dbdac2b6cc9cff719831,2024-03-18T12:38:25.490000
 CVE-2024-1014,0,0,238edcae645caf8c250171c26ca284bc55fd0cc45f1850cc46805f3ee42bb20b,2024-02-02T02:05:39.277000
 CVE-2024-1015,0,0,21a80afc576ae37259c08dd92fbf001f544a22abb5c075d30ace7a2bb3b39c35,2024-02-02T02:04:13.267000
 CVE-2024-1016,0,0,e64ebc3d814950f52294a7bd305cc8a8cd0e3376d4281bf830abdca26d872c4e,2024-02-29T01:43:36.723000
@ -238802,9 +238803,9 @@ CVE-2024-1591,0,0,813b185516fa7310825023c3e019d8a3dad8db3ac6e030a92367a91ad355f3
 CVE-2024-1592,0,0,4582ff945ad5ca026cbf9802fe1ff930654543e6af8959ddb0064a96f357fa86,2024-03-04T13:58:23.447000
 CVE-2024-1595,0,0,0ac9aed2c4ed6b9e7bc181d6ab55412b8033a5bfcbc541a4a4b602392614e428,2024-03-01T14:04:26.010000
 CVE-2024-1597,0,0,0788307c80ba77730580ebf7121ded97ea91ea8a6104800552d5fad5d2571fd9,2024-02-28T02:15:24.200000
-CVE-2024-1604,0,1,25d170839db11f4ea41c632ced8337b5253782b12d340da37d023f63edea028f,2024-03-18T12:38:25.490000
-CVE-2024-1605,0,1,62b019578e70e53cfe423518bffbdacd7e9d2b20a38e1a20493843f48f2c9335,2024-03-18T12:38:25.490000
-CVE-2024-1606,0,1,1dd8d3f4038ab114d7381393cf6ccaa18972b644bfdd0185bedd24c55f77fbfa,2024-03-18T12:38:25.490000
+CVE-2024-1604,0,1,5eb6bfa2b690cdc5042b3cd6683eec4697c9011ce1615c69d454ffb962b9e2b0,2024-03-18T12:38:25.490000
+CVE-2024-1605,0,1,7074df8750d7a162d5543d10d5434be9d2e408e307c5952acb4cd8e797b0b6be,2024-03-18T12:38:25.490000
+CVE-2024-1606,0,1,c36cce5ef22cd77fc10abd764d2af4d1af3e80b0452c270d3845af04c4c46ba6,2024-03-18T12:38:25.490000
 CVE-2024-1608,0,0,9c8b01b69ae5b4c70260d911aff7b2894c96a989ff451b383a0cacb2ffa6ce98,2024-02-20T19:50:53.960000
 CVE-2024-1618,0,0,d4ed9a7b03a6bc2af34446a7f8522f650b18bcab5c93148fbff943d48943d202,2024-03-12T16:02:33.900000
 CVE-2024-1619,0,0,3bd1c888593742e1605642ab3506d543678d2b012b17cc6ff867249b1db44054,2024-02-29T13:49:29.390000
@ -239027,6 +239028,7 @@ CVE-2024-20016,0,0,80024ff8e99187a55862476b7a1fa004e8ed2b1221aac982c2942f3999dce
 CVE-2024-20017,0,0,dfb161f2493dc4c9c4d67e5f43fa0163e6299a3fa9fb242cfc4b241fa6efa012,2024-03-07T03:15:06.853000
 CVE-2024-20018,0,0,060e94f1f67218b58edc686e8afff12c99a5552b426bbeca712b84bcc6b9041c,2024-03-04T13:58:23.447000
 CVE-2024-20019,0,0,2aec18f523103a91e5994a317778861c6df1426e85102dcef981ee4d0bf565cb,2024-03-04T13:58:23.447000
+CVE-2024-2002,1,1,af4e8b6bc50d477a0d6074b0b3a5e92b5b8d13dcb7e9ca2acb10990df5352918,2024-03-18T13:15:07.657000
 CVE-2024-20020,0,0,f8b41551832b77b3f04e586463c2840096a767204c77040e4a059e1878656bfd,2024-03-04T13:58:23.447000
 CVE-2024-20022,0,0,0b262e2fc8faa09ee594729d81b2bbe63efdabd36c6d4de0a644f3d0390aa963,2024-03-04T13:58:23.447000
 CVE-2024-20023,0,0,2fcfd1c121881290b56706c2bc6ff877f7a261fbee8d745e7b7bb4cdfe980f04,2024-03-04T13:58:23.447000
@ -239193,7 +239195,7 @@ CVE-2024-2075,0,0,2beaacabda2667a69b2e9a569fffed920e74cee8944931393d2178dcce4206
 CVE-2024-20750,0,0,5cddf8a3a2bd619a95576bd7ac518a9a2bd0be1c8d28ed40e8010a951f4b5862,2024-02-15T14:28:20.067000
 CVE-2024-2076,0,0,e7f4f1eb9d4801b159e19e6958b03336e4a3f4c5f2daffd2429350dcc008cebc,2024-03-01T22:22:25.913000
 CVE-2024-20765,0,0,0bc0d6bebc7d0e3e5238fdf4ab0750cdcca06992066d14fdc4f2a56816d15cff,2024-02-29T18:06:42.010000
-CVE-2024-20767,1,1,c5c5af529a4cf50a35ecc8212e19f71560e769e33252f4d68e58edb47051acdf,2024-03-18T12:38:25.490000
+CVE-2024-20767,0,1,2f9f61b60fd0f122ed1c1348df04236455af6358ddef21fe50e4123b4febd83c,2024-03-18T12:38:25.490000
 CVE-2024-2077,0,0,9a4b96c976de73d6d8f579a225f4ba6e55c8a8791cc5d9d9f141b958b0074a4a,2024-03-01T22:22:25.913000
 CVE-2024-2078,0,0,c5cf1f8224dc1437cc5c72b4c20f193ca60f923ea1195c1e3b8d6f13446a32c9,2024-03-01T14:04:04.827000
 CVE-2024-2079,0,0,d19df912ca8f24c4783570207f7ead00a2f333eee11795e142007ff6a5180cfc,2024-03-14T12:52:16.723000
@ -239608,7 +239610,7 @@ CVE-2024-21815,0,0,77643bc01852fedba42660856307ea92e48bb3e3a61f220c8468619481001
 CVE-2024-21816,0,0,1c59ad824873b45e692308f55039674fb26186a48eef31c5167e14b30ad2d48e,2024-03-04T13:58:23.447000
 CVE-2024-2182,0,0,14bda1bfcdbdf6b080e85345ab2fdae24b0366e1f08f909e690ef4866c4d1dff,2024-03-12T17:46:17.273000
 CVE-2024-21821,0,0,4c3f841f13791c81362ea564b3fbf92012289121b1ae208771ab4f8c8efda3a4,2024-01-18T17:08:35.830000
-CVE-2024-21824,0,1,6578f1c255bf92b3227d0fe6cbfb40e3cb2e59e3f57b8afa73116b5698d99b20,2024-03-18T12:38:25.490000
+CVE-2024-21824,0,1,3bddb01433a875d84e1ff57d3fa88062c16a6aea3448fe5a7afcbbae2986da28,2024-03-18T12:38:25.490000
 CVE-2024-21825,0,0,863f3bb0e32138d36771cc5631b2bee7f6404deacea520723a59336b368d85d0,2024-02-26T18:15:07.390000
 CVE-2024-21826,0,0,86b5e9b280063a0ae27fb6d21bc17eab887de733b019435029a476d441c4590c,2024-03-04T13:58:23.447000
 CVE-2024-21833,0,0,d495db7ecc3e5eea6a844ebf68934df72f88808ddb4472cc88d71eac4c0a6284,2024-01-18T18:26:59.627000
@ -239891,7 +239893,7 @@ CVE-2024-22463,0,0,5b884681f5c1cb31ebf38842df7c3075a8e9d98da101d1e4ec4faa1ef09b6
 CVE-2024-22464,0,0,890f63b91e1207e51dc2d0fc686f763deb067d6410c523bfc64d52071d75be15,2024-02-15T05:03:27.617000
 CVE-2024-2247,0,0,b52dba6f68142dbeca56f2f1bf8b23a5401066ec4f0585445fe0cb42ba284eff,2024-03-14T10:15:07.027000
 CVE-2024-22473,0,0,ba695bcad0bbe2cba422f3053697429916506f0f0ce55f150fe9af4a818e1f6b,2024-02-22T19:07:27.197000
-CVE-2024-22475,0,1,4c4064dfe279df3915cfe4351b34e2203987ab9678ccd5088b1ed534013ef14b,2024-03-18T12:38:25.490000
+CVE-2024-22475,0,1,0731764c36503d08ce16e32f1988cf42ad9d113053cd70f3c3f861f6ae04ccf2,2024-03-18T12:38:25.490000
 CVE-2024-2249,0,0,cf7e9c481ceeab4ebea44cd6aa64f5dbe4abd16900b5ad6fea6a1dcff54afc44,2024-03-15T12:53:06.423000
 CVE-2024-22490,0,0,36caaa8caefc70cd3fb65a62a9488b2446e68d14844d0a61d7baf757d2000caa,2024-01-29T22:48:35.493000
 CVE-2024-22491,0,0,99c25b0ff8de89fe3ebd04368e499e7fe9b3820707560bd21fed90048934c0ad,2024-01-23T14:28:45.890000
@ -240273,7 +240275,7 @@ CVE-2024-23553,0,0,51ea2d50cc1ff4dbab518de2a29e9ef6a91bd6b91073c23eb1a7f0cb7c8f1
 CVE-2024-2357,0,0,313587ca8b6b7919815ba797bea441002843b5151b56a9603272699863c7c655,2024-03-12T12:40:13.500000
 CVE-2024-23591,0,0,f4c08614f6a162f49ecc99f020c088036b0b565e06b57796e1304b45ae78e59d,2024-02-20T22:15:08.353000
 CVE-2024-23603,0,0,fa877b171423c355baa3228ce2c605e41edbf822a3508567d7754cb447355052,2024-02-14T18:04:45.380000
-CVE-2024-23604,0,1,e59b2fef3e4403b54421820ae361a45c51d8d110d838c4f169f6bbcd20d8405d,2024-03-18T12:38:25.490000
+CVE-2024-23604,0,1,760bd2ccdc3dff1dab3cc8af2bcb4408e0ff89553b2b7d9d0cb5ed9c08f6a616,2024-03-18T12:38:25.490000
 CVE-2024-23605,0,0,6357ef47a85c4e22049db0926cbddeb8bbc82cdf2a1a81b5a28ca15d9cbb7aa0,2024-02-26T18:15:07.673000
 CVE-2024-23606,0,0,598e3aff4ae1bfd2aada0c773944509bbb201f8071a41b1a5b9e3c7372eb5aae,2024-02-20T19:50:53.960000
 CVE-2024-23607,0,0,8fbc2564c100ed17fa897212d565c049df0409466e1eb4358411ecb3ce547801,2024-02-14T18:04:45.380000
@ -240578,7 +240580,7 @@ CVE-2024-24202,0,0,1d105bed1b9a63d735bee37efd6d6c425165a2cc4b28137df80d69159f445
 CVE-2024-24213,0,0,2bfc81b7a3f58a2bff005a4738a275e99e1d9966d545c209bcf9c96774c75b4f,2024-03-05T02:15:27.493000
 CVE-2024-24215,0,0,d3883dc710155bd950a18903f8aa5eb2eda59d1e9725a4303b203ea7778b78f1,2024-02-15T18:08:47.813000
 CVE-2024-24216,0,0,3c3e699d8ba3256f67c55852e9ef2e3011cfbebba9e6c02139e656f08115b8a1,2024-02-08T13:44:21.670000
-CVE-2024-24230,0,1,bf139fdd38db03479f7a2f56ec7f5e6118cac58f85cba8561f268b1ddc0f6335,2024-03-18T12:38:25.490000
+CVE-2024-24230,0,1,ed6d69d70561399663ef8e2e33150b56625833d6257f46ca8936cf12e494e1dd,2024-03-18T12:38:25.490000
 CVE-2024-24246,0,0,bc598f9753d5ea601268c824c614eb035554042dcf5c8d2ed6a002f1d526ccfa,2024-03-10T04:15:06.997000
 CVE-2024-24254,0,0,9339820ae71b7b870d84000911554e2e5f93e1c4ab945fdf5145aa252036f9c2,2024-02-15T18:46:57.737000
 CVE-2024-24255,0,0,2085b0cb468b304c9118b3c0b0e3b0cf89bfb225076d95ede49b5c87a27416c9,2024-02-15T18:46:41.247000
@ -240660,7 +240662,7 @@ CVE-2024-24512,0,0,03c51f88444f0be6fcfaff8e371681e3a1a1d007832a9bf8fa7088f13cfe5
 CVE-2024-24524,0,0,40ecb02cd326bdc34833c61cf5eb3e9f45f526d45502f51591361c36d1938c63,2024-02-09T16:30:43.830000
 CVE-2024-24525,0,0,13b50b322b70c1ba78c523473a9882b44cc13b59455e3e47dd336806a91a1148,2024-02-29T13:49:29.390000
 CVE-2024-24528,0,0,184f3e16e059f6b990b79bbe85c13104f1b7059f71d8a1713060531c24aa2c42,2024-02-26T19:15:07.247000
-CVE-2024-24539,0,1,7f9ccf3aeb194dbcadb7e7c711b93d67a684f5cb9ef05c7df05a6ce3579b487e,2024-03-18T12:38:25.490000
+CVE-2024-24539,0,1,f93dd0b0f28d93142ebc045d2b13c802b69814cdafc34403acf2ae3cd69400ec,2024-03-18T12:38:25.490000
 CVE-2024-24543,0,0,f516e88d85199344e1e2c4ae69468b4de7248951f71da4710fc97171a286ff1a,2024-02-14T17:13:32.827000
 CVE-2024-24548,0,0,9dbe1af5af4a9b865bf88b2a305b739ac231a7ce95c9c8ed04344b3144708c91,2024-02-08T18:53:14.107000
 CVE-2024-24549,0,0,40c63234666e6fbd8dd5cc33724c32e6d1287bfca86653230a25093c5deda2c2,2024-03-13T18:15:58.530000
@ -240868,6 +240870,7 @@ CVE-2024-24942,0,0,98967e5f253d2f0e2d6c9adde01d5feb324664bac3fce3b7b875de585c555
 CVE-2024-24943,0,0,cecde2b734965816be739f7278af2a22cd088f91f77e60d1e6c087126d44acbd,2024-02-09T01:03:03.970000
 CVE-2024-24945,0,0,c6e7443a15ad58b887b66a1afc517e5c6d2b064a4aecae431013860646a47dfe,2024-02-07T17:14:48.630000
 CVE-2024-2495,0,0,704e0eccf79a3eaa1e0904a49ae6e32da1f32f362ded8eff15167b9559341603,2024-03-15T16:26:49.320000
+CVE-2024-2496,1,1,09054941e8226a9e3c02dcc112cbb73a0f51915849cbe8de35435d328f9200da,2024-03-18T13:15:08.207000
 CVE-2024-24964,0,0,3c015ff9319add283b75ba9284dbb0964a9d4ce7edb50d2870b6147733f7e6d5,2024-03-12T12:40:13.500000
 CVE-2024-24966,0,0,b8b1142fa7a04127bebdbfe2d935a3fd815c1f2bb5c99e70bfcbb30576800e5e,2024-02-14T18:04:45.380000
 CVE-2024-2497,0,0,4a9759d81fa75d4097bff88e6e2682d977305d7a40dc7d2d14a7c385dc42a747,2024-03-17T22:38:29.433000
@ -241176,26 +241179,26 @@ CVE-2024-2573,0,0,de1a2a1cf4e8ef16f87ebea5a561eac940ddfce289df7fd5f1459fc536f370
 CVE-2024-25730,0,0,70855abe305d0dfeeb202d7d3e0222d8c78a13e99e14d9706026a5f359efacd5,2024-02-26T13:42:22.567000
 CVE-2024-25731,0,0,12f10a210f08c80cc0b13af611399517c9199c1982133ea9d0862af74a2a1634,2024-03-05T13:41:01.900000
 CVE-2024-25739,0,0,950aa9620985a2c8df1dee08ed10faa0394d7dbb50bfb07f9f6b4659211920e9,2024-02-26T21:13:34.897000
-CVE-2024-2574,0,1,489d12064476cd3960c1b9d8f64bcc393653f5b7362134471aae726c860c1ffb,2024-03-18T12:38:25.490000
+CVE-2024-2574,0,1,8f049969296757df0c4cfeef1142c71dc028100146cdb01ff9ba0fd88a2d6eb3,2024-03-18T12:38:25.490000
 CVE-2024-25740,0,0,e49082457da2ca822066645fd01741e2b46dee6a85b6e915fd169e8229594e99,2024-02-26T21:11:27.837000
 CVE-2024-25741,0,0,f1234f859d02ff2a7aa2753dc2a1e43b929acf864167d8c3c5522f3098d24837,2024-02-12T14:20:03.287000
 CVE-2024-25744,0,0,4b0b476da30d39c3d73f2f74d7d6a3fe7e372d371ce439923d15b6b4e22ccfeb,2024-02-12T14:20:03.287000
 CVE-2024-25746,0,0,5d39c9cb27e2bd00967bd4ec89fe88bf22de477dd4c75b89dc38553966ec146d,2024-02-23T02:42:54.547000
 CVE-2024-25748,0,0,538a825e9b3c762e7399aa6e8e3620bb14adc4b7f457092ae0e7d0bdba4a75e0,2024-02-23T02:42:54.547000
-CVE-2024-2575,0,1,f7bb5ed4e3293e7d47a1d33395d6e166a3b78b75a117f37899305f78a869d856,2024-03-18T12:38:25.490000
+CVE-2024-2575,0,1,81fa8ac15844af6f3e633ac7cffc6f61635c01510ffa30861b4147e7b32991ff,2024-03-18T12:38:25.490000
 CVE-2024-25751,0,0,395becc114c34ed66ca0b69212e22c009bdd05d997290a2e353e3ceaba1432fb,2024-02-27T14:20:06.637000
 CVE-2024-25753,0,0,485cccebfe5fb0bc8a16c4251d09565dde29abb5cf6084c6575e818887f703b2,2024-02-23T02:42:54.547000
 CVE-2024-25756,0,0,4f12516b1becc36f368c255854438cb309da839dc9385f2dc823c401d0d48621,2024-02-23T02:42:54.547000
-CVE-2024-2576,0,1,ae97ec54e5cf669b3cae8a0d91b4eaee2c46a60819e7862f191324e9dc28d58f,2024-03-18T12:38:25.490000
+CVE-2024-2576,0,1,697ea1ee8e5dd6ce72a6e29642525ff476eabaf1b42f118966ca95b026d62958,2024-03-18T12:38:25.490000
 CVE-2024-25760,0,0,255ca6230bb354f98509c01959da5b0923f549858d798f3db2290377395c8140,2024-02-27T15:15:07.820000
 CVE-2024-25763,0,0,449253544ddeb38e4327642a9711026d85e9fd1e23016db2d903615337918cb9,2024-02-26T16:32:25.577000
 CVE-2024-25767,0,0,5e5d85efb5a949e2d407dc5470a1026f931741e6d3d19a638a7a6f425b54dab9,2024-02-26T22:10:40.463000
 CVE-2024-25768,0,0,80ced9e42f994d6a00a0057cb00581829176f61a4dfa1e97abbae3afb8561c8a,2024-02-26T22:10:40.463000
-CVE-2024-2577,0,1,0201916e3ec6ab1c48d4e8137c25d7ff69789531ea1854a3511430fcb635775e,2024-03-18T12:38:25.490000
+CVE-2024-2577,0,1,765383c7ce3befcdafbd611c5dc0aaa9109bde875ad3603ce73b89c6e77c5b3d,2024-03-18T12:38:25.490000
 CVE-2024-25770,0,0,d105bd95abb6afbf92cef5c1765f81d4416c38d2a6067fe6216eb1ee17388748,2024-02-26T22:10:40.463000
 CVE-2024-25801,0,0,86d0a2f88d637a38d728e68507deae5ad1ee66b74383784e4b403b33b5149a86,2024-02-22T19:07:27.197000
 CVE-2024-25802,0,0,cb029cdbf03ee0051152f36415381bb55ee304fcb50819490e22f017c52403c6,2024-02-22T19:07:27.197000
-CVE-2024-2581,0,1,849caff13b2da8cd59c8ea02b135aebf16437628f0d1590cf850f052f2f0edef,2024-03-18T12:38:25.490000
+CVE-2024-2581,0,1,e5d978fb065d88f1c5cb9ca2ded42b0cb258ce625f0737a571863b0793be45e1,2024-03-18T12:38:25.490000
 CVE-2024-25817,0,0,8244c17ffec667dd25976664571f96aed86930fb569e330976ea19223cb10648,2024-03-06T15:18:08.093000
 CVE-2024-25828,0,0,92587cac273321dd48e48a5d2c154576da6b3b44017a5ef2ceb5bc8263a5b565,2024-02-22T19:07:27.197000
 CVE-2024-25830,0,0,a69b2c428d084da5de639d84fab9ebf1369360f9dfa15a26056f1d306db52180,2024-02-29T13:49:29.390000
@ -241203,6 +241206,7 @@ CVE-2024-25831,0,0,e6995f9867b7e41afa369870aca342235bd7ddf3efe7447219c425363101c
 CVE-2024-25832,0,0,9d2448eb4df2acb9520b971dac543ec3a58022664ea596f51d450af455a4a255,2024-02-29T13:49:29.390000
 CVE-2024-25833,0,0,f5b8298abd8d6e60f8b7cafbb5c01da5cffc328a1deae6fbdb89a49677ac9797,2024-02-29T13:49:29.390000
 CVE-2024-25839,0,0,9fde1dc4480440814ae61d62a3a26e5cedde22eae2d4f1cb0a50bc9b2bfba739,2024-03-04T13:58:23.447000
+CVE-2024-2584,1,1,ef79ffbcffa2d36105d926635338a17f9082e1672f3804fa34fcee17beeb5d05,2024-03-18T14:15:10.060000
 CVE-2024-25840,0,0,1b945b9d77ffa363326ba7a81eb832db407f035000baa507c590345e68d35eb7,2024-02-28T14:06:45.783000
 CVE-2024-25841,0,0,68861890e9a4b19f217e7466d0ed9c3a811460f0b0344fbff212d627836baa83,2024-02-28T14:06:45.783000
 CVE-2024-25842,0,0,69ecc39e67a145dcaefe5a27a2641e193ded385ed9947ef343cfc7fa63988554,2024-03-04T13:58:23.447000
@ -241213,20 +241217,25 @@ CVE-2024-25846,0,0,791892074378586f6e72d876eb913d9be7b52687ef7c4f8ecef30d90d9043
 CVE-2024-25847,0,0,3ef11c19c61f974f609d7aad1c236864e0c5c70eed994d9ec6e1f8ca02f84a07,2024-03-04T13:58:23.447000
 CVE-2024-25848,0,0,5895359e1a5386228352b229e7b9653c0bf0c5830f471332dfc6294d51c68c9c,2024-03-08T14:02:57.420000
 CVE-2024-25849,0,0,fd6a8a3b861265723369727f5c31932283295a2905dc4ab7ca20ef4c116b9249,2024-03-08T14:02:57.420000
+CVE-2024-2585,1,1,afa5f60f924c969c00e2f38360482cf78e98390f89497e7edcab44057f81af96,2024-03-18T14:15:10.290000
 CVE-2024-25850,0,0,692066b7b812d3f581962a79e3b9fc15f6aba377d7bab52c8307a8f270f93599,2024-02-22T19:07:27.197000
 CVE-2024-25851,0,0,bd0046433b2fafcbbbb1e5febcb4c1f8638f8ee71fb735a659aa488f84a496bf,2024-03-11T22:15:55.150000
 CVE-2024-25854,0,0,46fbf43a98bd39907390458f316c987060b7ad9ff54021918a7edbe500e3d2d7,2024-03-12T12:40:13.500000
 CVE-2024-25858,0,0,e3703a6486af47542a5758b9a0dbed02e4c149644fb605d74af0ebc4b01ef273,2024-03-06T15:18:08.093000
 CVE-2024-25859,0,0,535afe19fadca146fcb852c884e13f1f96dd0ffd0b267def3f0a58c94171106c,2024-02-29T13:49:47.277000
+CVE-2024-2586,1,1,71461fd2dc6fb9132ab598cbb3b5709e91cb485da80e94e8589bff8c333b2928,2024-03-18T14:15:10.540000
 CVE-2024-25865,0,0,3c1600c9938d3c741a0c565875112497fc6aab8ca57710df7f556dbbd2f4c5d8,2024-03-04T13:58:23.447000
 CVE-2024-25866,0,0,9bc37773bde3a2ace3609430b84db3f157b10cdf405491b3720aaee30ab1d883,2024-02-29T13:49:47.277000
 CVE-2024-25867,0,0,c245bf99284b583dd6d6f394a291153c7419973184645ffe8ce7f995e790edb9,2024-02-29T13:49:47.277000
 CVE-2024-25868,0,0,0fc54f1b27430db21bde2639b7483c51dd4c0b0521ccb0390851a182ef6e1152,2024-02-29T13:49:47.277000
 CVE-2024-25869,0,0,0d5eeb2b9328adc34189218137d2c1dfed2ff220b6469494c310e175957e64e9,2024-02-29T13:49:47.277000
+CVE-2024-2587,1,1,1edf65329674c0e23aad47f4a9968ccea5b88df432b13e3454aed79cd2d625cf,2024-03-18T14:15:10.763000
 CVE-2024-25873,0,0,0d00d8a1d23a0719509a7d29fc64faab829e5b4fd72f25b3d7d5b749988c48ee,2024-02-22T19:07:27.197000
 CVE-2024-25874,0,0,c67f160f3c27cbc54ea92a7ec295f97482b455cdca37a9260baa7675e158d33e,2024-02-22T19:07:27.197000
 CVE-2024-25875,0,0,608f7755870a8aa258b56191092c30d0afe004260c74899a36d847da48d40e02,2024-02-22T19:07:27.197000
 CVE-2024-25876,0,0,449399bb672d548b9fbebcdf58313ed5b551f2cae9eb6f9764b58d340b78d3b3,2024-02-22T19:07:27.197000
+CVE-2024-2588,1,1,d2ba7d41f63e4c74fd1fc343be24ce56b53a615d42dea525c8170ad65cd82ea6,2024-03-18T14:15:10.993000
+CVE-2024-2589,1,1,d577dce7ac351f62d395c1d3316ffbb9cd7df63afdc05a7219127ca14df64e4f,2024-03-18T14:15:11.230000
 CVE-2024-25891,0,0,1d4fb846347c4fce2d099b1b449f6cea853105c3cddd092653a6cbfd7a5985c3,2024-02-22T19:07:27.197000
 CVE-2024-25892,0,0,d5eb7cbaef193130113dea5e6beb63258fa7b073f0362c1bbe4a05fdb4068bbe,2024-02-22T19:07:27.197000
 CVE-2024-25893,0,0,5642f0f46677a910d3d73c8e0abfe4e479d0474cb91c1c82456b8856dcb6e899,2024-02-22T19:07:27.197000
@ -241235,35 +241244,44 @@ CVE-2024-25895,0,0,5b088a87dc9f1b3e5fc24ce5ea7fa47aa04ec0c4520a1d07196e391ba8413
 CVE-2024-25896,0,0,f55c9c64ad19121e3ab1aebe6a3a8ad1fcc3aea7c8b133b7d4dba349936cf181,2024-02-22T19:07:27.197000
 CVE-2024-25897,0,0,7355967a2f8f961b6aae905351229b3a4b9981e5096de187d75a24765f83e9fb,2024-02-22T19:07:27.197000
 CVE-2024-25898,0,0,5b2e5226b41d7df3ce618999c326ef88c4768b8f6b35f7a08f013e6657bc527c,2024-02-22T19:07:27.197000
+CVE-2024-2590,1,1,2f2bc431f27b84f66029ebd230b3f4248a2b5bb4ef4e972ee0f744ea60d20082,2024-03-18T14:15:11.517000
 CVE-2024-25902,0,0,236bf8debc0ae08f316e50d56ce86f0bb5b477845b162f0db1d908c2d82ec6a6,2024-02-28T14:06:45.783000
 CVE-2024-25903,0,0,a7c6e3dbc3d074ae7894c279c8700a421c95ff81c0e0990d2286e2b53353d8eb,2024-03-17T22:38:29.433000
 CVE-2024-25904,0,0,23057eb868fb6ef813adb121f092708ae4c9eb590cc6f60a0c49f9da8fc586df,2024-02-22T19:07:27.197000
 CVE-2024-25905,0,0,de6faa22e80faff2b843a7c54255948d4a317197f60d39a73386687f34e33de1,2024-02-22T19:07:27.197000
 CVE-2024-25909,0,0,3ba2f9224c25e528dd9baa9d19b1b5a4c57f72f3b7732d1df9cf0400b370fd04,2024-02-26T16:32:25.577000
+CVE-2024-2591,1,1,760e20615e00edd65756c9a43689c2b9ba11bb53f0ea0a18e663180a9b36f67c,2024-03-18T14:15:11.747000
 CVE-2024-25910,0,0,46915ce767477cde79dec327c420fb80a93ebb8584c8668c193e9ec22215e12b,2024-02-28T14:06:45.783000
 CVE-2024-25913,0,0,adbe1d51d998e7755c9e21c2f8e4899af91a4a0cc057128b5afa1c44996ee3fc,2024-02-26T16:32:25.577000
 CVE-2024-25914,0,0,6c21c235c508fdd4e37939a7918e64e3dd4e50979a576bdc305d842a25f11a05,2024-02-13T14:01:07.747000
 CVE-2024-25915,0,0,2b3eb3b61519c3cc7ec9c696d86f766a5ba91455b2def2592d7df0099d9b76fa,2024-02-23T16:14:43.447000
 CVE-2024-25916,0,0,fd67fe38751dcee5e685d1168694fd860012e656006cfe93ceab898ad49c641f,2024-03-15T16:26:49.320000
 CVE-2024-25919,0,0,5218810224fbf56f6083cabf959c1cac12534ba7273f9a4eb37375eb636b2ae1,2024-03-15T16:26:49.320000
+CVE-2024-2592,1,1,785f96950df76b84dde50113a0b792fe7907144088ef15f851dde66a40d25610,2024-03-18T14:15:11.987000
 CVE-2024-25921,0,0,aafe4e8b3e8f047fc939e364c43e005d94eff7eb4d8c733629d0e6fc6ded5cba,2024-03-15T16:26:49.320000
 CVE-2024-25925,0,0,01bc086e03bbafe0dfede980aebb8a87a98cfcf8d010c13e69a9feac35eb7490,2024-02-26T16:32:25.577000
 CVE-2024-25927,0,0,70ec221cb23fdd951e839b39a19a816e5c7a4881399308a30cbec9cd2c6f2d65,2024-02-28T14:06:45.783000
 CVE-2024-25928,0,0,a6060327df403c3c616b275f710271564f7f2534d45ed96b3571c5b2e5121575,2024-02-23T16:14:43.447000
+CVE-2024-2593,1,1,62df4b6fe14cf4979ef1e7fa61b91eb71817399a43b6cd9efb93d25749315151,2024-03-18T14:15:12.233000
 CVE-2024-25930,0,0,0ab8711195d4ca59bae23faf5b938c4832c53808527b8c4f0842867494c69bd3,2024-02-29T13:49:29.390000
 CVE-2024-25931,0,0,cced732a62b8661206eb106d5ae979a2d16189f2911f7eaa9ca025496e8df531,2024-02-29T13:49:29.390000
 CVE-2024-25932,0,0,b47ba5ecf2a19427a2d0c7404d84cf9b82c7d738bc913534568255e83139261d,2024-02-29T13:49:29.390000
 CVE-2024-25933,0,0,093a19179e6e045a94069a9cabb14922ac900e3b53f12387034c6f0b19d4fd7f,2024-03-17T22:38:29.433000
 CVE-2024-25934,0,0,abf29b2c8bd2941b97b5a50ee19174b7389e9c0ccc1df25f4fdb8e591190b306,2024-03-15T16:26:49.320000
 CVE-2024-25936,0,0,8effd82663b8db2d960ef33e023d14a22fda9a759a9ee34ebfd84341bfced171,2024-03-15T16:26:49.320000
+CVE-2024-2594,1,1,8d0e60263e9d1df0dfe5397e8235fef6bffd034f732fb2bc80b2f5bbf398305b,2024-03-18T14:15:12.463000
 CVE-2024-25940,0,0,81faf8084be28ad3443bfad1349de788b40c215e318cb61e901b3079aac1c24e,2024-02-15T06:23:39.303000
 CVE-2024-25941,0,0,ca1cef65d30f17057b47421c2700ecf50e418e7bf4da35eb3fcc2989f17ef1eb,2024-02-15T06:23:39.303000
+CVE-2024-2595,1,1,ee5176c200f8dda29d205e4c1764410a95ae82fbc834213252dc31ab615bd671,2024-03-18T14:15:12.673000
 CVE-2024-25951,0,0,4cab9db546da1535e7f7aa83987aad28b8aa7aeb3328d636aa2cd78c27a2b2c1,2024-03-11T01:32:39.697000
+CVE-2024-2596,1,1,2c286d5bf8d1108583acc197f1e4e8fca394d8dcaeadf5dc3866d1eab26aa184,2024-03-18T14:15:12.893000
+CVE-2024-2597,1,1,8e035301a8fb6fcf314d19de553a927e5d9ab5b5e157def5d316a42077076d1b,2024-03-18T14:15:13.140000
 CVE-2024-25972,0,0,03be68c424c2117dfe63b169d17d7f8ada85eec42d35f349ee6876cb9f658b31,2024-03-01T14:04:04.827000
 CVE-2024-25973,0,0,fca2cd3fc869e318a8dbf83dd06094ef0c34286b7d421da7c64a9a5612af38b9,2024-02-21T07:15:58.040000
 CVE-2024-25974,0,0,455908519f9c0b510f9276a34d5bc0fdc3808298a4e41e75f9e5535d39103827,2024-02-21T07:15:58.427000
 CVE-2024-25978,0,0,6077c79891dbc19bf922b49d852065c4a1dfd37d10fb26a09b28d42f35261fd6,2024-02-29T03:15:07.067000
 CVE-2024-25979,0,0,54389df32681b67d0271053d5468c723702b0207bebd7d9efcae97308420413b,2024-02-29T03:15:07.143000
+CVE-2024-2598,1,1,c31b729b365dd11fac5034e62a24c6a3c2dcb27d6fef24b49dcd4e08a52be214,2024-03-18T14:15:13.383000
 CVE-2024-25980,0,0,d14541c9bd05a1639b1a62b0f754591e13211a9cd13e14f154a9be2b3d087e37,2024-02-29T03:15:07.210000
 CVE-2024-25981,0,0,b1e3e7b3112b200a12d00f066add816f7584aa68dc501d60e52b5fde4e625430,2024-02-29T03:15:07.267000
 CVE-2024-25982,0,0,2ce9a54c1a7816fbeec4bd16145642068435e7c887fd25687a9f7d22cb5d12e6,2024-02-29T03:15:07.330000
@ -241274,6 +241292,7 @@ CVE-2024-25986,0,0,524dde69699a00f5326e42f259bbd049904aeac06efbd78b7886b7422ebc7
 CVE-2024-25987,0,0,7b97ddb07235a3b283e9bef9ea52a9962285138adf03bc897caee778b9c1e195,2024-03-12T12:40:13.500000
 CVE-2024-25988,0,0,967626610e7f6cf765cfae00820122e110bf20596df5a89c9d43e7491c581545,2024-03-12T12:40:13.500000
 CVE-2024-25989,0,0,c424c00d097d8dbf4ed7b8513136f9266e40342fd4d8cd3f599fcca8f7f8fdc0,2024-03-12T12:40:13.500000
+CVE-2024-2599,1,1,eb45968fcd7836b6ccf3aa6246a4f5f0bd035e22842e225caccc8f682b014789,2024-03-18T14:15:13.643000
 CVE-2024-25990,0,0,e554a284c58f02334ee9fe366ade7f64a6fffefec755de7d9701619efe4d9dbe,2024-03-12T12:40:13.500000
 CVE-2024-25991,0,0,c0016f9c1f24bbc851565ec14261d16136d3f8a0f62e2d916f26adb68fb29152,2024-03-12T12:40:13.500000
 CVE-2024-25992,0,0,1f7ad4f72b4c1d712215cee7ed1df3013982ff7adc38636122505d884f3b7005,2024-03-12T12:40:13.500000
@ -241475,17 +241494,17 @@ CVE-2024-26627,0,0,9c09d4f73dbc04e8bf693f2b91f36043cf32b88ec1b0ffef850696b2f5157
 CVE-2024-26628,0,0,42dfef900a5a3b235123f4b602a0e59569ae0b50c5a44e59039017e264e71923,2024-03-06T15:18:08.093000
 CVE-2024-26629,0,0,a8a1fa974201393ac548df2735f5100bbd51b57e895a6e88b4a1674396c6f867,2024-03-13T14:28:45.217000
 CVE-2024-26630,0,0,9702cbab91d4749f3e129e50919c4a071df5e9b36954be9165dbcd1ac3c64739,2024-03-13T18:15:58.530000
-CVE-2024-26631,1,1,ea74f9e6a1883f94867068be393f26e19f0385687584f61f507fd33a7f946097,2024-03-18T12:38:25.490000
-CVE-2024-26632,1,1,d21ca146d16a120a7ba9385194aedce8ba027ac711ac1897453eeb713ae74cc7,2024-03-18T12:38:25.490000
-CVE-2024-26633,1,1,ff7bb5d2e7c8eeb949d4be945c2a6169b624e4d17f257e069cd14094cf4f0196,2024-03-18T12:38:25.490000
-CVE-2024-26634,1,1,571ebd66fabd5357b40076ccbf45d65177a99625ecd10ef6da6971b58e86cd70,2024-03-18T12:38:25.490000
-CVE-2024-26635,1,1,4ba8b5b995991daa8af04e4997c9cc63a9bc66aa9d9f3bdacebc77e793b41c41,2024-03-18T12:38:25.490000
-CVE-2024-26636,1,1,0193e3ef9fdfe04f56c81b6e019a270b05e67f25d109d8edc25a3a17fe302e2b,2024-03-18T12:38:25.490000
-CVE-2024-26637,1,1,e641a1df565cf47c3d34af38008701f3ac02ffcac07e84eeb891960a334fc202,2024-03-18T12:38:25.490000
-CVE-2024-26638,1,1,0887eafd2f5c975ded6d1353d8267418745941d4efd07fa17cbba9398b43986a,2024-03-18T12:38:25.490000
-CVE-2024-26639,1,1,34afe6c9831140ab0f18b63e0782e7fa0f6cb29893234cf53cd4cb5ab8f744ef,2024-03-18T12:38:25.490000
-CVE-2024-26640,1,1,fd342b06c71e257c9820b2866a8a07c06237402a4f5bd5bef9e67f29a2bf2b87,2024-03-18T12:38:25.490000
-CVE-2024-26641,1,1,f851445cf2ba649d1948203d3e96a4070362a834df9024d01178aeef5e16337a,2024-03-18T12:38:25.490000
+CVE-2024-26631,0,1,222d3f04973ef7b8bd710a7add62de2fd6653eb660b6c5918d7c02d522dbc80b,2024-03-18T12:38:25.490000
+CVE-2024-26632,0,1,8b51b67583fc3a4cc3512b8291c6146d1acb8da0ef47e543de910809f49bab97,2024-03-18T12:38:25.490000
+CVE-2024-26633,0,1,f438320eac9948939c03e392a9479a611b897c6c6650527dd0945a6be9fa354d,2024-03-18T12:38:25.490000
+CVE-2024-26634,0,1,9c4a9c8724f91e01af3e835e6f235a5672cbc706f5f1109ef855feafd532f134,2024-03-18T12:38:25.490000
+CVE-2024-26635,0,1,ef0ef4329a3775ea6d25838c212942f9e933ce2108a8101d274cfb68871569ed,2024-03-18T12:38:25.490000
+CVE-2024-26636,0,1,760d91a296e0acf8ba41ea5db2ecf406899fc0855e4062b2617f6fe9e15d498d,2024-03-18T12:38:25.490000
+CVE-2024-26637,0,1,fc892e24bd1b7e8206ffae07359f5a6f79726dc219d9822d731828992a4ead1a,2024-03-18T12:38:25.490000
+CVE-2024-26638,0,1,810693405d991f7ccd7a2a1a0260a34b1a9402f77c9d945d74efd33b7925ef28,2024-03-18T12:38:25.490000
+CVE-2024-26639,0,1,5ecaa163a6c77c6111bb006a53c43194195b6cfbe8535ad567a79569fc77c2b9,2024-03-18T12:38:25.490000
+CVE-2024-26640,0,1,5cc6b5e042a5b441f74784080591c7d359381cd13aba12bdf63d6c89fc714c33,2024-03-18T12:38:25.490000
+CVE-2024-26641,0,1,d0ed2cdfb0ff7417cb869a8d4b0f844e96cb33626fa12ef7a8d145f64e7e59f2,2024-03-18T12:38:25.490000
 CVE-2024-27081,0,0,47d3ae55f3dd6ab1587375b5a2b7c0ac715515add555c3e7f6d75a8a181b7509,2024-02-26T22:10:40.463000
 CVE-2024-27083,0,0,7bbff1c1de69dd1832a650b6712070018b44593bcae8cda4ed320989a44fd4d0,2024-02-29T13:49:29.390000
 CVE-2024-27084,0,0,9d9dc56eb44342ebdf65f8df5857c4a42b535ee96f2998cb21e8400366ec79c8,2024-02-26T18:15:07.920000
@ -241636,10 +241655,18 @@ CVE-2024-27744,0,0,c100d4ba8f49a307e8f166c43dcf72396c641c27bc5c30f424e004f4b4c33
 CVE-2024-27746,0,0,6f3ddced2e2b26bef51987507b4e7466957a803a9da415c8c1c8b245cafe1423,2024-03-13T07:15:36.470000
 CVE-2024-27747,0,0,eff635f872515818dfe20352d610bb047327d7f6971e953c63bc92feb6bf3ebe,2024-03-13T07:15:36.523000
 CVE-2024-27756,0,0,aebfc12c95eee1aa3d95acbf6fc8b0650b6e3d2e490fe1817d1c49f0782fe0c7,2024-03-15T12:53:06.423000
-CVE-2024-27757,0,1,07174a5a627823d817e9c2c7aa280bba8d93ceb1c307e4a6b34047f26b3a00ba,2024-03-18T12:38:25.490000
+CVE-2024-27757,0,1,758da8d428041fb55cda5e8ed49e42184e30c0310dfccc74e01819218179190e,2024-03-18T12:38:25.490000
 CVE-2024-27758,0,0,6abe87e0a8905ac150ade2fec85250ff5e7fbf580c101c16b193b98f7d58141f,2024-03-12T17:46:17.273000
 CVE-2024-27764,0,0,a6da085213081f41482d74001d5b27250ddae1567bc465fa0f4b1023f8322f06,2024-03-06T15:18:08.093000
 CVE-2024-27765,0,0,c9283b485df441e5cf44e98a2bcaa6921e6b7ae7825314dc1fd3bb862197fb6e,2024-03-06T15:18:08.093000
+CVE-2024-27767,1,1,b08e8658f09ebae9e65a53dd502613b5fd13709d93a18885a5dcdf587ba6ef21,2024-03-18T14:15:08.050000
+CVE-2024-27768,1,1,81d9fa2de26d820a7301567f7d0dc2f02b082ed7183f01654a179fd0b6491ca3,2024-03-18T14:15:08.290000
+CVE-2024-27769,1,1,0e7899554be23253329d92a634c46853d7b5f6b24916d0ecc3d00f5be370d250,2024-03-18T14:15:08.547000
+CVE-2024-27770,1,1,718380401e2d134a65eadad17de7ca36fff8ee50ca84404898d122346bea75eb,2024-03-18T14:15:08.767000
+CVE-2024-27771,1,1,8d2bfc8b9b6c9f1e4fbe6fc31e422eb6591254076d31ca47aa27f1db1f58df8f,2024-03-18T14:15:08.997000
+CVE-2024-27772,1,1,2a7dd88a11d4838df31142595ee403df558c27a70b15f5a7cec7d59845b2d489,2024-03-18T14:15:09.210000
+CVE-2024-27773,1,1,33f2112be66f425843051f3095bf8fb28636132a5683f81d3a6970b93e2e425f,2024-03-18T14:15:09.447000
+CVE-2024-27774,1,1,ce05f7dc40cec557026cc7ccb2c014a9227a2ca8e929edf5019d2f9f6972c754,2024-03-18T14:15:09.703000
 CVE-2024-27889,0,0,a24eb09c70fc8e243900497cf84a2002dc9fb9fdcf0cc7381ab2bee2e01200d8,2024-03-05T13:41:01.900000
 CVE-2024-27894,0,0,249999fc9487c1b63574e09bae3fbcbcdf7b20ef335df69d9151a0f5ea4d74a1,2024-03-13T12:33:51.697000
 CVE-2024-27900,0,0,00f9885d5a06fec36b56a14fdc3be21ddc255c1561a408e91e09aee1b7ac8b37,2024-03-12T12:40:13.500000
@ -241664,10 +241691,10 @@ CVE-2024-27958,0,0,2ee086fb447798c561fd1c831c754d734514f619f6ebb04cf96679cb78dfe
 CVE-2024-27959,0,0,e2d4c3e5066dc506643038067fab6e9f26070ced2f7f327a18ffcd82b243c593,2024-03-17T22:38:29.433000
 CVE-2024-27960,0,0,6ff911c5617586aebae672070284633e223cb5b14cbbc3b1801f17c292900f46,2024-03-17T22:38:29.433000
 CVE-2024-27961,0,0,3162bfbc67900a83a9b4114dba265e7189f0bad8c0ddf2d85f6724674d13510a,2024-03-17T22:38:29.433000
-CVE-2024-27974,0,1,e997f1546d1f2965b8bf1ab635f67c813309fc63eef254915c447dfc85e3bcb2,2024-03-18T12:38:25.490000
+CVE-2024-27974,0,1,c5d12161a6a294fb4d33a068888d07d2dec693f9073d8d47f06182bf4fe2779a,2024-03-18T12:38:25.490000
 CVE-2024-27986,0,0,221ac31a72264e8303bc0dc716d0bcad27f92aa2e3b64824247f9d02601983b8,2024-03-14T12:52:09.877000
 CVE-2024-27987,0,0,ce6fd0b1730cd837f285c0aaaa1258cf6aa8505469e7f313401adb363ee7f395,2024-03-15T12:53:06.423000
-CVE-2024-28039,0,1,cd4ffe7659e92bcb17dbcf1e944fa335282ab081f2ebccbec782d41683ab4906,2024-03-18T12:38:25.490000
+CVE-2024-28039,0,1,9ef35c96ff38e007b2fd4f37c3f1f5b6d35461c4eaa69f2b36faccd438b26411,2024-03-18T12:38:25.490000
 CVE-2024-28053,0,0,e281ed045d826247c32c0ccef204d2c431b80f755e75c928bfd444d7e8497772,2024-03-15T12:53:06.423000
 CVE-2024-28069,0,0,bc55065fc354d40d7b16dc028d30e9ac9c120daebe64d1e74cc55e5aec96ab01,2024-03-17T22:38:29.433000
 CVE-2024-28070,0,0,d9b3309fdc4db05937449ae85d6df93a299898f40c2c79f5bb7988f4ebb25838,2024-03-17T22:38:29.433000
@ -241688,8 +241715,8 @@ CVE-2024-28115,0,0,3e0e705412ec4ecfb9fabefcb95634cd838a6bf7c9c03087d677ba199986f
 CVE-2024-28120,0,0,1945ab744b479cd2a55b16e82913f94d84bcc236918a39e22cfe06aca7010c4c,2024-03-12T12:40:13.500000
 CVE-2024-28121,0,0,6ad3b99e4c8dd1459c44e51d2edc62f08f0aa4d5ffd25ea4a2fe7aa5af2916e8,2024-03-13T21:16:00.460000
 CVE-2024-28122,0,0,3209f9a611aea4804720e8e5b4eeb3a02772982f302e787ac8040299af464092,2024-03-11T01:32:39.697000
-CVE-2024-28125,0,1,8d2068bbf33d8d9f683c668ca640b5088789efc4990906bcd46ad6aaa69bb749,2024-03-18T12:38:25.490000
-CVE-2024-28128,0,1,ef4664596358b3dc6747b9cba3aab3612190b1b010cfc8ac1373f0312ebe3b50,2024-03-18T12:38:25.490000
+CVE-2024-28125,0,1,48170c214569f7f7bd3fe8e6fc82db281b481f061afde6074b351e6aca43c615,2024-03-18T12:38:25.490000
+CVE-2024-28128,0,0,ef4664596358b3dc6747b9cba3aab3612190b1b010cfc8ac1373f0312ebe3b50,2024-03-18T12:38:25.490000
 CVE-2024-28149,0,0,bb1327eb2ceb44ae2cc8e952fde2f54b109f1740591e1ece1b912c644025402b,2024-03-06T21:42:54.697000
 CVE-2024-28150,0,0,bd9c785686979f74fc956d3a9d80b65ba208ec849a10e17a7f0c9226761980a2,2024-03-06T21:42:54.697000
 CVE-2024-28151,0,0,473d59d35d2166d8f0877541c6be6e5f16e5683e6e89c2ed65e060f312f6c9a8,2024-03-06T21:42:54.697000
@ -241766,6 +241793,9 @@ CVE-2024-28430,0,0,bf34fb49e742ebf9176808c1e05b7467ed1662a29a5c18afe29f976454928
 CVE-2024-28431,0,0,148c6be422e12f315897bdd57f5208c74e8137e452c7019eafe29f97f527c418,2024-03-13T14:28:45.217000
 CVE-2024-28432,0,0,4bc8c3df18623e8712ef966fb24c80f6754436b2eb6a0c14d5d3c56f5a161090,2024-03-13T14:28:45.217000
 CVE-2024-28535,0,0,05b59fc574e3ec1a67ffae1023c5999e94849ce19d6ee2f539dda71a994d8b6c,2024-03-12T16:02:33.900000
+CVE-2024-28537,1,1,f93ac1e3854b6eba865b8b1758eeca4520b23892ff70ff696fe3fc0944255f49,2024-03-18T14:15:09.960000
+CVE-2024-28547,1,1,229d1e1314ecb5d8250bb7feb87b02aca4caeca28b92aa916f61df9c7a48cab3,2024-03-18T14:15:10.010000
+CVE-2024-28550,1,1,7e8b9194a6f8f8d08d07a7b11e75eb4313789e49028d421f26f1577f8f62aead,2024-03-18T13:15:07.490000
 CVE-2024-28553,0,0,805b633f3af1b0b015d2f8e90520174ed99391ad33f4ee744bfc3e783d7c9257,2024-03-12T16:02:33.900000
 CVE-2024-28623,0,0,81bda7f177219bd08e3dc69b11f4157e89434624cca7692be3ee54e609ec67e1,2024-03-13T12:33:51.697000
 CVE-2024-28639,0,0,65b6cc24aec9a674f46be0a6c94505e2c7d05841a4bfe3502d5fda7aeef1bb10,2024-03-17T22:38:29.433000
@ -241790,7 +241820,7 @@ CVE-2024-28681,0,0,ed8a4fd064b6b3346412990e6226cbe04bee8a6bd2aaad4671fdcd0478ce5
 CVE-2024-28682,0,0,2c53ed716809a76ded005fd10ac6d93891dbf2dd9f02238c66f1445af60cb8e7,2024-03-13T18:15:58.530000
 CVE-2024-28683,0,0,14fce1fb8fe5dd3fb68153125dd387047f48de59cd587ce41acfe8b0e8fa04c2,2024-03-13T18:15:58.530000
 CVE-2024-28684,0,0,df89c702874c46527da5dc5bf33ec252c05a69f53466623f5ca04f0566a6cd25,2024-03-13T14:28:45.217000
-CVE-2024-28745,0,1,13ca5bd73902fa4f167555a43f26874492a5977b7189d5543243066fed0730a6,2024-03-18T12:38:25.490000
+CVE-2024-28745,0,1,15394cfaddabd1c5537f1c3a0b8bc4d088d58358d421e9d9475a38fad6a5e44f,2024-03-18T12:38:25.490000
 CVE-2024-28746,0,0,4e08f19b517756fb15fbaf966494c1aeec3b9803b4e2b615b4d5a557eb48c84a,2024-03-14T12:52:09.877000
 CVE-2024-28752,0,0,b6856abb589c0fed02798f341901c4f3025e287fced11706e9fa0c89b392cd6a,2024-03-15T12:53:06.423000
 CVE-2024-28753,0,0,73ca850c1b6879daba607bc61d7d16457b56173a47004b8bff799b514a526c36,2024-03-11T01:32:39.697000
@ -241805,6 +241835,6 @@ CVE-2024-28851,0,0,f15187ac52243f1288d6dabed456ab5bd2287b2db60c97a538d0582f4f0ba
 CVE-2024-28854,0,0,8cb03aded6b194ffbf5e93b6a999bfbf01ac8f736343c4fc752b0e38a8bc9f90,2024-03-17T22:38:29.433000
 CVE-2024-28859,0,0,2d0407c7b83f2786a493b842ae3fe3ce3f906494adee8b0e0f61c75557fcb17c,2024-03-17T22:38:29.433000
 CVE-2024-28862,0,0,b0dc40150b0e5f15633ecb26c2614b37fe6eefbb423911349887989b36d78640,2024-03-17T22:38:29.433000
-CVE-2024-29151,0,1,f1dc8d6327a758fb8e40f178dee13719787aa08f09bfc93522e9a3abdd7c9753,2024-03-18T12:38:25.490000
-CVE-2024-29154,0,1,1df6e83c0b461bcaefcccc090cc4be02051bb8dcb63c7951238fdc029ecbdddf,2024-03-18T12:38:25.490000
-CVE-2024-29156,0,1,537bcadb68d9e34c1c7c7ba6e9e3f15ebc32d7fc799651837d556f6c57f22ae6,2024-03-18T12:38:25.490000
+CVE-2024-29151,0,1,ef852a662e1eaee7e15d971ee7451f2c3e954b3d808a30cb9a36bbe68bb24c8f,2024-03-18T12:38:25.490000
+CVE-2024-29154,0,1,dab131c9ff393e828252009730d8617a5e1a4fb5cfb7f2db054056bc6f27c2ba,2024-03-18T12:38:25.490000
+CVE-2024-29156,0,1,98cbc37d07cb77607ab83580cc50ba5a01141613b7a3bb770966a3d6831e2326,2024-03-18T12:38:25.490000