Skip to content

Commit 87d541d

Browse files
aboutcode-automationaboutcode-automation
committed
Sync EUVD catalog: Fri Apr 3 00:35:46 UTC 2026
Signed-off-by: AboutCode Automation <automation@aboutcode.org>
1 parent e99556f commit 87d541d

243 files changed

Lines changed: 10229 additions & 23 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

advisories/2026/04/EUVD-2022-55960.json

Lines changed: 38 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,38 @@
1+
{
2+
"id": "EUVD-2022-55960",
3+
"enisaUuid": "17738b35-1dc4-3909-a56c-90621bf75001",
4+
"description": "Hirschmann EagleSDV contains a denial-of-service vulnerability that causes the device to crash during session establishment when using TLS 1.0 or TLS 1.1. Attackers can trigger a crash by initiating TLS connections with these protocol versions to disrupt service availability.",
5+
"datePublished": "Apr 2, 2026, 9:52:33 PM",
6+
"dateUpdated": "Apr 2, 2026, 9:52:33 PM",
7+
"baseScore": 7.1,
8+
"baseScoreVersion": "4.0",
9+
"baseScoreVector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
10+
"references": "https://www.belden.com/security\n",
11+
"aliases": "CVE-2022-4986\n",
12+
"assigner": "VulnCheck",
13+
"epss": 0.0,
14+
"enisaIdProduct": [
15+
{
16+
"id": "382413c9-a279-3f9f-8af9-b27e065f8e49",
17+
"product": {
18+
"name": "Hirschmann EagleSDV"
19+
},
20+
"product_version": ""
21+
},
22+
{
23+
"id": "945fbe7e-4522-3bdd-b5cd-53112724e59c",
24+
"product": {
25+
"name": "Hirschmann EagleSDV"
26+
},
27+
"product_version": "0 <05.4.01"
28+
}
29+
],
30+
"enisaIdVendor": [
31+
{
32+
"id": "db7a2734-5e4c-314c-9585-1988ecb35a9d",
33+
"vendor": {
34+
"name": "Belden"
35+
}
36+
}
37+
]
38+
}

advisories/2026/04/EUVD-2023-60544.json

Lines changed: 31 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,31 @@
1+
{
2+
"id": "EUVD-2023-60544",
3+
"enisaUuid": "4f5dc3c2-406b-383c-9d1b-bf3efcde9da5",
4+
"description": "HiSecOS web server contains a privilege escalation vulnerability that allows authenticated users with operator or auditor roles to escalate privileges to the administrator role by sending specially crafted packets to the web server. Attackers can exploit this flaw to gain full administrative access to the affected device.",
5+
"datePublished": "Apr 2, 2026, 9:32:52 PM",
6+
"dateUpdated": "Apr 2, 2026, 9:32:52 PM",
7+
"baseScore": 8.8,
8+
"baseScoreVersion": "4.0",
9+
"baseScoreVector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
10+
"references": "https://assets.belden.com/m/4828b7cf8b652105/original/Microsoft-Word-Belden_Security_Bulletin_BSECV-2021-07_1v0-docx.pdf\nhttps://www.vulncheck.com/advisories/belden-hisecos-web-server-privilege-escalation\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-7342\n",
11+
"aliases": "GHSA-9gx6-2p86-g496\nCVE-2023-7342\n",
12+
"assigner": "VulnCheck",
13+
"epss": 0.0,
14+
"enisaIdProduct": [
15+
{
16+
"id": "a4181397-a4e2-39c4-9ffb-901ca57e9bfa",
17+
"product": {
18+
"name": "Hirschmann HiSecOS EAGLE"
19+
},
20+
"product_version": "03.4.00 \u226404.1.00"
21+
}
22+
],
23+
"enisaIdVendor": [
24+
{
25+
"id": "c3522184-345b-38c2-aad6-b323c521f92b",
26+
"vendor": {
27+
"name": "Belden"
28+
}
29+
}
30+
]
31+
}

advisories/2026/04/EUVD-2023-60547.json

Lines changed: 38 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,38 @@
1+
{
2+
"id": "EUVD-2023-60547",
3+
"enisaUuid": "e46065ad-2b74-3504-a74f-ac10852f8ad7",
4+
"description": "HiSecOS web server contains a privilege escalation vulnerability that allows authenticated users with operator or auditor roles to escalate privileges to the administrator role by sending specially crafted packets to the web server. Attackers can exploit this flaw to gain full administrative access to the affected device.",
5+
"datePublished": "Apr 2, 2026, 9:32:53 PM",
6+
"dateUpdated": "Apr 2, 2026, 9:32:53 PM",
7+
"baseScore": 7.8,
8+
"baseScoreVersion": "4.0",
9+
"baseScoreVector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
10+
"references": "https://assets.belden.com/m/774e2db2b0100bc1/original/Belden-Security-Bulletin-BSECV-2023-06.pdf\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-7343\n",
11+
"aliases": "CVE-2023-7343\n",
12+
"assigner": "VulnCheck",
13+
"epss": 0.0,
14+
"enisaIdProduct": [
15+
{
16+
"id": "14184ec3-0e08-38f3-b2e0-0e4a15e5c59f",
17+
"product": {
18+
"name": "Hirschmann Industrial HiVision"
19+
},
20+
"product_version": ""
21+
},
22+
{
23+
"id": "574ead40-7715-385b-b198-7903d449ca9b",
24+
"product": {
25+
"name": "Hirschmann Industrial HiVision"
26+
},
27+
"product_version": "05.0.00 \u226408.3.01"
28+
}
29+
],
30+
"enisaIdVendor": [
31+
{
32+
"id": "c7bbbb30-d981-3336-80ad-d894f3e3f5ac",
33+
"vendor": {
34+
"name": "Belden"
35+
}
36+
}
37+
]
38+
}

advisories/2026/04/EUVD-2024-55521.json

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,29 @@
1+
{
2+
"id": "EUVD-2024-55521",
3+
"enisaUuid": "ffd1476c-f09c-31d1-b221-f2aa967734eb",
4+
"description": "A race condition was addressed with additional validation. This issue is fixed in macOS Sequoia 15.1. An app may be able to break out of its sandbox.",
5+
"datePublished": "Apr 2, 2026, 9:32:52 PM",
6+
"dateUpdated": "Apr 2, 2026, 9:32:52 PM",
7+
"baseScore": 0.0,
8+
"references": "https://support.apple.com/en-us/121564\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-40849\n",
9+
"aliases": "GHSA-gqpg-3vhq-q494\nCVE-2024-40849\n",
10+
"assigner": "apple",
11+
"epss": 0.0,
12+
"enisaIdProduct": [
13+
{
14+
"id": "19b4c420-02e7-31a6-8c42-35f7cbb505b7",
15+
"product": {
16+
"name": "macOS"
17+
},
18+
"product_version": "0 <15.1"
19+
}
20+
],
21+
"enisaIdVendor": [
22+
{
23+
"id": "dc5cf4a0-55ed-394e-be6e-ed714ef9b3ff",
24+
"vendor": {
25+
"name": "Apple"
26+
}
27+
}
28+
]
29+
}

advisories/2026/04/EUVD-2024-55523.json

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,29 @@
1+
{
2+
"id": "EUVD-2024-55523",
3+
"enisaUuid": "739bdefb-bb35-346c-bccf-491d23a93dc5",
4+
"description": "A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.1. An app may be able to access Contacts without user consent.",
5+
"datePublished": "Apr 2, 2026, 9:32:52 PM",
6+
"dateUpdated": "Apr 2, 2026, 9:32:52 PM",
7+
"baseScore": 0.0,
8+
"references": "https://support.apple.com/en-us/121564\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-40858\n",
9+
"aliases": "CVE-2024-40858\nGHSA-72gf-vh2c-59h2\n",
10+
"assigner": "apple",
11+
"epss": 0.0,
12+
"enisaIdProduct": [
13+
{
14+
"id": "f614bb49-80b1-3dbd-a0f0-d91b5213daa4",
15+
"product": {
16+
"name": "macOS"
17+
},
18+
"product_version": "0 <15.1"
19+
}
20+
],
21+
"enisaIdVendor": [
22+
{
23+
"id": "7c6e557b-baae-3f51-8268-90c69b2fdfd0",
24+
"vendor": {
25+
"name": "Apple"
26+
}
27+
}
28+
]
29+
}

advisories/2026/04/EUVD-2024-55525.json

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,29 @@
1+
{
2+
"id": "EUVD-2024-55525",
3+
"enisaUuid": "c0101828-e6b4-3a02-8ba5-0b0c49756da8",
4+
"description": "A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.1. A malicious application with root privileges may be able to access private information.",
5+
"datePublished": "Apr 2, 2026, 9:32:52 PM",
6+
"dateUpdated": "Apr 2, 2026, 9:32:52 PM",
7+
"baseScore": 0.0,
8+
"references": "https://support.apple.com/en-us/121564\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-44219\n",
9+
"aliases": "CVE-2024-44219\nGHSA-mg44-79x5-p644\n",
10+
"assigner": "apple",
11+
"epss": 0.0,
12+
"enisaIdProduct": [
13+
{
14+
"id": "86542241-c17d-30b8-9aba-a3879b19202c",
15+
"product": {
16+
"name": "macOS"
17+
},
18+
"product_version": "0 <15.1"
19+
}
20+
],
21+
"enisaIdVendor": [
22+
{
23+
"id": "08556f57-c62c-30e6-a1a6-8d1ccc7bd04c",
24+
"vendor": {
25+
"name": "Apple"
26+
}
27+
}
28+
]
29+
}

advisories/2026/04/EUVD-2024-55528.json

Lines changed: 31 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,31 @@
1+
{
2+
"id": "EUVD-2024-55528",
3+
"enisaUuid": "4bf8e33a-78e3-3427-9504-bcdcbf84a04c",
4+
"description": "A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.1. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.",
5+
"datePublished": "Apr 2, 2026, 9:32:52 PM",
6+
"dateUpdated": "Apr 2, 2026, 9:32:52 PM",
7+
"baseScore": 8.2,
8+
"baseScoreVersion": "3.1",
9+
"baseScoreVector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
10+
"references": "https://support.apple.com/en-us/121564\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-44250\n",
11+
"aliases": "CVE-2024-44250\n",
12+
"assigner": "apple",
13+
"epss": 0.0,
14+
"enisaIdProduct": [
15+
{
16+
"id": "fc2f14c3-7ee3-3b3f-8935-bb9ed156234d",
17+
"product": {
18+
"name": "macOS"
19+
},
20+
"product_version": "0 <15.1"
21+
}
22+
],
23+
"enisaIdVendor": [
24+
{
25+
"id": "1a84e526-ca60-3158-b679-a169ce46d731",
26+
"vendor": {
27+
"name": "Apple"
28+
}
29+
}
30+
]
31+
}

advisories/2026/04/EUVD-2024-55529.json

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,29 @@
1+
{
2+
"id": "EUVD-2024-55529",
3+
"enisaUuid": "b8d36001-ab8d-312a-884e-fd996bbafd4a",
4+
"description": "This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.1. An attacker with physical access can input keyboard events to apps running on a locked device.",
5+
"datePublished": "Apr 2, 2026, 9:32:52 PM",
6+
"dateUpdated": "Apr 2, 2026, 9:32:52 PM",
7+
"baseScore": 0.0,
8+
"references": "https://support.apple.com/en-us/121564\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-44286\n",
9+
"aliases": "GHSA-h383-mj26-vwh5\nCVE-2024-44286\n",
10+
"assigner": "apple",
11+
"epss": 0.0,
12+
"enisaIdProduct": [
13+
{
14+
"id": "2067cdfc-53bc-3669-89c4-483e1155d695",
15+
"product": {
16+
"name": "macOS"
17+
},
18+
"product_version": "0 <15.1"
19+
}
20+
],
21+
"enisaIdVendor": [
22+
{
23+
"id": "7e39707d-a901-3322-9437-ee9f5a322b7a",
24+
"vendor": {
25+
"name": "Apple"
26+
}
27+
}
28+
]
29+
}

advisories/2026/04/EUVD-2024-55530.json

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,29 @@
1+
{
2+
"id": "EUVD-2024-55530",
3+
"enisaUuid": "d5b42cf1-1592-360e-a130-d1a9e1501f36",
4+
"description": "The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.1. A malicious application may be able to modify protected parts of the file system.",
5+
"datePublished": "Apr 2, 2026, 9:32:52 PM",
6+
"dateUpdated": "Apr 2, 2026, 9:32:52 PM",
7+
"baseScore": 0.0,
8+
"references": "https://support.apple.com/en-us/121564\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-44303\n",
9+
"aliases": "CVE-2024-44303\nGHSA-hpmv-cmmm-3mqx\n",
10+
"assigner": "apple",
11+
"epss": 0.0,
12+
"enisaIdProduct": [
13+
{
14+
"id": "82b7ef00-58e5-3411-b336-ad2844d1096e",
15+
"product": {
16+
"name": "macOS"
17+
},
18+
"product_version": "0 <15.1"
19+
}
20+
],
21+
"enisaIdVendor": [
22+
{
23+
"id": "f9e886fc-3de3-3e98-8747-284428605654",
24+
"vendor": {
25+
"name": "Apple"
26+
}
27+
}
28+
]
29+
}

advisories/2026/04/EUVD-2024-55531.json

Lines changed: 59 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,59 @@
1+
{
2+
"id": "EUVD-2024-55531",
3+
"enisaUuid": "11eec09c-339e-3253-99a5-94fc1dd48158",
4+
"description": "Hirschmann Industrial IT products contain a heap overflow vulnerability in the HiLCOS web interface that allows unauthenticated remote attackers to trigger a denial-of-service condition by sending specially crafted requests to the web interface. Attackers can exploit this heap overflow to crash the affected device and cause service disruption, particularly in configurations where the Public Spot functionality is enabled.",
5+
"datePublished": "Apr 2, 2026, 9:32:53 PM",
6+
"dateUpdated": "Apr 2, 2026, 9:32:53 PM",
7+
"baseScore": 8.7,
8+
"baseScoreVersion": "4.0",
9+
"baseScoreVector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
10+
"references": "https://assets.belden.com/m/774d24c02be5c220/original/Belden_Security_Bulletin_BSECV-2024-16.pdf\nhttps://ssd-disclosure.com/ssd-advisory-lancom-lcos-heap-overflow/\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-14033\n",
11+
"aliases": "GHSA-jxwc-xxjw-356x\nCVE-2024-14033\n",
12+
"assigner": "VulnCheck",
13+
"epss": 0.0,
14+
"enisaIdProduct": [
15+
{
16+
"id": "499da082-455e-38a1-a55f-317cea4b0cbe",
17+
"product": {
18+
"name": "Hirschmann HiLCOS BAT-R"
19+
},
20+
"product_version": "\u2264 10.34.6313"
21+
},
22+
{
23+
"id": "529411f0-8a17-3e53-86a0-b464a55da6ac",
24+
"product": {
25+
"name": "Hirschmann HiLCOS BAT867-F"
26+
},
27+
"product_version": "0 \u226410.34.6313"
28+
},
29+
{
30+
"id": "cd84316e-73c8-33d6-998a-6cc59d98dcd9",
31+
"product": {
32+
"name": "Hirschmann HiLCOS BAT-F"
33+
},
34+
"product_version": "\u2264 10.34.6313"
35+
},
36+
{
37+
"id": "d02b13a0-0bf0-3d6a-8b0d-41e91303e4df",
38+
"product": {
39+
"name": "Hirschmann HiLCOS BAT867-R"
40+
},
41+
"product_version": "\u2264 10.34.6313"
42+
},
43+
{
44+
"id": "fd28053a-f86a-390c-a842-950ad46675f9",
45+
"product": {
46+
"name": "Hirschmann HiLCOS BAT450-F"
47+
},
48+
"product_version": "\u2264 10.34.6313"
49+
}
50+
],
51+
"enisaIdVendor": [
52+
{
53+
"id": "fe8eed99-d819-3637-bb0a-3c73ec093c86",
54+
"vendor": {
55+
"name": "Belden"
56+
}
57+
}
58+
]
59+
}

0 commit comments

Comments
 (0)