diff --git a/KEV-EPSS.ipynb b/KEV-EPSS.ipynb
index 858efc8..80481de 100644
--- a/KEV-EPSS.ipynb
+++ b/KEV-EPSS.ipynb
@@ -12,10 +12,10 @@
    "execution_count": 1,
    "metadata": {
     "execution": {
-     "iopub.execute_input": "2024-09-12T00:26:32.378635Z",
-     "iopub.status.busy": "2024-09-12T00:26:32.378441Z",
-     "iopub.status.idle": "2024-09-12T00:26:32.684770Z",
-     "shell.execute_reply": "2024-09-12T00:26:32.684101Z"
+     "iopub.execute_input": "2024-09-13T00:26:17.315306Z",
+     "iopub.status.busy": "2024-09-13T00:26:17.315109Z",
+     "iopub.status.idle": "2024-09-13T00:26:17.651149Z",
+     "shell.execute_reply": "2024-09-13T00:26:17.650440Z"
     }
    },
    "outputs": [],
@@ -33,10 +33,10 @@
    "execution_count": 2,
    "metadata": {
     "execution": {
-     "iopub.execute_input": "2024-09-12T00:26:32.687782Z",
-     "iopub.status.busy": "2024-09-12T00:26:32.687309Z",
-     "iopub.status.idle": "2024-09-12T00:26:32.915704Z",
-     "shell.execute_reply": "2024-09-12T00:26:32.915013Z"
+     "iopub.execute_input": "2024-09-13T00:26:17.654356Z",
+     "iopub.status.busy": "2024-09-13T00:26:17.653752Z",
+     "iopub.status.idle": "2024-09-13T00:26:18.314351Z",
+     "shell.execute_reply": "2024-09-13T00:26:18.313683Z"
     }
    },
    "outputs": [],
@@ -52,10 +52,10 @@
    "execution_count": 3,
    "metadata": {
     "execution": {
-     "iopub.execute_input": "2024-09-12T00:26:32.918324Z",
-     "iopub.status.busy": "2024-09-12T00:26:32.918119Z",
-     "iopub.status.idle": "2024-09-12T00:26:33.029311Z",
-     "shell.execute_reply": "2024-09-12T00:26:33.028685Z"
+     "iopub.execute_input": "2024-09-13T00:26:18.317420Z",
+     "iopub.status.busy": "2024-09-13T00:26:18.316949Z",
+     "iopub.status.idle": "2024-09-13T00:26:18.428871Z",
+     "shell.execute_reply": "2024-09-13T00:26:18.428166Z"
     }
    },
    "outputs": [],
@@ -69,10 +69,10 @@
    "execution_count": 4,
    "metadata": {
     "execution": {
-     "iopub.execute_input": "2024-09-12T00:26:33.032005Z",
-     "iopub.status.busy": "2024-09-12T00:26:33.031803Z",
-     "iopub.status.idle": "2024-09-12T00:27:13.068364Z",
-     "shell.execute_reply": "2024-09-12T00:27:13.067709Z"
+     "iopub.execute_input": "2024-09-13T00:26:18.431629Z",
+     "iopub.status.busy": "2024-09-13T00:26:18.431413Z",
+     "iopub.status.idle": "2024-09-13T00:26:58.010847Z",
+     "shell.execute_reply": "2024-09-13T00:26:58.010207Z"
     }
    },
    "outputs": [],
@@ -103,10 +103,10 @@
    "execution_count": 5,
    "metadata": {
     "execution": {
-     "iopub.execute_input": "2024-09-12T00:27:13.071286Z",
-     "iopub.status.busy": "2024-09-12T00:27:13.071037Z",
-     "iopub.status.idle": "2024-09-12T00:27:13.177291Z",
-     "shell.execute_reply": "2024-09-12T00:27:13.176648Z"
+     "iopub.execute_input": "2024-09-13T00:26:58.013851Z",
+     "iopub.status.busy": "2024-09-13T00:26:58.013477Z",
+     "iopub.status.idle": "2024-09-13T00:26:58.121457Z",
+     "shell.execute_reply": "2024-09-13T00:26:58.120734Z"
     }
    },
    "outputs": [],
@@ -128,10 +128,10 @@
    "execution_count": 6,
    "metadata": {
     "execution": {
-     "iopub.execute_input": "2024-09-12T00:27:13.180022Z",
-     "iopub.status.busy": "2024-09-12T00:27:13.179812Z",
-     "iopub.status.idle": "2024-09-12T00:27:14.295264Z",
-     "shell.execute_reply": "2024-09-12T00:27:14.294560Z"
+     "iopub.execute_input": "2024-09-13T00:26:58.124491Z",
+     "iopub.status.busy": "2024-09-13T00:26:58.124267Z",
+     "iopub.status.idle": "2024-09-13T00:27:00.061914Z",
+     "shell.execute_reply": "2024-09-13T00:27:00.061205Z"
     }
    },
    "outputs": [
@@ -145,7 +145,7 @@
     },
     {
      "data": {
-      "image/png": "iVBORw0KGgoAAAANSUhEUgAABlUAAANXCAYAAACsYNmPAAAAOXRFWHRTb2Z0d2FyZQBNYXRwbG90bGliIHZlcnNpb24zLjkuMiwgaHR0cHM6Ly9tYXRwbG90bGliLm9yZy8hTgPZAAAACXBIWXMAAA9hAAAPYQGoP6dpAADQXElEQVR4nOzde1xc1bn/8e/OhFyAMCbMJBqNXAKN94pRoiHBRK3Weml6TluL9kQ9sT1WC1WPbfXUems1tVVrRVtPNV7ihXo51lOr1XosimJqag1ao0bIAN5qMgMBMkwSEti/P/wxZgIMMzAze/bsz/v14vUKa83AQ5jZw6xnrecxTNM0BQAAAAAAAAAAgKgmWB0AAAAAAAAAAACAHZBUAQAAAAAAAAAAiAFJFQAAAAAAAAAAgBiQVAEAAAAAAAAAAIgBSRUAAAAAAAAAAIAYkFQBAAAAAAAAAACIAUkVAAAAAAAAAACAGJBUAQAAAAAAAAAAiAFJFQAAAAAAAAAAgBiQVAEAAABga4Zh6Oqrr477fi+88IIMw9ALL7yQ8JiGM9Y4x+vee++VYRhqa2tL+feOR1tbmwzD0I033jjqba+++moZhhExVlhYqHPOOSf8eTy/38Hvfe+998YZNQAAAJyGpAoAAABsY+PGjfqP//gPFRcXa8qUKcrLy1NFRYV+9atfadu2beHbFRYW6tRTT424bzAY1FVXXaVDDjlEOTk5ys/P1+GHH67vfe97+vjjj4f9fk8//bQMw9Ds2bM1MDAQc5znnHOOcnNzh4y/+eab8ng8KiwsTPsF7ngtWbJEhmEM+3HAAQdYHV7MHnroId1yyy2WfO+bb75ZhmHo//7v/0a8zZ133inDMPSHP/whhZFlDit/vwAAAMgME60OAAAAAIjFU089pa997WuaPHmyli9frkMOOUR9fX16+eWX9f3vf1/r16/Xb3/722Hvu3PnTlVWVurdd9/V2WefrerqagWDQa1fv14PPfSQvvKVr2j27NlD7vfggw+GEyB/+ctfdMIJJ4w5/rfeekvHH3+8cnJyVF9fr8LCwjF/rXS13377aeXKlUPG3W63BdGMrrKyUtu2bdOkSZPCYw899JDeeustXXTRRSmP5xvf+Ia+//3v66GHHhrxsfbQQw8pPz9fJ598coqjSy9XXHGFLrvssqi3ief3W1BQoG3btikrKysZ4QIAACCDkFQBAABA2mttbdU3vvENFRQU6C9/+Yv22Wef8NyFF16olpYWPfXUUyPe/4knntC6dev04IMP6swzz4yY2759u/r6+obcp7e3V//7v/+rlStX6p577tGDDz445qTK+vXrddxxx2nq1Kmqr69XUVHRmL5OunO73frmN79pdRgxmzBhgqZMmWJ1GGGzZ8/W0qVL9fjjj+s3v/mNJk+eHDH/0UcfqaGhQd/+9rdtsfi/a9cuDQwMRCQ1EmXixImaODH629l4fr+GYaTVYwEAAADpi/JfAAAASHs///nPFQwGtWrVqoiEyqCSkhJ973vfG/H+GzdulCRVVFQMmRssI7an3//+99q2bZu+9rWv6Rvf+IYef/xxbd++Pe7Y33nnHR1//PGaPHmy6uvrVVxcHDE/WKrs5ZdfVnl5uaZMmaLi4mKtXr16yNfy+Xz62te+phkzZig7O1tHH310RDLJNE15PB5dcskl4bGBgQHttddecrlc6urqCo/fcMMNmjhxooLBoKTPSpZ99NFHWrZsmXJzc+X1enXppZeqv78/7p97ONu2bdMBBxygAw44IKJcW2dnp/bZZx8tXLgw/L0G4/H5fDrppJOUk5Oj2bNn69prr5VpmqN+r3Xr1unkk09WXl6ecnNzdfzxx+uvf/1rxG327LmxZMkSPfXUU2pvbw+XLtv9RNGOHTt01VVXqaSkRJMnT9acOXP0gx/8QDt27Ij4ujt27NDFF18sr9eradOm6fTTT9eHH34Y0//RN7/5TXV3dw+bJPzd736ngYEBnXXWWVF7gMTSuyWex11XV5cuuugizZkzR5MnT1ZJSYluuOGGiJJ4u/dDueWWWzR37lxNnjxZb7/9tvr6+nTllVdq/vz5crvdysnJ0eLFi1VfXz9ifL/85S9VUFCgqVOn6thjj9Vbb70VMT9cT5U9xfP7Hen/891339VXv/pVzZgxQ1OmTNGRRx45pPTazp07dc0116i0tFRTpkxRfn6+Fi1apOeeey5qfAAAALAnkioAAABIe08++aSKi4u1cOHCMd2/oKBAkrR69eqYFuSlT0t/LV26VHvvvbe+8Y1vaOvWrXryySfj+r4bNmzQcccdp4kTJ6q+vl5z584d9nYtLS366le/qi984Qu66aabNH36dJ1zzjlav359+DabNm3SwoUL9eyzz+qCCy7Qddddp+3bt+v000/X73//e0mfLqZXVFSooaEhfL8333xT3d3dkqTGxsbw+EsvvaSysrKI3i/9/f066aSTlJ+frxtvvFHHHnusbrrpphHLqu2pv79fgUBgyEdvb68kaerUqbrvvvvU0tKiH/3oR+H7XXjhheru7ta9994rl8sV8fW++MUvatasWfr5z3+u+fPn66qrrtJVV10VNY7169dr8eLFeuONN/SDH/xAP/7xj9Xa2qolS5bo1VdfHfF+P/rRj3T44YfL4/Ho/vvv1/333x/uvzEwMKDTTz9dN954o0477TTV1tZq2bJl+uUvf6kzzjgj4uucd955uuWWW3TiiSfqZz/7mbKysnTKKafE9H/4L//yL5oyZYoeeuihIXMPPfSQCgoKhk0OjkUsj7tQKKRjjz1WDzzwgJYvX65bb71VFRUVuvzyyyOSd4Puuece1dbW6tvf/rZuuukmzZgxQz09Pbrrrru0ZMkS3XDDDbr66qvl9/t10kknqampacjXWL16tW699VZdeOGFuvzyy/XWW2/puOOO06ZNm8b180b7/Q5n/fr1Ovroo/XOO+/osssu00033aScnBwtW7Ys/JyTPk3wXHPNNVq6dKluu+02/ehHP9L++++v119/fVzxAgAAIE2ZAAAAQBrr7u42JZlf/vKXY75PQUGBecopp4Q/D4VC5rx580xJZkFBgXnOOeeYq1atMjdt2jTs/Tdt2mROnDjRvPPOO8NjCxcujDmGs88+28zKyjL32Wcfc/bs2eZ7770XNVZJZkNDQ3hs8+bN5uTJk83//M//DI9ddNFFpiTzpZdeCo9t3brVLCoqMgsLC83+/n7TNE3zF7/4helyucyenh7TNE3z1ltvNQsKCszy8nLzhz/8oWmaptnf32/utdde5sUXXxwRsyTz2muvjYivrKzMnD9//qg/87HHHmtKGvbjP/7jPyJue/nll5sTJkwwGxoazEcffdSUZN5yyy1D/g8lmdXV1eGxgYEB85RTTjEnTZpk+v3+8Lgk86qrrgp/vmzZMnPSpEnmxo0bw2Mff/yxOW3aNLOysjI8Vl9fb0oy6+vrw2OnnHKKWVBQMOTnu//++80JEyZE/P+bpmnecccdpiSzsbHRNE3TbGpqMiWZF1xwQcTtzjzzzCFxjuRrX/uaOWXKFLO7uzs89u6775qSzMsvv9w0TdNsbW01JZn33HPPkPvv+X3uueceU5LZ2toaHov1cfeTn/zEzMnJGfIYvuyyy0yXy2W+//77EfHk5eWZmzdvjrjtrl27zB07dkSMbdmyxZw1a5b57//+7+Gxwa8xdepU88MPPwyPv/rqq6akiMfrVVddZe75dragoMA8++yzw5/H8/sd7v/z+OOPNw899FBz+/bt4bGBgQFz4cKFZmlpaXjs85//fMT1BgAAAJmNkyoAAABIaz09PZKkadOmjflrTJ06Va+++qq+//3vS5LuvfderVixQvvss4+qq6uHlG/63e9+pwkTJuhf//Vfw2NVVVX605/+pC1btsT0PQdPbcyYMUMejyfqbQ866CAtXrw4/LnX69W8efPk8/nCY08//bTKy8u1aNGi8Fhubq6+/e1vq62tTW+//bYkafHixerv79crr7wi6dMTKYsXL9bixYv10ksvSZLeeustdXV1RXzPQeeff37E54sXL46II5rCwkI999xzQz72bAp+9dVX6+CDD9bZZ5+tCy64QMcee6xqamqG/Zrf/e53w/82DEPf/e531dfXp//7v/8b9vb9/f3685//rGXLlkWUWttnn3105pln6uWXXw4/puLx6KOP6sADD9QBBxwQcQrnuOOOk6RwKaunn35akob8PPE0vv/mN7+p7du36/HHHw+PDZ5cOeuss+KOfSSxPO4effRRLV68WNOnT4/4uU844QT19/dHnIqSpH/913+V1+uNGHO5XOG+KgMDA+rs7NSuXbt05JFHDnuaY9myZdp3333Dn5eXl2vBggXh/9tU6Ozs1F/+8hd9/etf19atW8M/d0dHh0466SQ1Nzfro48+kiTttddeWr9+vZqbm1MWHwAAAKxDUgUAAABpbbDfydatW8f1ddxut37+85+rra1NbW1tWrVqlebNm6fbbrtNP/nJTyJu+8ADD6i8vFwdHR1qaWlRS0uLysrK1NfXp0cffTSm7zd16lStXr1ab7/9tk455ZRwCazh7L///kPGpk+fHpHAaW9v17x584bc7sADDwzPS9IRRxyh7OzscAJlMKlSWVmp1157Tdu3bw/P7Z6gkT7tL7PngviecUSTk5OjE044YcjHAQccEHG7SZMm6e6771Zra6u2bt2qe+65Z9j+GBMmTBjSg+Zzn/ucpE97YAzH7/crFAqN+H81MDCgDz74IKafZ3fNzc1av369vF5vxMdgPJs3b5b06e9hwoQJQ0q9DRfPSE4++WTNmDEjogRYXV2dPv/5z+vggw+OO/aRxPK4a25u1jPPPDPk5z7hhBMkffZzDyoqKhr2e91333067LDDwj1HvF6vnnrqqXBput2VlpYOGfvc5z434u88GVpaWmSapn784x8P+dkHy88N/uzXXnuturq69LnPfU6HHnqovv/97+vNN99MWawAAABIrYlWBwAAAABEk5eXp9mzZw9pVD0eBQUF+vd//3d95StfUXFxsR588EH99Kc/lfTpIvLf/vY3ScMv7j744IP69re/HdP3+cY3vqEtW7boggsu0L/8y7/oySefDO/Y393ufUR2Z8bY/2V3WVlZWrBggRoaGtTS0qJPPvlEixcv1qxZs7Rz5069+uqreumll3TAAQcMe6IgVZ599llJ0vbt29Xc3DziYny6GBgY0KGHHqqbb7552Pk5c+Yk7HtlZWXp61//uu68805t2rRJ77//vpqbm/Xzn/88fJuRmrT39/fH/H1iedwNDAzoC1/4gn7wgx8Me9vBpNKgqVOnDrnNAw88oHPOOUfLli3T97//fc2cOVMul0srV67Uxo0bY443lQYGBiRJl156qU466aRhb1NSUiJJqqys1MaNG/W///u/+vOf/6y77rpLv/zlL3XHHXfovPPOS1nMAAAASA2SKgAAAEh7p556qn77299qzZo1OuaYYxL2dadPn665c+dGJGwefPBBZWVl6f777x+y6Pzyyy/r1ltv1fvvvz/sLv/hfOc731FnZ6euuOIKffOb3wyXFotXQUGBNmzYMGT83XffDc8PWrx4sW644Qb93//9nzwejw444AAZhqGDDz5YL730kl566SWdeuqpcceQKG+++aauvfZanXvuuWpqatJ5552nf/zjH3K73RG3GxgYkM/ni1i4f++99yR9WmpsOF6vV9nZ2SP+X02YMCFqAmSkZMXcuXP1xhtv6Pjjjx/xNtKnv4eBgQFt3Lgx4nTKcPFEc9ZZZ+mOO+7Qww8/rNbWVhmGoaqqqvD89OnTJUldXV0R9xs8sZQoc+fOVTAYDJ9MGYvHHntMxcXFevzxxyP+7wZPfOxpuDJa77333oi/83hE+93tbvCEVFZWVkw/+4wZM3Tuuefq3HPPVTAYVGVlpa6++mqSKgAAABmI8l8AAABIez/4wQ+Uk5Oj8847T5s2bRoyv3HjRv3qV78a8f5vvPGGAoHAkPH29na9/fbbEYvfDz74oBYvXqwzzjhDX/3qVyM+Bnuy1NXVxRX/j370I1188cV69NFH9R//8R9x3XfQl770Ja1du1Zr1qwJj/X29uq3v/2tCgsLddBBB4XHFy9erB07duiWW27RokWLwgvJixcv1v3336+PP/542H4qqbBz506dc845mj17tn71q1/p3nvv1aZNm3TxxRcPe/vbbrst/G/TNHXbbbcpKytLxx9//LC3d7lcOvHEE/W///u/EeWiNm3apIceekiLFi0Kl5QbTk5OzrAlqb7+9a/ro48+0p133jlkbtu2beHybieffLIk6dZbb424zS233DLi9xxORUWFCgsL9cADD+jhhx/Wscceq/322y88n5eXJ4/HM6Snya9//eu4vs9ovv71r2vNmjXhk0W76+rq0q5du0b9GoPJyd1PwLz66qsRj+XdPfHEE+F+JZK0du1avfrqq+H/2/EY6fe7p5kzZ2rJkiX67//+b/3zn/8cMu/3+8P/7ujoiJjLzc1VSUnJkF5NAAAAyAycVAEAAEDamzt3rh566CGdccYZOvDAA7V8+XIdcsgh6uvr0yuvvKJHH31U55xzzoj3f+6553TVVVfp9NNP19FHH63c3Fz5fD7dfffd2rFjh66++mpJny70trS0RDRH392+++6rI444Qg8++KB++MMfxvUz3HTTTdqyZYvuuusuzZgxQzfccENc97/ssstUV1enk08+WTU1NZoxY4buu+8+tba26n/+538iTr8cc8wxmjhxojZs2BBRqqyyslK/+c1vJCkpSZXu7m498MADw85985vflCT99Kc/VVNTk55//nlNmzZNhx12mK688kpdccUV+upXv6ovfelL4ftMmTJFzzzzjM4++2wtWLBAf/rTn/TUU0/pv/7rv4aULtvdT3/6Uz333HNatGiRLrjgAk2cOFH//d//rR07dkSU0BrO/Pnz9fDDD+uSSy7RUUcdpdzcXJ122mn6t3/7Nz3yyCM6//zzVV9fr4qKCvX39+vdd9/VI488omeffVZHHnmkDj/8cFVVVenXv/61uru7tXDhQj3//PNqaWmJ6//SMAydeeaZuv766yV92rdjT+edd55+9rOf6bzzztORRx6phoaG8EmeRPn+97+vP/zhDzr11FN1zjnnaP78+ert7dU//vEPPfbYY2pra5PH44n6NU499VQ9/vjj+spXvqJTTjlFra2tuuOOO3TQQQcpGAwOuX1JSYkWLVqk73znO+HkYH5+/oglyOIx0u93OLfffrsWLVqkQw89VN/61rdUXFysTZs2ac2aNfrwww/1xhtvSJIOOuggLVmyRPPnz9eMGTP02muv6bHHHhvxOgIAAACbMwEAAACbeO+998xvfetbZmFhoTlp0iRz2rRpZkVFhVlbW2tu3749fLuCggLzlFNOCX/u8/nMK6+80jz66KPNmTNnmhMnTjS9Xq95yimnmH/5y1/Ct6uurjYlmRs3bhwxhquvvtqUZL7xxhsj3ubss882c3Jyhozv2rXLXLZsmSnJXLly5bCxDjr22GPNY489NmJs48aN5le/+lVzr732MqdMmWKWl5ebf/zjH4eN4aijjjIlma+++mp47MMPPzQlmXPmzIk55quuusqM5W3Dsccea0oa8cM0TfPvf/+7OXHiRLO6ujrivrt27TKPOuooc/bs2eaWLVsi4tm4caN54oknmtnZ2easWbPMq666yuzv74+4vyTzqquuihh7/fXXzZNOOsnMzc01s7OzzaVLl5qvvPJKxG3q6+tNSWZ9fX14LBgMmmeeeaa51157mZLMgoKC8FxfX595ww03mAcffLA5efJkc/r06eb8+fPNa665xuzu7g7fbtu2bWZNTY2Zn59v5uTkmKeddpr5wQcfDBtnNOvXrzclmZMnTw7/v+wuFAqZK1asMN1utzlt2jTz61//url58+Yh3+eee+4xJZmtra3hsXged1u3bjUvv/xys6SkxJw0aZLp8XjMhQsXmjfeeKPZ19dnmqZptra2mpLMX/ziF0O+5sDAgHn99debBQUF5uTJk82ysjLzj3/8o3n22WdH/P/u/jVuuukmc86cOebkyZPNxYsXD3m+Dfe4LCgoMM8+++zw5/H8fge/9z333BPxNTdu3GguX77c3Hvvvc2srCxz3333NU899VTzscceC9/mpz/9qVleXm7utdde5tSpU80DDjjAvO6668L/NwAAAMgshmmOofslAAAAACTROeeco8cee2zYkwwAAAAAYBV6qgAAAAAAAAAAAMSApAoAAAAAAAAAAEAMSKoAAAAAAAAAAADEgJ4qAAAAAAAAAAAAMeCkCgAAAAAAAAAAQAxIqgAAAAAAAAAAAMRgotUBpNrAwIA+/vhjTZs2TYZhWB0OAAAAAAAAAACwkGma2rp1q2bPnq0JE6KfRXFcUuXjjz/WnDlzrA4DAAAAAAAAAACkkQ8++ED77bdf1Ns4Lqkybdo0SZ/+5+Tl5VkcDQAAAAAAAAAAsFJPT4/mzJkTzh9E47ikymDJr7y8PJIqAAAAAAAAAABAkmJqGUKjegAAAAAAAAAAgBiQVAEAAAAAAAAAAIgBSRUAAAAAAAAAAIAYkFQBAAAAAAAAAACIAUkVAAAAAAAAAACAGJBUAQAAAAAAAAAAiAFJFQAAAAAAAAAAgBiQVAEAAAAAAAAAAIgBSRUAAAAAAAAAAIAYkFQBAAAAAAAAAACIgaVJlYaGBp122mmaPXu2DMPQE088Mep9XnjhBR1xxBGaPHmySkpKdO+99yY9TgAAAAAAAAAAAEuTKr29vfr85z+v22+/Pabbt7a26pRTTtHSpUvV1NSkiy66SOedd56effbZJEcKAAAAAAAAAACcbqKV3/zkk0/WySefHPPt77jjDhUVFemmm26SJB144IF6+eWX9ctf/lInnXRSssIEAAAAAAAAAACwV0+VNWvW6IQTTogYO+mkk7RmzZoR77Njxw719PREfAAAAAAAAAAAAMTLVkmVTz75RLNmzYoYmzVrlnp6erRt27Zh77Ny5Uq53e7wx5w5c1IRKgAAAAAAAAAAyDC2SqqMxeWXX67u7u7wxwcffGB1SAAAAAAAAAAAwIYs7akSr7333lubNm2KGNu0aZPy8vI0derUYe8zefJkTZ48ORXhAQAAAAAAAACADGarkyrHHHOMnn/++Yix5557Tsccc4xFEQEAAAAAAAAAAKewNKkSDAbV1NSkpqYmSVJra6uampr0/vvvS/q0dNfy5cvDtz///PPl8/n0gx/8QO+++65+/etf65FHHtHFF19sRfgAAAAAAAAAAMBBLE2qvPbaayorK1NZWZkk6ZJLLlFZWZmuvPJKSdI///nPcIJFkoqKivTUU0/pueee0+c//3nddNNNuuuuu3TSSSdZEj8AAAAAAAAAAHAOwzRN0+ogUqmnp0dut1vd3d3Ky8uzOhwAAAAAAAAAAGChePIGtuqpAgAAAAAAAAAAYBWSKgAAAAAAAAAAADEgqQIAAAAAAAAAABADkioAAAAAAAAAAAAxIKkCAAAAAAAAAAAQA5IqAAAAAAAAAAAAMSCpAgAAAAAAAAAAEIOJVgcAAAAAwLl8/qDaO0MqzM9RkSfH6nAAW7rt+WY1bgxocalXFywtsTqclHLyNeTFDZvV9GGXjth/uhaXeq0OBzbm9MeS039+JE7hZU+F/932s1MsjCQ6HvPjZ5imaVodRCr19PTI7Xaru7tbeXl5VocDAAAAOFJXqE81dU1qaPaHxypLvaqtKpM7O8vCyLAnuyxaO3GB4JUWv868a+2Q8Ye/dbQWzM23IKLUcfI1pL2jV8tub9SW0M7w2PTsLP3hwkWak59tYWSpY5frUrpz+mPJ6T8/Eqfosqc03AL7REkt40yuJPJ6x2M+unjyBiRVAAAAAKTc8lVr1dgSUP9ub0dchqGKEo9Wryi3MDIMssuitZMXCHbfEbundN4hmwhfu+MV/a1ty5Dx8sLpeuT8hRZElDqHXPUnBXcMDBmfNnmC/nHNyRZElDp2uS7Zxef+6yn1DX0oadIE6b3r0/MaksgF5rJr/xzx2jFoenaW1l154ri+NpwlGa/HybjeHXb1s+rZvmvIeN6UiXrz6pPG9DUzSTx5A3qqAAAAAHHw+YOq37BZrYFeq0OxLZ8/qIZmf0RCRZL6TVMNzX7+b9NETV2TGlsCEWONLQFV162zKKLh7ZlQkaQtoZ06/faXLYooNW57vjnq/K/rW1IUSer5/MFhEyqStLZtS0ZfQ17csHnYhIokbd0xoJd2W3zLRHa5LtnBixs2D5tQkaS+AaXdY6kr1Kflq9bquJte1Ln3/E1Lb3xBy1etVfcwSZFYvLhh87AJFenT15B0+/mRvqIlVGKZH0mir3cvbtg8bEJFknq27+IxHyeSKgAAAEAMEv1m3snaO0NR59s6MndB1C7skvhy8qLYPa+0Rp2/+2VfiiJJvT+++XHU+adGmbez+//aHn3+lbbUBGIBu1yX7OKSR5qizl/8u/RKVCV6gbnpw66o86+/P3ziFkiFZFzvnmj6KOr871+PPo9IJFUAAEBa4RQA0hW7YxNnc/f2qPOBrTtSFAlGYpfEl5MXxUZL6HZlcML36Tf/Oa55O/twlOfmB1u2pSiS1LPLdckuRkpID+pMo2tIMhaY9542Jer8bPfUuL8mkCjJuN61+aPfpzUQjPtrOtlEqwMAAACQqJGN9Db4Zn5Pu7+Zp1Fu7D7ZGj2p8nF35i4K2kXBjOi9SArz0+Px7uRFsQmGNGxX3N3nM9THXdGvER9uib4YZWdzZmTr3U0jL3zNmZG5j3m7XJfsYurECerdOUL9L0nZE9NnH3YsC8zx/h028k/+qV0DjmpBjTSTjOvdlEmuqPNTs0gTxCN9rpAAAMDROAWAdMbu2MQ6fL+9os4fsf/01ASCERV7c1VZ6pXLiFyZdxmGKku9aZNEnOmOnlTxTJucokhSL29q9A0Ho83bWdYoi72TsjJ3qePzo1w/D5+TudfPZF+XOC0dKZ1SCslJqEX/CTM4Lw0bSMb1btnh+0ad/8oR0ecRKXP/0gAAALZBjWykO3bHJtax82Zq4gjb6CdOMLS41Duur8/CWGLUVpWposQTMVZR4lFtVZlFEQ012hvakR5nmaBslOTj/IIZKYok9ebNmhZ1/oBZeSmKJPU2jnJda9mc2eVbknFdSmbPtHR+Pdo5EP2sxq5R5u1utJOM+07P3FNfsIdEX+/OKN8/6vzXjpwzpq/rVJzrAQAAlkvGkX4gkYq9uZqenTVs/fHp2Vk8PuPk8wdHLKuxa8Acczk1yggmljs7S6tXlKs10Ku2jl4V5uek3WPdyeVbjjtwlp57Z/OI80sOmJnCaFIre3L0pYzsSZm81JG5j+lYJOO6FO209OoV5WP6mnZ4PZo2JUsdvSMnjqZNSY84Jcp/wZkSfb3z+aMn3SlnHB9OqgBAAqXzTiQgnXEKAOnO5w+O2NB1S2gn1/04JaucGmUEk6PIk6Ol82am5RvtZL9+pPPfdrNHKX22H7usMxLlWz6VqOtSsk5L2+H1aP/p0a+f+49yfU2lZFzref8Bu0jU9e7V1s6o83/1dYzr6ztNJm/fAICUscNOJCCdDdaMbWwJRLypdRmGKko8abmQB2fhNFViJWMhY3BhbE+7L4zxO8o8yTpFZoe/7Zy8y/qjUa7JH2Vwo/pj581U3uSJ6tmxa8hc3uSJ4y6f6DTJeH23y+tR9/bo5c26tw19jFklGe8VeP8B56GPUCJxUgUAEsAOO5GAdPfTZQcrb2rkfo+8qRN13bJDLIoI+Ay7GRMrGc03k3X6BektWafI7PC3nZOvS1u2RV8M7gj1pSgSaxywz/A9ZUYax8iS8Tyyy+vRqEmVUeZTLRn9dOzQOwzpb9pkV9T5vFHmU2XCKGkTVwb3oUsGTqoAwDjZZScSkO6ueGK9evbYEdezbZd+9MRbY65nDSQKuxkTr7aqTNV16yJeQ8ezkGHHBWafP6j2zlBa9iqxCyfvMi/25mraFJe2bu8fMpc3xZUWMSbLXE+OPunZMeJ86czcFEaTWj5/UGvbtgw7t7ZtS9o8Pu0iGa/vdnk9mjjKAupo86mWjH46dugdhvSXPdmlrTuGvhZ/Np8ey+/vfNITdf7tj6PPI1J6/FYBwMYoCQOMn10WsOBsiU4COF2iFzLslPiyQ2kpu7Bql3k6PJ58/uCwCRVJ6tnen9GvneVz89XoG7k2/JFFM1IYTWrZ5fFpJ4l+fbfL61GWK3rxmtHmrVLkSXziIxlfE86RkzVR0sgnJHMnpcfy+4ycydHncyelKJLMkB6/VQCwMbvsRALSmR0XCNhh7jzsZkyORC5k2CXxFa20FCfz4uPkXeZ/fPOfo8x/rOrjSlMUTWq9H4j+d8OHndtSFEnq2eXxaSfJeH23w+vRtElZkraPPJ8mu+sBu0uXDmenHraPbn7uvSjzs1MYjf1xhQSAcbLLTiQgndlpgYAd5mA3Y/qyQ+KLk3mJ59Rd5p29I5e/kqTOYOb2Ffm4O3rS5MMMblRvl8enHSXy9d0Or0cHzJ6mdzZtHXl+n7wURgPYV1//wCjzI5cGS6Vib66OKpiuv7UPLSF5VMH0tLtGpbv0PMsHADZDgztgfJLRtDpZ7NC8GMnl8wdVv2HzmBtgI/mKPDlaOm9mWl07BtmlgbGdmEnYA2qHv+2WzpsZdf64A6PP21nFXE/U+cWl3hRFYg07PD7xqXR+PTq6KD/q/DFzo88D+NS0KdHPLOSm0amvu84+SpV7vEZWlnp119lHWRSRfaXPbxUAbMwOO5GAdPfTZYfoy7e/rC2hneGxvKkTdd2yQyyMKhI7zJ2NU0pIBDudzLOLZJRTs8PfdnNGeSztNz36vJ199/hS3RilhMkFS0tSGE3qJfPxSXlT55jpnhJ13jMtev8FAJ86cJ88vfNJcMT5g2e7UxhNdHb4+8YuSKoAQAJREgYYuyueeEs923ZFjPVs26UfPfFW2vQYsGPvFyQOfTCQCJTuSaxkJ7vT+W+7V1tHbtQuSX/1daRt7Ilw8Ow8rf+4Z9hxp0jk45ONA84zWumaiROMUW4BQJLcU6NfI0ebt0I6/31jF5T/AgAAlhtcFNt9gVGKXBRLB+wwdy67PEZhD5TuSRwnl1Pzbx25wbQkdQSj91yxM58/OGxCRZLWf9zDNXkMKG/qPNG7QEi7BtKlvTaQ3rr22Bi4p90rMSBzcFIFAABYzi4nQNhh7lx2eYzCHii9kDhO3mm9pTd6I/rR5u3s1daO6PMZfkon0Shv6kxsFgISo8gT/blU7OW5lIk4qQIAACxnpzd17DB3Jjs9RmEf6dzA2C6cvNN6tJ8sg390vffJ1qjzzZuizyOSk098JZvPH1T9hs1peXqq2Jsr99Th91q7p07ktQmI0amHzY46f8oo81ZI52uTXXBSBQAAWM5OJ0DYYe5MdnqM2g1NkTEeTk54Lp03U/e+0j7i/HEHzkxhNKlFqZXEcvLzKFns0KPG5w+qe4TnUve2XZxQAmL0wSiJ6Q+3hNLmuWSHa5NdcFIFAACkBbudAGGHufPY7TGa7rpCfVq+aq2Ou+lFnXvP37T0xhe0fNVadbMYCsTk2HkztdcIzW/3mpqlxaXeFEeUOiP93IOmszAUl8GNAy4jslyeyzBUWerlb50xsEOPmldbO6PO/9UXvcwegE81fdgVdf7197ekJpAY2OHaZBecVAEAAGmBEyBIdzxGEyvam7rVK8otigp24/R+R09+d5FOv/3liJMZ07Oz9IcLF1kYVfJNz5kUdX6vUeYxVG1Vmarr1kXsXmbjwNjYp0dN9BqBmduRCkisvadNiTo/2z01RZFEZ59rkz2QVAEAAGmlyMNCNdIbj9Hx400dEsXpZYvm5Gdr3ZUn6pG/va9XfB2qmOvR146cY3VYSeedFj1p4s2dnKJIMgcbBxLHLsneBUX50eeLo88D+NTAKAnK/jRpcmaXa5NdkFQBAAAAkFK8qUOiOL3f0Z610Z9Y97GefOOfGV8bfbRdv/tOT49dwXbExoHxc3qyF3Ce6Oe60iOlwrUp0eipAgAAACCleFOHRHJyvyOn1kYfGGV+V5rsCoYz2aVHTSwbHACMbkHRjKjzR6fJqS+7XJvsgqQKAAAAgJTiTR0SabBs0ep/P0oXf6FU968o1+oV5Rl9UkP6rIze7id0pMgyepmKxCzSnR2SvTyPgMT4W2tn1PnX2qLPp5Idrk12QfkvAAAAAClHU2Qkyp4lsCSpstSb8SWwnFxGr9ibqyMLpuu19i1D5o4qmJ6xPzfsww49apxePhFIlOfe2RR1/s/rP0mbfmd2uDbZBUkVAAAAACnHmzokSrQSWKtXlFsUVfI5fZf5e5u2Dju+YYRxwArp3qOGDQ7A+IV27Io6v62vP0WRxC7dr012QFIFAAAAgGV4U4fxGCyBtafdS2Bl6uPLybvMX9ywWT3bh1/E6tm+Sy81+7W41JviqAD7YYMDMH7Zk6Mvr0+Z5EpRJEgleqoAAACMgc8fVP2GzRldsx4A0p3TGy07tTZ6/YahibTdPf/O5hRFAmSGIk+Ols6bSUIFGAP3lOilRqdnT0pRJEglTqoAAADEwam1+wEgHTm9BNbgLvOG9zZr3QddOmL/6Y44oTEjJ/rrrSeXBSwAQGr4AsGo8y2b068spc8fVHtniNNp40BSBQAAIA5Ord0PAOnIySWwJOcm+k89bLZufq55xPlTDpudwmgAAE62258fac+pfzckA+W/AAAYJ8pAOcdg7f7+Pf5y3r12PwAgtZxaAkuSvvPA60N6yjQ0+3X+A3+3KKLUKPbm6og57mHnjpizV8Yn04BE4/0MMHZV5ftHnT9zQUGKIhmdU/9uSAZOqgAAMEbs8nCeWGr3s5ADAKnl1EbLPn9Qa3wdw86t8XWoNZDZr0mTs4ZfzpicRUNgIFa8nwHG74zy/XXZ4//QcAdWDElfO3JOqkMaltP/bkg0TqoAADBG0cpAITM5vXY/AKQzpzVafrW1M+r8X0dYOMkEsSwMARjdBQ8Ov2v9Ow+yax2IR9n+e8U1bgUn/92QDCRVAAAYA8pAOdNg7X6XYUSMuwxDlaVexyzkAQDSQfQi7kbUWXuL5eQogOh8/qBe2Tj8IuorG0lOArHy+YN6/f2uYedef78rjZ5Lzv27IRlIqgAAMAa8mXcuJ9fuB5KBOu7A2Cwoyo8+Xxx93s44OQqM36ut0Xelv8qudSAmdlkbcPLfDclATxUAAMaAN/PO5dTa/UCiUccdGJ9ib67cU7PUvW3nkDn31KyMfm0aPDna2BKIODXsMgxVlHgy+mcHEsW/tS/6fHBHiiIB7G20EwsTJ6THGZBib64Wzs0f9oTawrn5vHbGiZMqAACMAWWg4LTa/UCi0ZcKGB+fPzhsQkWSurftzPjTX5wcBcbHO21S9PncySmKBLC3gVHmdw1EL7uVSr85a74qS70RY5WlXv3mrPkWRWRfnFQBAGCMaqvKVF23LmKXNW/mAWB0g32p9rR7XyoSlkB0sZQbyeTnESdHgfGhFBCQGHaqYsFrZ+KQVAEAYIz4gwQAxsbpi8FAIthpESeZijz8/QWMBaWAgMQo9ubqmOJ8rRmmD9Exxen5XOK1c/wo/wUAwDhRBgoA4sNi8Kd8/qDqN2zO+DJNSA5KkQIYL0oBAYlhjNA2ZaRx2B8nVQAAAACklNObTHeF+lRT1xRRAq2y1KvaqjK5s7MsjAx78vmDau8Mpe1pVEqRpv/vCEhnnLwHxs/nDw574kuSXtnYQVnbDEVSBQAAAEDKOXkxuKauSY0tgYixxpaAquvWafWKcouiwu7skvgylT7Nb1PNLr8jwA4oBQSMHWVtnYnyXwAAAABSbnB3bP2lS3TPuUep/tIlWr2iPOMXQ33+oBqa/REndCSp3zTV0OynFFiaiJb4Sid2iTMZLnjw9YiEiiQ1NPv1nQf/blFEAAAnoqytM5FUAQAAQFqgv4QzOa0vVSy7GWEtuyS+7BJnMsRSagVjw2sxAMQn2T3OuC6nJ8p/AQAAwFKUcIGTsJsx/dmljIdd4kyGV1uHT6iE530dGfuzJwuvxQAwdskoa8t1Ob1xUgUAAACWcnL5GjhPsnczYvzskviyS5zJYUSddW6nmbHjtRgAxi4ZPc64Lqc3kioAAACwjJPL18C5aqvKVFHiiRgb725GJA6Jr/S3oGhG1Pmji/NTFElm4LUYAMbnvPteG7bP13n3/W1MX4/rcvqj/BcAAAAs4+TyNXAud3aWVq8oV2ugV20dvSrMz+FxnmaSUcYj0Zx8/Sz25uqY4nyt8Q0tA3ZMcX7G/tzJ4uTHEgCMl88f1GvtW4ad+1v7FrUG4r+Gcl1OfyRVAAAAYBlnl6+B0xV5SKakKzskvpx+/bzjm/OHJL4Ga80jPk5/LAHAePzxzX+OMv+xqo8rjetrcl1OfyRVACCBfP6g2jtDafnGGwDS0WCZncaWQMTxdpdhqKLEw7UUgKXSOfHl9OunHRJfduH0xxIAjEdn747o88G+uL8m1+X0R08VAEiArlCflq9aq+NuelHn3vM3Lb3xBS1ftVbdoZ1WhwYAaY/+EgAwNlw/P018LZ03kwWmceKx5GwvbtisXz3/nl7aoycEgNEtnTcz6vxxB0afHwnX5fRmmOYeHW8yXE9Pj9xut7q7u5WXl2d1OAAyxPJVa0fcQbB6RbmFkQGAfbDbGADGpuG9zVr3QZeO2H+6Fpd6rQ4HNsZrsbO0d/Rq2e2N2rLbZsDp2Vn6w4WLNCc/evkhAJ85/Jo/q2vb0E21e03NUtNVJ47ra3NdTp148gYkVQBgnHz+oI676cUR5+svXcILHwAAABKuK9SnmrqmYfuKuLOzLIwMgB2UXfvniITKoOnZWVp35fgWggEnWf9Rt758e6N2DXy2zD5xgqE/XFihg/Z1WxgZ4hFP3oDyXwAwTu2doajzbR29KYoEAAAATlJT16TGlkDEWGNLQNV16yyKCIBdvLhh87AJFUnaEtpJKTAgDjc8s0F7HlswTelnz2ywJiAkHUkVABinghnRj0UX5nNKBQCAkfj8QdVv2KzWAJsQgHj4/EE1NPsjys9KUr9pqqHZz3MKQFRNH3ZFnX/9/S2pCQSwOV6PnWmi1QEAgN0Ve3NVWeodsacKpb8AABiKskXA+MRyWtoJf4f6/EG1d4aoNQ/E6fD99oo6f8T+01MTCGBzvB47EydVACABaqvKVFHiiRirKPGotqrMoogAAEhvlC0Cxsfpp6W7Qn1avmqtjrvpRZ17z9+09MYXtHzVWnWPUM4IQKQ5o1xD9ptOo3ogFk5/PXYqTqoAQAK4s7O0ekW5WgO9auvoZaccAABRDJZJ2NPuZRJ4HQWic/pp6WiJ2dUryi2KCrAPdtcDiVHszdXCufl6ZWPHkLmFc/N5HmUoTqoAQAIVeXK0dN5MXjQBAIgiloUcAKNz6mlp6tcD48fueiBx9mxSP9o47I+TKgAAAABSioUcIDGcelqaHfbA+Dn9tBuQKD5/UGt8Q0+pSNIaXwcnsDMUJ1UAAAAApNTgQo7LMCLGXYahylIvbzyBODnttPRoCxkTJxij3AKA5NzTbkAicQLbmUiqAAAAAEg5FnKAxPH5g6rfsNkxZa8+7t4Wdf6jLdHnAXzKFLWJgPHiBLYzUf4LAAAAQMo5tWwRkEhdoT7V1DWpodkfHqss9aq2qkzu7CwLI0su/9a+6PPBHSmKBLC3mromNbYEIsYaWwKqrlun1SvKLYoKsBdK6TkTJ1UAAAAAWMZpZYuARIq2IJrZou+up/gXMDqfP6iGZn/EIrAk9ZumGpr9jjn5BiTCT5cdorypkWcX8qZO1HXLDrEoIiQbSRUAAAAAAGzGyQui3mmTo857cqPPA6APBJBIVzzxlnq27YoY69m2Sz964i2LIkKykVQBAAAAAMBmnLwg2jFK+a/O3ujzAOgDASSKkzc5OBlJFQAAAAAAbMbJC6KNGwNR519ujj4PAECiOHmTg5ORVAEAAAAAABnDoKkKMCoWgoHEcPImBycjqQIAAAAAgM04eUH0mLmeqPNHz81PUSSAfY22IDhxAtlJIBbF3lxNz84adm56dpaKPCRVMhFJFQAAAAAAbMbJO2M/v5876vzhc/ZKTSCAjQ2MMr9rwBzlFgCkT3uqbAntHHZuS2gnPVUyFEkVAAAAAABsxsk7Y1kMBsbPyYlZIJGcfHLUyUiqAAAAAABgM07eGctiMDB+xd5cVZZ65dqjCZHLMFRZ6s3oxCyQSLwmORNJFQAAAAAAbMbJO2OLvblaOELflIVz81kMBmL002UHK2/qxIixvKkTdd2yQyyKCADsgaQKAAAAAAA24/SdseYIFb5GGgcw1BVPrFfPtl0RYz3bdulHT7xlUUSA/Th5k4OTkVQBAAAAAMBmnFy6x+cPao2vY9i5Nb6OjC59BiSKzx9UQ7Nf/XtkIvtNUw3Nfp5HQIw2d2+POh/YuiNFkcTO5w+qfsNmnufjMHH0mwAAAAAAgHRTW1Wm6rp1amj2h8cqSjyqrSqzMKrki2VXcCYnlYBE4HkEJMYnW6MnVT7u3paiSEbXFepTTV1TxN8NlaVe1VaVyZ2dZWFk9kNSBQAAAAAAG3JnZ2n1inK1BnrV1tGrwvwcRyyCjlZyY+IEY5RbAHB6CUEgUQ7fb6+o80fsPz01gcSgpq5JjS2BiLHGloCq69Zp9Ypyi6KyJ8p/AQAAAABgY0WeHC2dN9MRCRVJGhhlftcAjVWA0Ti5hCCQSHNGSVDuNz36fKpQ8i+xSKoAAAAAAADb4KQKkBi1VWWqKPFEjDmhhCCQSHZpVG+XOO2C8l8AAAAAAMA2OKkCJIZTSwgCiWSXRD8l/xKLpAoAAAAAALANFoaAxCrykEwBxmq0RvQfbUmPRvWDJf8aWwIRJcBchqGKEg/XgDhR/gsAAAAAANgGvSAAAOkj+kmUdDo7Scm/xOGkCgAAAAAAsJXaqjJV161TQ7M/PMbCEAAg1RYUzYg6f3RxfooiGR0l/xKHpAoAAAAAALAVFoYAABgb00yn8zP2RFIFAAAAAADYEr0gAABWau8MRZ1v6+hNm9eprlCfauqaIk55VpZ6VVtVJnd2loWR2Q89VQAAAAAAAAAAiFPBjOyo84X56ZFQkaSauiY1tgQixhpbAqquW2dRRPZFUgUAAAAAAAAAgAzl8wfV0OxX/x6lv/pNUw3NfrUGei2KzJ5IqgAAAAAAAAAAEKdYyn+lA7vEaRckVQAAAAAAAAAAiJNdyn/ZJU67IKkCAAAAAAAAAECcir25qiz1ymUYEeMuw1BlqTdtmtTbJU67IKkCAAAAAAAAAMAY1FaVqaLEEzFWUeJRbVWZRRENzy5x2oFhmnt0p8lwPT09crvd6u7uVl5entXhAAAAAAAAAABsrjXQq7aOXhXm56T1yQ+7xJlq8eQNJqYoJgAAAAAAAAAAMlKRxx5JCrvEmc5IqgAAAAAAAAAO5fMH1d4ZYtc6AMSIpAoAAAAAAADgMF2hPtXUNamh2R8eqyz1qraqTO7sLAsjA4D0RqN6AAAAAAAAwGFq6prU2BKIGGtsCai6bp1FEQGAPZBUAQAAAAAAABzE5w+qodmvftOMGO83TTU0+9Ua6LUoMgBIfyRVAAAAAAAAAAdp7wxFnW/rcE5SxecPqn7DZhJJAGJGTxUAAAAAAADAQQpmZEedL8zP/Ib19JQBMFacVAEAAAAAALbEDnNgbIq9uaos9cplGBHjLsNQZalXRZ7MT6rQUwbAWHFSBQAAAAAA2Ao7zIHxq60qU3XduojnUUWJR7VVZRZGlRqDPWX2tHtPGScklgCMDUkVAAAAAABgK9F2mK9eUW5RVIC9uLOztHpFuRre82vdB1t0xP7TtbjUa3VYKRFLTxmSKgBGQlIFAAAAAADYBjvMgcRw8okvesoAGA96qgAAAAAAYGNO6ysSyw5zAKNzck8ResoAGA9OqgAAAAAAYENO3WXODnNg/Djx5eyeMgDGh6QKAAAAAAA25NS+IoM7zBtbAuo3zfC4yzBUUeLJ+IVgIBHoKfJZT5nWQK/aOnpVmJ+T8T8zgMSg/BcAAAAAyzitbBGQKIO7zHdPKkiRu8wzWW1VmSpKPBFj7DAHYseJr88UeXK0dN5MEioAYsZJFQAAgDHw+YNq7wyxow0YI6eWLQISxem7zNlhDowPJ74AYOxIqgAAAMSBhWAgMZxatsiOSCKnJ3aZf6rIw+MSGCt6igDA2JBUAQAAiAMLwcD40RzXHkgip7dib64Wzs3XKxs7hswtnJvvmOcQST9g7DjxBQBjQ1IFAAAgRiwEA4nh9LJFdkESOf3t0U5l1PFMQtIPSBxOfAFAfGhUDwAAEKNYFoIBjI6yRenP6U3Q7cDnD2qNb+gpFUla4+vI+N9RtKQfAABAMpFUAQAAiBELwUBiDDbHdRlGxLjLMFRZ6mW3bBogiZz+nPw7IukHAACsRFIFAAAgRiwEA4lTW1WmihJPxBjNcdMHSeT0N9qb+YkTjFFuYV9OTigBTufzB1W/YTPJUwCWoqcKAABAHGqrylRdty6ihjsLwUD8aI6b3gaTyI0tgYjTAC7DUEWJh99VGhgYZX7XQOY2ViHpBySWzx9Ue2corV+L6aMEIJ2QVAEAAIgDC8FAYtEcN32RRE5vTk4skPQDEsNOiYpofZRWryi3KCoATmWYppm521eG0dPTI7fbre7ubuXl5VkdDgAAAACkNZLI6Wv5qrUjJhYyfZGxO7RzSNIvXReDgXRll2uIzx/UcTe9OOJ8/aVLeH0CMG7x5A04qQIAAAAAGBGnidKXk08TcXIUGB+fPxhx7RjUb5pqaParNdCbNs+pWPoopUuscLYXN2xW04ddOmL/6Vpc6rU6HCQRSRUAAAAAAGyIxAJJP2Cs7JSocHK5Q9hDe0evlt3eqC2hneGx6dlZ+sOFizQnP/rjF/Y0weoAAAAAAADA2BV5crR03sy0WQAFkP7slKgY7KPkMoyIcZdhqLLUy7UPltszoSJJW0I7dfrtL1sUEZLN8qTK7bffrsLCQk2ZMkULFizQ2rVro97+lltu0bx58zR16lTNmTNHF198sbZv356iaAEAAAAAAAB7s1uioraqTBUlnogxp5Q7RHp7ccPmIQmVQVtCO/XSMGX2YH+Wlv96+OGHdckll+iOO+7QggULdMstt+ikk07Shg0bNHPmzCG3f+ihh3TZZZfp7rvv1sKFC/Xee+/pnHPOkWEYuvnmmy34CQAAAAAAAAD7sVNfJsodIl01fdgVdf7197fQXyUDGaZpmlZ98wULFuioo47SbbfdJkkaGBjQnDlzVF1drcsuu2zI7b/73e/qnXfe0fPPPx8e+8///E+9+uqrevnl2I5T9fT0yO12q7u7W3l5eYn5QQAAAAAAAAAbIlEBjN2LGzbr7Hv+NuL8/SvKSarYRDx5A8vKf/X19envf/+7TjjhhM+CmTBBJ5xwgtasWTPsfRYuXKi///3v4RJhPp9PTz/9tL70pS+N+H127Nihnp6eiA8AAAAAQGbx+YOq37BZrYFeq0MBAFuhLxMwdnNG6U+033Qa1Wciy8p/BQIB9ff3a9asWRHjs2bN0rvvvjvsfc4880wFAgEtWrRIpmlq165dOv/88/Vf//VfI36flStX6pprrklo7AAAAACA9NAV6lNNXVNE+ZrKUq9qq8rkzs6yMDIAsAefP6j2zhAnVYAxaO8MRZ1v6+jleZWBLG9UH48XXnhB119/vX7961/r9ddf1+OPP66nnnpKP/nJT0a8z+WXX67u7u7wxwcffJDCiAEAAAAAyVRT16TGlkDEWGNLQNV16yyKCADsoSvUp+Wr1uq4m17Uuff8TUtvfEHLV61V9whNtwEMVTDKSZXCfBIqmciypIrH45HL5dKmTZsixjdt2qS999572Pv8+Mc/1r/927/pvPPO06GHHqqvfOUruv7667Vy5UoNDAwMe5/JkycrLy8v4gMAAAAAYH8+f1ANzX7179EqtN801dDspxQYAERBUhoYv2JvripLvXIZRsS4yzBUWerllEqGsiypMmnSJM2fPz+i6fzAwICef/55HXPMMcPeJxQKacKEyJBdLpckydzjj2gAAAAAQGaLpeQGAGAoktJA4tRWlamixBMxVlHiUW1VmUURIdks66kiSZdcconOPvtsHXnkkSovL9ctt9yi3t5enXvuuZKk5cuXa99999XKlSslSaeddppuvvlmlZWVacGCBWppadGPf/xjnXbaaeHkCgAAAADAGSi5AQBjQx8IIHHc2VlavaJcrYFetXX00p/IASxNqpxxxhny+/268sor9cknn+jwww/XM888E25e//7770ecTLniiitkGIauuOIKffTRR/J6vTrttNN03XXXWfUjAAAAAAAsMlhyo7ElELHb2mUYqijxsKABACMgKQ0kXpGHZIpTGKbD6mb19PTI7Xaru7ub/ioAAAAAYHPdoZ2qrlunhmZ/eKyy1KvaqjK5s7MsjAwA0tvyVWtHTEqvXlFuYWQAkHrx5A1IqgAAAACwjM8fVHtniDIJGDdKbgBAfEhKA8BnSKpEQVIFAAAAsF5XqE81dU0s5AAAYDGS0gAQX95gQtRZAAAAAEiCmromNbYEIsYaWwKqrltnUUQAADiTw/ZbA8C4WdqoHgAAAIDz+PzBiBMqg/pNUw3NfrUGetkpCwBAknFqFADGhpMqAAAAAFKqvTMUdb6tozdFkQAA4FycGgWAsSGpAgAAACClCmZkR50vzOeUCgAAyTR4arR/j9Jfu58aBQAMj6QKAAAAgJQq9uaqstQrl2FEjLsMQ5WlXkp/AQCQZJwaBYCxI6kCAAAAIOVqq8pUUeKJGKso8ai2qsyiiAAAcA5OjQLA2NGoHgAAAEDKubOztHpFuVoDvWrr6FVhfg4nVAAASJHBU6ONLYGIEmAuw1BFiYfXZACIgpMqAAAAACxT5MnR0nkzWbwBACDFODUKAGPDSRUAAAAAAADAYTg1CgBjQ1IFAAAAAAAAcKgiD8kUAIgHSRUAAAAAAADAoXz+oNo7Q5xUAYAYkVQBAAAAAAAAHKYr1KeauiY1NPvDY5WlXtVWlcmdnWVhZACQ3mhUDwAAAAAAADhMTV2TGlsCEWONLQFV162zKCIAsAeSKgAAAAAAAICD+PxBNTT71W+aEeP9pqmGZr9aA70WRQYA6Y+kCgAAAAAAAOAg7Z2hqPNtHSRVgHj5/EHVb9hMUtIB6KkCAAAAAAAAOEjBjOyo84X5NKwHYkV/IufhpAoAAAAAALAldgUDY1PszVVlqVcuw4gYdxmGKku9KvKQVAFiRX8i5+GkCgAAAAAAsBV2BQPjV1tVpuq6dRHPo4oSj2qryiyMCrCXwf5Ee9q9PxFJysxDUgUAAAAAANhKtF3Bq1eUWxQVYC/u7CytXlGu1kCv2jp6VZifw+IvEKdY+hPxvMo8lP8CAAAAAAC2MbgruN80I8Z33xUMIHbvd/TqzQ+79OGW6IvDAIaiP5EzcVIFAAAAAADYBruCgcRo7+jVstsbtSW0Mzw2PTtLf7hwkebkR18oBvCpwf5EjS2BiGS/yzBUUeLh9ShDcVIFAAAAAADYBruCgcTYM6EiSVtCO3X67S9bFBFgT7VVZaoo8USM0Z8os3FSBQAAAAAA2Aa7goHxe3HD5iEJlUFbQjv1UrNfi0u9KY4KsCf6EzkPJ1UAAAAAAICtsCsYGJ+mD7uizr/+/pbUBAJkEHOPXl/IXJxUAQAAAAAAtsKuYGB8Dt9vr6jzR+w/PTWBABmgK9SnmromNTT7w2OVpV7VVpXJnZ1lYWRIFk6qAAAAAAAAWyry5GjpvJkkVIA4HTtvpqaPsNg7PTuL0l9AHGrqmtTYEogYa2wJqLpunUURIdlIqgAAAAAAAAAO84cLFw1JrEzPztIfLlxkUUSA/fj8QTU0+yN6fElSv2mqodmv1kCvRZEhmSj/BQAAAAAAADjMnPxsrbvyRL3U7Nfr72/REftP54QKEKf2zlDU+baOXk5TZiCSKgAAAAAAADbj8wfV3hminwzGbXGpl2QKMEYFM7Kjzhfmc33ORCRVAAAAAAAAbIKGyACQPoq9uaos9aqxJRBRAsxlGKoo8ZD0zlD0VAEAAAAAALAJGiIDQHqprSpTRYknYqyixKPaqjKLIkKycVIFAAAAAADABgYbIu9p94bI7IoGgNRyZ2dp9YpytQZ61dbRS1lGB+CkCgAAAAAAgA3E0hAZAGANc7fyX8hsnFQBAAAAAAC25LRm7TREBoD0Q68r5yGpAgAAAAAAbMWpC1g0RAaA9BOt19XqFeUWRYVkovwXAAAAAACwFSc3a6chMgCkj8FeV/17lP7avdcVMg8nVQAAAAAAgG04vVk7DZGRaE4rowckUiy9rnheZR6SKgAAAAAAwDZYwPpUkYcFcIyPU8voAYlErytnovwXAAAAAACwDRawgMRwchk9IFEGe125DCNi3GUYqiz1kvzOUCRVAAAAAACAbbCABYwffSCAxKHXlfOQVAEAAAAAALbCAhYwPrGU0QMQG1Pm6DdCRqGnCgAAAAAAsBWatQPjQxk9IHGildJbvaLcoqiQTJxUAQAAAAAAtlTkydHSeTNJqABxoowekBiU0nMmkioAAAAAAACAw1BGDxg/Suk5E+W/AAAAAACALfn8QbV3hij/BYwBZfSA8aOUnjORVAEAAAAA2B6L687SFepTTV2TGpr94bHKUq9qq8rkzs6yMDLAfoo8XDeBsRospdfYEogoAeYyDFWUeHhuZSjDNPco+Jbhenp65Ha71d3drby8PKvDAQAAAACMA4vrzrR81doRF7BoCgwASKXu0E5V163jbxGbiydvwEkVAAAAAIBt1dQ1qbElEDHW2BJQdd06Ftcz1GBT4D3t3hSYncFA7DjpB4wPpfSch6QKAAAAAMCWWFx3pliaAvN7B0bHST8gsSil5xwTrA4AAAAAAICxiGVxHZmHpsBAYkQ76QcAGBlJFQAAAACALbG47kyDTYFdhhEx7jIMVZZ62SUMxGDwpF//Hq2Wdz/pByA+Pn9Q9Rs28/xxAMp/AQAAAABsaXBxfaSG5SyuZ66fLjtEX779ZW0J7QyP5U2dqOuWHWJhVIB9UEYPSBxK6TkPJ1UAAAAAALZVW1WmihJPxFhFiUe1VWUWRYRUuOKJt9SzbVfEWM+2XfrRE29ZFBFgL5z0AxLnOw+8PqTHW0OzX+c/8HeLIkKycVIFAAAAgGV8/qDaO0MqzKexJ8bGnZ2l1SvK1RroVVtHL48lBxgsW7Sn3csW8RgAoiv25uqY4nyt8XUMmTumOJ/nEBAjnz847PNIktb4OnhNylAkVQAAAACkHGUSkGhFHpIpTkHZIiAx9mhLNOo4gKFebe2MOv9XXwevSRmI8l8AAAAAUq6mrkmNLYGIscaWgKrr1lkUEQC7oGwRMH4+f1CvbBx+d/0rGztotA3EzIw6S44yM5FUAQAAAJBSg6V7dm8sLkWW7gGAkRR7c1VZ6pVrj+30LsNQZamXHcFADGI58QVgdAuK8qPPF0efhz2RVAEAAACQUizkABiv2qoyVZR4IsYqSjyqrSqzKCLAXjjxBSRGsTdXC+cOnzhZOJf+RJmKnioAAAAAUoqFHADj5c7O0uoV5WoN9Kqto1eF+fTUAeIxeOKrsSUQcXLUZRiqKPHwfALi8Juz5qu6bt2wvQKRmUiqAAAAAEipYm+upmdnaUto55C56dlZLOQAiFmRh2QKMFa1VWVDFoI58QXEj0S/85BUAQAAAJBSPn9w2ISKJG0J7VRroJc3ogAAJBkLwUBikeh3DpIqAAAAAFIqlp4qvCEFACA1WAgGgPjQqB4AAABAStFTBQAAAIBdkVQBAAAAkFKDzXFdhhEx7jIMVZZ62S0LAAAAIG2RVAEAAACQcrVVZaoo8USM0RwXAAAAQLqjpwoAAACAlKM5LgAAAAA7IqkCAAAAwDI0xwUAAABgJ5T/AgAAAAAAAAAAiAFJFQAAAAAAAAAAgBhQ/gsAAAAAAAAAgHHw+YNq7wzRK9ABSKoAAAAAAAAAADAGXaE+1dQ1qaHZHx6rLPWqtqpM7uwsCyNDslD+CwAAAAAAAACAMaipa1JjSyBirLEloOq6dRZFhGQjqQIAAAAAAAAAQJx8/qAamv3qN82I8X7TVEOzX62BXosiQzKRVAEAAAAAAAAAIE7tnaGo820dJFUyEUkVAAAAAAAAAADiVDAjO+p8YT4N6zMRSRUAAAAAAGBLPn9Q9Rs2U14FAGCJYm+uKku9chlGxLjLMFRZ6lWRh6RKJppodQAAAAAAAADx6Ar1qaauSQ3N/vBYZalXtVVlcmdnWRgZAMBpfrrsYH359kZtCe0Mj+VNnajrlh1iYVRIJk6qAAAAAAAAW6mpa1JjSyBirLEloOq6dRZFBABwqiueWK+ebbsixnq27dKPnnjLooiQbCRVAAAAAACAbfj8QTU0+9VvmhHj/aaphmY/pcAAACnDa5IzkVQBAAAAAAC20d4Zijrf1sECFgAgNXhNciZ6qgAAAAAAYGM+f1DtnSEV5uc4oiFuwYzsqPOF+Zn/fwAASA+8JjkTSRUAAAAAAGzIqc3ai725qiz1qrElEFFuxWUYqijxOCKxBABID7wmORPlvwAAAAAAsCEnN2uvrSpTRYknYqyixKPaqjKLIgIAOBWvSc5jmOYeXXQyXE9Pj9xut7q7u5WXl2d1OAAAAAAAxM3nD+q4m14ccb7+0iWO2B3bGuhVW0evY0qfAQDSF69J9hZP3oDyXwAAAAAA2EwsjXGdsKBT5GHhCgCQHnhNcg7KfwEAAAAAYDM0xgUAALAGJ1UAAAAAAAAAABgHnz+o9s4Q5b8cgKQKAAAAAAA2Q/kvAADSQ1eoTzV1TWpo9ofHKku9qq0qkzs7y8LIkCyU/wIAAAAAwGYo/wUAQHqoqWtSY0sgYqyxJaDqunUWRYRkI6kCAAAAAIDNFHtzVVnqlcswIsZdhqHKUi+nVAAASAGfP6iGZr/6TTNivN801dDsV2ug16LIkEwkVQAAAAAAsKHaqjJVlHgixipKPKqtKrMoIgAAnCWWcpzIPPRUAQAAAADAhtzZWVq9olytgV61dfTSGBcAgBSjHKczkVQBAAAAAMDGijwkUwAAsMJgOc7GlkBECTCXYaiixMPrc4ai/BcAAAAAAADgUD5/UPUbNtP7ARgjynE6DydVAAAAAAAAAIfpCvWppq5JDc3+8FhlqVe1VWVyZ2dZGBlgL5TjdB5OqgAAAAAAAAAOU1PXpMaWQMRYY0tA1XXrLIoIsLciT46WzptJQsUBSKoAAAAAAAAADuLzB9XQ7I/oASFJ/aaphmY/pcAAIAqSKgAAAAAA2Bj9EADEq70zFHW+rYPrCQCMhJ4qAAAAAADYEP0QAIxVwYzsqPOF+ZQvAoCRcFIFAAAAAAAboh8CgLEq9uaqstQrl2FEjLsMQ5WlXnpCAEAUJFUAAAAAALAZ+iEAGK/aqjJVlHgixipKPKqtKrMoIgCwB8p/AQAAAABgM7H0Q2CnOYBo3NlZWr2iXK2BXrV19KowP4frBgDEgKQKAAAAAAA2M1rZiYkTjFFuAQCfKvKQTAGAeFD+CwAAAAAAmxkYZX7XgDnKLQAAADAWnFQBAAAAAMBmCmZkR50vzHfGrnOfP6j2zhBli4Bx4HkEAPEhqQIAAAAAgM0Ue3NVWepVY0sgolm9yzBUUeLJ+IXRrlCfauqa1NDsD49VlnpVW1Umd3aWhZEB9sHzCADGhvJfAAAAAADYUG1VmSpKPBFjFSUe1VaVWRRR6tTUNamxJRAx1tgSUHXdOosiAuyH5xGQWD5/UPUbNqs10Gt1KEgyTqoAAAAAAGBD7uwsrV5RrtZAr9o6eh1TusfnD0bsrB/Ub5pqaParNdDriP8HYDx4HgGJw6kv5+GkCgAAAAAANlbkydHSeTMdswDa3hmKOt/WwQ5hYDQ8j4DE4dSX85BUAQAAAAAAtlEwIzvqfGG+M5JLwHjwPAISY/DU1+79zaTIU1/IPCRVAAAAAACAbRR7c1VZ6pXLMCLGXYahylKvY07sAOPB8whIDE59ORNJFQAAAAAAYCu1VWWqKPFEjFWUeFRbVWZRRID98DwCxo9TX85Eo3oAAAAAAGAr7uwsrV5RrtZAr9o6elWYn8POeiBOPI+A8Rs89dXYEogoAeYyDFWUeHhOZSjDNPco+Jbhenp65Ha71d3drby8PKvDAQAAAAAAAADYVHdop6rr1qmh2R8eqyz1qraqTO7sLAsjQzziyRtwUgUAAAAAAAAAgDHg1JfzkFQBAAAAAAAAAGAcijwkU5yCpAoAAAAAAADgUD5/UO2dIXbXA0CMSKoAAIC0wps6AAAAIPm6Qn2qqWuiDwQAxImkCgAASAu8qQMAAABSp6auSY0tgYixxpaAquvWafWKcouiAoD0N8HqAAAAAKTob+oAAAAAJI7PH1RDs1/9phkx3m+aamj2qzXQa1FkAJD+SKoAAADL8aYOAAAASJ32zlDU+bYO/v4GgJGQVAEAAJbjTR0AAACQOgUzsqPOF+bT2xAARkJSBQAAWI43dQAAAEDqFHtzVVnqlcswIsZdhqHKUq+KPM75+9vnD6p+w2ZOxwOIGY3qAQCA5Qbf1DW2BCJKgLkMQxUlHke9qQMAAABSobaqTNV169TQ7A+PVZR4VFtVZmFUqdMV6lNNXVPEz19Z6lVtVZnc2VkWRgYg3XFSBQAApIXaqjJVlHgixpz0pg4AAABIJVPm6DfKYDV1TWpsCUSMNbYEVF23zqKIANgFSRUAAJAWnP6mDgAAAEglJycVfP6gGpr9EafkJanfNNXQ7KcUGICoSKoAAIC04OQ3dQAAAEAqOT2p0N4Zijrf1pHZPz+A8SGpAgAALOf0N3UAAGBsaDANjI3TkwoFM7Kjzhfm09MRwMhoVA8AACwXy5s6mtUDAIBBNJgGxsfpSYVib64qS71qbAlEbOxyGYYqSjy89wAQFSdVAACA5Zz+pg4AAMSHsqEAxqu2qkwVJZ6IsYoSj2qryiyKCIBdWJ5Uuf3221VYWKgpU6ZowYIFWrt2bdTbd3V16cILL9Q+++yjyZMn63Of+5yefvrpFEULAACSYXCnmMswIsZdhqHKUi87xQAAQBhlQ4Hxc3r5L0lyZ2dp9Ypy1V+6RPece5TqL12i1SvKOe0GYFSWJlUefvhhXXLJJbrqqqv0+uuv6/Of/7xOOukkbd68edjb9/X16Qtf+ILa2tr02GOPacOGDbrzzju17777pjhyAACQaOwUA5yJfggA4sViMDB+nBT/TJEnR0vnzWQjF4CYWdpT5eabb9a3vvUtnXvuuZKkO+64Q0899ZTuvvtuXXbZZUNuf/fdd6uzs1OvvPKKsrI+zRoXFhamMmQAAJAkgzvFWgO9auvoVWF+Dm9sgAxGPwQAY8ViMDB+9BQBgLGz7KRKX1+f/v73v+uEE074LJgJE3TCCSdozZo1w97nD3/4g4455hhdeOGFmjVrlg455BBdf/316u/vH/H77NixQz09PREfAAAgfbFTDHAG+iEAGCvKhgKJwUlxABgby06qBAIB9ff3a9asWRHjs2bN0rvvvjvsfXw+n/7yl7/orLPO0tNPP62WlhZdcMEF2rlzp6666qph77Ny5Updc801CY8fAAAAwNgM9kPY0+79EFgUBRBNbVWZquvWRVxLWAwG4sNJcQAYG0vLf8VrYGBAM2fO1G9/+1u5XC7Nnz9fH330kX7xi1+MmFS5/PLLdckll4Q/7+np0Zw5c1IVMgAAAIA9xNIPgUUdANGwGAwkTpGH5w8AxMOypIrH45HL5dKmTZsixjdt2qS999572Pvss88+ysrKksvlCo8deOCB+uSTT9TX16dJkyYNuc/kyZM1efLkxAYPAAAAYMzohwAgUVgMBgAAqWZZT5VJkyZp/vz5ev7558NjAwMDev7553XMMccMe5+Kigq1tLRoYGAgPPbee+9pn332GTahAgAAACD90A8BAAAAgF1ZllSRpEsuuUR33nmn7rvvPr3zzjv6zne+o97eXp177rmSpOXLl+vyyy8P3/473/mOOjs79b3vfU/vvfeennrqKV1//fW68MILrfoRAAAAAIwBzXEBJILPH1T9hs1qDfRaHQoAAHAIS3uqnHHGGfL7/bryyiv1ySef6PDDD9czzzwTbl7//vvva8KEz/I+c+bM0bPPPquLL75Yhx12mPbdd19973vf0w9/+EOrfgQAAAAAY0A/BADj0RXqU01dU0Sj+spSr2qryuTOzrIwMgAAkOkM0zRNq4NIpZ6eHrndbnV3dysvL8/qcAAAAAAAQJyWr1qrxpaA+ndb0nAZhipKPFq9otzCyAAAgB3FkzewtPwXAAAAAABAPHz+oBqa/REJFUnqN001NPspBQbEiTJ6ABAfS8t/AQAAAAAAxKO9MxR1vq2jl3KCQAwoowcAY8NJFQAAAAAAYBsFM7Kjzhfmk1ABYlFT16TGlkDEWGNLQNV16yyKCADsgaQKAAAAAACwjWJvripLvXIZRsS4yzBUWerllAoQA8roAcDYkVQBAAAAAAC2UltVpooST8RYRYlHtVVlFkUE2EssZfQAAMOjpwoAAAAAADbm8wfV3hlSYX6OY05puLOztHpFuVoDvWrr6HXUzw4kAmX0AGDsSKoAAAAAAGBDNJmWijwkU4CxGCyj19gSiCgB5jIMVZR4eF4BQBSU/wIAAAAAwIZoMg1gPCijBwBjw0kVAAAAAABSJFGlugabTO9p9ybT7DQHEA1l9ABgbEiqAAAAAACQZIku1RVLk2kWRwHEgjJ6ABAfyn8BAAAAAJBkiS7VRZNpAAAAa5BUAQAAGAOfP6j6DZvVGui1OhQAQJobLNW1ezNoKbJUFwAAAOyB8l8AAABxSHT5FgBA5ktGqS7KfwEAAFiDkyoAAABxSHT5FgBA5ktGqS7KfwEAAFiDpAoAAECMKN8CABiLYm+uKku9chlGxLjLMFRZ6h3TiZJkfE0AAACMjqQKAABAjGIptQIAwHBqq8pUUeKJGKso8ai2qiytviYAAACio6cKAABAjEbbjTJxgjHKLQAATuXOztLqFeVqDfSqraNXhfk54z5NkoyvCcB5fP6g2jtDXEMAIEYkVQAAAGI0MMr8rgFzlFsAAJyuyJP4RctkfE0Ama8r1KeauiY1NPvDY5WlXtVWlcmdnWVhZIA9kaB0DpIqAAAAMaIpMAAAADJFTV2TGlsCEWONLQFV163T6hXlFkUF2A8JSuehpwoAAECMaAoMAEB68fmDqt+wWa0B+poB8fD5g2po9qvfjDxp3W+aamj285wC4hAtQYnMxEkVAACAONRWlam6bl3ELiSaAgMAkFrsCgbGp70zFHW+raOXDUNADAYTlHvaPUHJcynzkFQBAACIA02BAQCwHmWLgPGhrC2QGCQonYnyXwAAAGNQ5MnR0nkz+QMZAIAUo2wRMH6UtQUSY7TF9YkTjFFuATsiqQIAAAAAAGwjll3BAEZXW1WmihJPxBhlbYH4DIwyv2vAHOUWsCPKfwEAAAAAANugbBGQGJS1BcaP1yRn4qQKAAAAAACwDcoWAYlFWVtg7HhNciaSKgAAAAAAwFYoWwQASBe8JjmPYZqmowq79fT0yO12q7u7W3l5eVaHAwAAAAAAxoiyRQCAdMFrkr3FkzegpwoAAAAAALClIg8LVwCA9MBrknNQ/gsAAAAAAAAAACAGJFUAAAAAAAAAAABiQFIFAAAAAAAAAAAgBiRVAAAAAAAAAAAAYkBSBQAAAAAAAAAAIAYkVQAAAAAAAAAAAGJAUgUAAAAAAAAAACAGY06q9PX1acOGDdq1a1ci4wEAAAAAAAAAwFZ8/qDqN2xWa6DX6lCQZBPjvUMoFFJ1dbXuu+8+SdJ7772n4uJiVVdXa99999Vll12W8CABAAAAAAAAJJ7PH1R7Z0iF+Tkq8uRYHQ5gO12hPtXUNamh2R8eqyz1qraqTO7sLAsjQ7LEfVLl8ssv1xtvvKEXXnhBU6ZMCY+fcMIJevjhhxMaHAAAAAAAAIDE6wr1afmqtTruphd17j1/09IbX9DyVWvVHdppdWiArdTUNamxJRAx1tgSUHXdOosiQrLFnVR54okndNttt2nRokUyDCM8fvDBB2vjxo0JDQ4AAAAAAABA4rEQDIyfzx9UQ7Nf/aYZMd5vmmpo9lMKLEPFnVTx+/2aOXPmkPHe3t6IJAsAAAAAjIba0wAApB4LwUBitHeGos63dfBcykRx91Q58sgj9dRTT6m6ulqSwomUu+66S8ccc0xiowMAAACQkag9DQCAdWJZCKa/CjC6ghnZUecL83keZaK4kyrXX3+9Tj75ZL399tvatWuXfvWrX+ntt9/WK6+8ohdffDEZMQIAAADIMNFKjqxeUW5RVAAAOAMLwUBiFHtzNT07S1uG6UU0PTuL5GSGirv816JFi/TGG29o165dOvTQQ/XnP/9ZM2fO1Jo1azR//vxkxAgAAAAgg1ByBAAAaxV7c1VZ6pVrj1L+LsNQZamXhWAgRj5/cNiEiiRtCe3k79oMFVdSZefOnfr3f/93GYahO++8U2vXrtXbb7+tBx54QIceemiyYgQAAACQQag9DQCA9WqrylRR4okYqyjxqLaqzKKIAPvh71pniqv8V1ZWlv7nf/5HP/7xj5MVDwAAAIAMR8kRAIni8wfV3hlSYX4OO+uBOLmzs7R6RblaA71q6+jleQSMAX/XOlPcPVWWLVumJ554QhdffHEy4gEAAACQ4QZLjjS2BCJKgLkMQxUlHhZ0AIyqK9SnmromNTT7w2OVpV7VVpXJnZ1lYWSA/RR5SKYAY8Xftc4Ud1KltLRU1157rRobGzV//nzl5EQ+MGpqahIWHAAAAIDMVFtVpuq6dRELopQcARCrmromNbYEIsYaWwKqrlun1SvKLYoKAOBE/F3rPIZp7tEdchRFRUUjfzHDkM/nG3dQydTT0yO3263u7m7l5eVZHQ4AAADgaJQcARAvnz+o4256ccT5+kuXcD0BAKQcf9faWzx5g7hPqrS2to45MAAAAADYHSVHAMQrlqbAXFcAAKnG37XOEXdSZXeDh1wMw0hIMAAAAAAAANHQFBhILJ8/qPbOELvrASBGE8Zyp9WrV+vQQw/V1KlTNXXqVB122GG6//77Ex0bAAAAAABAhMGmwK49Nni6DEOVpV4WhYEYdYX6tHzVWh1304s6956/aemNL2j5qrXqDu20OjQASGtxJ1Vuvvlmfec739GXvvQlPfLII3rkkUf0xS9+Ueeff75++ctfJiNGAAAAAACAsNqqMlWUeCLGaAoMxKemrkmNLYGIscaWgKrr1lkUEQDYw5ga1V9zzTVavnx5xPh9992nq6++Ou17rtCoHgAAAACAzEBTYGBsfP6gjrvpxRHn6y9dwnMKgKMktVH9P//5Ty1cuHDI+MKFC/XPf/4z3i8HAAAAAAAwJjQFBsamvTMUdb6to5fnFgCMIO7yXyUlJXrkkUeGjD/88MMqLS1NSFAAAAAAAAAAkqNgRnbU+cJ8EioAMJK4T6pcc801OuOMM9TQ0KCKigpJUmNjo55//vlhky0AAAAAAAAA0kexN1fHFOdrja9jyNwxxfmcUgGAKOI+qfKv//qvevXVV+XxePTEE0/oiSeekMfj0dq1a/WVr3wlGTECAAAAAAAASCDDiG8cAPCpuE+qSNL8+fP1wAMPJDoWAAAAAAAAAEnm8wf1ysahp1Qk6ZWNHWoN0FMFAEYS90mVp59+Ws8+++yQ8WeffVZ/+tOfEhIUAAAAAAAAgOSIpVE9AGB4cSdVLrvsMvX39w8ZN01Tl112WUKCAgAAAAAAAJAcNKoHgLGLO6nS3Nysgw46aMj4AQccoJaWloQEBQAAAAAAACA5ir25qiz1yrVHAxWXYaiy1EvpLwCIIu6kitvtls/nGzLe0tKinBwuuAAAAAAAAEC6q60qU0WJJ2KsosSj2qoyiyICAHuIu1H9l7/8ZV100UX6/e9/r7lz50r6NKHyn//5nzr99NMTHiAAAAAAAACAxHJnZ2n1inK1BnrV1tGrwvwcTqgAQAwM0zTNeO7Q3d2tL37xi3rttde03377SZI+/PBDLV68WI8//rj22muvZMSZMD09PXK73eru7lZeXp7V4QAAAAAAAAAAAAvFkzeI+6SK2+3WK6+8oueee05vvPGGpk6dqsMOO0yVlZVjDhgAAAAAAIyNzx9Ue2eIXeYAAFiI12PniPukit1xUgUAAAAAkAm6Qn2qqWtSQ7M/PFZZ6lVtVZnc2VkWRgYAgHPwepwZ4skbxNyofs2aNfrjH/8YMbZ69WoVFRVp5syZ+va3v60dO3aMLWIAAAAAABCXmromNbYEIsYaWwKqrltnUUQAADgPr8fOE3NS5dprr9X69evDn//jH//QihUrdMIJJ+iyyy7Tk08+qZUrVyYlSAAAAAAA8BmfP6iGZr/69yg+0W+aamj2qzXQa1FkAAA4B6/HzhRzUqWpqUnHH398+PPf/e53WrBgge68805dcskluvXWW/XII48kJUgAAAAAAPCZ9s5Q1Pm2DhZxAABINl6PnSnmpMqWLVs0a9as8OcvvviiTj755PDnRx11lD744IPERgcAAAAAAIYY7c38xAlGSuIAAMDJCmZkR50vzKdhfSaKOakya9Ystba2SpL6+vr0+uuv6+ijjw7Pb926VVlZNN4BAAAAACDZBkaZ3zVgjnILAAAwXsXeXFWWeuUyIjczuAxDlaVeFXlIqmSimJMqX/rSl3TZZZfppZde0uWXX67s7GwtXrw4PP/mm29q7ty5SQkSAAAAAAB8hp2xAACkh9qqMlWUeCLGKko8qq0qsygiJNvEWG/4k5/8RP/yL/+iY489Vrm5ubrvvvs0adKk8Pzdd9+tE088MSlBAgAAAACAzwzujG1sCUQ0x3UZhipKPOyMBQAgRdzZWVq9olytgV61dfSqMD+H1+EMZ5imGdeZ4O7ubuXm5srlckWMd3Z2Kjc3NyLRko56enrkdrvV3d2tvLw8q8MBAAAAAGBMukM7VV23Tg3N/vBYZalXtVVlcmdTnhsAACBW8eQN4k6q2B1JFQAAAABAJmFnLAAAwPjEkzeIufwXAAAAAABIP0UekikAAACpQlIFAAAAAAAAgCP5/EG1d4Y47QcgZiRVAAAAAAAAADhKV6hPNXVN9KUCELcJVgcAAAAAAAAAAKlUU9ekxpZAxFhjS0DVdessigiAXcScVHnvvfe0du3aiLHnn39eS5cuVXl5ua6//vqEBwcAAAAAAAAAieTzB9XQ7Fe/aUaM95umGpr9ag30WhQZ7MznD6p+w2YePw4Qc/mvH/7whzr00ENVXl4uSWptbdVpp52mxYsX67DDDtPKlSuVnZ2tiy66KFmxAgAAAAAAAMC4tHeGos63dfTSXwUxo5Sc88R8UuW1117TySefHP78wQcf1Oc+9zk9++yz+tWvfqVbbrlF9957bzJiBAAAAAAAAICEKJiRHXW+MJ+ECmJHKTnniTmpEggEtN9++4U/r6+v12mnnRb+fMmSJWpra0tocAAAAAAAAACQSMXeXFWWeuUyjIhxl2GostTLKRXEjFJyzhRzUmXGjBn65z//KUkaGBjQa6+9pqOPPjo839fXJ3OPBw8AAAAAAAAApJvaqjJVlHgixipKPKqtKrMoIthRLKXkkHli7qmyZMkS/eQnP9Gvf/1rPfrooxoYGNCSJUvC82+//bYKCwuTECIAAAAAAAAAJI47O0urV5SrNdCrto5eFebncEIFcaOUnDPFnFS57rrr9IUvfEEFBQVyuVy69dZblZPz2YPi/vvv13HHHZeUIAEAAAAAAAAg0Yo8JFMwdoOl5BpbAhElwFyGoYoSD4+tDGWYcdTs2rVrl9avXy+v16vZs2dHzL3xxhvab7/9lJ+fn/AgE6mnp0dut1vd3d3Ky8uzOhwAAAAAAAAAgE11h3aqum6dGpr94bHKUq9qq8rkzs6yMDLEI568QVxJleHs2rVL27dvV25u7ni+TMqQVAEAAAAAAAAAJBKl5OwtnrxBzI3qn3zySd17770RY9ddd51yc3O111576cQTT9SWLVvGFDAAAAAAAACA1PP5g6rfsFmtARpqA+NR5MnR0nkzSag4QMxJlZtvvlm9vZ9dXF955RVdeeWV+vGPf6xHHnlEH3zwgX7yk58kJUgAAAAAAAAAidMV6tPyVWt13E0v6tx7/qalN76g5avWqju00+rQAFt6ccNm/er59/TSbmXAkJliLv81c+ZMPfvssyorK5MkXXLJJXr77bf1zDPPSJKefvppfe9731Nzc3Pyok0Ayn8BAAAAAADA6ZavWjtic+3VK8otjAywl/aOXi27vVFbdktITs/O0h8uXKQ5+dkWRoZ4JKX819atWyOa0L/88ss6/vjjw58ffPDB+vjjj8cQLgAAAAAAAIBU8fmDamj2RyRUJKnfNNXQ7KcUGBCHPRMqkrQltFOn3/6yRREh2WJOquy777565513JEnBYFBvvPGGFi5cGJ7v6OhQdjaZNwAAAAAAACCdtXeGos63dZBUAWLx4obNQxIqg7aEdlIKLEPFnFT52te+posuukj333+/vvWtb2nvvffW0UcfHZ5/7bXXNG/evKQECQAAAAAAACAxCmZE3xhdmE+jbSAWTR92RZ1//f0tqQkEKTUx1hteeeWV+uijj1RTU6O9995bDzzwgFwuV3i+rq5Op512WlKCBAAAAAAAAJAYxd5cVZZ6R+ypUuQhqQLE4vD99oo6f8T+01MTCFIq5kb1mYJG9QAAAAAAAHC67tBOVdetU8Nu5YkqS72qrSqTOzvLwsgAeym79s/DlgCbnp2ldVeeaEFEGIt48gZxJVX++te/6sknn1RfX5+OP/54ffGLXxx3sKlGUgUAAAAAAAD4VGugV20dvSrMz+GECjAGH3SEdPrtL0ckVqZnZ+kPFy7SnHx6kNtFUpIqjz32mM444wxNnTpVWVlZ6unp0Q033KBLL700IUGnCkkVAAAAAAAyg88fVHtniMVgYBx4HgGJ8VKzX6+/v0VH7D9di0u9VoeDOCUlqTJ//nwdddRRuv322+VyubRy5Ur94he/UGdnZ0KCThWSKgAAAAAA2FtXqE81dU2ULQLGgecRAHwmKUmV3NxcNTU1qaSkRJLU19ennJwcffTRR5o5c+b4o04RkioAAAAAANjb8lVrR2ywvXpFuYWRAfbB8wgAPhNP3mBCrF80FApFfLFJkyZpypQpCgaDY48UAABgDz5/UPUbNqs10Gt1KAAAIA35/EE1NPsjFoIlqd801dDs528IIAY8jwBg7CbGc+O77rpLubm54c937dqle++9Vx6PJzxWU1OTuOgAAIBjUH4AAADEor0zFHW+raOXvhDAKHgeAcDYxZxU2X///XXnnXdGjO299966//77w58bhkFSBQAAjElNXZMaWwIRY40tAVXXraP8AAAACCuYkR11vjCfhWBgNDyPAGDsYk6qtLW1JTEMAADgZIPlB/a0e/kBdsoBAABJKvbmqrLUO2IvCP5mAEZX7M3VMcX5WuPrGDJ3THE+zyMAiCLmnioAAADJEkv5AQAAgEG1VWWqKPFEjFWUeFRbVWZRRID9GEZ84wCAT8WcVPnSl76k7u7u8Oc/+9nP1NXVFf68o6NDBx10UEKDAwAAzkD5AQAAEA93dpZWryhX/aVLdM+5R6n+0iVavaKcPmxAjHz+oF7ZOPSUiiS9srGDRvUAEEXMSZVnn31WO3bsCH9+/fXXq7OzM/z5rl27tGHDhsRGBwAAHGGwjIdrj21xLsNQZamX8gMAAGBYRZ4cLZ03k78VgDhxUhwAxi7mpIq5W53S4T4HAAAYD8p4AAAAAKnBSXEAGLuYG9UDAAAk02AZj9ZAr9o6elWYn8OuUwAAACAJBk+KN7YE1L/bxmmXYaiixMPf4QAQRcwnVQzDkLFHSY49PwcAABgvyngAAIBY+fxB1W/YTP8HYAw4KQ4AYxPzSRXTNHXOOedo8uTJkqTt27fr/PPPV07Opwseu/dbAQAAAAAASJauUJ9q6prU0OwPj1WWelVbVUazeiBGnBQHgLExzBibo5x77rkxfcF77rlnXAElW09Pj9xut7q7u5WXl2d1OAAAAAAAIE7LV60dsWzR6hXlFkYGAADsKJ68QcwnVdI9WQIAAAAAADKfzx+MOKEyqN801dDsV2ugl932AAAgaWLuqQIAAAAAAGC19s5Q1Pm2DvqrAACA5CGpAgAAAAAAbKNgRnbU+cJ8TqkAAIDkIakCAAAAAABso9ibq8pSr1yGETHuMgxVlnop/QUAAJKKpAoAAMAY+PxB1W/YrNYAJUYAAEi12qoyVZR4IsYqSjyqrSqzKCIAAOAUMTeqBwAAgNQV6lNNXVNEg9zKUq9qq8rkzs6yMDIAAJzDnZ2l1SvK1RroVVtHrwrzczihAgAAUoKTKgAAAHGoqWtSY0sgYqyxJaDqunUWRQQAgHMVeXK0dN5MEioAACBlSKoAAADEyOcPqqHZr37TjBjvN001NPspBQYAAADboawtAMSH8l8AAAAxau8MRZ1v6+hlpywAAABsgbK2ADA2nFQBAACIUcGM7KjzhfkkVAAAAGAPlLUFgLEhqQIAABCjYm+uKku9chlGxLjLMFRZ6uWUCgAAAGyBsrYAMHYkVQAAAOJQW1WmihJPxFhFiUe1VWUWRQQAAADEJ5aytgCA4dFTBQAAIA7u7CytXlGu1kCv2jp6VZifwwkVAAAA2AplbQFg7EiqAAAAjEGRh2QKAAAA7GmwrG1jSyCiBJjLMFRR4uHvXACIgvJfAAAAAAAAgMP8dNnBypsaud86b+pEXbfsEIsiAgB7IKkCAAAAAAAAOMwVT6xXz7ZdEWM923bpR0+8ZVFEAGAPJFUAAAAAAAAAB/H5g2po9keU/pKkftNUQ7NfrQEa1QPASEiqAAAAAAAAAA7S3hmKOt/WQVIFAEZCUgUAAAAAAABwkIIZ2VHnC/NpVA8AIyGpAgAAAAAAADhIsTdXlaVeuQwjYtxlGKos9arIQ1IFAEaSFkmV22+/XYWFhZoyZYoWLFigtWvXxnS/3/3udzIMQ8uWLUtugAAAAAAAAEAGqa0qU0WJJ2KsosSj2qoyiyICAHuYaHUADz/8sC655BLdcccdWrBggW655RaddNJJ2rBhg2bOnDni/dra2nTppZdq8eLFKYwWAAAAAAAAsD93dpZWryhXa6BXbR29KszP4YQKAMTA8pMqN998s771rW/p3HPP1UEHHaQ77rhD2dnZuvvuu0e8T39/v8466yxdc801Ki4uTmG0AAAAAAAAQOYo8uRo6byZJFQAIEaWJlX6+vr097//XSeccEJ4bMKECTrhhBO0Zs2aEe937bXXaubMmVqxYsWo32PHjh3q6emJ+AAAAAAAAAAAAIiXpUmVQCCg/v5+zZo1K2J81qxZ+uSTT4a9z8svv6xVq1bpzjvvjOl7rFy5Um63O/wxZ86ccccNAAAAAAAAAACcx/LyX/HYunWr/u3f/k133nmnPB7P6HeQdPnll6u7uzv88cEHHyQ5SgAAAAAAAAAAkIksbVTv8Xjkcrm0adOmiPFNmzZp7733HnL7jRs3qq2tTaeddlp4bGBgQJI0ceJEbdiwQXPnzo24z+TJkzV58uQkRA8AAAAAAAAAAJzE0pMqkyZN0vz58/X888+HxwYGBvT888/rmGOOGXL7Aw44QP/4xz/U1NQU/jj99NO1dOlSNTU1UdoLAAAAAAAAiIPPH1T9hs1qDfRaHQoA2IKlJ1Uk6ZJLLtHZZ5+tI488UuXl5brlllvU29urc889V5K0fPly7bvvvlq5cqWmTJmiQw45JOL+e+21lyQNGQcAAAAAAJnN5w+qvTOkwvwcFXlyrA4HsJWuUJ9q6prU0OwPj1WWelVbVSZ3dpaFkQFAerM8qXLGGWfI7/fryiuv1CeffKLDDz9czzzzTLh5/fvvv68JE2zV+gUAAAAAACQRi8HA+NXUNamxJRAx1tgSUHXdOq1eUW5RVACQ/gzTNE2rg0ilnp4eud1udXd3Ky8vz+pwAAAAAABAnJavWqvGloD6d1vScBmGKko8LAYDMfD5gzruphdHnK+/dAmnvwA4Sjx5A46AAAAAAAAA2/D5g2po9kckVCSp3zTV0OynLwQQg/bOUNT5tg6eRwAwEpIqAAAAAADANlgMBsavYEZ21PnCfE6pAMBISKoAAAAAAADbYDEYGL9ib64qS71yGUbEuMswVFnqpfQXAERBUgUAAAAAAABwmNqqMlWUeCLGKko8qq0qsygiALCHiVYHAAAAAAAAEKtYyn+xyx4YnTs7S6tXlKs10Ku2jl4V5ufw3AGAGJBUAQAAAAAAtkH5LyCxijwkUwAgHpT/AgAAAAAAtkEvCAAAYCWSKgAAAAAAwFboBQEAAKxC+S8AAAAAAGAr9IIAAABW4aQKAAAAAACwJdM0rQ4BAAA4DCdVAAAAAACArXSF+lRT16SGZn94rLLUq9qqMrmzsyyMDAAAZDpOqgAAAAAAAFupqWtSY0sgYqyxJaDqunUWRQQAAJyCpAoAAAAAALANnz+ohma/+vco/dVvmmpo9qs10GtRZAAAwAlIqgAAAAAAANto7wxFnW/rIKkCAEg9nz+o+g2bSe47AD1VAAAAAACAbRTMyI46X5ifk6JIAACgz5cTcVIFAAAAAADYRrE3Vwvn5g87t3Buvoo8JFUAAKnznQdej0ioSFJDs1/nP/B3iyJCspFUAQAAAAAAtrJHO5VRxwEASAafP6g1vo5h59b4OigFlqFIqgAAAAAAANtgAQsAkC5ebe2MOv/XEV6vYG8kVQAAAAAAgG3QqB4AkD6iH5E0UhQFUotG9QAAAAAA2JjPH1R7Z0iF+TmO6CdCo3ogsZx2DQESaUHR8D2+wvPF0edhTyRVAAAAAACwoa5Qn2rqmiKa41aWelVbVSZ3dpaFkSVXsTdXlaVeNbYE1L9bExWXYaiixMOiMBAjp15DgEQq9uZq4dx8vbJxaJmvhXPzeU3KUJT/AgAAAADAhmrqmtTYEogYa2wJqLpunUURpU5tVZkqSjwRYxUlHtVWlVkUEWA/Tr6GAIn0m7Pmq7LUGzFWWerVb86ab1FESDZOqgAAAAAAYDM+fzBid/mgftNUQ7NfrYHejN4d687O0uoV5WoN9Kqto5eyRUCcnH4NARKJ1yTnIakCAAAAAIDNxNKs3QkLOkUeFq6AseAaAiQer0nOQfkvAAAAAABshmbtAMZjtAXBiROMlMQBAHZEUgUAAAAAAJsZbNbuMiIXPl2GocpSr2N2yvr8QdVv2KzWQK/VoQC2MjDK/K4BMyVxAIAdUf4LAAAAAAAbqq0qU3Xduoi+CE5p1t4V6lNNXVPEz15Z6lVtVZnc2VkWRgbYA6fdAGDsSKoAAAAAADAMnz+o9s5Q2jacdXJj3Jq6JjW2BCLGGlsCqq5bp9Uryi2KCrCPwdNujS0B9ZufnUpxGYYqSjyOuZYAwFiQVAEAAAAAYDd2OwXhtMa4Pn8w4nczqN801dDsV2uABttALJx82g0AxoOkCgAAAAAAu+EURHpr7wxFnW/rIKkCxMLJp90AYDxIqgAAAAAA8P9xCiL90QsCSCynnXYDgPGaYHUAAAAAAACki1hOQaQbnz+o+g2b1RpIv9iSYbAXhMswIsZdhqHKUi+LwwAAIKk4qQIAAAAAwP9np1MQduv9kkj0ggAAAFYhqQIAAAAAwP83eAqisSWgftMMj7sMQxUlnrQ6BeHk3i/0ggAAAFah/BcAAAAAALuprSpTRYknYizdTkEM9n7ZPfEjRfZ+cYIiT46WzptJQgUAAKQMJ1UAAAAAANiNHU5BxNL7Jd1iBgAAyAQkVQAAAAAAGEaRJ/2SKYPs1PsFAAAgk1D+CwAAAAAAmxns/eIyjIhxl2GostSbtskgAAAAuyOpAgAAAACADdmh9wsAAECmofwXAAAAAAA2ZIfeLwAAAJmGpAoAAAAAADaWzr1fks3nD6q9M0RCCQAApAxJFQAAAAAAYCtdoT7V1DWpodkfHqss9aq2qkzu7CwLIwMAAJmOnioAAAAAAMBWauqa1NgSiBhrbAmoum6dRREBAACnIKkCAAAAAABsw+cPqqHZr37TjBjvN001NPvVGui1KDKkis8fVP2GzfyuAQCWoPwXAAAAAACwjfbOUNT5to5e+qtkKMq+JQe9iQAgPiRVAAAAAACAbRTMyI46X5jPonCmilb2bfWKcouisi+SVAAwNpT/AgAAAAAAtlHszVVlqVcuw4gYdxmGKku97LTPUJR9Szx6EwHA2JBUAQAAAAAAtlJbVaaKEk/EWEWJR7VVZRZFhGSLpewbYkeSCgDGjvJfAAAAAADAVtzZWVq9olytgV61dfTSC8IBKPuWWPQmAoCxI6kCAAAAAABsqchDMsUpBsu+NbYEIk5XuAxDFSUeHgdxIkkFAGNH+S8AAAAAAACkPcq+JQ69iQBg7AzT3KN4Yobr6emR2+1Wd3e38vLyrA4HAAAAAAAAcaDsW2J0h3aqum6dGpr94bHKUq9qq8rkzs6yMDIASL148gYkVQAAAAAAgC35/EG1d4ZYXAfGgSQVkBi8JtlbPHkDeqoAAAAAAABb6Qr1qaauiR32QALQmwgYH16TnIeeKgAAAAAAwFZq6prU2BKIGGtsCai6bp1FEQEAnIrXJOchqQIAAAAAAGzD5w+qodmv/j2qmfebphqa/WoN9FoUGQDAaXhNciaSKgAAAAAAwDbaO0NR59s6WMAC4uHzB1W/YTOLv8AY8JrkTPRUAQAAAAAAtlEwIzvqfGE+vSGAWNAHAhg/XpOciZMqAAAAQBzYzQkA1ir25qqy1CuXYUSMuwxDlaVeGm4DMaIPBDB+vCY5E0kVAAAAIAZdoT4tX7VWx930os69529aeuMLWr5qrbpDO60ODQAcp7aqTBUlnoixihKPaqvKLIoIsBf6QACJw2uS81D+CwAA4P+1d/dxVZXp/se/W0AFEUTYapYKCKFZJmqYUpRlWdOTc5qm4VWjY9b8pgcdp5oZm8rm9GhNzanIyWZOo2MaNTOnPNU0leMxKXQyFZosMxB86EHZoICAieL+/dGB4xZYe7NZe6+9WJ/369UfrRu2F7DXXmvd131fFxAAo9Wcy+fkWBQVADhTYlyMls/JUWV1o3bWNCo1uR+rgYEuCKQPBOcUEBiuSc5DUgUAAADwo3U154mOX83JgxMAhF9aChNXQDDoAwGYj2uSc1D+CwAAAPAjkNWcAACEEz2+0B30gQCA4LFTBQAAAPCD1ZwAgEhR29SseYWlPjso8zLdKsjPVmJcjIWRwW4K8rM1t7DE571EHwgA8I+kCgAAAOBH62rO4vJqn4auUS6XcjNSWM0JAAgbenzBLPSBAIDgUP4LAAAACEBBfrZyM1J8jrGaE0BPRWmpyNTa4+v4BL/k2+ML6Kq0lH6amjWIhAoABIidKgAAAEAAWM0JwAkoLRXZAunxxbUJAIDQYqcKAAAA0AWs5gTQkxmVloL16PEFAID1SKoAAAAAAABKS9lAa4+vKJfL53iUy6W8TDcJfwAAwoCkCgAAAAAACKi0FKxHjy+YjR5KANA19FQBAAAAAACUlrIJenzBLPRQAoDgsFMFAAAAAABQWspm6PGF7rpl5RafhIokFZV5dPPKzRZFBAD2QFIFAAAAAABIsl9pKcoWAcGp8DRo/Y6aDsfW76jhnAIAA5T/AgAAAAAAkuxTWoqyRUD3fFDZcUKlbbyiJiLPfQCIBOxUAQAAAAAAPiK9tNS8wlIVl1f7HCsur9bcwhKLIgLsxXPwsOF4dYPxOAA4GUkVAAAAAABgGxWeBhWVedTi9focb/F6VVTmoWwREAB3/76G48nxfcIUCQDYD0kVAAAAAABgG7v2NxmO76whqQL4MyltoOH42enJYYoEAOyHpAoAAAAAALCNEQPjDMdTkyOzZBkQSdLd8ZrcSeJkcnpyxJb+A4BIQFIFAAAAAADYRro7XnmZbkW5XD7Ho1wu5WW6mQwGArTk+gnKy3T7HMvLdGvJ9RMsiggA7MHl9Z5QhLSHq6+vV2Jiourq6pSQkGB1OAAAAAAAoIt21zTpqsXv60DTkbZjSXExeu3WczQs2XgnCwBfldWN2lnTqNTkfiQlgW6o8DRo1/4mziWb6kreIDpMMQEAAAAAAJjinlVbVX/oqM+x+kNHdfeqrVo+J8eiqAB7SkthAhjojtqmZs0rLFVRmaftWF6mWwX52UqMi7EwMoQK5b8AAAAAAIBtVHgaVFTmUcsJhTdavF4VlXlUWU2jegBA+MwrLFVxebXPseLyas0tLLEoIoQaSRUAAAAAAGAbu/Y3GY7vrCGpAgAIDxL9zkRSBQAAAAAA2MaIgcY9U1KTKWMEAAgPEv3ORFIFAAAAAADYRro7XnmZbkW5XD7Ho1wu5WW66Q0BAAgbEv3ORFIFAAAAAADYSkF+tnIzUnyO5WakqCA/26KIAABORKLfmVxe7wkF33q4+vp6JSYmqq6uTgkJCVaHAwAAAAAAglRZ3aidNY1KTe7HxBUAwBJ1TUc0t7BERWWetmN5mW4V5GcrMS7GwsjQFV3JG0SHKSYAAAAAAABTOWydKAAgAiXGxWj5nBwS/Q5CUgUAAAAAANhKbVOz5hWWsioYABAx0lJIpjgFPVUAAAAAAICtzCssVXF5tc+x4vJqzS0ssSgiAADgFCRVAAAAAACAbVR4GlRU5lHLCaW/WrxeFZV5VFndaFFkAADACUiqAAAAAAAA29i1v8lwfGcNSRUAABA6JFUAAAAAAIBtjBgYZziemkw9ewAAEDokVQAAAAAAgG2ku+OVl+lWlMvlczzK5VJeppsmwQAAIKRIqgAAAAAAAFspyM9WbkaKz7HcjBQV5GdbFBEAAHCKaKsDAAAAAAAA6IrEuBgtn5Ojos89KtlzQOOHJ+ncTLfVYQEAAAcgqQIAAAAAAGyltqlZ8wpLVVTmaTuWl+lWQX62EuNiLIwMAAD0dJT/AgAAAAAAtjKvsFTF5dU+x4rLqzW3sMSiiAAATlfhadDa7VWqrG60OhSEGDtVAAAAAACAbVR4Gnx2qLRq8XpVVOZRZXUjzeoBAGHD7knnYacKAAAAAACwjV37mwzHd9awQhgAED7snnQekioAAAAAAMA2RgyMMxxPTWaXCtAVlCwCgte6e7LF6/U5fvzuSfQ8lP8CAAAAAAC2ke6OV16mW8Xl1T6TWFEul3IzUij9BQSIkkVA9wWye5LrUs/DThUAAAAAAGArBfnZys1I8TmWm5GigvxsiyIC7IeSRUD3sXvSmdipAgAAAAAAbCUxLkbL5+SosrpRO2salZrcj5XAQBe0liw60fElizinAP/YPelM7FQBAAAAAAC2lJbST1OzBjFpBXRRICWLAASG3ZPOw04VAAAAAAAAwEEoWQSYh92TzkNSBQAAAAAAAHAQShYB5ktLIZniFJT/AgAAAAAAAByGkkUAEBx2qgAAAAAAAAAOQ8kiwFwVngbt2t/EueQAJFUAAAAAAAAAh/IeV/4LQNfVNjVrXmGpiso8bcfyMt0qyM9WYlyMhZEhVEiqAAAAAAAAW2JVMBA8JoIBc8wrLFVxebXPseLyas0tLNHyOTkWRYVQIqkCAAAAAABshclgoPtuWblF63fU+BwrKvPo5pWb9eJNZ1sUFWAvFZ4Gn2tRqxavV0VlHlVWN5L074FoVA8AAAAAAGzFaFUwAP8qPA3tEiqt1u+oUWV1Y5gjAuxp1/4mw/GdNZxLPRFJFQAAAAAAYButq4JbTugDcfyqYADGPqjsOKHSNl5hPA7gWyMGxhmOpyazS6UnIqkCAAAAAABsg1XBgBlchqO0rgcCk+6OV16mW1Eu33MqyuVSXqab0l89FEkVAAAAAABgG6wKBrpvUtpAw/Gz05PDFAlgfw/OGKOEWN/W5Qmx0XpoxukWRYRQI6kCAAAAAABsg1XBQPelu+M1uZPEyeT0ZM4joAvuWfWJ6g8d9TlWf+io7l611aKIEGokVQAAAAAAgK0U5GcrNyPF51huRooK8rMtigiwnyXXT1BeptvnWF6mW0uun2BRRID90OfLmaL9fwkAAAAAAEDkSIyL0fI5OaqsbtTOmkalJvdjZT3QRV46pwDdFkifL65PPQ87VQAAAAAAtlfhadDa7VWsCHWYtJR+mpo1iAkrIAjzCktVXF7tc6y4vFpzC0ssigiwH/p8ORM7VQAAAAAAtlXb1Kx5haUqKvO0HcvLdKsgP1uJcTEWRgYAkau1ZNGJji9ZRLIS8K+1z1dxebVPCbAol0u5GSmcRz0UO1UAAAAAALbFSmsA6LpAShYBCAx9vpyHnSoAAAAAAFtipTUABIeSRYB56PPlPOxUAQAACAK1+wHAeqy0BoDgtJYsinK5fI5HuVzKy3QzIQwEgT5fzsFOFQAAgC6gdj8ARA5WWgNA8AryszW3sMTnvpaSRQDgH0kVAACALjCq3b98To5FUQGAM9EcFgCCR8kiAAgO5b8AAAAC1Fq7//iJO8m3dj8AILxoDgsA3UPJIgDoGnaqAAAABCiQ2v08jAJAeLHSGgAAAOFEUgUAACBA1O4HgMiVlkIyBQAAAKFH+S8AAIAAtdbuj3K5fI5HuVzKy3QzmQcAAAAADlXhadDa7VWUhXYAdqoAAAB0QUF+tuYWlqiozNN2jNr9AAAAAOBMtU3NmldY6vOMmJfpVkF+thLjYiyMDKHi8npP6LTaw9XX1ysxMVF1dXVKSEiwOhwAAGBT1O4HAAAAAMx8fqOKy6vVctw0e5TLpdyMFC2fk2NhZOiKruQN2KkCAAAQBGr3AwAAAICzVXgafHaotGrxelVU5lFldSPPjT1QRPRUWbx4sVJTU9W3b19NmjRJGzdu7PRr//CHP+jcc89VUlKSkpKSNG3aNMOvBwAAAAAAAADAbLv2NxmO76yhv0pPZHlS5eWXX9btt9+u++67T1u2bNGZZ56p6dOnq6qqqsOvf/fdd5Wfn6+1a9dqw4YNGjZsmC6++GJ9+eWXYY4cAAAAAAAAAOBUIwbGGY6nJrNLpSeyvKfKpEmTdNZZZ+mZZ56RJB07dkzDhg3T3LlztWDBAr/f39LSoqSkJD3zzDOaOXNmu/HDhw/r8OHDbf9fX1+vYcOG0VMFAAAAAAAAANAt9FTpGbrSU8XSnSrNzc3avHmzpk2b1nasV69emjZtmjZs2BDQazQ1NenIkSMaOHBgh+OPPPKIEhMT2/4bNmyYKbEDAAAAAAAAAJytID9buRkpPsdyM1JUkJ9tUUQINUsb1VdXV6ulpUWDBw/2OT548GB99tlnAb3GL3/5Sw0dOtQnMXO8u+66S7fffnvb/7fuVAEAAAAAAPZW4WnQrv1NSk3uRyNgAIAlEuNitHxOjiqrG7WzppFrkgNYmlTprkWLFumll17Su+++q759+3b4NX369FGfPn3CHBkAAAAAAAiV2qZmzSssVVGZp+1YXqZbBfnZSoyLsTAyAIBTpaWQTHEKS8t/paSkKCoqSvv27fM5vm/fPg0ZMsTwex9//HEtWrRI77zzjsaOHRvKMAEAAAAAQASZV1iq4vJqn2PF5dWaW1hiUUQAAMApLE2q9O7dWxMmTNCaNWvajh07dkxr1qzR5MmTO/2+xx57TA888IDeeustTZw4MRyhAgAAAJK+LTWzdnuVKqsbrQ4FABypwtOgojKPT0NgSWrxelVU5uHzGQAAhJTl5b9uv/12zZo1SxMnTlROTo6efPJJNTY2avbs2ZKkmTNn6uSTT9YjjzwiSXr00Ue1cOFCvfjii0pNTdXevXslSfHx8YqPj7fs5wAAAEDPRqkZAIgMu/Y3GY7vrGmk/AoAAAgZS3eqSNK1116rxx9/XAsXLtS4ceNUWlqqt956q615/e7du/X111+3ff2zzz6r5uZmfe9739NJJ53U9t/jjz9u1Y8AAAAAB6DUDABEhhED4wzHU5NJqAAAgNBxeb0n7Jft4err65WYmKi6ujolJCRYHQ4AAABsoMLToAueWNfp+No7z2dVNACE0cznN6q4vNqnBFiUy6XcjBQtn5NjYWQAAMCOupI3sHynCgAAABDpAik1AwAIn4L8bOVmpPgcy81IUUF+tkURAQCcjt6LzmF5TxUAAAAg0lFqBgAiS2JcjJbPyVFldaN21jQqNbkfOwYBAJag96LzsFMFAAAA8CPdHa+8TLeiXC6f41Eul/Iy3UzkAYBF0lL6aWrWID6HAQCWuWXlFp+EiiQVlXl088rNFkWEUCOpAgAAAASAUjMAEHkotQIAsFKFp0Hrd9R0OLZ+Rw3Xpx6K8l8AAABAACg1AwCRg1IrAIBI8EFlxwmVtvGKGp4ZeiB2qgAAAABdQKkZALDevMJSFZdX+xwrLq/W3MISiyICADiTy3DUG6YoEF4kVQAAAAAAgG1UeBpUVOZRi9d3qqrF61VRmYdSK0AXUUYPCN6ktIGG42enJ4cpEoQT5b8AAAAAAIBt7NrfZDi+s6aR3YRAACijB3Rfujtek9OTtaGifRmwyenJXI96KHaqAAAAAAAA2xgxMM5wPDWZCSwgEJTRA8zx6NVjlXRCIjIpLkaPXT3WoogQaiRVAAAAAACAbaS749tNXrVKiothVTAQAMroAea5Z9VW1R866nOs/tBR3b1qq0URIdRIqgAAAAAAANuo8DToQNORDscONB1hMhgIQCBl9AD4R4LSmUiqAAAAAAAA22AyGOg+yugB5uCa5EwkVQAAAAAAgG0wGQx0X7o7XnmZbkW5XD7Ho1wu5WW6KaMHBIhrkjORVAEAAAAAALbBZDBgjoL8bOVmpPgcy81IUUF+tkURAfbDNcmZXF7vCQXferj6+nolJiaqrq5OCQkJVocDAAAAAAC6qK7piOYWlqiozNN2LC/TrYL8bCV20sQeQMcqqxu1s6ZRqcn9mAAGgsA1qWfoSt6ApAoAAAAAy1R4GrRrfxMTOQCCUvS5RyV7Dmj88CSdm+m2OhwAgIORoLS3ruQNosMUEwAAAAC0qW1q1rzCUlb0AQgKnyEAgEiTlmKPZAqLmrqPnSoAAAAAwm7m8xtVXF6tluMeR6JcLuVmpGj5nBwLIwNgB3yGAADQNSxIMNaVvAGN6gEAAACEVYWnQUVlHp/JUElq8XpVVOZRZXWjRZEBsAM+QwAAkajC06C126si9jo0r7BUxeXVPseKy6s1t7DEoojsi/JfAAAAAMJq1/4mw/GdNY2UIgDQKT5DAHNRCgjoHjvsAGldkHCi4xckcP4HjqQKAAAAgLAaMTDOcDw1mQc6AJ3jMwQwhx0mggE7MNoBEiklKVmQYC7KfwEAAAAIq3R3vPIy3YpyuXyOR7lcyst080AHoMeJ9JIwcKabV2xpt3K9qMyjn6zYbFFEgP3YpSQlCxLMRVIFAAAAQNgV5GcrNyPF51huRooK8rMtigiAXQSy2jZS1DY1a+bzG3XBE+s0e+mHmvr4u5r5/EbVNR2xOjQ4XIWnQRsqajoc21BREzETwUCks8s1iUVN5qL8FwAAAICwS4yL0fI5OaqsbtTOmkbquAMImJ1W29qhJAyc6YPK/Ybj/6yo4boMBMBO16SC/GzNLSzx2aHGoqbgkFQBAAAAYJm0FJIpAHommgIjsnkNR12GowBate4AKS6v9ikBFuVyKTcjJaI+51nUZB7KfwEAAAAAANuwS6kVu8QJZ5qUlmw8nm48DuD/2K2sbVpKP03NGkRCpRvYqQIAAAAAAGzDLqVW7BInnCndHa+c1IHauLN9GbCc1IFMtgJdwA4Q52GnCgAAAAAAsA27NNu1S5xwrqheHRf56uw4AGPsAHEOkioAAAAAAMBW7FJqxS5xwnkqPA3aUFHT4diGihpVVlOeDgA6Q/kvAAAAAABgK3YptWKXOOE8gfT84b0KAB0jqQIAAAAAAGwpLcUeSQq7xAnnoOcPAASP8l8AAAAAAACAg9DzBwCCR1IFAAAAAAAAcJgHZ5yuhFjfIjYJsdF6aMbpFkUEAPZAUgUAAAAAAABwmHtWbVX9oaM+x+oPHdXdq7ZaFBEA2ANJFQAAEFEqPA1au71KldWNVocCAAAA9EgVngYVlXnU4vX6HG/xelVU5uFeHAAM0KgeAABEhNqmZs0rLFVRmaftWF6mWwX52UqMi7EwMgAAAKBn2bW/yXB8Z00jfVUAoBPsVAEAABFhXmGpisurfY4Vl1drbmGJRREBAAAAPdOIgXGG46nJJFQAoDMkVQAAgOUoPwAAAACET7o7XnmZbkW5XD7Ho1wu5WW62aUCAAZIqgAAAMsFUn4AANBz0D8LAKxXkJ+t3IwUn2O5GSkqyM+2KCIAsAd6qgAAAMtRfgAAnIH+WQAQORLjYrR8To4qqxu1s6ZRqcn92KECAAFgpwoAALAc5QcAwBnonwUAkSctpZ+mZg3inhvoJnbiOgc7VQAAQEQoyM/W3MISn9XLlB8AgJ6jtX/WiY7vn8WEHgAAsBt24joPSRUAABARKD8AAD1bIP2z+NxHV1V4GrRrfxP3DQAAyxjtxF0+J8eiqBBKJFUAAEBESUthUgQAeiL6Z8FMrAoGAEQCduI6Ez1VAAAAAAAhR/8smIn+PACASBDITlz0PCRVAAAAAABhUZCfrdyMFJ9j9M9CV7WuCm7xen2OH78qGACAcGAnrjNR/gsAAAAAEBb0z4IZ6M8DmIveRADQNSRVAABAROGhDgB6PvpnoTtYFQyYg95EQPe98a+v/Yx/pbkXZIYpGoQLSRUAABAReKgDAAAAwseoN9HyOTkWRQXYy/7Gw8bjDc1higThRE8VAAAQEWg4CwAAAkFTYKD76E0EmGNq1iDD8QtGG4/DnkiqAAAAy/FQBwAAAkX5L6D7SE4C5jgva5AGxHZcWWFAbIzOzXSHOSKEA0kVAABgOR7qAAAIXoWnQWu3VzlmEUK6O155mW5FuVw+x6NcLuVluunXAwSA5CRgntdvO0dJJ5SsToqL0eu3nWNRRAg1eqoAAADL8VAHAEDXObkfWUF+tuYWlvj87LkZKSrIz7YwKsA+WpOTxeXVPrvFo1wu5WakkJwEumBYcpxKFl6s98o82rL7gMYPT2KHSg/n8npPqLPRw9XX1ysxMVF1dXVKSEiwOhwAAPC/Zj6/sdOHOhplAgDQHtdOqbK6UTtrGpWa3I9JYKCL6pqOtEtOOiUxCwAn6kregKQKAACICDzUAQAQuApPgy54Yl2n42vvPJ8kA4CAkJwEgK7lDSj/BQAAIkJiXIyWz8nhoQ4AgAAE0o+M6yiAQKSlcN8NmKHC06Bd+5t4lnUAkioAACCi8FAHAIB/9CMDACAyOLnHmVP1sjoAAAAAAADQNa1NpqNcLp/jUS6X8jLdLFAAACBMblm5xSehIklFZR7dvHKzRREh1EiqAAAAAABgQwX52crNSPE5lpuRooL8bIsiAgDAWSo8DVq/o6bDsfU7alRZ3RjmiBAOlP8CAAAAAMCG6EcGAIC1PqjsOKHSNl5Rw7W5ByKpAgAAEASaEAIAIgX9yAAAsIrLcNQbpigQXiRVAAAAuoAmhIC5SFACAADASCTfL05KG2g4fnZ6cpgiQTiRVAEAAOiCeYWlKi6v9jlWXF6tuYUlWj4nx6KoAPshQQkAAAAjdrhfTHfHa3J6sjZUtC8DNjk9OeKSQDAHjeoBAAACVOFpUFGZRy1e303cLV6viso8NCEEusAoQQmgayo8DVq7vcqR1yEn/+wA0NPZ5X5xyfUTlJfp9jmWl+nWkusnWBQRQo2dKgAAAAHatb/JcHxnTSMrkYAAtCYoT3R8gpJzCfDPDit4Q8XJPzsAOIGd7hcT42K0fE6OKqsbtbOmMSLLlMFc7FQBAAAI0IiBcYbjqcncOAOBCCRBCcA/u6zgDQUn/+wA4AR2vF9MS+mnqVmDSKg4AEkVAACAAKW745WX6VaUy+VzPMrlUl6mm5tnIEAkKIHuc3JJSif/7ADgFNwvIpKRVAEAAOiCgvxs5Wak+BzLzUhRQX62RREB9kOCEug+O67gNYuTf3YAcAruFxHJ6KkCAADQBdTLBcxRkJ+tuYUlPrWySVACgfO3QjK6l8vPV9gXq5cBwBm4X/x2d+au/U08d0YYkioAAABBSEvhphboDhKUQPcc8zN+9JjXz1fYV+vq5eLyap8SYFEul3IzUvgsAYAewsn3i7VNzZpXWOqTUMrLdKsgP1uJcTEWRgaJ8l8AAAAALERDTyA4Tt+t8eCMMUqI9V0nmhAbrYdmnG5RRACAUHHi/eK8wlIVl1f7HCsur9bcwhKLIsLxSKoAAAAAAABbuWfVJ6o/dNTnWP2ho7p71VaLIgIAwBwVngYVlXl8dmNKUovXq6Iyjyqr6R1mNZIqAAAAACxT4WnQ2u1VPBwCXfRB5X7D8X9W1IQpkvBjsgkAEInMuq/dtb/JcHxnDdc5q9FTBQAAAEDYUSca6C7jnik9t019YJNNTioRAwCwltn3tU4v8WkH7FQBAAAAEHbUiXY2dih136S0ZOPxdONxO/M3kRHdqyenlAAAkcbs+9p0d7zyMt2Kcvlez6JcLuVlulk4EAHYqQIAAAAgrFpL95zo+NI9PCz2TOxQMk+6O15TRiZr/Y72Zb6mjEzu0efQMT/jR48Z7+IBAMAsobqvLcjP1tzCEp/Xzs1IUUF+drfihTlIqgAAAAAIK0r3OJfRSs7lc3Isisq+nr1uQrsJl9YkVU9GWRQAQKQI1X1tYlyMls/JUWV1o3bWNCo1uR/3xxGEpAoAAACAsGJC1JnYoWQ+p064tJZFKS6v9mlWH+VyKTcjxRG/AwBAZAj1fW1aijOu7XZDTxUAAAAAYUWdaGcKZCUngpOW0k9TswY56twpyM9WbkaKzzHKogAAwo37WmdipwoAAACAsKNOtPOwQwlmcuouHSAUKjwN2rW/ifMICBL3tc5DUgUAAABA2DEh6jyUbEIoUBYFCF5tU7PmFZZ22JcpMS7GwsgAe/HK6/+L0KNQ/gsAAACAZZxYtsjJKNkEAJFjXmGpisurfY4Vl1drbmGJRREB9sS55DzsVAEAAAC6gBIZQPDYoQQAkaHC0+CzQ6VVi9erojKPKqsb+XwGAsC55EwkVQAAAIAAUCIDMA8lm8y1bnuVSr+o1fjhSTo30211OABsYNf+JsPxnTVMBAOB4FxyJpIqAAAAQACMtvUvn5NjUVQAnGxXTaNmLC7WgaYjbceS4mL02q3naFhynIWRAYh0IwYaf0akJjMJDASCc8mZ6KkCAAAA+NG6rf/45tqS77Z+AAi3ExMqknSg6YiuXPy+RREBsIt0d7zyMt2Kcrl8jke5XMrLdLOyHgAMkFQBAAAA/AhkWz8AhNO67VXtEiqtDjQd0Xsd1HcHgOMV5GcrNyPF51huRooK8rMtigiwnw8qa4zHK4zHYU+U/wIAABGFJuCIRGzrBxBpSr+oNRzfsvuAI/qrcN8ABC8xLkbL5+SosrpRO2saOY+AoLgMR72Go7Arkipow80o0H2cR0DwaAKOSNZaIqO4vNqnBFiUy6XcjBQ+87uBayfM4rT30rhTBhiOjx+eFJ5ALMJ9A2CetBRnfG4CoTApbaDh+NnpyWGKBOFEUgXcjAIm4DwCuo8m4Ih0BfnZmltY4vNZT4mM4HHthFmc+l46L2uQkuJiOiwBlhQX0+N3qdyycovW7/AtqVJU5tHNKzfrxZvOtigqwJ6clpQGzJTujldC32jVf3O03VhC32jOqR7K5fV6HbULqb6+XomJiaqrq1NCQoLV4USEmc9v7HTVJZNYQGA4j4DuqfA06IIn1nU6vvbO87kZRcSgRIY5uHbCLE5+L+2padKVi9/3SawkxcXotVvP0bBk47KFdsZ9A2AOpyalATNxTeo5upI3oFG9w1V4GlRU5vF5AJGkFq9XRWUeVVbTdBXwh/MI6D6agMNO0lL6aWrWIB6OuoFrJ8zi9PdS/9honXHyAJ9jZ5w8QAmxPXsylKbAgDluWbnFJ6Ei/d+OLwCB4ZrkTCRVHI5JLKD7OI+A7qMJOOAsXDthFqe/l4xKZ/ZsNAUGuqvC09CuhF6r9TtqenxSGjAP1yQnIqnicExiAd3HeQR0X2sT8CiX7w1plMulvEw3OwKAHoZrJ8zi5PeSk3fp0BQY6D5W1wPm8De5Ht3LOOkCeyKp4nBMYgHdx3kEmKMgP1u5GSk+x2gCDvRMXDthFie/l5y8SyfdHa/JnSROJqcn9+i/O2AeVtcDZth78BvD8a/qDoUpEoQTSRUwiQWYgPMI6L7EuBgtn5OjtXeer6Wzz9LaO8/X8jk5NMkEeiiunTCLU99LTt6lI0lLrp+gvEy3z7G8TLeWXD/BoogAexma2Ndw/JSk2DBFAtjbuFMGGI6PH54UnkAQVtFWBwDrtU5iVVY3amdNo1KT+7GyB+giziPAPGkpnD+AE3DthFmc+l5q3aVTXF7tUwIsyuVSbkZKj/8dtP7diz6vUsmeWo0fnqRzT0iyAOjcMT/jR4+xVwUIxHlZg5QUF6MDTUfajSXFxXBt6qFIqqANk1hA93EeAQDQNVw7YRYnvpcK8rM1t7BERWWetmNO2KUjSbVNzZpXWOrzs+dlulWQn80uVyAA9IEAzPParefoysXv+yRWkuJi9Nqt51gYFUKJpAoAAAAAADYUyl06FZ4G7drfFLE7f+YVlqq4vNrnWHF5teYWlmj5nByLogLsw1+fhy8P0AcCCNQxuhA5DkkVAAAAAABszMxdOnbYAVLhafCJr1WL16uiMo8qqxsjMhEERBLPwWbj8YbDYYoEsL8Zi4vblf860HREVy5+XyULL7YoKoQSjeoBAAAAALCxddur9NSaz/VeB4mGrjLaARIpdu1vMhzfWdMYpkgA+3L37208Ht8nTJEA9rZue1WH/VSkbxMrZlybEXnYqQIAAAAAgA3tqmlstzq2tYb7sOS4Lr+eXXaAVNV9YzhefZAV9oA/k9KSjcfTjccBfKv0i1rD8S27D9CsvgdipwoAAAAAADZkVG4kGHbZAbL3oHFSxV+vCAAAzDLulAGG4+OHJ4UnEIQVSRUAAAAAAGwmFOVGRgw03t2Smmz9LhWJCSzADHZJogKRbpifa+cpSV3fOYrIR1IFAAAgCBWeBq3dXqXKah44AQDhF0i5ka5Kd8crL9OtKJfL53iUy6W8THdElP6SpPOyBikpLqbDsaS4GMqsAAHwNyEY3cvl5ysASNIHlfsNx/9ZUROmSBBOJFUAAAC6oLapWTOf36gLnlin2Us/1NTH39XM5zeqrpPVwgCMkaCEWZz2XgrVbo2C/GzlZqT4HMvNSFFBfnZQrxcqr916TrvESms/GQD+feQnMfvRHuNxAK28hqOkJ3smGtUDAAB0wbzCUhWXV/scKy6v1tzCEi2fk2NRVID91DY1a15hqU9T7LxMtwrys5XYyQp0oCNOfS+17tboqARYd3ZrJMbFaPmcHFVWN2pnTaNSk/tFzA6V4w1LjlPJwov1XplHW3Yf0PjhSexQAbrAXwK6wuOMBDXQXUMTYw3HT04yHoc9sVMFAAAgQBWeBhWVedTi9V2N1OL1qqjM45jV0YAZjBKUQFc4+b0Uyt0aaSn9NDVrUEQmVI53bqZbP73wVBIqQBf5Wz1P9S8gMF/VfWM4/sWBQ2GKBOHEThUAAIAABdLQM9Inn4BI0JqgPNHxCUrOJQTC6e8ldms4W4WnQbv2N0XsbiJENq+ftMox44pGANpQ/suJSKoAAAAEaMTAOMPx1GQmNIBAkKCEWXgvfevcTDfJFAdxask7mCstxfi+Nt3d8z87ATNMSks2Hk83Hoc9Uf4LgGM5rZkpgO5Ld8crL9OtKJfveqMol0t5mW5HTNyB64cZSFDCLP4eaKMdUr+GzyVncXLJO5jn8rFDDccv8zMOAE7GThUAjsPKLgDdUZCfrbmFJT6fIbkZKSrIz7YwKoQD1w/ztCYoi8urfXoURblcys1IIUGJgB3zM360h9ev4XPJeZxe8g7mSXfHa/ywRG3ZU9dubPywRN5HQIDYNetM7FQB4Dis7ALQHYlxMVo+J0dr7zxfS2efpbV3nq/lc3KYvHIArh/menDGGCXE+q7xSoiN1kMzTrcoItiR03c98bnkvF06gUzeOYHT/u6hEh0V1aXjANqr8tOovvrg4TBFgnBipwoAR2FlF+BMoWjkmpZCU1gn4fphvntWfaL6Q0d9jtUfOqq7V23V8jk5FkUFu3Hyrienfy45dZeO0xOJTv27h0KFp0Ebd+7vcGzjzv09/jMEMMs/tu0zHF/96V5dM3FYmKJBuLBTBYCjsLILcJbapmbNfH6jLnhinWYv/VBTH39XM5/fqLqmI1aHBpvh+mGu1sng4yfBJd/JYCBQD8443ZG7npz+uXTLyi3tkkpFZR7dvHKzRRGFh9P7u7E7yzwfVNYYj1cYjwP41g5Pg/F4lfG4Fdjt130kVQA4SqhXdnFhAiILD94wi9NXBpst1JPBXI+d5Z5VWzvd9dSTOflzqcLToPU7Op7wXb+jpsef+wX52crNSPE55oT+biTkzfX53oOG42X7jMd7Eu4b0B29o42n1/tER045PRYdmofyXwAcJVQlItiGDkSeUJdFCUVJMUQuJ5cYCoVQTQZzPXYep5fAcqpAVtj35L97a3+3yupG7axpdMy9CM2gzeX1M35i8qon4r4BZhiWFKfP9na+G2WYn/vecDJadEj53a5hpwoAxwnFyi5WwwORJ1Qr4Vnd41xOXRkcCqEqX8P12HnsWALLrBXRdvzZzeMyHO35U8HfSkvpp6lZgxyTSHDy7qxQGD0kwXB8zNDEMEViHaeWEYS54vsa71no1ycy9jSw289ckfFXBYAwMntlFyskgcgUqgdvVvc4V+v1o+hzj0r2HND44Uk6N9NtdVi2VZCfrbmFJT7X0O4kqbgeO1M4SruatSvR7BXRTp5gnpQ20HD87PTkMEWCcGLXqLn2HfzGeLzeeNzuAikjyHsKgWj45qjheONh4/FwYbefuUiqAHCstBRztslzYQIiUygevJm0dTZKRJjL7EUOXI+dyU6lXc1Oyu/x857/4kBTj33Pp7vjldA3SvXftLQbS+gb1WN/bpifkA+1SC4Xu3ZbleH4/2zbp9suyAxTNOHn9DKCMI+/6/Hu/ZGxA8TJizFCgfJfANBNXJiAyGV2uSZnl1oBpaVCY3dNo/71Ra2+OGB8fvnD9di57FDaNRQlN0q/qDUc37L7QJdf0y4qPA0dJlQkqf6bFkqY9GCtCfm1d56vpbPP0to7z9fyOTkRt7jBDuViPQ3N3Rq3P8oI2sm67VV6as3neq+DBW5Wi+1t3Ii+b0xkNKoPVfldp2KnCgB0E9vQgchl9kp4Jm1DK5JXc7JLyXy7aho1Y3GxDhw3wZQUF6PXbj1Hw5K73tCT67Fz2aG0ayh2Ug3p39dwfGhibJdez04+qNxvOP5PVpj3eGZVHQgVO5SLPdpyrFvjdkcZQXsw+34xFC4cNVgle+o6Hb/otCFhjMaY3Xb7RTKSKgBgAi5MQGQz68E73R2vpLgYn5v6VklxMRH9cB/J7FBWi9JS5jvxAVmSDjQd0ZWL31fJwouDek2ux6ERyQnP47Xueoru5Yq4UnKhSMoPSjROqqT079Pl17QP4zXkxuvPrWGX8wjdZ5eFGEe8xkmTI8d6dlIl3R2vyenJ2lDRvgzY5PTkiPgbITT3i2ZL9nO9TerXO0yR+Gf2QhQnI6kCACbgwgSYJ5InHSo8DR0mVKRvb+4j5SHZbuywmpNdSuZat73K8Fx6r8yjczPdXX5drsfmskPCUzJ/FWsozvdQ7KTyV8s7ulckphbMUXPQuCzR/sbIKVtkl/MI5rHLQozEvjGqaei8HFli38iZCA6VJddPaLcYo/X8hPVCdb9ots/3HjQcL99nPG6FSN/tZwf0VAEAE6Wl9NPUrEFcnIAg2KH2ND1VzBeKPgOhQA1ic4W6FwTXY3PYpY+Q0SrWYITqfDe794u/NeRHj/XcjgD/+Gyf4fjqT43Hw8ku5xHM4+SEp93YpUePU9mld1jtIePn1c4SQ7A3kioAEOEqPA1au70qYiYWgVCxw6QDuxXMZ6dEVSiaYTuVk3tB2IVdEp6BrGINRijOd7Mn75x8TfqmueMm9W3jR46GKRJjdjmPjsezR/fZJeHZ5Oc8amyOjPMoHFiMEZnGnTLAcHz88KTwBOLHgFjjQlBJJOl6JMp/AUCEolRAZJeBgrlCXXvarPdSujteU0Yma/2O9rWXp4yk9nIw7DQp2DohWvS5RyV7Dmj88KSIKDlgR87uBWEPdilfE8gq1kgrJWdmn6+JI5K0aVf7lbpnjUiKiL9PqCT36yOpofPx+Mj4DAn1eWTmvTLPHuapqvvGcLz64OEwRWIsPaWf9tZ3HkuGOz6M0QDtnZc1SImxMarrYCdIYmxMxNyHf3HgULfGYU8kVQAgQtmhx0Co8FDnPKGadAjFe+loS8frDzs7DmOh6DMQKnw2mSfUyTSS8t1nl4RnqFexRnrN8fKqjhMLZZ0c7ylqGo0npWsaImPSOlTnUSiuR05+9jDbtr31huOffFWnazQsTNF0boifXaFD/CyAAMIha3C8Nu5sv3gga3DkJP12eIyvueVV3eupwn1tZKL8FwCYyKzt8nYsFWAmO5SBwrfMes+HatLh5hVb2u2AKSrz6CcrNgf1ehWehg5v6iVp484DPf7cDBW7lNX68fJNHb6fblq+yaKI7CvdHd9pTfnoXq6gHxjt0JvJLuzSR6h1FWtHImkVayis217VaR332kPBlz6zg2Y/Cxmaj0ZGeaVQnUdm3ys7/dnDbAP7GTd4T4mQnVRf1xmvnv/Kz3hPQtm7yGSXZ6/EvsbJ7MRY48+EznBfG9nYqQIAJjB7tZhdSm6EQqjLQMEcZr/n0/2UFwjmb17hadCGivZluiRpQ0VNUO+lDyo7fr228Yoa3p9BCGWZHbMYP9Tt57Opi9Ztr+q0pvzRY169V+YJajKcldbmKsjP1tzCEp/P+khMeI5MidOWPXUdHO/Z52SoSp/ZQe8o4/WhfaIjZ/3ogzNO11WL3/fp/ZMQG62HZpwe1OuF4l7Zjs8ekbxy+/KxQ/Xb1WWdjl82dmgYo+ncSX52qkRqfzPK3jmHXT6bpo4epJIv2t+HtLpg9KCgXjeU97WR/BlqF5FzpwHAEqzIMIfZq+HtUnIjFOzUtNrJzH7PP7Om8wdPSfrd2vIuv+YHlfsNx//ZScLFWMcr61tFxrpY+4rkJqFv/Osrw/G/+Rm3Qiiu8Wa9ZiCTwV0V6pXWTrxnqj3UrI+/rPU59vGXtarvZHeEFSo8DR0mVCRpy57aHv33ivJzTYrp1XMf9/010D54OHIabN+zaqvqD/nGU3/oqO5etTWo1wvFvbKdnj3ssHI73R2vrCEdLxgaNaR/xNznbPuq80ngb8eNy5iFWyj+9lRIiGx26U+0q9r4c3lXjfF4R0J1X2uHz1C7YKcK4FCsyDBPKFbD26nHgNns9FDnVKF4zxfvqDYcf6/Mo1umZnTpNT0HjW/Cg6m3PiltoOH42enJXX5N/J+XN+7Whsoa5Y5M0TUTzak1btYqrP2NzYbj1RFSv18KzTXe7NcMRR8MO/VmarVue5VKv6jV+OFJEbmj4Mpn3lfdCZPBB5qO6PJn3tNH903v1mubdW6GegdhJP+N1ny2z3B89af7unzttAt/n7mR8pkcil0lobhXttOzx80rtrS7D21d2FP447Mtiqq97Xs77rHw2d7u9VYwk7/eS9v3RU6skvmr9qmQEPn2+nmei5QSdR/sNH8xX6jua9nVbZ6IWLqyePFipaamqm/fvpo0aZI2btxo+PV/+ctfNGrUKPXt21dnnHGG3nzzzTBFCvQcrMgwT2hWw0u/mH6qTii/LJdLWnBJVlCvZxd2qeHuZKF4z+eOTDEcD2Yi60Cj8Wobf5PkHUl3xys2uuOVwbHRwfeBcLqPv6hVxq/e1C9f+VirSr7Sz//6L2X86k19+qXxCkojZq/CGj0kwXB8zNDEoF43FEJxjb9lZce7025eGdzutFAIVVI+FL10dtU0Kvv+dzRr6Yf6j9Vl+uHzG5V9/zvaE8RKxlBZt72qXUKlVd2ho0H36zD73PT4WaUa7OS6Hf5Gn/uZnP3cT7NsOzt8xHhv6OEjxj1XwiUUu0rS3fFK6iShmxQXE/S9iB36mwWysCcShGIHdij4az0UIa2JJIVm1T4VEiJfKBbhhEKKnz5K7iD6KIXivpb+WeayPKny8ssv6/bbb9d9992nLVu26Mwzz9T06dNVVVXV4devX79e+fn5mjNnjkpKSjRjxgzNmDFDW7cGt3UWcCI+SM1mfLdpXJihcz/848Z29eaPHvPquuc/CPIV7cMOD3XOZv57/rYLMw3Hg1lpW3vIOGlSG8QEXoWnQYc6ecI8dNTL52eQvvu79R1+3l25uDjo1zQ7sXDMz/u+pZP+IOEWimt8hadB63d0PIm1fkdwk1gv/HOX8fh64/GOhCIpH0gvnWDMWFzs019B+nYHyJWL3w/q9UJh7faOn8dardlmvEuiM2afm6FIoEv2+Bsd8dOs3d+4nfn7ySLlJ/c34RLdq+t3TRWehnbvzVYHmo4E/bnU2t9s7Z3na+nss7T2zvO1fE5ORFUxCNViNrP9w88usnc+3RumSHoOp5e9Q2SbNnqw8fhpxuMdCcV9LYlEc1meVPntb3+rm266SbNnz9Zpp52mJUuWKC4uTn/84x87/PqnnnpKl1xyiX7+859r9OjReuCBBzR+/Hg988wzYY4csC8+SM01Kc243M+kIMoBrdteZfiwFOzqULuww0Odk4XiPS9JL9/UccmGzo7742+aIoh5DN3z6seG4/f6GUd7L2/cbdiw/C+b9nT5NUOzeMAe/XRCcY0PpLxSV231swvpXyf08QiU2Un5UPTSscs1/ssDxiU1vq41LsnRkVCcm14/Z583iJPTLn+jfn2N74v8jSP0/CV3Orv+GQn1s1wk9zcLRWnXUPC3Kn1w/75hiqTnCGXZOyokRK5QLfAwW4ufe5Ejx4JL9Zt9X0si0VyWJlWam5u1efNmTZs2re1Yr169NG3aNG3YsKHD79mwYYPP10vS9OnTO/36w4cPq76+3uc/wOn4IDVXujteU0Z2PIk8ZWRyUDdjoWjga0eR/FDnZKF4z0vSpJHJ2rnoMv1iepYmpw/UL6ZnaeeiyzSpk3/Ln4RY423Y8UFMNm2vMi618tk+7jO6aoOfCXt//XY6EooJJ7v00wnFNT4U5ZX8TYQHm6YyOykfil46drnG+/u7V/mZ3OxIKM7NqVmDDMcvGG083hG7/I2+O+5kw/Grx58SpkjQmVB8Jjv5Wc7tJxmRHESJnVDw97kzdVTXP5ecLlQJECokRLaBfspqpUTIOR+qMmVm39eSSDSXpUmV6upqtbS0aPBg321QgwcP1t69HW+H3Lt3b5e+/pFHHlFiYmLbf8OGmdP0FLAzPkjN9+x1E5R3Qs+HvEy3nr1uQlCvZ5faoXAus9/zx7tlaoYKfzy52811p2YZ92G5MIiJtqxB/Q3HRw027ruB9ib72fnkr99OR0K1mnFyJ4mTyenBJxPNFoprfCgmsS47fajh+OVjjSeL/TErKe9vwv5CP+UeOmKXa7y7v/Hf1d94R0Jxbp6XNUgDYjueXBgQGxNUTy67/I0WXjnGcPyey08LUyToTCg+k538LGeXBQ6h2tVttpHJxp/Jme7Iei+FIgFChYTIdvlY4/vFy/yMh8t5WYMMe10Fcy9yPDMXm5JINI/l5b9C7a677lJdXV3bf3v2dL2EBNAT8UFqLrNvxkJ9UQa6yw4PIOdlDVJiJxNtiUFOtD343TMMxx/wM472rs0Z3mlN+eheLl0zsesLYkI14bTk+o6TiUuu734y0UxmX+NDMYlll8ngbz9HojscS4yNDupzxC7X+OvPHmE4/sPJqV1+zVCdm6/fdk6732lSXIxev+2coF7PLn8jSXp+5sQuHUf4heK5y6nPcnZa4BCKXd1mW/PzqYbjq+84PzyBBCiUzx9USIhM6e545aR2fB+akzowov5er93a8b3Ia7cGdy8SKnZ4jrcLl9cbTJVZczQ3NysuLk5//etfNWPGjLbjs2bNUm1trf77v/+73fcMHz5ct99+u+bPn9927L777tOqVav00Ucf+f036+vrlZiYqLq6OiUksJoUqKxu1M6aRqUm94uoCxKkPTVNunLx+z41vVsvysP8rCoC8K1QnEfT/2Odtu9raHc8a3C83v7ZeUHH6mSfflmnKxcX+9SWj+7l0mu35uq0kxODes26piOaW1iiouN6H+RlulWQn93thwa7XDvNjDP/9//Uhg56p0xOT1bhj4Pre7Tm032as3xTu+PPz5yoC4No6Bkqofgcscs1fux9b6v+8NF2xxP6ROtf/z49qNcM5bn5XplHW3Yf0PjhSd1OfNjlb9TqwTc+1fvlHp2T4Y6YpGSopS74W6djOxddFsZIAhOKa4ddrkdmCuVniJnsEudDb3yiP7y/s93xm85J1d2XGy+AAMLBLudSKzPvRRB+XckbWJpUkaRJkyYpJydHBQUFkqRjx45p+PDhuu2227RgwYJ2X3/ttdeqqalJr7/+etuxKVOmaOzYsVqyZInff4+kCgC74aIMdJ+Z55Hdbuzt5C+b9qh4R7VyR6YEtUOlI06ccAqFUL7v7TIZHIrrcaRf40OZWLDLuRnpfyMnO+3uv6mppf3xuCjp04ciL6kCc9nlM8QucV70xLuqrGlUWnK/iNuhAkj2OZdgb7ZKqrz88suaNWuWnnvuOeXk5OjJJ5/Un//8Z3322WcaPHiwZs6cqZNPPlmPPPKIJGn9+vU677zztGjRIl122WV66aWX9PDDD2vLli06/fTT/f57JFUAAIAZuLGHE/G+dyYSC4hkx+9YicQdKgAAwB66kjfouEBwGF177bXyeDxauHCh9u7dq3Hjxumtt95qa0a/e/du9er1f61fpkyZohdffFH33HOPfvWrXykzM1OrVq0KKKECAABglrQUJpXhPLzvnencTDfJFEQsEikAACDcLN+pEm7sVAEAAAAAAAAAAK26kjfoZTgKAAAAAAAAAAAASSRVAAAAAAAAAAAAAkJSBQAAAAAAAAAAIAAkVQAAAAAAAAAAAAJAUgUAAAAAAAAAACAAJFUAAAAAAAAAAAACQFIFAAAAAAAAAAAgACRVAAAAAAAAAAAAAkBSBQAAAAAAAAAAIAAkVQAAAAAAAAAAAAJAUgUAAAAAAAAAACAAJFUAAAAAAAAAAAACQFIFAAAAAAAAAAAgACRVAAAAAAAAAAAAAkBSBQAAAAAAAAAAIAAkVQAAAAAAAAAAAAJAUgUAAAAAAAAAACAAJFUAAAAAAAAAAAACQFIFAAAAAAAAAAAgACRVAAAAAAAAAAAAAkBSBQAAAAAAAAAAIAAkVQAAAAAAAAAAAAJAUgUAAAAAAAAAACAAJFUAAAAAAAAAAAACQFIFAAAAAAAAAAAgACRVAAAAAAAAAAAAAkBSBQAAAAAAAAAAIADRVgcQbl6vV5JUX19vcSQAAAAAAAAAAMBqrfmC1vyBEcclVQ4ePChJGjZsmMWRAAAAAAAAAACASHHw4EElJiYafo3LG0jqpQc5duyYvvrqK/Xv318ul6vdeH19vYYNG6Y9e/YoISHBgggB++M8ArqP8wgwB+cS0H2cR0D3cR4B5uBcArqP86hjXq9XBw8e1NChQ9Wrl3HXFMftVOnVq5dOOeUUv1+XkJDAmwroJs4joPs4jwBzcC4B3cd5BHQf5xFgDs4loPs4j9rzt0OlFY3qAQAAAAAAAAAAAkBSBQAAAAAAAAAAIAAkVU7Qp08f3XffferTp4/VoQC2xXkEdB/nEWAOziWg+ziPgO7jPALMwbkEdB/nUfc5rlE9AAAAAAAAAABAMNipAgAAAAAAAAAAEACSKgAAAAAAAAAAAAEgqQIAAAAAAAAAABAAkioAAAAAAAAAAAABIKki6dlnn9XYsWOVkJCghIQETZ48WX//+9+tDguwtUWLFsnlcmn+/PlWhwLYyq9//Wu5XC6f/0aNGmV1WIDtfPnll7r++uuVnJys2NhYnXHGGdq0aZPVYQG2kpqa2u6a5HK5dOutt1odGmAbLS0tuvfee5WWlqbY2FiNHDlSDzzwgLxer9WhAbZy8OBBzZ8/XyNGjFBsbKymTJmiDz/80OqwgIhWVFSkK664QkOHDpXL5dKqVat8xr1erxYuXKiTTjpJsbGxmjZtmsrKyqwJ1mZIqkg65ZRTtGjRIm3evFmbNm3SBRdcoKuuukqffPKJ1aEBtvThhx/queee09ixY60OBbClMWPG6Ouvv2777/3337c6JMBWDhw4oNzcXMXExOjvf/+7Pv30Uz3xxBNKSkqyOjTAVj788EOf69Hq1aslSddcc43FkQH28eijj+rZZ5/VM888o23btunRRx/VY489poKCAqtDA2zlxhtv1OrVq/XCCy/o448/1sUXX6xp06bpyy+/tDo0IGI1NjbqzDPP1OLFizscf+yxx/T0009ryZIl+uCDD9SvXz9Nnz5d33zzTZgjtR+Xl+URHRo4cKB+85vfaM6cOVaHAthKQ0ODxo8fr9/97nd68MEHNW7cOD355JNWhwXYxq9//WutWrVKpaWlVocC2NaCBQtUXFys9957z+pQgB5l/vz5euONN1RWViaXy2V1OIAtXH755Ro8eLCef/75tmNXX321YmNjtWLFCgsjA+zj0KFD6t+/v/77v/9bl112WdvxCRMm6NJLL9WDDz5oYXSAPbhcLr366quaMWOGpG93qQwdOlR33HGH7rzzTklSXV2dBg8erGXLlukHP/iBhdFGPnaqnKClpUUvvfSSGhsbNXnyZKvDAWzn1ltv1WWXXaZp06ZZHQpgW2VlZRo6dKjS09N13XXXaffu3VaHBNjKa6+9pokTJ+qaa67RoEGDlJ2drT/84Q9WhwXYWnNzs1asWKEbbriBhArQBVOmTNGaNWv0+eefS5I++ugjvf/++7r00kstjgywj6NHj6qlpUV9+/b1OR4bG8uufiBIlZWV2rt3r8/8XWJioiZNmqQNGzZYGJk9RFsdQKT4+OOPNXnyZH3zzTeKj4/Xq6++qtNOO83qsABbeemll7RlyxbqmgLdMGnSJC1btkxZWVn6+uuv9e///u8699xztXXrVvXv39/q8ABbqKio0LPPPqvbb79dv/rVr/Thhx9q3rx56t27t2bNmmV1eIAtrVq1SrW1tfrRj35kdSiArSxYsED19fUaNWqUoqKi1NLSooceekjXXXed1aEBttG/f39NnjxZDzzwgEaPHq3BgwersLBQGzZsUEZGhtXhAba0d+9eSdLgwYN9jg8ePLhtDJ0jqfK/srKyVFpaqrq6Ov31r3/VrFmztG7dOhIrQID27Nmjn/70p1q9enW71SMAAnf8qsWxY8dq0qRJGjFihP785z9TkhII0LFjxzRx4kQ9/PDDkqTs7Gxt3bpVS5YsIakCBOn555/XpZdeqqFDh1odCmArf/7zn7Vy5Uq9+OKLGjNmjEpLSzV//nwNHTqUaxLQBS+88IJuuOEGnXzyyYqKitL48eOVn5+vzZs3Wx0aAAei/Nf/6t27tzIyMjRhwgQ98sgjOvPMM/XUU09ZHRZgG5s3b1ZVVZXGjx+v6OhoRUdHa926dXr66acVHR2tlpYWq0MEbGnAgAE69dRTVV5ebnUogG2cdNJJ7RbGjB49mlJ6QJB27dqlf/zjH7rxxhutDgWwnZ///OdasGCBfvCDH+iMM87QD3/4Q/3sZz/TI488YnVogK2MHDlS69atU0NDg/bs2aONGzfqyJEjSk9Ptzo0wJaGDBkiSdq3b5/P8X379rWNoXMkVTpx7NgxHT582OowANu48MIL9fHHH6u0tLTtv4kTJ+q6665TaWmpoqKirA4RsKWGhgbt2LFDJ510ktWhALaRm5ur7du3+xz7/PPPNWLECIsiAuxt6dKlGjRokE9zYACBaWpqUq9evlMvUVFROnbsmEURAfbWr18/nXTSSTpw4IDefvttXXXVVVaHBNhSWlqahgwZojVr1rQdq6+v1wcffECf8QBQ/kvSXXfdpUsvvVTDhw/XwYMH9eKLL+rdd9/V22+/bXVogG30799fp59+us+xfv36KTk5ud1xAJ278847dcUVV2jEiBH66quvdN999ykqKkr5+flWhwbYxs9+9jNNmTJFDz/8sL7//e9r48aN+v3vf6/f//73VocG2M6xY8e0dOlSzZo1S9HRPD4CXXXFFVfooYce0vDhwzVmzBiVlJTot7/9rW644QarQwNs5e2335bX61VWVpbKy8v185//XKNGjdLs2bOtDg2IWA0NDT5VLyorK1VaWqqBAwdq+PDhmj9/vh588EFlZmYqLS1N9957r4YOHaoZM2ZYF7RNcFcsqaqqSjNnztTXX3+txMREjR07Vm+//bYuuugiq0MDADjMF198ofz8fNXU1Mjtduucc87RP//5T7ndbqtDA2zjrLPO0quvvqq77rpL999/v9LS0vTkk0/SFBgIwj/+8Q/t3r2bCWAgSAUFBbr33nt1yy23qKqqSkOHDtX/+3//TwsXLrQ6NMBW6urqdNddd+mLL77QwIEDdfXVV+uhhx5STEyM1aEBEWvTpk2aOnVq2//ffvvtkqRZs2Zp2bJl+sUvfqHGxkb9+Mc/Vm1trc455xy99dZb9EoOgMvr9XqtDgIAAAAAAAAAACDS0VMFAAAAAAAAAAAgACRVAAAAAAAAAAAAAkBSBQAAAAAAAAAAIAAkVQAAAAAAAAAAAAJAUgUAAAAAAAAAACAAJFUAAAAAAAAAAAACQFIFAAAAAAAAAAAgACRVAAAAAAAAAAAAAkBSBQAAAAAAAAAAIAAkVQAAAACH27t3r+bOnav09HT16dNHw4YN0xVXXKE1a9aoublZKSkpWrRoUYff+8ADD2jw4ME6cuSIWlpatGjRIo0aNUqxsbEaOHCgJk2apP/8z/9s+3qPx6Obb75Zw4cPV58+fTRkyBBNnz5dxcXFncb3yiuvaOLEiRowYID69euncePG6YUXXjD8mZYtWyaXy9X2X3x8vCZMmKBXXnkluF+SiV599VWdffbZSkxMVP/+/TVmzBjNnz/f6rAAAAAABCDa6gAAAAAAWGfnzp3Kzc3VgAED9Jvf/EZnnHGGjhw5orffflu33nqrPvvsM11//fVaunSpFixY4PO9Xq9Xy5Yt08yZMxUTE6OFCxfqueee0zPPPKOJEyeqvr5emzZt0oEDB9q+5+qrr1Zzc7P+9Kc/KT09Xfv27dOaNWtUU1PTaYwDBw7U3XffrVGjRql379564403NHv2bA0aNEjTp0/v9PsSEhK0fft2SdLBgwe1dOlSff/739cnn3yirKysbv7mgrNmzRpde+21euihh3TllVfK5XLp008/1erVq0P2b7a0tMjlcqlXL9bUAQAAAN3l8nq9XquDAAAAAGCN73znO/rXv/6l7du3q1+/fj5jtbW1GjBggD7++GONHTtW7733ns4555y28XfffVdTp07Vtm3bNGrUKI0bN07f/e53dd9993X4b9XW1iopKUnvvvuuzjvvvG7FPX78eF122WV64IEHOhxftmyZ5s+fr9ra2rZjx44dU9++fbVy5Updc801kqQXXnhBTz31VNvPf8EFF+jJJ5/UoEGDJEkHDhzQbbfdpnfeeUcNDQ065ZRT9Ktf/UqzZ8+WJO3Zs0d33HGH3nnnHfXq1UvnnnuunnrqKaWmpnYY1/z58/XRRx9p7dq1hj/f66+/rvvvv18ff/yx4uPjde655+rVV19ti+mnP/2pXn/9dR0+fFjnnXeenn76aWVmZvr87MuXL9eCBQv0+eefq7y8XCeddJLuvvtuFRYWqra2VqeffroeffRRnX/++YH+2gEAAADHY6kSAAAA4FD79+/XW2+9pVtvvbVdQkWSBgwYIEk644wzdNZZZ+mPf/yjz/jSpUs1ZcoUjRo1SpI0ZMgQ/c///I88Hk+H/158fLzi4+O1atUqHT58OKiYvV6v1qxZo+3btysvLy/g72tpadGf/vQnSd8mZFodOXJEDzzwgD766COtWrVKO3fu1I9+9KO28XvvvVeffvqp/v73v2vbtm169tlnlZKS0va906dPV//+/fXee++puLhY8fHxuuSSS9Tc3NxhHEOGDNEnn3yirVu3dhrr3/72N333u9/Vd77zHZWUlGjNmjXKyclpG//Rj36kTZs26bXXXtOGDRvk9Xr1ne98R0eOHGn7mqamJj366KP6z//8T33yyScaNGiQbrvtNm3YsEEvvfSS/vWvf+maa67RJZdcorKysoB/jwAAAIDTsVMFAAAAcKiNGzdq0qRJeuWVV/Td737X8Gufe+453Xnnnfr6668VHx+vgwcPasiQIXr66ac1Z84cSdKnn36q733ve9q+fbvGjBmjKVOm6KqrrtKll17a9jr/9V//pZtuukmHDh3S+PHjdd555+kHP/iBxo4da/jv19XV6eSTT9bhw4cVFRWl3/3ud7rhhhs6/fply5Zp9uzZbcmiQ4cOKSYmRkuWLPFJmpxo06ZNOuuss3Tw4EHFx8fryiuvVEpKSruEkiStWLFCDz74oLZt2yaXyyVJam5u1oABA7Rq1SpdfPHF7b6nsbFR3//+9/Xmm29qxIgROvvss3XxxRfruuuuU58+fSRJU6ZMUXp6ulasWNHu+8vKynTqqaequLhYU6ZMkSTV1NRo2LBh+tOf/qRrrrmm7WcvLS3VmWeeKUnavXu30tPTtXv3bg0dOrTt9aZNm6acnBw9/PDDnf5OAAAAAPwfdqoAAAAADtWV9VX5+flqaWnRn//8Z0nSyy+/rF69eunaa69t+5rTTjtNW7du1T//+U/dcMMNqqqq0hVXXKEbb7yx7WuuvvpqffXVV3rttdd0ySWX6N1339X48eO1bNkyw3+/f//+Ki0t1YcffqiHHnpIt99+u959992Avqe0tFQlJSV6+OGH9ZOf/ESvv/5629ds3rxZV1xxhYYPH67+/fu3lSXbvXu3JOnmm2/WSy+9pHHjxukXv/iF1q9f3/a9H330kcrLy9W/f/+2XTgDBw7UN998ox07dnQYU79+/fS3v/1N5eXluueeexQfH6877rhDOTk5ampqkiSVlpbqwgsv7PD7t23bpujoaE2aNKntWHJysrKysrRt27a2Y7179/ZJVH388cdqaWnRqaee2hZrfHy81q1b12msAAAAANqjUT0AAADgUJmZmXK5XPrss8/8fm1CQoK+973vaenSpbrhhhvamr7Hx8f7fF2vXr101lln6ayzztL8+fO1YsUK/fCHP9Tdd9+ttLQ0SVLfvn110UUX6aKLLtK9996rG2+8Uffdd5/hDpJevXopIyNDkjRu3Dht27ZNjzzyiGE/kOO/R5LGjh2rd955R48++qiuuOIKNTY2avr06Zo+fbpWrlwpt9ut3bt3a/r06W3luy699FLt2rVLb775plavXq0LL7xQt956qx5//HE1NDRowoQJWrlyZbt/2+12G/4+R44cqZEjR+rGG2/U3XffrVNPPVUvv/yyZs+erdjYWMPvDURsbGzb7hlJamhoUFRUlDZv3qyoqCifrz3xbwgAAACgc+xUAQAAABxq4MCBmj59uhYvXqzGxsZ248c3eZekOXPm6P3339cbb7yh9evXt5X9MnLaaadJUoevf/zXGI135NixY0H1ZYmKitKhQ4ckSZ999plqamq0aNEinXvuuRo1apSqqqrafY/b7dasWbO0YsUKPfnkk/r9738v6dveLGVlZRo0aJAyMjJ8/ktMTAw4ptTUVMXFxbX9DsaOHas1a9Z0+LWjR4/W0aNH9cEHH7Qdq6mp0fbt29t+1x3Jzs5WS0uLqqqq2sU6ZMiQgGMFAAAAnI6dKgAAAICDLV68WLm5ucrJydH999+vsWPH6ujRo1q9erWeffZZn5JSeXl5ysjI0MyZMzVq1Ki2nh6tvve97yk3N1dTpkzRkCFDVFlZqbvuukunnnqqRo0apZqaGl1zzTW64YYbNHbsWPXv31+bNm3SY489pquuuqrTGB955BFNnDhRI0eO1OHDh/Xmm2/qhRde0LPPPmv4s3m9Xu3du1fStz1VVq9erbffflsLFy6UJA0fPly9e/dWQUGBfvKTn2jr1q164IEHfF5j4cKFmjBhgsaMGaPDhw/rjTfe0OjRoyVJ1113nX7zm9/oqquu0v33369TTjlFu3bt0iuvvKJf/OIXOuWUU9rF9Otf/1pNTU36zne+oxEjRqi2tlZPP/20jhw5oosuukiSdN999+nCCy/UyJEj9YMf/EBHjx7Vm2++qV/+8pfKzMzUVVddpZtuuknPPfec+vfvrwULFujkk082/B2eeuqpuu666zRz5kw98cQTys7Olsfj0Zo1azR27Fhddtllhr9LAAAAAN9ipwoAAADgYOnp6dqyZYumTp2qO+64Q6effrouuugirVmzpl3SwuVy6YYbbtCBAwc6bBI/ffp0vf7667riiit06qmnatasWRo1apTeeecdRUdHKz4+XpMmTdJ//Md/KC8vT6effrruvfde3XTTTXrmmWc6jbGxsVG33HKLxowZo9zcXP3Xf/2XVqxY4dOrpSP19fU66aSTdNJJJ2n06NF64okndP/99+vuu++W9O0OlGXLlukvf/mLTjvtNC1atEiPP/64z2v07t1bd911l8aOHau8vDxFRUXppZdekiTFxcWpqKhIw4cP17/9279p9OjRmjNnjr755hslJCR0GNN5552nioqKtsTUpZdeqr179+qdd95RVlaWJOn888/XX/7yF7322msaN26cLrjgAm3cuLHtNZYuXaoJEybo8ssv1+TJk+X1evXmm28qJibG8PexdOlSzZw5U3fccYeysrI0Y8YMffjhhxo+fLjh9wEAAAD4Py5vV7pTAgAAAAAAAAAAOBQ7VQAAAAAAAAAAAAJAUgUAAAAAAAAAACAAJFUAAAAAAAAAAAACQFIFAAAAAAAAAAAgACRVAAAAAAAAAAAAAkBSBQAAAAAAAAAAIAAkVQAAAAAAAAAAAAJAUgUAAAAAAAAAACAAJFUAAAAAAAAAAAACQFIFAAAAAAAAAAAgACRVAAAAAAAAAAAAAvD/AcLQaOrfT9P4AAAAAElFTkSuQmCC",
+      "image/png": "iVBORw0KGgoAAAANSUhEUgAABlUAAANXCAYAAACsYNmPAAAAOXRFWHRTb2Z0d2FyZQBNYXRwbG90bGliIHZlcnNpb24zLjkuMiwgaHR0cHM6Ly9tYXRwbG90bGliLm9yZy8hTgPZAAAACXBIWXMAAA9hAAAPYQGoP6dpAADQjElEQVR4nOzdeVyc5bn/8e+TCVmAMCbMJBqNLIHGvWKUmJCg0VRrXZqe1lq0J+qJ7XE5UPXYVk+tW6uprVor2nqqcYkLdTnWU6vVemwUxdTUGrRGjZAB3GoyAwEyTBISeH5/+GPMBBhmYGaeeeb5vF+vvF7hvmeGC5j1vu77ugzTNE0BAAAAAAAAAAAgqnFWBwAAAAAAAAAAAGAHJFUAAAAAAAAAAABiQFIFAAAAAAAAAAAgBiRVAAAAAAAAAAAAYkBSBQAAAAAAAAAAIAYkVQAAAAAAAAAAAGJAUgUAAAAAAAAAACAGJFUAAAAAAAAAAABiQFIFAAAAAAAAAAAgBiRVAAAAANiaYRi65ppr4r7eiy++KMMw9OKLLyY8pqGMNs6xuu+++2QYhlpbW1P+vePR2toqwzB00003jXjZa665RoZhRIwVFhbqnHPOCX8dz9934Hvfd999cUYNAAAApyGpAgAAANvYuHGj/v3f/13FxcWaNGmS8vLyVFFRoV/96lfatm1b+HKFhYU65ZRTIq4bDAZ19dVX65BDDlFOTo7y8/N1+OGH63vf+54++eSTIb/fM888I8MwNHPmTPX398cc5znnnKPc3NxB42+99ZY8Ho8KCwvTfoE7Xscee6wMwxjy3wEHHGB1eDF7+OGHdeutt1ryvW+55RYZhqH/+7//G/Yyd911lwzD0B/+8IcURpY5rPz7AgAAIDOMtzoAAAAAIBZPP/20Tj/9dE2cOFHLli3TIYccot7eXr3yyiv6/ve/r/Xr1+u3v/3tkNfduXOnKisr9d577+nss89WdXW1gsGg1q9fr4cfflhf+9rXNHPmzEHXe+ihh8IJkL/85S9asmTJqON/++23dfzxxysnJ0erV69WYWHhqG8rXe23335asWLFoHG3221BNCOrrKzUtm3bNGHChPDYww8/rLffflsXX3xxyuP51re+pe9///t6+OGHh72vPfzww8rPz9dJJ52U4ujSy5VXXqnLL7886mXi+fsWFBRo27ZtysrKSka4AAAAyCAkVQAAAJD2Wlpa9K1vfUsFBQX6y1/+on322Sc8d9FFF6m5uVlPP/30sNd/8skntW7dOj300EM688wzI+a2b9+u3t7eQdfp6enR//7v/2rFihW699579dBDD406qbJ+/Xodd9xxmjx5slavXq2ioqJR3U66c7vd+va3v211GDEbN26cJk2aZHUYYTNnztTixYv1xBNP6De/+Y0mTpwYMf/xxx+rvr5e3/3ud22x+L9r1y719/dHJDUSZfz48Ro/PvrH2Xj+voZhpNV9AQAAAOmL8l8AAABIez//+c8VDAa1cuXKiITKgJKSEn3ve98b9vobN26UJFVUVAyaGygjtqff//732rZtm04//XR961vf0hNPPKHt27fHHfu7776r448/XhMnTtTq1atVXFwcMT9QquyVV15ReXm5Jk2apOLiYq1atWrQbfl8Pp1++umaNm2asrOzdfTRR0ckk0zTlMfj0aWXXhoe6+/v11577SWXy6XOzs7w+I033qjx48crGAxK+rxk2ccff6ylS5cqNzdXXq9Xl112mfr6+uL+uYeybds2HXDAATrggAMiyrV1dHRon3320YIFC8LfayAen8+nE088UTk5OZo5c6auu+46maY54vdat26dTjrpJOXl5Sk3N1fHH3+8/vrXv0ZcZs+eG8cee6yefvpptbW1hUuX7X6iaMeOHbr66qtVUlKiiRMnatasWfrBD36gHTt2RNzujh07dMkll8jr9WrKlCk67bTT9NFHH8X0O/r2t7+trq6uIZOEv/vd79Tf36+zzjorag+QWHq3xHO/6+zs1MUXX6xZs2Zp4sSJKikp0Y033hhREm/3fii33nqrZs+erYkTJ+qdd95Rb2+vrrrqKs2dO1dut1s5OTlatGiRVq9ePWx8v/zlL1VQUKDJkyfrmGOO0dtvvx0xP1RPlT3F8/cd7vf53nvv6Rvf+IamTZumSZMm6cgjjxxUem3nzp269tprVVpaqkmTJik/P18LFy7U888/HzU+AAAA2BNJFQAAAKS9p556SsXFxVqwYMGorl9QUCBJWrVqVUwL8tJnpb8WL16svffeW9/61re0detWPfXUU3F93w0bNui4447T+PHjtXr1as2ePXvIyzU3N+sb3/iGvvSlL+nmm2/W1KlTdc4552j9+vXhy2zatEkLFizQc889pwsvvFDXX3+9tm/frtNOO02///3vJX22mF5RUaH6+vrw9d566y11dXVJkhoaGsLjL7/8ssrKyiJ6v/T19enEE09Ufn6+brrpJh1zzDG6+eabhy2rtqe+vj4FAoFB/3p6eiRJkydP1v3336/m5mb96Ec/Cl/voosuUldXl+677z65XK6I2/vyl7+sGTNm6Oc//7nmzp2rq6++WldffXXUONavX69FixbpzTff1A9+8AP9+Mc/VktLi4499li99tprw17vRz/6kQ4//HB5PB498MADeuCBB8L9N/r7+3Xaaafppptu0qmnnqra2lotXbpUv/zlL3XGGWdE3M55552nW2+9VSeccIJ+9rOfKSsrSyeffHJMv8N/+Zd/0aRJk/Twww8Pmnv44YdVUFAwZHJwNGK534VCIR1zzDF68MEHtWzZMt12222qqKjQFVdcEZG8G3DvvfeqtrZW3/3ud3XzzTdr2rRp6u7u1t13361jjz1WN954o6655hr5/X6deOKJamxsHHQbq1at0m233aaLLrpIV1xxhd5++20dd9xx2rRp05h+3mh/36GsX79eRx99tN59911dfvnluvnmm5WTk6OlS5eGH3PSZwmea6+9VosXL9btt9+uH/3oR9p///31xhtvjCleAAAApCkTAAAASGNdXV2mJPOrX/1qzNcpKCgwTz755PDXoVDInDNnjinJLCgoMM855xxz5cqV5qZNm4a8/qZNm8zx48ebd911V3hswYIFMcdw9tlnm1lZWeY+++xjzpw503z//fejxirJrK+vD49t3rzZnDhxovmf//mf4bGLL77YlGS+/PLL4bGtW7eaRUVFZmFhodnX12eapmn+4he/MF0ul9nd3W2apmnedtttZkFBgVleXm7+8Ic/NE3TNPv6+sy99trLvOSSSyJilmRed911EfGVlZWZc+fOHfFnPuaYY0xJQ/7793//94jLXnHFFea4cePM+vp687HHHjMlmbfeeuug36Eks7q6OjzW399vnnzyyeaECRNMv98fHpdkXn311eGvly5dak6YMMHcuHFjeOyTTz4xp0yZYlZWVobHVq9ebUoyV69eHR47+eSTzYKCgkE/3wMPPGCOGzcu4vdvmqZ55513mpLMhoYG0zRNs7Gx0ZRkXnjhhRGXO/PMMwfFOZzTTz/dnDRpktnV1RUee++990xJ5hVXXGGapmm2tLSYksx777130PX3/D733nuvKclsaWkJj8V6v/vJT35i5uTkDLoPX3755abL5TI/+OCDiHjy8vLMzZs3R1x2165d5o4dOyLGtmzZYs6YMcP8t3/7t/DYwG1MnjzZ/Oijj8Ljr732mikp4v569dVXm3t+nC0oKDDPPvvs8Nfx/H2H+n0ef/zx5qGHHmpu3749PNbf328uWLDALC0tDY998YtfjHi+AQAAQGbjpAoAAADSWnd3tyRpypQpo76NyZMn67XXXtP3v/99SdJ9992n5cuXa5999lF1dfWg8k2/+93vNG7cOH39618Pj1VVVelPf/qTtmzZEtP3HDi1MW3aNHk8nqiXPeigg7Ro0aLw116vV3PmzJHP5wuPPfPMMyovL9fChQvDY7m5ufrud7+r1tZWvfPOO5KkRYsWqa+vT6+++qqkz06kLFq0SIsWLdLLL78sSXr77bfV2dkZ8T0HnH/++RFfL1q0KCKOaAoLC/X8888P+rdnU/BrrrlGBx98sM4++2xdeOGFOuaYY1RTUzPkbf7Hf/xH+P+GYeg//uM/1Nvbq//7v/8b8vJ9fX3685//rKVLl0aUWttnn3105pln6pVXXgnfp+Lx2GOP6cADD9QBBxwQcQrnuOOOk6RwKatnnnlGkgb9PPE0vv/2t7+t7du364knngiPDZxcOeuss+KOfTix3O8ee+wxLVq0SFOnTo34uZcsWaK+vr6IU1GS9PWvf11erzdizOVyhfuq9Pf3q6OjQ7t27dKRRx455GmOpUuXat999w1/XV5ernnz5oV/t6nQ0dGhv/zlL/rmN7+prVu3hn/u9vZ2nXjiiWpqatLHH38sSdprr720fv16NTU1pSw+AAAAWIekCgAAANLaQL+TrVu3jul23G63fv7zn6u1tVWtra1auXKl5syZo9tvv10/+clPIi774IMPqry8XO3t7WpublZzc7PKysrU29urxx57LKbvN3nyZK1atUrvvPOOTj755HAJrKHsv//+g8amTp0akcBpa2vTnDlzBl3uwAMPDM9L0hFHHKHs7OxwAmUgqVJZWanXX39d27dvD8/tnqCRPusvs+eC+J5xRJOTk6MlS5YM+nfAAQdEXG7ChAm655571NLSoq1bt+ree+8dsj/GuHHjBvWg+cIXviDpsx4YQ/H7/QqFQsP+rvr7+/Xhhx/G9PPsrqmpSevXr5fX6434NxDP5s2bJX32dxg3btygUm9DxTOck046SdOmTYsoAVZXV6cvfvGLOvjgg+OOfTix3O+ampr07LPPDvq5lyxZIunzn3tAUVHRkN/r/vvv12GHHRbuOeL1evX000+HS9PtrrS0dNDYF77whWH/5snQ3Nws0zT14x//eNDPPlB+buBnv+6669TZ2akvfOELOvTQQ/X9739fb731VspiBQAAQGqNtzoAAAAAIJq8vDzNnDlzUKPqsSgoKNC//du/6Wtf+5qKi4v10EMP6ac//amkzxaR//a3v0kaenH3oYce0ne/+92Yvs+3vvUtbdmyRRdeeKH+5V/+RU899VR4x/7udu8jsjszxv4vu8vKytK8efNUX1+v5uZmffrpp1q0aJFmzJihnTt36rXXXtPLL7+sAw44YMgTBany3HPPSZK2b9+upqamYRfj00V/f78OPfRQ3XLLLUPOz5o1K2HfKysrS9/85jd11113adOmTfrggw/U1NSkn//85+HLDNekva+vL+bvE8v9rr+/X1/60pf0gx/8YMjLDiSVBkyePHnQZR588EGdc845Wrp0qb7//e9r+vTpcrlcWrFihTZu3BhzvKnU398vSbrssst04oknDnmZkpISSVJlZaU2btyo//3f/9Wf//xn3X333frlL3+pO++8U+edd17KYgYAAEBqkFQBAABA2jvllFP029/+VmvWrNH8+fMTdrtTp07V7NmzIxI2Dz30kLKysvTAAw8MWnR+5ZVXdNttt+mDDz4Ycpf/UC644AJ1dHToyiuv1Le//e1wabF4FRQUaMOGDYPG33vvvfD8gEWLFunGG2/U//3f/8nj8eiAAw6QYRg6+OCD9fLLL+vll1/WKaecEncMifLWW2/puuuu07nnnqvGxkadd955+sc//iG32x1xuf7+fvl8voiF+/fff1/SZ6XGhuL1epWdnT3s72rcuHFREyDDJStmz56tN998U8cff/ywl5E++zv09/dr48aNEadThoonmrPOOkt33nmnHnnkEbW0tMgwDFVVVYXnp06dKknq7OyMuN7AiaVEmT17toLBYPhkymg8/vjjKi4u1hNPPBHxuxs48bGnocpovf/++8P+zeMR7W+3u4ETUllZWTH97NOmTdO5556rc889V8FgUJWVlbrmmmtIqgAAAGQgyn8BAAAg7f3gBz9QTk6OzjvvPG3atGnQ/MaNG/WrX/1q2Ou/+eabCgQCg8bb2tr0zjvvRCx+P/TQQ1q0aJHOOOMMfeMb34j4N9CTpa6uLq74f/SjH+mSSy7RY489pn//93+P67oDvvKVr2jt2rVas2ZNeKynp0e//e1vVVhYqIMOOig8vmjRIu3YsUO33nqrFi5cGF5IXrRokR544AF98sknQ/ZTSYWdO3fqnHPO0cyZM/WrX/1K9913nzZt2qRLLrlkyMvffvvt4f+bpqnbb79dWVlZOv7444e8vMvl0gknnKD//d//jSgXtWnTJj388MNauHBhuKTcUHJycoYsSfXNb35TH3/8se66665Bc9u2bQuXdzvppJMkSbfddlvEZW699dZhv+dQKioqVFhYqAcffFCPPPKIjjnmGO23337h+by8PHk8nkE9TX7961/H9X1G8s1vflNr1qwJnyzaXWdnp3bt2jXibQwkJ3c/AfPaa69F3Jd39+STT4b7lUjS2rVr9dprr4V/t2Mx3N93T9OnT9exxx6r//7v/9Y///nPQfN+vz/8//b29oi53NxclZSUDOrVBAAAgMzASRUAAACkvdmzZ+vhhx/WGWecoQMPPFDLli3TIYccot7eXr366qt67LHHdM455wx7/eeff15XX321TjvtNB199NHKzc2Vz+fTPffcox07duiaa66R9NlCb3Nzc0Rz9N3tu+++OuKII/TQQw/phz/8YVw/w80336wtW7bo7rvv1rRp03TjjTfGdf3LL79cdXV1Oumkk1RTU6Np06bp/vvvV0tLi/7nf/4n4vTL/PnzNX78eG3YsCGiVFllZaV+85vfSFJSkipdXV168MEHh5z79re/LUn66U9/qsbGRr3wwguaMmWKDjvsMF111VW68sor9Y1vfENf+cpXwteZNGmSnn32WZ199tmaN2+e/vSnP+npp5/Wf/3Xfw0qXba7n/70p3r++ee1cOFCXXjhhRo/frz++7//Wzt27IgooTWUuXPn6pFHHtGll16qo446Srm5uTr11FP1r//6r3r00Ud1/vnna/Xq1aqoqFBfX5/ee+89Pfroo3ruued05JFH6vDDD1dVVZV+/etfq6urSwsWLNALL7yg5ubmuH6XhmHozDPP1A033CDps74dezrvvPP0s5/9TOedd56OPPJI1dfXh0/yJMr3v/99/eEPf9App5yic845R3PnzlVPT4/+8Y9/6PHHH1dra6s8Hk/U2zjllFP0xBNP6Gtf+5pOPvlktbS06M4779RBBx2kYDA46PIlJSVauHChLrjggnByMD8/f9gSZPEY7u87lDvuuEMLFy7UoYcequ985zsqLi7Wpk2btGbNGn300Ud68803JUkHHXSQjj32WM2dO1fTpk3T66+/rscff3zY5xEAAADYnAkAAADYxPvvv29+5zvfMQsLC80JEyaYU6ZMMSsqKsza2lpz+/bt4csVFBSYJ598cvhrn89nXnXVVebRRx9tTp8+3Rw/frzp9XrNk08+2fzLX/4Svlx1dbUpydy4ceOwMVxzzTWmJPPNN98c9jJnn322mZOTM2h8165d5tKlS01J5ooVK4aMdcAxxxxjHnPMMRFjGzduNL/xjW+Ye+21lzlp0iSzvLzc/OMf/zhkDEcddZQpyXzttdfCYx999JEpyZw1a1bMMV999dVmLB8bjjnmGFPSsP9M0zT//ve/m+PHjzerq6sjrrtr1y7zqKOOMmfOnGlu2bIlIp6NGzeaJ5xwgpmdnW3OmDHDvPrqq82+vr6I60syr7766oixN954wzzxxBPN3NxcMzs721y8eLH56quvRlxm9erVpiRz9erV4bFgMGieeeaZ5l577WVKMgsKCsJzvb295o033mgefPDB5sSJE82pU6eac+fONa+99lqzq6srfLlt27aZNTU1Zn5+vpmTk2Oeeuqp5ocffjhknNGsX7/elGROnDgx/HvZXSgUMpcvX2663W5zypQp5je/+U1z8+bNg77Pvffea0oyW1pawmPx3O+2bt1qXnHFFWZJSYk5YcIE0+PxmAsWLDBvuukms7e31zRN02xpaTElmb/4xS8G3WZ/f795ww03mAUFBebEiRPNsrIy849//KN59tlnR/x+d7+Nm2++2Zw1a5Y5ceJEc9GiRYMeb0PdLwsKCsyzzz47/HU8f9+B733vvfdG3ObGjRvNZcuWmXvvvbeZlZVl7rvvvuYpp5xiPv744+HL/PSnPzXLy8vNvfbay5w8ebJ5wAEHmNdff334dwMAAIDMYpjmKLpfAgAAAEASnXPOOXr88ceHPMkAAAAAAFahpwoAAAAAAAAAAEAMSKoAAAAAAAAAAADEgKQKAAAAAAAAAABADOipAgAAAAAAAAAAEANOqgAAAAAAAAAAAMSApAoAAAAAAAAAAEAMxlsdQKr19/frk08+0ZQpU2QYhtXhAAAAAAAAAAAAC5mmqa1bt2rmzJkaNy76WRTHJVU++eQTzZo1y+owAAAAAAAAAABAGvnwww+13377Rb2M45IqU6ZMkfTZLycvL8/iaAAAAAAAAAAAgJW6u7s1a9ascP4gGsclVQZKfuXl5ZFUAQAAAAAAAAAAkhRTyxAa1QMAAAAAAAAAAMSApAoAAAAAAAAAAEAMSKoAAAAAAAAAAADEgKQKAAAAAAAAAABADEiqAAAAAAAAAAAAxICkCgAAAAAAAAAAQAxIqgAAAAAAAAAAAMSApAoAAAAAAAAAAEAMSKoAAAAAAAAAAADEgKQKAAAAAAAAAABADCxNqtTX1+vUU0/VzJkzZRiGnnzyyRGv8+KLL+qII47QxIkTVVJSovvuuy/pcQIAAAAAAAAAAFiaVOnp6dEXv/hF3XHHHTFdvqWlRSeffLIWL16sxsZGXXzxxTrvvPP03HPPJTlSAAAAAAAAAADgdOOt/OYnnXSSTjrppJgvf+edd6qoqEg333yzJOnAAw/UK6+8ol/+8pc68cQTkxUmAAAAAAAAAACAvXqqrFmzRkuWLIkYO/HEE7VmzZphr7Njxw51d3dH/AMAAAAAAAAAAIiXrZIqn376qWbMmBExNmPGDHV3d2vbtm1DXmfFihVyu93hf7NmzUpFqAAAAAAAAAAAIMPYKqkyGldccYW6urrC/z788EOrQwIAAAAAAAAAADZkaU+VeO29997atGlTxNimTZuUl5enyZMnD3mdiRMnauLEiakIDwAAAAAAAAAAZDBbnVSZP3++XnjhhYix559/XvPnz7coIgAAAAAAAAAA4BSWJlWCwaAaGxvV2NgoSWppaVFjY6M++OADSZ+V7lq2bFn48ueff758Pp9+8IMf6L333tOvf/1rPfroo7rkkkusCB8AAAAAAAAAADiIpUmV119/XWVlZSorK5MkXXrppSorK9NVV10lSfrnP/8ZTrBIUlFRkZ5++mk9//zz+uIXv6ibb75Zd999t0488URL4gcAAAAAAAAAAM5hmKZpWh1EKnV3d8vtdqurq0t5eXlWhwMAAAAAAAAAACwUT97AVj1VAAAAAAAAAAAArEJSBQAAAAAAAAAAIAYkVQAAAAAAAAAAAGJAUgUAAAAAAAAAACAGJFUAAAAAAAAAAABiQFIFAAAAAAAAAAAgBiRVAAAAAAAAAAAAYjDe6gAAAAAAOJfPH1RbR0iF+Tkq8uRYHQ5gS7e/0KSGjQEtKvXqwsUlVoeTUk5+Dnlpw2Y1ftSpI/afqkWlXqvDgY05/b7k9J8fiVN4+dPh/7f+7GQLI4mO+/zYGaZpmlYHkUrd3d1yu93q6upSXl6e1eEAAAAAjtQZ6lVNXaPqm/zhscpSr2qryuTOzrIwMuzJLovWTlwgeLXZrzPvXjto/JHvHK15s/MtiCh1nPwc0tbeo6V3NGhLaGd4bGp2lv5w0ULNys+2MLLUscvzUrpz+n3J6T8/Eqfo8qc11AL7eEnNY0yuJPL5jvt8dPHkDUiqAAAAAEi5ZSvXqqE5oL7dPo64DEMVJR6tWl5uYWQYYJdFaycvEOy+I3ZP6bxDNhFOv/NV/a11y6Dx8sKpevT8BRZElDqHXP0nBXf0DxqfMnGc/nHtSRZElDp2eV6yiy/819PqHXxX0oRx0vs3pOdzSCIXmMuu+3PEa8eAqdlZWnfVCWO6bThLMl6Pk/F8d9g1z6l7+65B43mTxuuta04c1W1mknjyBvRUAQAAAOLg8we1esNmtQR6rA7Ftnz+oOqb/BEJFUnqM03VN/n53aaJmrpGNTQHIsYamgOqrltnUURD2zOhIklbQjt12h2vWBRRatz+QlPU+V+vbk5RJKnn8weHTKhI0trWLRn9HPLShs1DJlQkaeuOfr282+JbJrLL85IdvLRh85AJFUnq7Vfa3Zc6Q71atnKtjrv5JZ1779+0+KYXtWzlWnUNkRSJxUsbNg+ZUJE+ew1Jt58f6StaQiWW+eEk+vnupQ2bh0yoSFL39l3c5+NEUgUAAACIQaI/zDtZW0co6nxre+YuiNqFXRJfTl4Uu/fVlqjz97ziS1EkqffHtz6JOv/0CPN29sBf26LPv9qamkAsYJfnJbu49NHGqPOX/C69ElWJXmBu/Kgz6vwbHwyduAVSIRnPd082fhx1/vdvRJ9HJJIqAAAgrXAKAOmK3bGJs7lre9T5wNYdKYoEw7FL4svJi2IjJXQ7Mzjh+8xb/xzTvJ19NMJj88Mt21IUSerZ5XnJLoZLSA/oSKPnkGQsMO89ZVLU+ZnuyXHfJpAoyXi+a/VHv05LIBj3bTrZeKsDAAAAkKiRjfQ28GF+T7t/mKdRbuw+3Ro9qfJJV+YuCtpFwbTovUgK89Pj/u7oRTFDGrIr7u7zGeqTzujPER9tib4YZWezpmXrvU3DL3zNmpa593m7PC/ZxeTx49Szc5j6X5Kyx6fPPuxYFpjjfR82/E/+mV39jmpBjTSTjOe7SRNcUecnZ5EmiEf6PEMCAABH4xQA0hm7YxPr8P32ijp/xP5TUxMIhlXszVVlqVcuI3Jl3mUYqiz1pk0Scbo7elLFM2ViiiJJvdxJ0Rc/pkzK3A0JWSMs9k7Iytylji+O8Px5+KzMff5M9vMSp6UjpVNKITkJteg/YQbnpWEDyXi+W3r4vlHnv3ZE9HlEytx3GgAAwDaokY10x+7YxDpmznSNHzf0csX4cYYWlXrHdPssjCVGbVWZKko8EWMVJR7VVpVZFNFgI32gHe5+lgmOnzMj6vySA6PP29mcGVOizh8wIy9FkaTexhGe15o3Z3b5lmQ8LyWzZ1o6vx7t7I9+VmPXCPN2N9JJxn2nZu6pL9hDop/vzijfP+r86UfOGtXtOhXnegAAgOWScaQfSKRib66mZmcNWX98anYW9884+fzBYctq7Oo3R11OjTKCieXOztKq5eVqCfSotb1Hhfk5aXdfd3L5llMOn6n/WTd8U9mvHLZPCqNJreyJ0Zcysidk8lJH5t6nY5GM56Vop6VXLS8f1W3a4fVoyqQstfcMnzhKp9NulP+CEyX6+c7nj550p5xxfDipAgAJlM47kYB0xikApDufPzhsQ9ctoZ0878cpWeXUKCOYHEWeHC2eMz0tP2gn+/Ujnd/bOfmUjpNRvuUziXpeStZpaTu8Hu0/Nfrz5/4jPL+mUjKe6/n8AbtI1PPday0dUef/6msf0+07TSZv3wCAlLHDTiQgnQ3UjG1oDkR8qHUZhipKPGm5kAdn4TRVYiVjIWNgYWxPuy+M8TfKPMk6RWaH93ZO3mX98QjPyR9ncKP6Y+ZMV97E8eresWvQXN7E8WMun+g0yXh9t8vrUdf26OXNurYNvo9ZJRmfFfj8Aeehj1AicVIFABLADjuRgHT306UHK29y5H6PvMnjdf3SQyyKCPgcuxkTKxnNN5N1+gXpLVmnyOzw3s7Jz0tbtkVfDG4P9aYoEmscsM/QPWWGG8fwkvE4ssvr0YhJlRHmUy0Z/XTs0DsM6W/KRFfU+bwR5lNl3AhpExcnXOPCSRUAGCO77EQC0t2VT65X9x474rq37dKPnnx71PWsgURhN2Pi1VaVqbpuXcRr6FgWMuy4wOzzB9XWEUrLXiV24eRd5sXeXE2Z5NLW7X2D5vImudIixmSZ7cnRp907hp0vnZ6bwmhSy+cPam3rliHn1rZuSZv7p10k4/XdLq9HI5UITLcSgsnop2OH3mFIf9kTXdq6Y/Br8efz6bH8/u6n3VHn3/kk+jwipcdfFQBsjJIwwNjZZQELzpboJIDTJXohw06JLzuUlrILq3aZp8P9yecPDplQkaTu7X0Z/dpZPjtfDb7ha8MfWTQthdGkll3un3aS6Nd3u7weZbmiF68Zad4qRZ7EJz6ScZtwjpys8ZKGPyGZOyE9lt+n5UyMPp87IUWRZIb0+KsCgI3ZZScSkM7suEDADnPnYTdjciRyIcMuia9opaU4mRcfJ+8y/+Nb/xxh/hNVH1eaomhSq6snelmirWnUCyLR7HL/tJNkvL7b4fVoyoQsSduHn0+T3fWA3aVLh7NTDttHtzz/fpT5mSmMxv54hgSAMbLLTiQgndlpgYAd5mA3Y/qyQ+KLk3mJ59Rd5h09w5e/kqSOYOb2FenYFv1nC4zwu7Ezu9w/7SiRr+92eD06YOYUvbtp6/Dz++SlMBrAvnr7+keYH740WCoVe3N1VMFU/a1tcAnJowqmpt1zVLpLz7N8AGAzNLgDxiYZTauTxQ7Ni5FcPn9QqzdsHnUDbCRfkSdHi+dMT6vnjgF2aWBsJ2YS9oDa4b3d4jnTo84fd2D0eTubX5Qfdb5itifqvN3Z4f6Jz6Tz69HRIzyO5s+OPg/gM1MmRT+zkJtGp77uPvsoVZZ6I8YqS726++yjLIrIvtLnrwoANmaHnUhAuvvp0kP01Tte0ZbQ5yU98iaP1/VLD7EwqkjsMHc2TikhEex0Ms8uklFOzQ7v7WaNcF/ab2r0eTs7o3x//fCJfww7f/qRs1IYTeol8/5JeVPnmO6eFHXeMyV6/wUAnzlwnzy9+2lw2PmDZ7pTGE10dnh/YxckVQAggSgJA4zelU++re49aqB3b9ulHz35dtr0GLBj7xckDn0wkAiU7kmsZCe70/m93Wstwzdql6S/+trTNvax8vmHX7yS5JhNDom8f7JxwHlGKl0zfpwxwiUASJJ7cvTnyJHmrZDO72/sgvJfAADAcgOLYrsvMEqRi2LpgB3mzmWX+yjsgdI9iePkcmr+rcM3mJak9mDm9hWJJaGE+FDe1Hmid4GQdvWnS3ttIL117rExcE+7V2JA5uCkCgAAsJxdToCww9y57HIfhT1QeiFxnLzTektP9GbtI83bmZMTSslAedPkSedyamwWAhKjyBP9sVTs5bGUiUiqAAAAy9npQ11tVZmq69ZFLD6wwzzz2ek+Cvug9MLYOXmn9Ug/WQb/6I5OKCUDGwcSzw7l1Iq9uXJPHq+uIXbZuyeP528OxOiUw2bqluebhp0/+bCZKYwmNumc8LULkioAAMBydjoBwg5zZ7LTfdRu+FCHsXBywnPxnOm679W2YeePO3B6CqNJLUqtJJaTH0fJYoc+bD5/cMiEiiR1bdvFCSUgRh+OkJj+aEsobR5Ldkj42gU9VQAAQFqwW4+BIk+OFs+ZnjZvkJF8druPprvOUK+WrVyr425+Sefe+zctvulFLVu5Vl0shgIxOWbOdO01TPPbvSZnaVGpN8URpc5wP/eAqSwMxWVg44DLiCyX5zIMVZZ6ea8TJ7v0YaM3EZAYjR91Rp1/44MtqQkkBvTPShxOqgAAgLTACRCkO+6jiWWHXbxIf04vW/TUfyzUaXe8EnEyY2p2lv5w0UILo0q+qTkTos7vNcI8BqO8aeLY53kpeo3AzO1IBSTW3lMmRZ2f6Z6cokiio39WYpFUAQAAaYUeA0h33EfHjg91SBSnly2alZ+tdVedoEf/9oFe9bWrYrZHpx85y+qwks47JXrSxJs7MUWRZA42DiSOXZ6X5hXlR58vjj4P4DP9IyQo+9KkyZl9Er72QFIFAAAAQErxoQ6J4vR+R3vWRn9y3Sd66s1/Znxt9JF2/e47NT12BdsRGwfGzunPS4DzRD/XlR4pFfskfO2CnioAAAAAUooPdUgkJ/c7cmpt9P4R5nelya5gOJcdnpdi2eAAYGTziqZFnT86TU590T8rsTipAgAAACCl2MWLRBooW1T//mat+7BTR+w/NaObtA9wchk9ErNId3Yop8bjCEiMv7V0RJ1/vbUjbR7/9M9KHJIqAAAAAFKOD3VIlD1LYElSZak340tgObmMXrE3V0cWTNXrbVsGzR1VMDVjf27YTzqXU2ODA5AYz7+7Ker8n9d/mjb9zuyQ8LULkioAAAAAUo4PdUiUaCWwVi0vtyiq5HP6LvP3N20dcnzDMOMABmODAzB2oR27os5v6+1LUSSxS+eEr12QVAEAAABgGT7UYSycXALLybvMX9qwWd3bh17E6t6+Sy83+R1RAg4YKzY4AGOXPTH68vqkCa4URYJUolE9AADAKPj8Qa3esFktAZp4AoBVnN5o2Q7NsJNh9YbBibTdvfDu5hRFAmSGIk+OFs+ZTkIFGAX3pOilRqdmT0hRJEglTqoAAADEwam1+wEgHTm9BNbALvP69zdr3YedOmL/qY44oTEtJ/rrrSeXBSwAQGr4AsGo882b068spc8fVFtHiNNpY0BSBQAAIA5Ord0PAOnIySWwJOcm+k85bKZueb5p2PmTD5uZwmgAAE6229uPtOfU9w3JQPkvAADGiDJQzjFQu79vj3fOu9fuBwCkllNLYEnSBQ++MainTH2TX+c/+HeLIkqNYm+ujpjlHnLuiFl7ZXwyDUg0Ps8Ao1dVvn/U+TPnFaQokpE59X1DMnBSBQCAUWKXh/PEUrufhRwASC2nNlr2+YNa42sfcm6Nr10tgcx+TZqYNfRyxsQsGgIDseLzDDB2Z5Tvr8uf+IeGOrBiSDr9yFmpDmlITn/fkGicVAEAYJSilYFCZnJ67X4ASGdOa7T8WktH1Pm/DrNwkgliWRgCMLILHxp61/oFD7FrHYhH2f57xTVuBSe/b0gGkioAAIwCZaCcaaB2v8swIsZdhqHKUq9jFvIAAOkgehF3I+qsvcVychRAdD5/UK9uHHoR9dWNJCeBWPn8Qb3xQeeQc2980JlGjyXnvm9IBpIqAACMAh/mncvJtfuBZKCOOzA684ryo88XR5+3M06OAmP3Wkv0XemvsWsdiIld1gac/L4hGeipAgDAKPBh3rmcWrsfSDTquANjU+zNlXtylrq27Rw0556cldGvTQMnRxuaAxGnhl2GoYoST0b/7ECi+Lf2Rp8P7khRJIC9jXRiYfy49DgDUuzN1YLZ+UOeUFswO5/XzjhxUgUAgFGgDBScVrsfSDT6UgFj4/MHh0yoSFLXtp0Zf/qLk6PA2HinTIg+nzsxRZEA9tY/wvyu/uhlt1LpN2fNVWWpN2KsstSr35w116KI7IuTKgAAjFJtVZmq69ZF7LLmwzwAjGygL9Wedu9LRcISiC6WciOZ/Dji5CgwNpQCAhLDTlUseO1MHJIqAACMEm9IAGB0nL4YDCSCnRZxkqnIw/svYDQoBQQkRrE3V/OL87VmiD5E84vT87HEa+fYUf4LAIAxogwUAMSHxeDP+PxBrd6wOePLNCE5KEUKYKwoBQQkhjFM25ThxmF/nFQBAAAAkFJObzLdGepVTV1jRAm0ylKvaqvK5M7OsjAy7MnnD6qtI5S2p1EpRZr+fyMgnXHyHhg7nz845IkvSXp1YztlbTMUSRUAAAAAKefkxeCaukY1NAcixhqaA6quW6dVy8stigq7s0viy1T6NL9NNbv8jQA7oBQQMHqUtXUmyn8BAAAASLmB3bGrLztW9557lFZfdqxWLS/P+MVQnz+o+iZ/xAkdSeozTdU3+SkFliaiJb7SiV3iTIYLH3ojIqEiSfVNfl3w0N8tiggA4ESUtXUmkioAAABIC/SXcCan9aWKZTcjrGWXxJdd4kyGWEqtYHR4LQaA+CS7xxnPy+mJ8l8AAACwFCVc4CTsZkx/dinjYZc4k+G1lqETKuF5X3vG/uzJwmsxAIxeMsra8ryc3jipAgAAAEs5uXwNnCfZuxkxdnZJfNklzuQwos46t9PM6PFaDACjl4weZzwvpzeSKgAAALCMk8vXwLlqq8pUUeKJGBvrbkYkDomv9DevaFrU+aOL81MUSWbgtRgAxua8+18fss/Xeff/bVS3x/Ny+qP8FwAAACzj5PI1cC53dpZWLS9XS6BHre09KszP4X6eZpJRxiPRnPz8WezN1fzifK3xDS4DNr84P2N/7mRx8n0JAMbK5w/q9bYtQ879rW2LWgLxP4fyvJz+SKoAAADAMs4uXwOnK/KQTElXdkh8Of35885vzx2U+BqoNY/4OP2+BABj8ce3/jnC/CeqPq40rtvkeTn9kVQBgATy+YNq6wil5QdvAEhHA2V2GpoDEcfbXYahihIPz6UALJXOiS+nP3/aIfFlF06/LwHAWHT07Ig+H+yN+zZ5Xk5/9FQBgAToDPVq2cq1Ou7ml3TuvX/T4pte1LKVa9UV2ml1aACQ9ugvAQCjw/PnZ4mvxXOms8A0RtyXnO2lDZv1qxfe18t79IQAMLLFc6ZHnT/uwOjzw+F5Ob0ZprlHx5sM193dLbfbra6uLuXl5VkdDoAMsWzl2mF3EKxaXm5hZABgH+w2BoDRqX9/s9Z92Kkj9p+qRaVeq8OBjfFa7Cxt7T1aekeDtuy2GXBqdpb+cNFCzcqPXn4IwOcOv/bP6tw2eFPtXpOz1Hj1CWO6bZ6XUyeevAFJFQAYI58/qONufmnY+dWXHcsLHwAAABKuM9SrmrrGIfuKuLOzLIwMgB2UXffniITKgKnZWVp31dgWggEnWf9xl756R4N29X++zD5+nKE/XFShg/Z1WxgZ4hFP3oDyXwAwRm0doajzre09KYoEAAAATlJT16iG5kDEWENzQNV16yyKCIBdvLRh85AJFUnaEtpJKTAgDjc+u0F7HlswTelnz26wJiAkHUkVABijgmnRj0UX5nNKBQCA4fj8Qa3esFktATYhAPHw+YOqb/JHlJ+VpD7TVH2Tn8cUgKgaP+qMOv/GB1tSEwhgc7weO9N4qwMAALsr9uaqstQ7bE8VSn8BADAYZYuAsYnltLQT3of6/EG1dYSoNQ/E6fD99oo6f8T+U1MTCGBzvB47EydVACABaqvKVFHiiRirKPGotqrMoogAAEhvlC0Cxsbpp6U7Q71atnKtjrv5JZ1779+0+KYXtWzlWnUNU84IQKRZIzyH7DeVRvVALJz+euxUnFQBgARwZ2dp1fJytQR61Nrew045AACiGCiTsKfdyyTwOgpE5/TT0tESs6uWl1sUFWAf7K4HEqPYm6sFs/P16sb2QXMLZufzOMpQnFQBgAQq8uRo8ZzpvGgCABBFLAs5AEbm1NPS1K8Hxo7d9UDi7NmkfqRx2B8nVQAAAACkFAs5QGI49bQ0O+yBsXP6aTcgUXz+oNb4Bp9SkaQ1vnZOYGcoTqoAAAAASKmBhRyXYUSMuwxDlaVePngCcXLaaemRFjLGjzNGuAQAybmn3YBE4gS2M5FUAQAAAJByLOQAiePzB7V6w2bHlL36pGtb1PmPt0SfB/AZU9QmAsaKE9jORPkvAAAAACnn1LJFQCJ1hnpVU9eo+iZ/eKyy1KvaqjK5s7MsjCy5/Ft7o88Hd6QoEsDeauoa1dAciBhraA6oum6dVi0vtygqwF4opedMnFQBAAAAYBmnlS0CEinagmhmi767nuJfwMh8/qDqm/wRi8CS1Geaqm/yO+bkG5AIP116iPImR55dyJs8XtcvPcSiiJBsJFUAAAAAALAZJy+IeqdMjDrvyY0+D4A+EEAiXfnk2+retitirHvbLv3oybctigjJRlIFAAAAAACbcfKCaPsI5b86eqLPA6APBJAoTt7k4GQkVQAAAAAAsBknL4g2bAxEnX+lKfo8AACJ4uRNDk5GUgUAAAAAAGQMg6YqwIhYCAYSw8mbHJyMpAoAAAAAADbj5AXR+bM9UeePnp2fokgA+xppQXD8OLKTQCyKvbmamp015NzU7CwVeUiqZCKSKgAAAAAA2IyTd8Z+cT931PnDZ+2VmkAAG+sfYX5XvznCJQBIn/VU2RLaOeTcltBOeqpkKJIqAAAAAADYjJN3xrIYDIydkxOzQCI5+eSok5FUAQAAAADAZpy8M5bFYGDsir25qiz1yrVHEyKXYaiy1JvRiVkgkXhNciaSKgAAAAAA2IyTd8YWe3O1YJi+KQtm57MYDMTop0sPVt7k8RFjeZPH6/qlh1gUEQDYA0kVAAAAAABsxuk7Y81hKnwNNw5gsCufXK/ubbsixrq37dKPnnzboogA+3HyJgcnI6kCAAAAAIDNOLl0j88f1Bpf+5Bza3ztGV36DEgUnz+o+ia/+vbIRPaZpuqb/DyOgBht7toedT6wdUeKIomdzx/U6g2beZyPwfiRLwIAAAAAANJNbVWZquvWqb7JHx6rKPGotqrMwqiSL5ZdwZmcVAISgccRkBifbo2eVPmka1uKIhlZZ6hXNXWNEe8bKku9qq0qkzs7y8LI7IekCgAAAAAANuTOztKq5eVqCfSotb1Hhfk5jlgEHankxvhxxgiXAOD0EoJAohy+315R54/Yf2pqAolBTV2jGpoDEWMNzQFV163TquXlFkVlT5T/AgAAAADAxoo8OVo8Z7ojEiqS1D/C/K5+GqsAI3FyCUEgkWaNkKDcb2r0+VSh5F9ikVQBAAAAAAC2wUkVIDFqq8pUUeKJGHNCCUEgkezSqN4ucdoF5b8AAAAAAIBtcFIFSAynlhAEEskuiX5K/iUWSRUAAAAAAGAbLAwBiVXkIZkCjNZIjeg/3pIejeoHSv41NAciSoC5DEMVJR6eA+JE+S8AAAAAAGAb9IIAAKSP6CdR0unsJCX/EoeTKgAAAAAAwFZqq8pUXbdO9U3+8BgLQwCAVJtXNC3q/NHF+SmKZGSU/EsckioAAAAAAMBWWBgCAKSDYm+u5hfna42vfdDc/OL8tHxtMs10Oj9jTyRVAAAAAACALdELAgBgtRu/fqi+ekeDtoR2hsemZmfp518/zMKoBusM9aqmrjHilGdlqVe1VWVyZ2dZGJn90FMFAAAAAAAAAIBRuPLJ9eretitirHvbLv3oybctimhoNXWNamgORIw1NAdUXbfOoojsi6QKAAAAAAAAAABx8vmDqm/yq2+Pklp9pqn6Jr9aAj0WRRbJLnHaBUkVAAAAAAAAAADi1NYRijrf2p4eyQq7xGkXJFUAAAAAAAAAAIhTwbTsqPOF+enR98sucdoFSRUAAAAAAAAAAOJU7M1VZalXLsOIGHcZhipLvSrypEeywi5x2gVJFQAAAAAAAAAARqG2qkwVJZ6IsYoSj2qryiyKaGh2idMODNPcoztNhuvu7pbb7VZXV5fy8vKsDgcAAAAAAAAAYHMtgR61tveoMD8nrU9+2CXOVIsnbzA+RTEBAAAAAAAAAJCRijz2SFLYJc50RlIFAAAAAAAAcCifP6i2jhC71gEgRiRVAAAAAAAAAIfpDPWqpq5R9U3+8FhlqVe1VWVyZ2dZGBkApDca1QMAAAAAAAAOU1PXqIbmQMRYQ3NA1XXrLIoIAOyBpAoAAAAAAADgID5/UPVNfvWZZsR4n2mqvsmvlkCPRZEBQPojqQIAAAAAAAA4SFtHKOp8a7tzkio+f1CrN2wmkQQgZvRUAQAAAAAAABykYFp21PnC/MxvWE9PGQCjxUkVAAAAAABgS+wwB0an2JurylKvXIYRMe4yDFWWelXkyfykCj1lAIwWJ1UAAAAAAICtsMMcGLvaqjJV162LeBxVlHhUW1VmYVSpMdBTZk+795RxQmIJwOiQVAEAAAAAALYSbYf5quXlFkUF2Is7O0urlper/n2/1n24RUfsP1WLSr1Wh5USsfSUIakCYDgkVQAAAAAAgG2wwxxIDCef+KKnDICxoKcKAAAAAAA25rS+IrHsMAcwMif3FKGnDICx4KQKAAAAAAA25NRd5uwwB8aOE1/O7imD5PD5g2rrCKkwPyfjHz9OR1IFAAAAAAAbcmpfkYEd5g3NAfWZZnjcZRiqKPGwkAXEgJ4in/eUaQn0qLW9h4VwjJpTNzk4GeW/AAAAAFjGaWWLgEQZ2GW+e1JBitxlnslqq8pUUeKJGGOHORA7Tnx9rsiTo8VzppNQwag5uZSeU3FSBQAAYBQ42g2MDTv6gLFx+i5zdpgDY8OJLyAxKKXnTCRVAAAA4sBCMJAYTi1bZEckkdMTu8w/U+ThfgmMFj1FgLFz+iYHpyKpAgAAEAcWgoGxY0efPZBETm/F3lwtmJ2vVze2D5pbMDvfMY8hkn7A6HHiCxg7Njk4E0kVAACAGLEQDCQGO/rsgSRy+tujncqI45mEpB+QOJz4AkaPUnrORKN6AACAGMWyEAxgZOzoS39Ob4JuBz5/UGt8g0+pSNIaX3vG/41oCgwASBe1VWWqKPFEjFFKL7NxUgUAACBGLAQDicGOvvTHaaL05+S/ESdHAQDphFJ6zsNJFQAAgBgNLAS7DCNi3GUYqiz18sYZiAM7+tIbSeT0N9KH+fHjjBEuYV+cHAWcy+cPavWGzRl/Gg/2VOTJ0eI50/lc6ACcVAEAAIhDbVWZquvWReyQZSEYiB87+tIbp4nSX/8I87v6M7exCkk/ILF8/qDaOkJp/VpMHyUA6YSkCgAAQBxYCAYSi+a46YskcnpzcmKBpB+QGHZKVETro7RqeblFUQFwKsM0zczdvjKE7u5uud1udXV1KS8vz+pwAAAAACCtkUROX8tWrh02sZDpi4xdoZ2Dkn7puhgMpCu7PIf4/EEdd/NLw86vvuxYXp8AjFk8eQNOqgAAAAAAhsVpovTl5NNEnBwFxsbnD0Y8dwzoM03VN/nVEuhJm8dULH2U0iVWONtLGzar8aNOHbH/VC0q9VodDpKIpAoAAAAAADZEYoGkHzBadkpUOLncIeyhrb1HS+9o0JbQzvDY1Ows/eGihZqVH/3+C3saZ3UAAAAAAABg9Io8OVo8Z3raLIACSH92SlQM9FFyGUbEuMswVFnq5bkPltszoSJJW0I7ddodr1gUEZLN8qTKHXfcocLCQk2aNEnz5s3T2rVro17+1ltv1Zw5czR58mTNmjVLl1xyibZv356iaAEAAAAAAAB7s1uioraqTBUlnogxp5Q7RHp7acPmQQmVAVtCO/XyEGX2YH+Wlv965JFHdOmll+rOO+/UvHnzdOutt+rEE0/Uhg0bNH369EGXf/jhh3X55Zfrnnvu0YIFC/T+++/rnHPOkWEYuuWWWyz4CQAAAAAAAAD7sVNfJsodIl01ftQZdf6ND7bQXyUDGaZpmlZ983nz5umoo47S7bffLknq7+/XrFmzVF1drcsvv3zQ5f/jP/5D7777rl544YXw2H/+53/qtdde0yuvxHacqru7W263W11dXcrLy0vMDwIAAAAAAADYEIkKYPRe2rBZZ9/7t2HnH1heTlLFJuLJG1hW/qu3t1d///vftWTJks+DGTdOS5Ys0Zo1a4a8zoIFC/T3v/89XCLM5/PpmWee0Ve+8pVhv8+OHTvU3d0d8Q8AAAAAkFl8/qBWb9islkCP1aEAgK3QlwkYvVkj9CfabyqN6jORZeW/AoGA+vr6NGPGjIjxGTNm6L333hvyOmeeeaYCgYAWLlwo0zS1a9cunX/++fqv//qvYb/PihUrdO211yY0dgAAAABAeugM9aqmrjGifE1lqVe1VWVyZ2dZGBkA2IPPH1RbR4iTKsAotHWEos63tvfwuMpAljeqj8eLL76oG264Qb/+9a/1xhtv6IknntDTTz+tn/zkJ8Ne54orrlBXV1f434cffpjCiAEAAAAAyVRT16iG5kDEWENzQNV16yyKCADsoTPUq2Ur1+q4m1/Suff+TYtvelHLVq5V1zBNtwEMVjDCSZXCfBIqmciypIrH45HL5dKmTZsixjdt2qS99957yOv8+Mc/1r/+67/qvPPO06GHHqqvfe1ruuGGG7RixQr19/cPeZ2JEycqLy8v4h8AAAAAwP58/qDqm/zq26NVaJ9pqr7JTykwAIiCpDQwdsXeXFWWeuUyjIhxl2GostTLKZUMZVlSZcKECZo7d25E0/n+/n698MILmj9//pDXCYVCGjcuMmSXyyVJMvd4Ew0AAAAAyGyxlNwAAAxGUhpInNqqMlWUeCLGKko8qq0qsygiJJtlPVUk6dJLL9XZZ5+tI488UuXl5br11lvV09Ojc889V5K0bNky7bvvvlqxYoUk6dRTT9Utt9yisrIyzZs3T83Nzfrxj3+sU089NZxcAQAAAAA4AyU3AGB06AMBJI47O0urlperJdCj1vYe+hM5gKVJlTPOOEN+v19XXXWVPv30Ux1++OF69tlnw83rP/jgg4iTKVdeeaUMw9CVV16pjz/+WF6vV6eeeqquv/56q34EAAAAAIBFBkpuNDQHInZbuwxDFSUeFjQAYBgkpYHEK/KQTHEKw3RY3azu7m653W51dXXRXwUAAAAAbK4rtFPVdetU3+QPj1WWelVbVSZ3dpaFkQFAelu2cu2wSelVy8stjAwAUi+evAFJFQAAAACW8fmDausIUSYBY0bJDQCID0lpAPgcSZUoSKoAAAAA1usM9aqmrpGFHAAALEZSGgDiyxuMizoLAAAAAElQU9eohuZAxFhDc0DVdessiggAAGdy2H5rABgzSxvVAwAAAHAenz8YcUJlQJ9pqr7Jr5ZADztlAQBIMk6NAsDocFIFAAAAQEq1dYSizre296QoEgAAnItTowAwOiRVAAAAAKRUwbTsqPOF+ZxSAQAgmQZOjfbtUfpr91OjAIChkVQBAAAAkFLF3lxVlnrlMoyIcZdhqLLUS+kvAACSjFOjADB6JFUAAAAApFxtVZkqSjwRYxUlHtVWlVkUEQAAzsGpUQAYPRrVAwAAAEg5d3aWVi0vV0ugR63tPSrMz+GECgAAKTJwarShORBRAsxlGKoo8fCaDABRcFIFAAAAgGWKPDlaPGc6izcAAKQYp0YBYHQ4qQIAAAAAAAA4DKdGAWB0SKoAAAAAAAAADlXkIZkCAPEgqQIAAAAAAAA4lM8fVFtHiJMqABAjkioAAAAAAACAw3SGelVT16j6Jn94rLLUq9qqMrmzsyyMDADSG43qAQAAAAAAAIepqWtUQ3MgYqyhOaDqunUWRQQA9kBSBQAAAAAAAHAQnz+o+ia/+kwzYrzPNFXf5FdLoMeiyAAg/ZFUAQAAAAAAABykrSMUdb61naQKEC+fP6jVGzaTlHQAeqoAAAAAAAAADlIwLTvqfGE+DeuBWNGfyHk4qQIAAAAAAGyJXcHA6BR7c1VZ6pXLMCLGXYahylKvijwkVYBY0Z/IeTipAgAAAAAAbIVdwcDY1VaVqbpuXcTjqKLEo9qqMgujAuxloD/RnnbvT0SSMvOQVAEAAAAAALYSbVfwquXlFkUF2Is7O0urlperJdCj1vYeFebnsPgLxCmW/kQ8rjIP5b8AAAAAAIBtDOwK7jPNiPHddwUDiN0H7T1666NOfbQl+uIwgMHoT+RMnFQBAAAAAAC2wa5gIDHa2nu09I4GbQntDI9Nzc7SHy5aqFn50ReKAXxmoD9RQ3MgItnvMgxVlHh4PcpQnFQBAAAAAAC2wa5gIDH2TKhI0pbQTp12xysWRQTYU21VmSpKPBFj9CfKbJxUAQAAAAAAtsGuYGDsXtqweVBCZcCW0E693OTXolJviqMC7In+RM7DSRUAAAAAAGAr7AoGxqbxo86o8298sCU1gQAZxNyj1xcyFydVAAAAAACArbArGBibw/fbK+r8EftPTU0gQAboDPWqpq5R9U3+8FhlqVe1VWVyZ2dZGBmShZMqAAAAAADAloo8OVo8ZzoJFSBOx8yZrqnDLPZOzc6i9BcQh5q6RjU0ByLGGpoDqq5bZ1FESDaSKgAAAAAAAIDD/OGihYMSK1Ozs/SHixZaFBFgPz5/UPVN/ogeX5LUZ5qqb/KrJdBjUWRIJsp/AQAAAAAAAA4zKz9b6646QS83+fXGB1t0xP5TOaECxKmtIxR1vrW9h9OUGYikCgAAAAAAgM34/EG1dYToJ4MxW1TqJZkCjFLBtOyo84X5PD9nIpIqAAAAAAAANkFDZABIH8XeXFWWetXQHIgoAeYyDFWUeEh6Zyh6qgAAAAAAANgEDZEBIL3UVpWposQTMVZR4lFtVZlFESHZOKkCAAAAAABgAwMNkfe0e0NkdkUDQGq5s7O0anm5WgI9am3voSyjA3BSBQAAAAAAwAZiaYgMALCGuVv5L2Q2TqoAAAAAAABbclqzdhoiA0D6odeV85BUAQAAAAAAtuLUBSwaIgNA+onW62rV8nKLokIyUf4LAAAAAADYipObtdMQGQDSx0Cvq749Sn/t3usKmYeTKgAAAAAAwDac3qydhshINKeV0QMSKZZeVzyuMg9JFQAAAAAAYBssYH2myMMCOMbGqWX0gESi15UzUf4LAAAAAADYBgtYQGI4uYwekCgDva5chhEx7jIMVZZ6SX5nKJIqAAAAAADANljAAsaOPhBA4tDrynlIqgAAAAAAAFthAQsYm1jK6AGIjSlz5Asho9BTBQAAAAAA2ArN2oGxoYwekDjRSumtWl5uUVRIJk6qAAAAAAAAWyry5GjxnOkkVIA4UUYPSAxK6TkTSRUAAAAAAADAYSijB4wdpfScifJfAAAAAADAlnz+oNo6QpT/AkaBMnrA2FFKz5lIqgAAAAAAbI/FdWfpDPWqpq5R9U3+8FhlqVe1VWVyZ2dZGBlgP0UenjeB0RoopdfQHIgoAeYyDFWUeHhsZSjDNPco+Jbhuru75Xa71dXVpby8PKvDAQAAAACMAYvrzrRs5dphF7BoCgwASKWu0E5V163jvYjNxZM34KQKAAAAAMC2auoa1dAciBhraA6oum4di+sZaqAp8J52bwrMzmAgdpz0A8aGUnrOQ1IFAAAAAGBLLK47UyxNgfm7AyPjpB+QWJTSc45xVgcAAAAAAMBoxLK4jsxDU2AgMaKd9AMADI+kCgAAAADAllhcd6aBpsAuw4gYdxmGKku97BIGYjBw0q9vj1bLu5/0AxAfnz+o1Rs28/hxAMp/AQAAAABsaWBxfbiG5SyuZ66fLj1EX73jFW0J7QyP5U0er+uXHmJhVIB9UEYPSBxK6TkPJ1UAAAAAALZVW1WmihJPxFhFiUe1VWUWRYRUuPLJt9W9bVfEWPe2XfrRk29bFBFgL5z0AxLnggffGNTjrb7Jr/Mf/LtFESHZOKkCAAAAwDI+f1BtHSEV5tPYE6Pjzs7SquXlagn0qLW9h/uSAwyULdrT7mWLuA8A0RV7czW/OF9rfO2D5uYX5/MYAmLk8weHfBxJ0hpfO69JGYqkCgAAAICUo0wCEq3IQzLFKShbBCTGHm2JRhwHMNhrLR1R5//qa+c1KQNR/gsAAABAytXUNaqhORAx1tAcUHXdOosiAmAXlC0Cxs7nD+rVjUPvrn91YzuNtoGYmVFnyVFmJpIqAAAAAFJqoHTP7o3FpcjSPQAwnGJvripLvXLtsZ3eZRiqLPWyIxiIQSwnvgCMbF5RfvT54ujzsCeSKgAAAABSioUcAGNVW1WmihJPxFhFiUe1VWUWRQTYCye+gMQo9uZqweyhEycLZtOfKFPRUwUAAABASrGQA2Cs3NlZWrW8XC2BHrW296gwn546QDwGTnw1NAciTo66DEMVJR4eT0AcfnPWXFXXrRuyVyAyE0kVAAAAAClV7M3V1OwsbQntHDQ3NTuLhRwAMSvykEwBRqu2qmzQQjAnvoD4keh3HpIqAAAAAFLK5w8OmVCRpC2hnWoJ9PBBFACAJGMhGEgsEv3OQVIFAAAAQErF0lOFD6QAAKQGC8EAEB8a1QMAAABIKXqqAAAAALArkioAAAAAUmqgOa7LMCLGXYahylIvu2UBAAAApC2SKgAAAABSrraqTBUlnogxmuMCAAAASHf0VAEAAACQcjTHBQAAAGBHJFUAAAAAWIbmuAAAAADshPJfAAAAAAAAAAAAMSCpAgAAAAAAAAAAEAPKfwEAAAAAAAAAMAY+f1BtHSF6BToASRUAAAAAAAAAAEahM9SrmrpG1Tf5w2OVpV7VVpXJnZ1lYWRIFsp/AQAAAAAAAAAwCjV1jWpoDkSMNTQHVF23zqKIkGwkVQAAAAAAAAAAiJPPH1R9k199phkx3meaqm/yqyXQY1FkSCaSKgAAAAAAAAAAxKmtIxR1vrWdpEomIqkCAAAAAAAAAECcCqZlR50vzKdhfSYiqQIAAAAAAGzJ5w9q9YbNlFcBAFii2JurylKvXIYRMe4yDFWWelXkIamSicZbHQAAAAAAAEA8OkO9qqlrVH2TPzxWWepVbVWZ3NlZFkYGAHCany49WF+9o0FbQjvDY3mTx+v6pYdYGBWSiZMqAAAAAADAVmrqGtXQHIgYa2gOqLpunUURAQCc6son16t7266Ise5tu/SjJ9+2KCIkG0kVAAAAAABgGz5/UPVNfvWZZsR4n2mqvslPKTAAQMrwmuRMJFUAAAAAAIBttHWEos63trOABQBIDV6TnImeKgAAAAAA2JjPH1RbR0iF+TmOaIhbMC076nxhfub/DgAA6YHXJGciqQIAAAAAgA05tVl7sTdXlaVeNTQHIsqtuAxDFSUeRySWAADpgdckZ6L8FwAAAAAANuTkZu21VWWqKPFEjFWUeFRbVWZRRAAAp+I1yXkM09yji06G6+7ultvtVldXl/Ly8qwOBwAAAACAuPn8QR1380vDzq++7FhH7I5tCfSotb3HMaXPAADpi9cke4snb0D5LwAAAAAAbCaWxrhOWNAp8rBwBQBID7wmOQflvwAAAAAAsBka4wIAAFiDkyoAAAAAAAAAAIyBzx9UW0eI8l8OQFIFAAAAAACbofwXAADpoTPUq5q6RtU3+cNjlaVe1VaVyZ2dZWFkSBbKfwEAAAAAYDOU/wIAID3U1DWqoTkQMdbQHFB13TqLIkKykVQBAAAAAMBmir25qiz1ymUYEeMuw1BlqZdTKgAApIDPH1R9k199phkx3meaqm/yqyXQY1FkSCaSKgAAAAAA2FBtVZkqSjwRYxUlHtVWlVkUEQAAzhJLOU5kHnqqAAAAAABgQ+7sLK1aXq6WQI9a23tojAsAQIpRjtOZSKoAAAAAAGBjRR6SKQAAWGGgHGdDcyCiBJjLMFRR4uH1OUNR/gsAAAAAAABwKJ8/qNUbNtP7ARglynE6DydVAAAAAAAAAIfpDPWqpq5R9U3+8FhlqVe1VWVyZ2dZGBlgL5TjdB5OqgAAAAAAAAAOU1PXqIbmQMRYQ3NA1XXrLIoIsLciT44Wz5lOQsUBSKoAAAAAAAAADuLzB1Xf5I/oASFJfaap+iY/pcAAIAqSKgAAAAAA2Bj9EADEq60jFHW+tZ3nEwAYDj1VAAAAAACwIfohABitgmnZUecL8ylfBADD4aQKAAAAAAA2RD8EAKNV7M1VZalXLsOIGHcZhipLvfSEAIAoSKoAAAAAAGAz9EMAMFa1VWWqKPFEjFWUeFRbVWZRRABgD5T/AgAAAADAZmLph8BOcwDRuLOztGp5uVoCPWpt71Fhfg7PGwAQA5IqAAAAAADYzEhlJ8aPM0a4BAB8pshDMgUA4kH5LwAAAAAAbKZ/hPld/eYIlwAAAMBocFIFAAAAAACbKZiWHXW+MN8Zu859/qDaOkKULQLGgMcRAMSHpAoAAAAAADZT7M1VZalXDc2BiGb1LsNQRYkn4xdGO0O9qqlrVH2TPzxWWepVbVWZ3NlZFkYG2AePIwAYHcp/AQAAAABgQ7VVZaoo8USMVZR4VFtVZlFEqVNT16iG5kDEWENzQNV16yyKCLAfHkdAYvn8Qa3esFktgR6rQ0GScVIFAAAAAAAbcmdnadXycrUEetTa3uOY0j0+fzBiZ/2APtNUfZNfLYEeR/wegLHgcQQkDqe+nIeTKgAAAAAA2FiRJ0eL50x3zAJoW0co6nxrOzuEgZHwOAISh1NfzkNSBQAAAAAA2EbBtOyo84X5zkguAWPB4whIjIFTX7v3N5MiT30h85BUAQAAAAAAtlHszVVlqVcuw4gYdxmGKku9jjmxA4wFjyMgMTj15UwkVQAAAAAAgK3UVpWposQTMVZR4lFtVZlFEQH2w+MIGDtOfTkTjeoBAAAAAICtuLOztGp5uVoCPWpt71Fhfg4764E48TgCxm7g1FdDcyCiBJjLMFRR4uExlaEM09yj4FuG6+7ultvtVldXl/Ly8qwOBwAAAAAAAABgU12hnaquW6f6Jn94rLLUq9qqMrmzsyyMDPGIJ2/ASRUAAAAAAAAAAEaBU1/OQ1IFAAAAAAAAAIAxKPKQTHEKkioAAAAAAACAQ/n8QbV1hNhdDwAxIqkCAADSCh/qAAAAgOTrDPWqpq6RPhAAECeSKgAAIC3woQ4AAABInZq6RjU0ByLGGpoDqq5bp1XLyy2KCgDS3zirAwAAAJCif6gDAAAAkDg+f1D1TX71mWbEeJ9pqr7Jr5ZAj0WRAUD6I6kCAAAsx4c6AAAAIHXaOkJR51vbef8NAMMhqQIAACzHhzoAAAAgdQqmZUedL8yntyEADIekCgAAsBwf6gAAAIDUKfbmqrLUK5dhRIy7DEOVpV4VeZzz/tvnD2r1hs2cjgcQMxrVAwAAyw18qGtoDkSUAHMZhipKPI76UAcAAACkQm1Vmarr1qm+yR8eqyjxqLaqzMKoUqcz1KuausaIn7+y1KvaqjK5s7MsjAxAuuOkCgAASAu1VWWqKPFEjDnpQx0AAACQSqbMkS+UwWrqGtXQHIgYa2gOqLpunUURAbALkioAACAtOP1DHQAAAJBKTk4q+PxB1Tf5I07JS1Kfaaq+yU8pMABRkVQBAABpwckf6gAAAIBUcnpSoa0jFHW+tT2zf34AY0NSBQAAWM7pH+oAAMDo0GAaGB2nJxUKpmVHnS/Mp6cjgOHRqB4AAFgulg91NKsHAAADaDANjI3TkwrF3lxVlnrV0ByI2NjlMgxVlHj47AEgKk6qAAAAyzn9Qx0AAIgPZUMBjFVtVZkqSjwRYxUlHtVWlVkUEQC7sDypcscdd6iwsFCTJk3SvHnztHbt2qiX7+zs1EUXXaR99tlHEydO1Be+8AU988wzKYoWAAAkw8BOMZdhRIy7DEOVpV52igEAgDDKhgJj5/TyX5Lkzs7SquXlWn3Zsbr33KO0+rJjtWp5OafdAIzI0qTKI488oksvvVRXX3213njjDX3xi1/UiSeeqM2bNw95+d7eXn3pS19Sa2urHn/8cW3YsEF33XWX9t133xRHDgAAEo2dYoAz0Q8BQLxYDAbGjpPinyvy5GjxnOls5AIQM0t7qtxyyy36zne+o3PPPVeSdOedd+rpp5/WPffco8svv3zQ5e+55x51dHTo1VdfVVbWZ1njwsLCVIYMAACSZGCnWEugR63tPSrMz+GDDZDB6IcAYLRYDAbGjp4iADB6lp1U6e3t1d///nctWbLk82DGjdOSJUu0Zs2aIa/zhz/8QfPnz9dFF12kGTNm6JBDDtENN9ygvr6+Yb/Pjh071N3dHfEPAACkL3aKAc5APwQAo0XZUCAxOCkOAKNj2UmVQCCgvr4+zZgxI2J8xowZeu+994a8js/n01/+8hedddZZeuaZZ9Tc3KwLL7xQO3fu1NVXXz3kdVasWKFrr7024fEDAAAAGJ2Bfgh72r0fAouiAKKprSpTdd26iOcSFoOB+HBSHABGx9LyX/Hq7+/X9OnT9dvf/lYul0tz587Vxx9/rF/84hfDJlWuuOIKXXrppeGvu7u7NWvWrFSFDAAAAGAPsfRDYFEHQDQsBgOJU+Th8QMA8bAsqeLxeORyubRp06aI8U2bNmnvvfce8jr77LOPsrKy5HK5wmMHHnigPv30U/X29mrChAmDrjNx4kRNnDgxscEDAAAAGDX6IQBIFBaDAQBAqlnWU2XChAmaO3euXnjhhfBYf3+/XnjhBc2fP3/I61RUVKi5uVn9/f3hsffff1/77LPPkAkVAAAAAOmHfggAAAAA7MqypIokXXrppbrrrrt0//33691339UFF1ygnp4enXvuuZKkZcuW6Yorrghf/oILLlBHR4e+973v6f3339fTTz+tG264QRdddJFVPwIAAACAUaA5LoBE8PmDWr1hs1oCPVaHAgAAHMLSnipnnHGG/H6/rrrqKn366ac6/PDD9eyzz4ab13/wwQcaN+7zvM+sWbP03HPP6ZJLLtFhhx2mfffdV9/73vf0wx/+0KofAQAAAMAo0A8BwFh0hnpVU9cY0ai+stSr2qoyubOzLIwMAABkOsM0TdPqIFKpu7tbbrdbXV1dysvLszocAAAAAAAQp2Ur16qhOaC+3ZY0XIahihKPVi0vtzAyAABgR/HkDSwt/wUAAAAAABAPnz+o+iZ/REJFkvpMU/VNfkqBAXGijB4AxMfS8l8AAAAAAADxaOsIRZ1vbe+hnCAQA8roAcDocFIFAAAAAADYRsG07KjzhfkkVIBY1NQ1qqE5EDHW0BxQdd06iyICAHsgqQIAAAAAAGyj2JurylKvXIYRMe4yDFWWejmlAsSAMnoAMHokVQAAAAAAgK3UVpWposQTMVZR4lFtVZlFEQH2EksZPQDA0OipAgAAAACAjfn8QbV1hFSYn+OYUxru7CytWl6ulkCPWtt7HPWzA4lAGT0AGD2SKgAAAAAA2BBNpqUiD8kUYDQGyug1NAciSoC5DEMVJR4eVwAQBeW/AAAAAACwIZpMAxgLyugBwOhwUgUAAAAAgBRJVKmugSbTe9q9yTQ7zQFEQxk9ABgdkioAAAAAACRZokt1xdJkmsVRALGgjB4AxIfyXwAAAAAAJFmiS3XRZBoAAMAaJFUAAABGwecPavWGzWoJ9FgdCgAgzQ2U6tq9GbQUWaoLAAAA9kD5LwAAgDgkunwLACDzJaNUF+W/AAAArMFJFQAAgDgkunwLACDzJaNUF+W/AAAArEFSBQAAIEaUbwEAjEaxN1eVpV65DCNi3GUYqiz1jupESTJuEwAAACMjqQIAABCjWEqtAAAwlNqqMlWUeCLGKko8qq0qS6vbBAAAQHT0VAEAAIjRSLtRxo8zRrgEAMCp3NlZWrW8XC2BHrW296gwP2fMp0mScZsAnMfnD6qtI8RzCADEiKQKAABAjPpHmN/Vb45wCQCA0xV5Er9omYzbBJD5OkO9qqlrVH2TPzxWWepVbVWZ3NlZFkYG2BMJSucgqQIAABAjmgIDAAAgU9TUNaqhORAx1tAcUHXdOq1aXm5RVID9kKB0HnqqAAAAxIimwAAApBefP6jVGzarJUBfMyAePn9Q9U1+9ZmRJ637TFP1TX4eU0AcoiUokZk4qQIAABCH2qoyVdeti9iFRFNgAABSi13BwNi0dYSizre297BhCIjBQIJyT7snKHksZR6SKgAAAHGgKTAAANajbBEwNpS1BRKDBKUzUf4LAABgFIo8OVo8ZzpvkAEASDHKFgFjR1lbIDFGWlwfP84Y4RKwI5IqAAAAAADANmLZFQxgZLVVZaoo8USMUdYWiE//CPO7+s0RLgE7ovwXAAAAAACwDcoWAYlBWVtg7HhNciZOqgAAAAAAANugbBGQWJS1BUaP1yRnIqkCAAAAAABshbJFAIB0wWuS8ximaTqqsFt3d7fcbre6urqUl5dndTgAAAAAAGCUKFsEAEgXvCbZWzx5A3qqAAAAAAAAWyrysHAFAEgPvCY5B+W/AAAAAAAAAAAAYkBSBQAAAAAAAAAAIAYkVQAAAAAAAAAAAGJAUgUAAAAAAAAAACAGJFUAAAAAAAAAAABiQFIFAAAAAAAAAAAgBiRVAAAAAAAAAAAAYjDqpEpvb682bNigXbt2JTIeAAAAAAAAAABsxecPavWGzWoJ9FgdCpJsfLxXCIVCqq6u1v333y9Jev/991VcXKzq6mrtu+++uvzyyxMeJAAAAAAAAIDE8/mDausIqTA/R0WeHKvDAWynM9SrmrpG1Tf5w2OVpV7VVpXJnZ1lYWRIlrhPqlxxxRV688039eKLL2rSpEnh8SVLluiRRx5JaHAAAAAAAAAAEq8z1KtlK9fquJtf0rn3/k2Lb3pRy1auVVdop9WhAbZSU9eohuZAxFhDc0DVdessigjJFndS5cknn9Ttt9+uhQsXyjCM8PjBBx+sjRs3JjQ4AAAAAAAAAInHQjAwdj5/UPVNfvWZZsR4n2mqvslPKbAMFXdSxe/3a/r06YPGe3p6IpIsAAAAADASak8DAJB6LAQDidHWEYo639rOYykTxd1T5cgjj9TTTz+t6upqSQonUu6++27Nnz8/sdEBAAAAyEjUngYAwDqxLATTXwUYWcG07Kjzhfk8jjJR3EmVG264QSeddJLeeecd7dq1S7/61a/0zjvv6NVXX9VLL72UjBgBAAAAZJhoJUdWLS+3KCoAAJyBhWAgMYq9uZqanaUtQ/QimpqdRXIyQ8Vd/mvhwoV68803tWvXLh166KH685//rOnTp2vNmjWaO3duMmIEAAAAkEEoOQIAgLWKvbmqLPXKtUcpf5dhqLLUy0IwECOfPzhkQkWStoR28r42Q8WVVNm5c6f+7d/+TYZh6K677tLatWv1zjvv6MEHH9Shhx6arBgBAAAAZBBqTwMAYL3aqjJVlHgixipKPKqtKrMoIsB+eF/rTHGV/8rKytL//M//6Mc//nGy4gEAAACQ4Sg5AiBRfP6g2jpCKszPYWc9ECd3dpZWLS9XS6BHre09PI6AUeB9rTPF3VNl6dKlevLJJ3XJJZckIx4AAAAAGW6g5EhDcyCiBJjLMFRR4mFBB8CIOkO9qqlrVH2TPzxWWepVbVWZ3NlZFkYG2E+Rh2QKMFq8r3WmuJMqpaWluu6669TQ0KC5c+cqJyfyjlFTU5Ow4AAAAABkptqqMlXXrYtYEKXkCIBY1dQ1qqE5EDHW0BxQdd06rVpeblFUAAAn4n2t8ximuUd3yBEUFRUNf2OGIZ/PN+agkqm7u1tut1tdXV3Ky8uzOhwAAADA0Sg5AiBePn9Qx9380rDzqy87lucTAEDK8b7W3uLJG8R9UqWlpWXUgQEAAADA7ig5AiBesTQF5nkFAJBqvK91jriTKrsbOORiGEZCggEAAAAAAIiGpsBAYvn8QbV1hNhdDwAxGjeaK61atUqHHnqoJk+erMmTJ+uwww7TAw88kOjYAAAAAAAAIgw0BXbtscHTZRiqLPWyKAzEqDPUq2Ur1+q4m1/Suff+TYtvelHLVq5VV2in1aEBQFqLO6lyyy236IILLtBXvvIVPfroo3r00Uf15S9/Weeff75++ctfJiNGAAAAAACAsNqqMlWUeCLGaAoMxKemrlENzYGIsYbmgKrr1lkUEQDYw6ga1V977bVatmxZxPj999+va665Ju17rtCoHgAAAACAzEBTYGB0fP6gjrv5pWHnV192LI8pAI6S1Eb1//znP7VgwYJB4wsWLNA///nPeG8OAAAAAABgVGgKDIxOW0co6nxrew+PLQAYRtzlv0pKSvToo48OGn/kkUdUWlqakKAAAAAAAAAAJEfBtOyo84X5JFQAYDhxn1S59tprdcYZZ6i+vl4VFRWSpIaGBr3wwgtDJlsAAAAAAAAApI9ib67mF+drja990Nz84nxOqQBAFHGfVPn617+u1157TR6PR08++aSefPJJeTwerV27Vl/72teSESMAAAAAAACABDKM+MYBAJ+J+6SKJM2dO1cPPvhgomMBAAAAAAAAkGQ+f1Cvbhx8SkWSXt3YrpYAPVUAYDhxn1R55pln9Nxzzw0af+655/SnP/0pIUEBAAAAAAAASI5YGtUDAIYWd1Ll8ssvV19f36Bx0zR1+eWXJyQoAAAAAAAAAMlBo3oAGL24kypNTU066KCDBo0fcMABam5uTkhQAAAAAAAAAJKj2JurylKvXHs0UHEZhipLvZT+AoAo4k6quN1u+Xy+QePNzc3KyeEJFwAAAAAAAEh3tVVlqijxRIxVlHhUW1VmUUQAYA9xN6r/6le/qosvvli///3vNXv2bEmfJVT+8z//U6eddlrCAwQAAAAAAACQWO7sLK1aXq6WQI9a23tUmJ/DCRUAiIFhmqYZzxW6urr05S9/Wa+//rr2228/SdJHH32kRYsW6YknntBee+2VjDgTpru7W263W11dXcrLy7M6HAAAAAAAAAAAYKF48gZxn1Rxu9169dVX9fzzz+vNN9/U5MmTddhhh6mysnLUAQMAAAAAgNHx+YNq6wixyxwAAAvxeuwccZ9UsTtOqgAAAAAAMkFnqFc1dY2qb/KHxypLvaqtKpM7O8vCyAAAcA5ejzNDPHmDmBvVr1mzRn/84x8jxlatWqWioiJNnz5d3/3ud7Vjx47RRQwAAAAAAOJSU9eohuZAxFhDc0DVdessiggAAOfh9dh5Yk6qXHfddVq/fn3463/84x9avny5lixZossvv1xPPfWUVqxYkZQgAQAAAADA53z+oOqb/Orbo/hEn2mqvsmvlkCPRZEBAOAcvB47U8xJlcbGRh1//PHhr3/3u99p3rx5uuuuu3TppZfqtttu06OPPpqUIAEAAAAAwOfaOkJR51vbWcQBACDZeD12ppiTKlu2bNGMGTPCX7/00ks66aSTwl8fddRR+vDDDxMbHQAAAAAAGGSkD/PjxxkpiQMAACcrmJYddb4wn4b1mSjmpMqMGTPU0tIiSert7dUbb7yho48+Ojy/detWZWXReAcAAAAAgGTrH2F+V785wiUAAMBYFXtzVVnqlcuI3MzgMgxVlnpV5CGpkoliTqp85Stf0eWXX66XX35ZV1xxhbKzs7Vo0aLw/FtvvaXZs2cnJUgAAAAAAPA5dsYCAJAeaqvKVFHiiRirKPGotqrMooiQbONjveBPfvIT/cu//IuOOeYY5ebm6v7779eECRPC8/fcc49OOOGEpAQJAAAAAAA+N7AztqE5ENEc12UYqijxsDMWAIAUcWdnadXycrUEetTa3qPC/BxehzOcYZpmXGeCu7q6lJubK5fLFTHe0dGh3NzciERLOuru7pbb7VZXV5fy8vKsDgcAAAAAgFHpCu1Udd061Tf5w2OVpV7VVpXJnU15bgAAgFjFkzeIO6lidyRVAAAAAACZhJ2xAAAAYxNP3iDm8l8AAAAAACD9FHlIpgAAAKQKSRUAAAAAAAAAjuTzB9XWEeK0H4CYkVQBAAAAAAAA4CidoV7V1DXSlwpA3MZZHQAAAAAAAAAApFJNXaMamgMRYw3NAVXXrbMoIgB2EXNS5f3339fatWsjxl544QUtXrxY5eXluuGGGxIeHAAAAAAAAAAkks8fVH2TX32mGTHeZ5qqb/KrJdBjUWSwM58/qNUbNnP/cYCYy3/98Ic/1KGHHqry8nJJUktLi0499VQtWrRIhx12mFasWKHs7GxdfPHFyYoVAAAAAAAAAMakrSMUdb61vYf+KogZpeScJ+aTKq+//rpOOumk8NcPPfSQvvCFL+i5557Tr371K91666267777khEjAAAAAAAAACREwbTsqPOF+SRUEDtKyTlPzEmVQCCg/fbbL/z16tWrdeqpp4a/PvbYY9Xa2prQ4AAAAAAAAAAgkYq9uaos9cplGBHjLsNQZamXUyqIGaXknCnmpMq0adP0z3/+U5LU39+v119/XUcffXR4vre3V+Yedx4AAAAAAAAASDe1VWWqKPFEjFWUeFRbVWZRRLCjWErJIfPE3FPl2GOP1U9+8hP9+te/1mOPPab+/n4de+yx4fl33nlHhYWFSQgRAAAAAAAAABLHnZ2lVcvL1RLoUWt7jwrzczihgrhRSs6ZYk6qXH/99frSl76kgoICuVwu3XbbbcrJ+fxO8cADD+i4445LSpAAAAAAAAAAkGhFHpIpGL2BUnINzYGIEmAuw1BFiYf7VoYyzDhqdu3atUvr16+X1+vVzJkzI+befPNN7bfffsrPz094kInU3d0tt9utrq4u5eXlWR0OAAAAAAAAAMCmukI7VV23TvVN/vBYZalXtVVlcmdnWRgZ4hFP3iCupMpQdu3ape3btys3N3csN5MyJFUAAAAAAAAAAIlEKTl7iydvEHOj+qeeekr33XdfxNj111+v3Nxc7bXXXjrhhBO0ZcuWUQUMAAAAAAAAIPV8/qBWb9islgANtYGxKPLkaPGc6SRUHCDmpMott9yinp7Pn1xfffVVXXXVVfrxj3+sRx99VB9++KF+8pOfJCVIAAAAAAAAAInTGerVspVrddzNL+nce/+mxTe9qGUr16ortNPq0ABbemnDZv3qhff18m5lwJCZYi7/NX36dD333HMqKyuTJF166aV655139Oyzz0qSnnnmGX3ve99TU1NT8qJNAMp/AQAAAAAAwOmWrVw7bHPtVcvLLYwMsJe29h4tvaNBW3ZLSE7NztIfLlqoWfnZFkaGeCSl/NfWrVsjmtC/8sorOv7448NfH3zwwfrkk09GES4AAAAAAACAVPH5g6pv8kckVCSpzzRV3+SnFBgQhz0TKpK0JbRTp93xikURIdliTqrsu+++evfddyVJwWBQb775phYsWBCeb29vV3Y2mTcAAAAAAAAgnbV1hKLOt7aTVAFi8dKGzYMSKgO2hHZSCixDxZxUOf3003XxxRfrgQce0He+8x3tvffeOvroo8Pzr7/+uubMmZOUIAEAAAAAAAAkRsG06BujC/NptA3EovGjzqjzb3ywJTWBIKXGx3rBq666Sh9//LFqamq0995768EHH5TL5QrP19XV6dRTT01KkAAAAAAAAAASo9ibq8pS77A9VYo8JFWAWBy+315R54/Yf2pqAkFKxdyoPlPQqB4AAAAAAABO1xXaqeq6darfrTxRZalXtVVlcmdnWRgZYC9l1/15yBJgU7OztO6qEyyICKMRT94grqTKX//6Vz311FPq7e3V8ccfry9/+ctjDjbVSKoAAAAAAAAAn2kJ9Ki1vUeF+TmcUAFG4cP2kE6745WIxMrU7Cz94aKFmpVPD3K7SEpS5fHHH9cZZ5yhyZMnKysrS93d3brxxht12WWXJSToVCGpAgAAAABAZvD5g2rrCLEYDIwBjyMgMV5u8uuND7boiP2nalGp1+pwEKekJFXmzp2ro446SnfccYdcLpdWrFihX/ziF+ro6EhI0KlCUgUAAAAAAHvrDPWqpq6RskXAGPA4AoDPJSWpkpubq8bGRpWUlEiSent7lZOTo48//ljTp08fe9QpQlIFAAAAAAB7W7Zy7bANtlctL7cwMsA+eBwBwOfiyRuMi/VGQ6FQxI1NmDBBkyZNUjAYHH2kAAAAe/D5g1q9YbNaAj1WhwIAANKQzx9UfZM/YiFYkvpMU/VNft5DADHgcQQAozc+ngvffffdys3NDX+9a9cu3XffffJ4POGxmpqaxEUHAAAcg/IDAAAgFm0doajzre099IUARsDjCABGL+akyv7776+77rorYmzvvffWAw88EP7aMAySKgAAYFRq6hrV0ByIGGtoDqi6bh3lBwAAQFjBtOyo84X5LAQDI+FxBACjF3NSpbW1NYlhAAAAJxsoP7Cn3csPsFMOAABIUrE3V5Wl3mF7QfCeARhZsTdX84vztcbXPmhufnE+jyMAiCLmnioAAADJEkv5AQAAgAG1VWWqKPFEjFWUeFRbVWZRRID9GEZ84wCAz8ScVPnKV76irq6u8Nc/+9nP1NnZGf66vb1dBx10UEKDAwAAzkD5AQAAEA93dpZWLS/X6suO1b3nHqXVlx2rVcvL6cMGxMjnD+rVjYNPqUjSqxvbaVQPAFHEnFR57rnntGPHjvDXN9xwgzo6OsJf79q1Sxs2bEhsdAAAwBEGyni49tgW5zIMVZZ6KT8AAACGVOTJ0eI503mvAMSJk+IAMHoxJ1XM3eqUDvU1AADAWFDGAwAAAEgNTooDwOjF3KgeAAAgmQbKeLQEetTa3qPC/Bx2nQIAAABJMHBSvKE5oL7dNk67DEMVJR7ehwNAFDGfVDEMQ8YeJTn2/BoAAGCsKOMBAABi5fMHtXrDZvo/AKPASXEAGJ2YT6qYpqlzzjlHEydOlCRt375d559/vnJyPlvw2L3fCgAAAAAAQLJ0hnpVU9eo+iZ/eKyy1KvaqjKa1QMx4qQ4AIyOYcbYHOXcc8+N6QbvvffeMQWUbN3d3XK73erq6lJeXp7V4QAAAAAAgDgtW7l22LJFq5aXWxgZAACwo3jyBjGfVEn3ZAkAAAAAAMh8Pn8w4oTKgD7TVH2TXy2BHnbbAwCApIm5pwoAAAAAAIDV2jpCUedb2+mvAgAAkoekCgAAAAAAsI2CadlR5wvzOaUCAACSh6QKAAAAAACwjWJvripLvXIZRsS4yzBUWeql9BcAAEgqkioAAACj4PMHtXrDZrUEKDECAECq1VaVqaLEEzFWUeJRbVWZRREBAACniLlRPQAAAKTOUK9q6hojGuRWlnpVW1Umd3aWhZEBAOAc7uwsrVperpZAj1rbe1SYn8MJFQAAkBKcVAEAAIhDTV2jGpoDEWMNzQFV162zKCIAAJyryJOjxXOmk1ABAAApQ1IFAAAgRj5/UPVNfvWZZsR4n2mqvslPKTAAAADYDmVtASA+lP8CAACIUVtHKOp8a3sPO2UBAABgC5S1BYDR4aQKAABAjAqmZUedL8wnoQIAAAB7oKwtAIwOSRUAAIAYFXtzVVnqlcswIsZdhqHKUi+nVAAAAGALlLUFgNEjqQIAABCH2qoyVZR4IsYqSjyqrSqzKCIAAAAgPrGUtQUADI2eKgAAAHFwZ2dp1fJytQR61Nreo8L8HE6oAAAAwFYoawsAo0dSBQAAYBSKPCRTAAAAYE8DZW0bmgMRJcBchqGKEg/vcwEgCsp/AQAAAAAAAA7z06UHK29y5H7rvMnjdf3SQyyKCADsgaQKAAAAAAAA4DBXPrle3dt2RYx1b9ulHz35tkURAYA9kFQBAAAAAAAAHMTnD6q+yR9R+kuS+kxT9U1+tQRoVA8AwyGpAgAAAAAAADhIW0co6nxrO0kVABgOSRUAAAAAAADAQQqmZUedL8ynUT0ADIekCgAAAAAAAOAgxd5cVZZ65TKMiHGXYaiy1KsiD0kVABhOWiRV7rjjDhUWFmrSpEmaN2+e1q5dG9P1fve738kwDC1dujS5AQIAAAAAAAAZpLaqTBUlnoixihKPaqvKLIoIAOxhvNUBPPLII7r00kt15513at68ebr11lt14oknasOGDZo+ffqw12ttbdVll12mRYsWpTBaAAAAAAAAwP7c2VlatbxcLYEetbb3qDA/hxMqABADy0+q3HLLLfrOd76jc889VwcddJDuvPNOZWdn65577hn2On19fTrrrLN07bXXqri4OIXRAgAAAAAAAJmjyJOjxXOmk1ABgBhZmlTp7e3V3//+dy1ZsiQ8Nm7cOC1ZskRr1qwZ9nrXXXedpk+fruXLl4/4PXbs2KHu7u6IfwAAAAAAAAAAAPGyNKkSCATU19enGTNmRIzPmDFDn3766ZDXeeWVV7Ry5UrdddddMX2PFStWyO12h//NmjVrzHEDAAAAAAAAAADnsbz8Vzy2bt2qf/3Xf9Vdd90lj8cz8hUkXXHFFerq6gr/+/DDD5McJQAAAAAAAAAAyESWNqr3eDxyuVzatGlTxPimTZu09957D7r8xo0b1draqlNPPTU81t/fL0kaP368NmzYoNmzZ0dcZ+LEiZo4cWISogcAAAAAAAAAAE5i6UmVCRMmaO7cuXrhhRfCY/39/XrhhRc0f/78QZc/4IAD9I9//EONjY3hf6eddpoWL16sxsZGSnsBAAAAAAAAcfD5g1q9YbNaAj1WhwIAtmDpSRVJuvTSS3X22WfryCOPVHl5uW699Vb19PTo3HPPlSQtW7ZM++67r1asWKFJkybpkEMOibj+XnvtJUmDxgEAAAAAQGbz+YNq6wipMD9HRZ4cq8MBbKUz1KuaukbVN/nDY5WlXtVWlcmdnWVhZACQ3ixPqpxxxhny+/266qqr9Omnn+rwww/Xs88+G25e/8EHH2jcOFu1fgEAAAAAAEnEYjAwdjV1jWpoDkSMNTQHVF23TquWl1sUFQCkP8M0TdPqIFKpu7tbbrdbXV1dysvLszocAAAAAAAQp2Ur16qhOaC+3ZY0XIahihIPi8FADHz+oI67+aVh51dfdiynvwA4Sjx5A46AAAAAAAAA2/D5g6pv8kckVCSpzzRV3+SnLwQQg7aOUNT51nYeRwAwHJIqAAAAAADANlgMBsauYFp21PnCfE6pAMBwSKoAAAAAAADbYDEYGLtib64qS71yGUbEuMswVFnqpfQXAERBUgUAAAAAAABwmNqqMlWUeCLGKko8qq0qsygiALCH8VYHAAAAAAAAEKtYyn+xyx4YmTs7S6uWl6sl0KPW9h4V5ufw2AGAGJBUAQAAAAAAtkH5LyCxijwkUwAgHpT/AgAAAAAAtkEvCAAAYCWSKgAAAAAAwFboBQEAAKxC+S8AAAAAAGAr9IIAAABW4aQKAAAAAACwJdM0rQ4BAAA4DCdVAAAAAACArXSGelVT16j6Jn94rLLUq9qqMrmzsyyMDAAAZDpOqgAAAAAAAFupqWtUQ3MgYqyhOaDqunUWRQQAAJyCpAoAAAAAALANnz+o+ia/+vYo/dVnmqpv8qsl0GNRZAAAwAlIqgAAAAAAANto6whFnW9tJ6kCAEg9nz+o1Rs2k9x3AHqqAAAAAAAA2yiYlh11vjA/J0WRAABAny8n4qQKAAAAAACwjWJvrhbMzh9ybsHsfBV5SKoAAFLnggffiEioSFJ9k1/nP/h3iyJCspFUAQAAAAAAtrJHO5URxwEASAafP6g1vvYh59b42ikFlqFIqgAAAAAAANtgAQsAkC5ea+mIOv/XYV6vYG8kVQAAAAAAgG3QqB4AkD6iH5E0UhQFUotG9QAAAAAA2JjPH1RbR0iF+TmO6CdCo3ogsZz2HAIk0ryioXt8heeLo8/DnkiqAAAAAABgQ52hXtXUNUY0x60s9aq2qkzu7CwLI0uuYm+uKku9amgOqG+3Jiouw1BFiYdFYSBGTn0OARKp2JurBbPz9erGwWW+FszO5zUpQ1H+CwAAAAAAG6qpa1RDcyBirKE5oOq6dRZFlDq1VWWqKPFEjFWUeFRbVWZRRID9OPk5BEik35w1V5Wl3oixylKvfnPWXIsiQrJxUgUAAAAAAJvx+YMRu8sH9Jmm6pv8agn0ZPTuWHd2llYtL1dLoEet7T2ULQLi5PTnECCReE1yHpIqAAAAAADYTCzN2p2woFPkYeEKGA2eQ4DE4zXJOSj/BQAAAACAzdCsHcBYjLQgOH6ckZI4AMCOSKoAAAAAAGAzA83aXUbkwqfLMFRZ6nXMTlmfP6jVGzarJdBjdSiArfSPML+r30xJHABgR5T/AgAAAADAhmqrylRdty6iL4JTmrV3hnpVU9cY8bNXlnpVW1Umd3aWhZEB9sBpNwAYPZIqAAAAAAAMwecPqq0jlLYNZ53cGLemrlENzYGIsYbmgKrr1mnV8nKLogLsY+C0W0NzQH3m56dSXIahihKPY55LAGA0SKoAAAAAALAbu52CcFpjXJ8/GPG3GdBnmqpv8qslQINtIBZOPu0GAGNBUgUAAAAAgN1wCiK9tXWEos63tpNUAWLh5NNuADAWJFUAAAAAAPj/OAWR/ugFASSW0067AcBYjbM6AAAAAAAA0kUspyDSjc8f1OoNm9USSL/YkmGgF4TLMCLGXYahylIvi8MAACCpOKkCAAAAAMD/Z6dTEHbr/ZJI9IIAAABWIakCAAAAAMD/N3AKoqE5oD7TDI+7DEMVJZ60OgXh5N4v9IIAAABWofwXAAAAAAC7qa0qU0WJJ2Is3U5BDPR+2T3xI0X2fnGCIk+OFs+ZTkIFAACkDCdVAAAAAADYjR1OQcTS+yXdYgYAAMgEJFUAAAAAABhCkSf9kikD7NT7BQAAIJNQ/gsAAAAAAJsZ6P3iMoyIcZdhqLLUm7bJIAAAALsjqQIAAAAAgA3ZofcLAABApqH8FwAAAAAANmSH3i8AAACZhqQKAAAAAAA2ls69X5LN5w+qrSNEQgkAAKQMSRUAAAAAAGArnaFe1dQ1qr7JHx6rLPWqtqpM7uwsCyMDAACZjp4qAAAAAADAVmrqGtXQHIgYa2gOqLpunUURAQAApyCpAgAAAAAAbMPnD6q+ya8+04wY7zNN1Tf51RLosSgypIrPH9TqDZv5WwMALEH5LwAAAAAAYBttHaGo863tPfRXyVCUfUsOehMBQHxIqgAAAAAAANsomJYddb4wn0XhTBWt7Nuq5eUWRWVfJKkAYHQo/wUAAAAAAGyj2JurylKvXIYRMe4yDFWWetlpn6Eo+5Z49CYCgNEhqQIAAAAAAGyltqpMFSWeiLGKEo9qq8osigjJFkvZN8SOJBUAjB7lvwAAAAAAgK24s7O0anm5WgI9am3voReEA1D2LbHoTQQAo0dSBQAAAAAA2FKRh2SKUwyUfWtoDkScrnAZhipKPNwP4kSSCgBGj/JfAAAAAAAASHuUfUscehMBwOgZprlH8cQM193dLbfbra6uLuXl5VkdDgAAAAAAAOJA2bfE6ArtVHXdOtU3+cNjlaVe1VaVyZ2dZWFkAJB68eQNSKoAAAAAAABb8vmDausIsbgOjAFJKiAxeE2yt3jyBvRUAQAAAAAAttIZ6lVNXSM77IEEoDcRMDa8JjkPPVUAAAAAAICt1NQ1qqE5EDHW0BxQdd06iyICADgVr0nOQ1IFAAAAAADYhs8fVH2TX317VDPvM03VN/nVEuixKDIAgNPwmuRMJFUAAAAAAIBttHWEos63trOABcTD5w9q9YbNLP4Co8BrkjPRUwUAAAAAANhGwbTsqPOF+fSGAGJBHwhg7HhNciZOqgAAAABxYDcnAFir2JurylKvXIYRMe4yDFWWemm4DcSIPhDA2PGa5EwkVQAAAIAYdIZ6tWzlWh1380s6996/afFNL2rZyrXqCu20OjQAcJzaqjJVlHgixipKPKqtKrMoIsBe6AMBJA6vSc5D+S8AAAAgBtF2c/6/9u41Pqry3P//d0gi5EBCSIaTAklIBESRAAYhGkVRPIvbWpu/Fopof1WETdW2WBW6PaLVbjVStd0WitBo7Va2WlulbCQaUAQSK4qYkHDwAJkEkpAEOYT5P3AnZUiyZjJZM2tW1uf9evGAdU8mV5JZx+u+r2vZrByLogIAZ0qKi9GyWTmqrG7UjppGpaXEMxsY6IRA+kCwTwGB4ZzkPCRVAAAAAD9aZnOe6PjZnNw4AUD4pafy4AoIBn0gAPNxTnIOyn8BAAAAfgQymxMAgHCixxe6gj4QABA8VqoAAAAAfjCbEwAQKWqbDmtuYanPCsq8LLcK8rOVFBdjYWSwm4L8bM0pLPH5LNEHAgD8I6kCAAAA+NEym7O4vNqnoWuUy6XczFRmcwIAwoYeXzALfSAAIDiU/wIAAAACUJCfrdzMVJ9tzOYE0F1RWioytfT4Oj7BL/n2+AI6Kz01XpOH9yOhAgABYqUKAAAAEABmcwJwAkpLRbZAenxxbgIAILRYqQIAAAB0ArM5AXRnRqWlYD16fAEAYD2SKgAAAAAAgNJSNtDS4yvK5fLZHuVyKS/LTcIfAIAwIKkCAAAAAAACKi0F69HjC2ajhxIAdA49VQAAAAAAAKWlbIIeXzALPZQAIDisVAEAAAAAAJSWshl6fKGrblux2SehIklFZR7dumKTRREBgD2QVAEAAAAAAJLsV1qKskVAcCo8DVq3vabdsXXba9inAMAA5b8AAAAAAIAk+5SWomwR0DUfVrafUGkdr6iJyH0fACIBK1UAAAAAAICPSC8tNbewVMXl1T7bisurNaewxKKIAHvxHDhkOF7dYDwOAE5GUgUAAAAAANhGhadBRWUeNXu9PtubvV4VlXkoWwQEwN27l+F4SkLPMEUCAPZDUgUAAAAAANjGzn1NhuM7akiqAP5MSO9rOH52RkqYIgEA+yGpAgAAAAAAbGNo3zjD8bSUyCxZBkSSDHeCJnaQOJmYkRKxpf8AIBKQVAEAAAAAALaR4U5QXpZbUS6Xz/Yol0t5WW4eBgMBeu7GccrLcvtsy8ty67kbx1kUEQDYg8vrPaEIaTdXX1+vpKQk1dXVKTEx0epwAAAAAABAJ+2qadLVi9/X/qYjrduS42L0+uxzNDjFeCULAF+V1Y3aUdOotJR4kpJAF1R4GrRzXxP7kk11Jm8QHaaYAAAAAAAATHHvyi2qP3jUZ1v9waO6Z+UWLZuVY1FUgD2lp/IAGOiK2qbDmltYqqIyT+u2vCy3CvKzlRQXY2FkCBXKfwEAAAAAANuo8DSoqMyj5hMKbzR7vSoq86iymkb1AIDwmVtYquLyap9txeXVmlNYYlFECDWSKgAAAAAAwDZ27msyHN9RQ1IFABAeJPqdiaQKAAAAAACwjaF9jXumpKVQxggAEB4k+p2JpAoAAAAAALCNDHeC8rLcinK5fLZHuVzKy3LTGwIAEDYk+p2JpAoAAAAAALCVgvxs5Wam+mzLzUxVQX62RREBAJyIRL8zubzeEwq+dXP19fVKSkpSXV2dEhMTrQ4HAAAAAAAEqbK6UTtqGpWWEs+DKwCAJeqajmhOYYmKyjyt2/Ky3CrIz1ZSXIyFkaEzOpM3iA5TTAAAAAAAAKZy2DxRAEAESoqL0bJZOST6HYSkCgAAAAAAsJXapsOaW1jKrGAAQMRITyWZ4hT0VAEAAAAAALYyt7BUxeXVPtuKy6s1p7DEoogAAIBTkFQBAAAAAAC2UeFpUFGZR80nlP5q9npVVOZRZXWjRZEBAAAnIKkCAAAAAABsY+e+JsPxHTUkVQAAQOiQVAEAAAAAALYxtG+c4XhaCvXsAQBA6JBUAQAAAAAAtpHhTlBelltRLpfP9iiXS3lZbpoEAwCAkCKpAgAAAAAAbKUgP1u5mak+23IzU1WQn21RRAAAwCmirQ4AAAAAAACgM5LiYrRsVo6KvvCoZPd+jR2SrHOz3FaHBQAAHICkCgAAAAAAsJXapsOaW1iqojJP67a8LLcK8rOVFBdjYWQAAKC7o/wXAAAAAACwlbmFpSour/bZVlxerTmFJRZFBABwugpPg9Zsq1JldaPVoSDEWKkCAAAAAABso8LT4LNCpUWz16uiMo8qqxtpVg8ACBtWTzoPK1UAAAAAAIBt7NzXZDi+o4YZwgCA8GH1pPOQVAEAAAAAALYxtG+c4XhaCqtUgM6gZBEQvJbVk81er8/241dPovuh/BcAAAAAALCNDHeC8rLcKi6v9nmIFeVyKTczldJfQIAoWQR0XSCrJzkvdT+sVAEAAAAAALZSkJ+t3MxUn225makqyM+2KCLAfihZBHQdqyediZUqAAAAAADAVpLiYrRsVo4qqxu1o6ZRaSnxzAQGOqGlZNGJji9ZxD4F+MfqSWdipQoAAAAAALCl9NR4TR7ej4dWQCcFUrIIQGBYPek8rFQBAAAAAAAAHISSRYB5WD3pPCRVAAAAAAAAAAehZBFgvvRUkilOQfkvAAAAAAAAwGEoWQQAwWGlCgAAAAAAAOAwlCwCzFXhadDOfU3sSw5AUgUAAAAAAABwKO9x5b8AdF5t02HNLSxVUZmndVtellsF+dlKiouxMDKECkkVAAAAAABgS8wKBoLHg2DAHHMLS1VcXu2zrbi8WnMKS7RsVo5FUSGUSKoAAAAAAABb4WEw0HW3rdisddtrfLYVlXl064pN+tMtZ1sUFWAvFZ4Gn3NRi2avV0VlHlVWN5L074ZoVA8AAAAAAGzFaFYwAP8qPA1tEiot1m2vUWV1Y5gjAuxp574mw/EdNexL3RFJFQAAAAAAYBsts4KbT+gDcfysYADGPqxsP6HSOl5hPA7gO0P7xhmOp6WwSqU7IqkCAAAAAABsg1nBgBlchqO0rgcCk+FOUF6WW1Eu330qyuVSXpab0l/dFEkVAAAAAABgG8wKBrpuQnpfw/GzM1LCFAlgfw9OG6XEWN/W5Ymx0Xpo2ukWRYRQI6kCAAAAAABsg1nBQNdluBM0sYPEycSMFPYjoBPuXfmp6g8e9dlWf/Co7lm5xaKIEGokVQAAAAAAgK0U5GcrNzPVZ1tuZqoK8rMtigiwn+duHKe8LLfPtrwst567cZxFEQH2Q58vZ4r2/xIAAAAAAIDIkRQXo2WzclRZ3agdNY1KS4lnZj3QSV46pwBdFkifL85P3Q8rVQAAAAAAtlfhadCabVXMCHWY9NR4TR7ejwdWQBDmFpaquLzaZ1txebXmFJZYFBFgP/T5ciZWqgAAAAAAbKu26bDmFpaqqMzTui0vy62C/GwlxcVYGBkARK6WkkUnOr5kEclKwL+WPl/F5dU+JcCiXC7lZqayH3VTrFQBAAAAANgWM60BoPMCKVkEIDD0+XIeVqoAAAAAAGyJmdYAEBxKFgHmoc+X87BSBQAAIAjU7gcA6zHTGgCC01KyKMrl8tke5XIpL8vNA2EgCPT5cg5WqgAAAHQCtfsBIHIw0xoAgleQn605hSU+17WULAIA/0iqAAAAdIJR7f5ls3IsigoAnInmsAAQPEoWAUBwKP8FAAAQoJba/cc/uJN8a/cDAMKL5rAA0DWULAKAzmGlCgAAQIACqd3PzSgAhBczrQEAABBOJFUAAAACRO1+AIhc6akkUwAAABB6lP8CAAAIUEvt/iiXy2d7lMulvCw3D/MAAAAAwKEqPA1as62KstAOwEoVAACATijIz9acwhIVlXlat1G7HwAAAACcqbbpsOYWlvrcI+ZluVWQn62kuBgLI0OouLzeEzqtdnP19fVKSkpSXV2dEhMTrQ4HAADYFLX7AQAAAADTX9ig4vJqNR/3mD3K5VJuZqqWzcqxMDJ0RmfyBqxUAQAACAK1+wEAAADA2So8DT4rVFo0e70qKvOosrqR+8ZuKCJ6qixevFhpaWnq1auXJkyYoA0bNnT42t///vc699xzlZycrOTkZE2ZMsXw9QAAAAAAAAAAmG3nvibD8R019FfpjixPqrz88su64447tHDhQm3evFlnnnmmpk6dqqqqqnZf/+677yo/P19r1qzR+vXrNXjwYF188cX66quvwhw5AAAAAAAAAMCphvaNMxxPS2GVSndkeU+VCRMm6KyzztIzzzwjSTp27JgGDx6sOXPmaP78+X6/vrm5WcnJyXrmmWc0ffr0NuOHDh3SoUOHWv9fX1+vwYMH01MFAAAAAAAAANAl9FTpHjrTU8XSlSqHDx/Wpk2bNGXKlNZtPXr00JQpU7R+/fqA3qOpqUlHjhxR37592x1/5JFHlJSU1Ppv8ODBpsQOAAAAAAAAAHC2gvxs5Wam+mzLzUxVQX62RREh1CxtVF9dXa3m5mb179/fZ3v//v31+eefB/Qev/jFLzRo0CCfxMzx7r77bt1xxx2t/29ZqQIAAAAAAOytwtOgnfualJYSTyNgAIAlkuJitGxWjiqrG7WjppFzkgNYmlTpqkWLFumll17Su+++q169erX7mp49e6pnz55hjgwAAAAAAIRKbdNhzS0sVVGZp3VbXpZbBfnZSoqLsTAyAIBTpaeSTHEKS8t/paamKioqSnv37vXZvnfvXg0YMMDwax9//HEtWrRI77zzjkaPHh3KMAEAAAAAQASZW1iq4vJqn23F5dWaU1hiUUQAAMApLE2qnHTSSRo3bpxWr17duu3YsWNavXq1Jk6c2OHXPfbYY3rggQf097//XePHjw9HqAAAAICk70rNrNlWpcrqRqtDAQBHqvA0qKjM49MQWJKavV4VlXk4PgMAgJCyvPzXHXfcoRkzZmj8+PHKycnRk08+qcbGRs2cOVOSNH36dJ188sl65JFHJEmPPvqoFixYoD/96U9KS0vTnj17JEkJCQlKSEiw7OcAAABA90apGQCIDDv3NRmO76hppPwKAAAIGUtXqkjS9ddfr8cff1wLFizQmDFjVFpaqr///e+tzet37dqlb775pvX1zz77rA4fPqzvfe97GjhwYOu/xx9/3KofAQAAAA5AqRkAiAxD+8YZjqelkFABAACh4/J6T1gv283V19crKSlJdXV1SkxMtDocAAAA2ECFp0EXPLG2w/E1d53PrGgACKPpL2xQcXm1TwmwKJdLuZmpWjYrx8LIAACAHXUmb2D5ShUAAAAg0gVSagYAED4F+dnKzUz12ZabmaqC/GyLIgIAOB29F53D8p4qAAAAQKSj1AwARJakuBgtm5WjyupG7ahpVFpKPCsGAQCWoPei87BSBQAAAPAjw52gvCy3olwun+1RLpfystw8yAMAi6Snxmvy8H4chwEAlrltxWafhIokFZV5dOuKTRZFhFAjqQIAAAAEgFIzABB5KLUCALBShadB67bXtDu2bnsN56duivJfAAAAQAAoNQMAkYNSKwCASPBhZfsJldbxihruGbohVqoAAAAAnUCpGQCw3tzCUhWXV/tsKy6v1pzCEosiAgA4k8tw1BumKBBeJFUAAAAAAIBtVHgaVFTmUbPX91FVs9erojIPpVaATqKMHhC8Cel9DcfPzkgJUyQIJ8p/AQAAAAAA29i5r8lwfEdNI6sJgQBQRg/ougx3giZmpGh9RdsyYBMzUjgfdVOsVAEAAAAAALYxtG+c4XhaCg+wgEBQRg8wx6PXjlbyCYnI5LgYPXbtaIsiQqiRVAEAAAAAALaR4U5o8/CqRXJcDLOCgQBQRg8wz70rt6j+4FGfbfUHj+qelVssigihRlIFAAAAAADYRoWnQfubjrQ7tr/pCA+DgQAEUkYPgH8kKJ2JpAoAAAAAALANHgYDXUcZPcAcnJOciaQKAAAAAACwDR4GA12X4U5QXpZbUS6Xz/Yol0t5WW7K6AEB4pzkTCRVAAAAAACAbfAwGDBHQX62cjNTfbblZqaqID/boogA++Gc5Ewur/eEgm/dXH19vZKSklRXV6fExESrwwEAAAAAAJ1U13REcwpLVFTmad2Wl+VWQX62kjpoYg+gfZXVjdpR06i0lHgeAANB4JzUPXQmb0BSBQAAAIBlKjwN2rmviQc5AIJS9IVHJbv3a+yQZJ2b5bY6HACAg5GgtLfO5A2iwxQTAAAAALSqbTqsuYWlzOgDEBSOIQCASJOeao9kCpOauo6VKgAAAADCbvoLG1RcXq3m425Holwu5WamatmsHAsjA2AHHEMAAOgcJiQY60zegEb1AAAAAMKqwtOgojKPz8NQSWr2elVU5lFldaNFkQGwA44hAIBIVOFp0JptVRF7HppbWKri8mqfbcXl1ZpTWGJRRPZF+S8AAAAAYbVzX5Ph+I6aRkoRAOgQxxDAXJQCArrGDitAWiYknOj4CQns/4EjqQIAAAAgrIb2jTMcT0vhhg5AxziGAOaww4NgwA6MVoBESklKJiSYi/JfAAAAAMIqw52gvCy3olwun+1RLpfystzc0AHodiK9JAyc6dblm9vMXC8q8+gnyzdZFBFgP3YpScmEBHORVAEAAAAQdgX52crNTPXZlpuZqoL8bIsiAmAXgcy2jRS1TYc1/YUNuuCJtZq55CNNfvxdTX9hg+qajlgdGhyuwtOg9RU17Y6tr6iJmAfBQKSzyzmJSU3movwXAAAAgLBLiovRslk5qqxu1I6aRuq4AwiYnWbb2qEkDJzpw8p9huMfVNRwXgYCYKdzUkF+tuYUlvisUGNSU3BIqgAAAACwTHoqyRQA3RNNgRHZvIajLsNRAC1aVoAUl1f7lACLcrmUm5kaUcd5JjWZh/JfAAAAAADANuxSasUuccKZJqSnGI9nGI8D+Be7lbVNT43X5OH9SKh0AStVAAAAAACAbdil1Ipd4oQzZbgTlJPWVxt2tC0DlpPWl4etQCewAsR5WKkCAAAAAABswy7Ndu0SJ5wrqkf7Rb462g7AGCtAnIOkCgAAAAAAsBW7lFqxS5xwngpPg9ZX1LQ7tr6iRpXVlKcDgI5Q/gsAAAAAANiKXUqt2CVOOE8gPX/4rAJA+0iqAAAAAAAAW0pPtUeSwi5xwjno+QMAwaP8FwAAAAAAAOAg9PwBgOCRVAEAAAAAAAAc5sFppysx1reITWJstB6adrpFEQGAPZBUAQAAAAAAABzm3pVbVH/wqM+2+oNHdc/KLRZFBAD2QFIFAABElApPg9Zsq1JldaPVoQAAAADdUoWnQUVlHjV7vT7bm71eFZV5uBYHAAM0qgcAABGhtumw5haWqqjM07otL8utgvxsJcXFWBgZAAAA0L3s3NdkOL6jppG+KgDQAVaqAACAiDC3sFTF5dU+24rLqzWnsMSiiAAAAIDuaWjfOMPxtBQSKgDQEZIqAADAcpQfAAAAAMInw52gvCy3olwun+1RLpfystysUgEAAyRVAACA5QIpPwAA6D7onwUA1ivIz1ZuZqrPttzMVBXkZ1sUEQDYAz1VAACA5Sg/AADOQP8sAIgcSXExWjYrR5XVjdpR06i0lHhWqABAAFipAgAALEf5AQBwBvpnAUDkSU+N1+Th/bjmBrqIlbjOwUoVAAAQEQryszWnsMRn9jLlBwCg+2jpn3Wi4/tn8UAPAADYDStxnYekCgAAiAiUHwCA7i2Q/lkc99FZFZ4G7dzXxHUDAMAyRitxl83KsSgqhBJJFQAAEFHSU3koAgDdEf2zYCZmBQMAIgErcZ2JnioAAAAAgJCjfxbMRH8eAEAkCGQlLrofkioAAAAAgLAoyM9Wbmaqzzb6Z6GzWmYFN3u9PtuPnxUMAEA4sBLXmSj/BQAAAAAIC/pnwQz05wHMRW8iAOgckioAACCicFMHAN0f/bPQFcwKBsxBbyKg69785zd+xr/WnAuywhQNwoWkCgAAiAjc1AEAAADhY9SbaNmsHIuiAuxlX+Mh4/GGw2GKBOFETxUAABARaDgLAAACQVNgoOvoTQSYY/LwfobjF4w0Hoc9kVQBAACW46YOAAAEivJfQNeRnATMcd7wfuoT235lhT6xMTo3yx3miBAOJFUAAIDluKkDACB4FZ4GrdlW5ZhJCBnuBOVluRXlcvlsj3K5lJflpl8PEACSk4B53rj9HCWfULI6OS5Gb9x+jkURIdToqQIAACzHTR0AAJ3n5H5kBfnZmlNY4vOz52amqiA/28KoAPtoSU4Wl1f7rBaPcrmUm5lKchLohMEpcSpZcLHeK/No8679GjskmRUq3ZzL6z2hzkY3V19fr6SkJNXV1SkxMdHqcAAAwP+Z/sKGDm/qaJQJAEBbnDulyupG7ahpVFpKPA+BgU6qazrSJjnplMQsAJyoM3kDkioAACAicFMHAEDgKjwNuuCJtR2Or7nrfJIMAAJCchIAOpc3oPwXAACICElxMVo2K4ebOgAAAhBIPzLOowACkZ7KdTdghgpPg3bua+Je1gFIqgAAgIjCTR0AAP7RjwwAgMjg5B5nTtXD6gAAAAAAAEDntDSZjnK5fLZHuVzKy3IzQQEAgDC5bcVmn4SKJBWVeXTrik0WRYRQI6kCAAAAAIANFeRnKzcz1WdbbmaqCvKzLYoIAABnqfA0aN32mnbH1m2vUWV1Y5gjQjhQ/gsAAAAAABuiHxkAANb6sLL9hErreEUN5+ZuiKQKAABAEGhCCACIFPQjAwDAKi7DUW+YokB4kVQBAADoBJoQAuYiQQkAAAAjkXy9OCG9r+H42RkpYYoE4URSBQAAoBPmFpaquLzaZ1txebXmFJZo2awci6IC7IcEJQAAAIzY4Xoxw52giRkpWl/RtgzYxIyUiEsCwRw0qgcAAAhQhadBRWUeNXt9F3E3e70qKvPQhBDoBKMEJYDOqfA0aM22Kkeeh5z8swNAd2eX68XnbhynvCy3z7a8LLeeu3GcRREh1FipAgAAEKCd+5oMx3fUNDITCQhAS4LyRMcnKNmXAP/sMIM3VJz8swOAE9jpejEpLkbLZuWosrpRO2oaI7JMGczFShUAAIAADe0bZzielsKFMxCIQBKUAPyzywzeUHDyzw4ATmDH68X01HhNHt6PhIoDkFQBAAAIUIY7QXlZbkW5XD7bo1wu5WW5uXgGAkSCEug6J5ekdPLPDgBOwfUiIhlJFQAAgE4oyM9Wbmaqz7bczFQV5GdbFBFgPyQoga6z4wxeszj5ZwcAp+B6EZGMnioAAACdQL1cwBwF+dmaU1jiUyubBCUQOH8zJKN7uPy8wr6YvQwAzsD14nerM3fua+K+M8KQVAEAAAhCeioXtUBXkKAEuuaYn/Gjx7x+XmFfLbOXi8urfUqARblcys1M5VgCAN2Ek68Xa5sOa25hqU9CKS/LrYL8bCXFxVgYGSTKfwEAAACwEA09geA4fbXGg9NGKTHWd55oYmy0Hpp2ukURAQBCxYnXi3MLS1VcXu2zrbi8WnMKSyyKCMcjqQIAAAAAAGzl3pWfqv7gUZ9t9QeP6p6VWyyKCAAAc1R4GlRU5vFZjSlJzV6viso8qqymd5jVSKoAAAAAsEyFp0FrtlVxcwh00oeV+wzHP6ioCVMk4cfDJgBAJDLrunbnvibD8R01nOesRk8VAAAAAGFHnWigq4x7pnTfNvWBPWxyUokYAIC1zL6udXqJTztgpQoAAACAsKNOtLOxQqnrJqSnGI9nGI/bmb8HGdE9unNKCQAQacy+rs1wJygvy60ol+/5LMrlUl6Wm4kDEYCVKgAAAADCqqV0z4mOL93DzWL3xAol82S4EzRpWIrWbW9b5mvSsJRuvQ8d8zN+9JjxKh4AAMwSquvagvxszSks8Xnv3MxUFeRndylemIOkCgAAAICwonSPcxnN5Fw2K8eiqOzr2RvGtXng0pKk6s4oiwIAiBShuq5NiovRslk5qqxu1I6aRqWlxHN9HEFIqgAAAAAIKx6IOhMrlMzn1AcuLWVRisurfZrVR7lcys1MdcTvAAAQGUJ9XZue6oxzu93QUwUAAABAWFEn2pkCmcmJ4KSnxmvy8H6O2ncK8rOVm5nqs42yKACAcGspx9me7l6O08lYqQIAAAAg7KgT7TysUIKZnLpKBwiFCk+Ddu5rYj8CguTtoJVXR9thfyRVAAAAAIQdD0Sdh5JNCAXKogDBq206rLmFpe32ZUqKi7EwMsA+KjwNWl9R0+7Y+ooaypt2U5T/AgAAAGAZJ5YtcjJKNgFA5JhbWKri8mqfbcXl1ZpTWGJRRID9UN7UmVipAgAAAHQCJTKA4LFCCQAiQ4WnwWeFSotmr1dFZR5m1wMB8rdiIbqHy88rYEckVQAAAIAAUCIDMA8lm8y1dluVSr+s1dghyTo3y211OABsIJDZ9RynAf+O+Rk/eozGKt0RSRUAAAAgAEYlMpbNyrEoKgBOtrOmUdMWF2t/05HWbclxMXp99jkanBJnYWQAIt3QvsbHiLQUEipAINiXnImeKgAAAIAfLSUyjm+uLfmWyACAcDsxoSJJ+5uO6KrF71sUEQC7yHAnKC/LrSiXb2miKJdLeVluVqkAgAGSKgAAAIAfNKAEEGnWbqtqk1Bpsb/piN5rp1cCAByvID9buZmpPttyM1NVkJ9tUUSA/XCf4EyU/wIAABGFJuCIRCzrBxBpSr+sNRzfvGu/I/qrcN0ABC8pLkbLZuWosrpRO2oa2Y+AIHCf4EwkVdCKi1Gg69iPgODRBByRrKVERnF5tU8JsCiXS7mZqRzzu4BzJ8zitM/SmFP6GI6PHZIcnkAswnUDYJ70VGccN4FQyHAnaNKwFK3bXtNmbNKwFPatboqkCrgYBUzAfgR0HU3AEekK8rM1p7DE51hPiYzgce6EWZz6WTpveD8lx8W0WwIsOS6m269SuW3F5jYPsIrKPLp1xSb96ZazLYoKsCenJaUBsx1tPtap7bA/l9d7QrfNbq6+vl5JSUmqq6tTYmKi1eFEhOkvbOhw1iUPsYDAsB8BXVPhadAFT6ztcHzNXedzg4eIQYkMc3DuhFmc/FnaXdOkqxa/75NYSY6L0euzz9HgFONyJHbGdQNgDqcmpQEzcU7qPjqTN6BRvcNVeBpUVObxuQGRpGavV0VlHlVW00wJ8If9COg6mvvBTtJT4zV5eD9ujrqAcyfM4vTPUu/YaJ1xch+fbWec3EeJsd37YeiHlW1LrPiMVxiPA/jObSs2+yRUpH+t+AIQGM5JzkRSxeF4iAV0HfsR0HU09wOchXMnzOL0z5JR6czuzWU46qhyHECQKjwN7faAkKR122u6fVIaMA/nJCciqeJwPMQCuo79COi6libgUS7fC9Iol0t5WW5WBADdDOdOmMXJnyUnr9KZkN7XcPzsjJQwRQLYF7PrAXP4e7ge3cM46QJ7IqnicDzEArqO/QgwR0F+tnIzU3220QQc6J44d8IsTv4sOXmVToY7QRM7SJxMzEjp1n93wDzMrgfMsOfAt4bjX9cdDFMkCCeSKuAhFmAC9iOg65LiYrRsVo7W3HW+lsw8S2vuOl/LZuXQJBPopjh3wixO/Sw5eZWOJD134zjlZbl9tuVlufXcjeMsigiwl0FJvQzHT0mODVMkgL2NOaWP4fjYIcnhCQRhFW11ALBey0OsyupG7ahpVFpKPDN7gE5iPwLMk57K/gM4AedOmMWpn6WWVTrF5dU+JcCiXC7lZqZ2+99By9+96Isqleyu1dghyTr3hCQLgI4d8zN+9BhrVYBAnDe8n5LjYrS/6UibseS4GM5N3RRJFbTiIRbQdexHAAB0DudOmMWJn6WC/GzNKSxRUZmndZsTVulIUm3TYc0tLPX52fOy3CrIz2aVKxAA+kAA5nl99jm6avH7PomV5LgYvT77HAujQiiRVAEAAAAAwIZCuUqnwtOgnfuaInblz9zCUhWXV/tsKy6v1pzCEi2blWNRVIB9+Ovz8NV++kAAgTpGFyLHIakCAAAAAICNmblKxw4rQCo8DT7xtWj2elVU5lFldWNEJoKASOI5cNh4vOFQmCIB7G/a4uI25b/2Nx3RVYvfV8mCiy2KCqFEo3oAAAAAAGxs7bYqPbX6C73XTqKhs4xWgESKnfuaDMd31DSGKRLAvty9TzIeT+gZpkgAe1u7rardfirSd4kVM87NiDysVAEAAAAAwIZ21jS2mR3bUsN9cEpcp9/PLitA6AUBdN2E9BTj8QzjcQDfKf2y1nB88679NKvvhlipAgAAAACADRmVGwmGXVaAHPMzfvQYte0BAOEx5pQ+huNjhySHJxCEFUkVAAAAAABsJhTlRob2NV7dkpZi/SoVyT5xApHMLklUININ9nNOOiW58ytHEflIqgAAAAShwtOgNduqVFnNDScAIPwCKTfSWRnuBOVluRXl8i2fFeVyKS/LHRGlvyT7xAlEMsroAeb4sHKf4fgHFTVhigThRFIFAACgE2qbDmv6Cxt0wRNrNXPJR5r8+Lua/sIG1XUwWxiAMRKUMIvTPkuhKjdSkJ+t3MxUn225makqyM8O6v1CxS5xApHqYz+J2Y93G48DaGFccpL0ZPdEo3oAAIBOmFtYquLyap9txeXVmlNYomWzciyKCrCf2qbDmltY6tMUOy/LrYL8bCXFxVgYGezGqZ+l84b3U3JcTLslwJLjYoJuipsUF6Nls3JUWd2oHTWNSkuJj8iVH3aJE4hU/hLQFR5nJKiBrhqUFGs4fnKy8TjsiZUqAAAAAarwNKiozKNmr+9spGavV0VlHsfMjgbMYJSgBDrDyZ+l12efo+QTEkfJcTF6ffY5XX7v9NR4TR7eL+ITFXaJE4g0/mbPU/0LCMzXdd8ajn+5/2CYIkE4sVIFAAAgQIE09OShDuBfS4LyRMcnKNmXEAinf5YGp8SpZMHFeq/Mo8279mvskOSgV6jAfio8Ddq5r4lVOgiK109a5ZhxRaNuhX0JXUP5LyciqQIAABCgoX3jDMfTUrgJAwJBghJm4bP0nXOz3CRTHMSpJe9grvRU4+vaDHf3P3ayL8EME9JTjMczjMdhT5T/AuBYTmtmCqDrMtwJystyK8rlO98oyuVSXpbbEQ/uwPnDDCQoYRZ/N7TRDqlfw3HJWZxc8g7muWL0IMPxy/2MdwfsSwCCxUoVAI7DbBQAXVGQn605hSU+x5DczFQV5GdbGBXCgfOHeVoSlMXl1T49iqJcLuVmppKgRMCO+Rk/2s3r13Bcch6nl7yDeTLcCRo7OEmbd9e1GRs7OKnbf47Yl2AWVs06EytVADgOs1EAdEVSXIyWzcrRmrvO15KZZ2nNXedr2awcHl45AOcPcz04bZQSY33neCXGRuuhaadbFBHsyOmrnjguOW+VTiAP75zAaX/3UImOiurU9u6EfQlmqfLTqL76wKEwRYJwYqUKAEdhNgrgTKFoPpmeSiNLJ+H8Yb57V36q+oNHfbbVHzyqe1Zu0bJZORZFBbtx8qonpx+XnLpKx+mJRKf+3UOhwtOgDTv2tTu2Yce+bn8Mcfq+BPP8Y+tew/FVn+3RdeMHhykahAsrVQA4CrNRAGepbTqs6S9s0AVPrNXMJR9p8uPvavoLG1TXdMTq0GAznD/M1fIw+PiH4JLvw2AgUA9OO92Rq56cfly6bcXmNkmlojKPbl2xyaKIwsPp/d1YnWWeDytrjMcrjMftzun7Esyz3dNgPF5lPG4FVvt1HUkVAI4S6tkonJiAyMKNN8zCbEZzhfphMOdjZ7l35ZYOVz11Z04+LlV4GrRue/sPfNdtr+n2+35BfrZyM1N9tjmhvxsJeXN9seeA4XjZXuPx7sCp+xLMdVK08eP1ntGRU06PSYfmofwXAEcJVYkIlqEDkSfUZVFCUVIMkcvJJYZCIVQPgzkfO4/TS2A5VSAz7Lvz372lv1tldaN21DQ65lqEZtDm8voZPzF51R217EtFX1SpZHetxg5J1rlZbqvDgs0MTo7T53s6Xo0y2M91bzgZTTqk/G7nsFIFgOOEYjYKs+GByBOqmfDM7nEuZjOaJ1QlNzgfO48dS2CZtZLKjj+7eVyGo93/UfB30lPjNXl4P8ckEpy8OisURg5INBwfNSgpTJFYp+W6fvofPtJ/rirTD1/YwHU9Oi2hl/GahfiekbGmgdV+5oqMvyoAhJHZM7uYIQlEplDdeDO7x7n+NZvRo5Ld+5nN2EUF+dmaU1jicw7tSpKK87EzhaO0q1mrEs1eSeXkB8wT0vsajp+dkRKmSBBOrBo1194D3xqP1xuPdwdc18MMe+uM95WqCNmXWO1nLpIqABwrPdWcZfKcmIDIFIobbx7aOhulpcxl9iQHzsfOZKfSrmY/vNvt5zP/5f6mbvuZz3AnKLFXlOq/bW4zltgrqtv+3DA/IR9qkVwuds3WKsPx/926V7dfkBWmaMKP63qYZZef8/HOfZGxAsTJkzFCgfJfANBFnJiAyGV2uSZnl1oBpaVCY1dNo/75Za2+3G+8f/nD+di57FDaNRQlN0q/rDUc37xrf6ff0y4qPA3tJlQkqf7bZkqYdGMtCfk1d52vJTPP0pq7zteyWTkRN7nBDuViPQ2HuzRud1zX28vabVV6avUXeq+dRJjVevsp/5UQIeW/QlV+16ki468KADbGMnQgcpk9E56HtqEVybM5mc1ovp01jZq2uFj7j3vAlBwXo9dnn6PBKZ1v6Mn52LnsUNo1FCupBvTuZTg+KCm2U+9nJx9W7jMc/6CbN6qHeVUHQsUOZaWONh/r0rjdcV1vD2ZfL4bC5WcM0tY9X3Q4fuWZJ4cxGmN2W+0XyUiqAIAJODEBkc2sG+8Md4KS42J8LupbJMfFRPTNfSSzQ1ktSkuZ78QbZEna33REVy1+XyULLg7qPTkfh0YkJzyP17LqKbqHK+JKyYXi4V2/JOOkSmrvnp1+T/swbkVv3MbeGnbZj9B1dpmIccRrnDQ5cqx7J1WYjGEPobheNFuKn/NtcvxJYYrEP7MnojgZSRUAMAEnJsA8kfzQocLT0G5CRfru4j5SbpLtxg6zOZnNaK6126oM96X3yjw6N8vd6fflfGwuOyQ8JfNnsYZifw/Fwzt/tbyje0RiasEcNQeMyxLta4ycskV22Y9gHrtMxEjqFaOaho7LkSX1ipwHwaHCZIzIFqrrRbN9seeA4Xj5XuNxK0T6aj87oKcKAJgoPTVek4f34+QEBMEOtaepvWy+UPQZCAVqEJsr1L0gOB+bwy59hIxmsQYjVPu72b1f/M0hP3rMeDWHnf3j872G46s+Mx4PJ7vsRzCPkxOedmOXHj1OZZfeYbUHje9XO0oMwd5IqgBAhKvwNGjNtqqIebAIhIodHjqwWsF8dkpUhaIZtlM5uReEXdgl4RnILNZghGJ/N/vhnZPPSd8ebr9Jfev4kaNhisSYXfaj43Hv0XV2SXg2+dmPGg9Hxn4UDkzGiExjTuljOD52SHJ4AvGjT6xxIahkknTdEuW/ACBCUSogsstAwVyhrj1t1mcpw52gScNStG57TZuxScNS+JwGwU4PBVseiBZ94VHJ7v0aOyQ5IkoO2JGze0HYg13K1wQyizXSSsmZ2edr/NBkbdzZdqbuWUOTI+LvEyop8T0lNXQ8nhAZx5BQ70dmXitz72GeqrpvDcerDxwKUyTGMlLjtae+41gy3QlhjAZo67zh/ZQUG6O6dlaCJMXGRMx1+Jf7D3ZpHPZEUgUAIpQdegyECjd1zhOqhw6h+CwdbW5//mFH22HMTk1COTaZJ9TJNJLyXWeXhGeoZ7FGes3x8qr2EwtlHWzvLr6pM35A9U1tZDzACtV+FIrzkZPvPcy2dU+94finX9fpOg0OUzQdG+BnVegAPxMggHAY3j9BG3a0nTwwvH/kJP22e4zPueVVXeupwnVtZKL8FwCYyKzl8nYsFWAmO5SBwnfM+syH6qHDrcs3t1kBU1Tm0U+Wbwrq/So8De1e1EvShh37u/2+GSp2Kav142Ub2/083bJso0UR2VeGO6HDmvLRPVxB3zDaoTeTXdilj1DLLNb2RNIs1lBYu62qwzrutQeDL31mB01H/JUtMh4Pl1DtR2ZfKzv93sNsfeONG7ynRshKKn/Jya/9jHcnlL2LTHa59+oZZfx4vWd0VFDvy3VtZGOlCgCYwOzZYnYpuREKoS4DBXOY/ZnP8FNeIJi/eYWnQesr2pbpkqT1FTVBfZY+rGz//VrHK2r4fAYhlGV2zGJ8U7ePY1Mnrd1W1WFN+aPHvHqvzBPUw3BmWpurID9bcwpLfI71kZjwHJYap82769rZ3r33yVCVPrODuBjjB1TxJ0XOo44Hp52uqxe/79P7JzE2Wg9NOz2o9wvFtbId7z0ieeb2FaMH6Teryjocv3z0oDBG07GBflaqRGp/M8reOYddjk0jBiVq696OV6uMGJgY1PuG8ro2ko+hdsFKFcDhmJFhDrNnw9ul5EYo2KlptZOZ/Zl/ZnXHN56S9Ns15Z1+zw8r9xmOf9BBwsVY+zPrW0RG21H7iuQmoW/+82vD8b/6GbdCKM7xZr1nIA+DOyvUM62deM1Ue/CwPvmq1mfbJ1/Vqr6D1RFWqPA0tJtQkaTNu2u79d8rys85KaZH973dP3LMuOTm4QgqyXnvyi2qP+jb8Lv+4FHds3JLUO8XimtlO9172GHmdoY7QcMHtD9haMSA3hFznbP16/aPnf8aNy5jFm6h+NtTISGy2aU/UQ8/5+OoDlZnGwnVda0djqF2ETnTNwCEFTMyzBOK2fB26jFgNjvd1DlVKD7zxdurDcffK/PotsmZnXpPfymOzl/aShPS+xqOn52REsS7osXLG3ZpfWWNcoel6rrx5tQaN2sW1r7Gw4bj1Q2RcVMnheYcb/Z7hqIPhp16M7VYu61KpV/WauyQ5IhcUXDVM++r7oSHwfubjuiKZ97Txwundum9zdo3Q72CMJJncq7+fK/h+KrP9gZx7rQHf8fcSDkmh2JVSSiule1073Hr8s1trkNbJvYU/vhsi6Jqa9ue9metf76na70VzOSv99K2vZETq2T+rH0qJES+PQeMkyqRUqLu02+ME5BbvjJOYLYnVNe1rOo2T0RMXVm8eLHS0tLUq1cvTZgwQRs2bDB8/SuvvKIRI0aoV69eOuOMM/TWW2+FKVKg+2BGhnlCMxte+vnUU3VC+WW5XNL8S4YH9X52YZca7k4Wis987rBUw/FgHjaGYsZQhjtBsdHtf11sdPB9IJzuky9rlfnLt/SLVz/RypKv9bO//FOZv3xLnwVxA9LC7FlYIwcYL9sfNSgpqPcNhVCc429b0f7qtFtXBLc6LRRClZQPRS+dnTWNyr7/Hc1Y8pH+c1WZfvjCBmXf/4521xjfQIfT2m1VbRIqLeoOHg26X4fZ+6bHzyzVYB+u22Em5xd+Hs5+4adZtp0dOmI8ceLQkchYqRKKVSUZ7gQld5DQTY6LCfpaxA79zQKZ2BMJQrECOxSO+lli7W88nEIxa58KCZEvFJNwQqGjY3ILf32W2hOK61r6Z5nL8qTKyy+/rDvuuEMLFy7U5s2bdeaZZ2rq1Kmqqqpq9/Xr1q1Tfn6+Zs2apZKSEk2bNk3Tpk3Tli3BLZ0FnIgDqdnMnw0vST/8w4Y29eaPHvPqhhc+DPId7cMON3XOZv5n/vYLswzHg5lp+4Gf5M/67Z1P/lR4GnSwgzvMg0e9HD+DdM1v17V7vLtqcXHQ72l2YuGYn899cwf9QcItFOf4Ck+D1nWwv6zbHtxDrBc/2Gk8vs54vD2hSMoH0ksnGNMWF/v0V5C+WwFy1eL3g3q/UFizrf37sRartxqvkuiI2fvm/kbjJIe/VWYdMbvMZSgc8VPiyt+4nfn7ySLlJ/f3wCU6yJIwJx4/WuxvOhL0camlv9mau87Xkplnac1d52vZrJyIqmIQqslsZvuHn1Vk73y2J0yRdB9OL3uHyOZvguCJzzYCEYrrWhKJ5rI8qfKb3/xGt9xyi2bOnKnTTjtNzz33nOLi4vSHP/yh3dc/9dRTuuSSS/Szn/1MI0eO1AMPPKCxY8fqmWeeCXPkgH1xIDXXhHTjcj8TgigHtHZbleHNUrCzQ+3CDjd1ThaKz7wkvXxL+yUbOtruz14/y8H31hsvJ2/Pva99Yjh+n59xtPXyhl2GDctf2bi70+8ZmskD9uinE4pzfCDllTrLXxmEf57QxyNQZiflQ9FLxy7n+K/2Gx9Dv6nt/DE0FPum18/e5w1i57TLbPj4XsbXRf7GEXr+kjsdnf+MhPpeLpL7m3n8lAKqiZCyb+6Enobj/Xv3ClMk3Ucoy95RISFyhWqCh9ma/VyL+OsD1hGzr2tJJJrL0qTK4cOHtWnTJk2ZMqV1W48ePTRlyhStX7++3a9Zv369z+slaerUqR2+/tChQ6qvr/f5BzgdB1JzZbgTNGlY+w+RJw1LCepiLBQNfO0okm/qnCwUn3lJmjAsRTsWXa6fTx2uiRl99fOpw7Vj0eWa0MH38qd/UqzxeGLnb2i3VRmXWvl8L9cZnbXezwN7f/122hOKB0526acTinN8KMor+XsQHmyayuykfCh66djlHO/v717l5+Fme0Kxb04e3s9w/IKRxuPtscts+GvGnGw4fu3YU8IUCToSimOyk+/l3H6SESl+khnh4u+4M3lE549LTheqBAgVEiKbv7JZqRGyz4eqTJnZ17UkEs1laVKlurpazc3N6t+/v8/2/v37a8+e9pdD7tmzp1Ovf+SRR5SUlNT6b/Bgc5qeAnbGgdR8z94wTnkn9HzIy3Lr2RvGBfV+dqkdCucy+zN/vNsmZ6rwxxO73Fx32phBhuPXjDV+GNWe4f16G46P6G/cdwNtTfSz8snfcvr2hGo248QOEicTM4JPJpotFOf4UDzEuvx04/3zitGd3z+PZ1ZS3t8D+wtH9jccb49dzvHu3sZ/V3/j7QnFvnne8H7qE9v+w4U+sTFB9eQKVWlXsy24apTh+L1XnBamSNCRUByTnXwvZ5cJDqFa1W22YSnGx+Qsd2R9lkKRAKFCQmS7YrTx9eLlfsbD5bzh/Qx7XQV3LfIvZk42JZFoHsvLf4Xa3Xffrbq6utZ/u3d3voQE0B1xIDWX2RdjoT4pA11lhxuQ84b3U2Kv6HbHEntFB7UfPXjNGYbjD/gZR1vX5wzpsKZ8dA+Xrhvf+QkxoXrg9NyN7ScTn7ux68lEM5l9jg/FQyy7PAw+b3g/JcW2fxxJig3uOGKXc/yNZw81HP/hxLROv2eo9s03bj+nze80OS5Gb9x+TlDvZ5cHopL0wvTxndqO8AvFfZdT7+XsNMEhFKu6zbb6Z5MNx1fdeX54AglQKO8/qJAQmTLcCcpJa/86NCetb0T9vV6f3f61yOuzg7sWCRU73MfbhcvrDabKrDkOHz6suLg4/eUvf9G0adNat8+YMUO1tbX6n//5nzZfM2TIEN1xxx2aN29e67aFCxdq5cqV+vjjj/1+z/r6eiUlJamurk6JicwmBSqrG7WjplFpKfERdUKCtLumSVctft+n7nrLSXmwn1lFAL4Tiv1o6n+u1ba9DW22D++foLd/el7QsTrZZ1/V6arFxT615aN7uPT67FyddnJSUO9Z13REcwpLfBpN52W5VZCf3eWbBrucO82MM/93H7TbY2JiRooKfxxc36PVn+3VrGUb22x/Yfp4XXha51eAhEoojiN2OcePXvi26g8dbbM9sWe0/vkfU4N6z1Dum++VebR5136NHZLc5eTU//f7D7Rue9vP/KRhKfpTkL2+QunBNz/T++UenZPpjpikZKilzf9rh2M7Fl0exkgCE4pzh13OR2YK5THETHaJ86E3P9Xv39/RZvst56TpniuMJ0AA4WCXfamFmdciCL/O5A0sTapI0oQJE5STk6OCggJJ0rFjxzRkyBDdfvvtmj9/fpvXX3/99WpqatIbb7zRum3SpEkaPXq0nnvuOb/fj6QKALvhpAx0nZn7kd0u7O3klY27Vby9WrnDUoNaodIeJz5wCoVQfu7t8jA4FOfjSD/HhzL5E+n7Jsf6yDfyl3/VwXZ6/8b2kLY+HHlJFZgr0o8hLewS50VPvKvKmkalp8RH3AoVQLLPvgR7s1VS5eWXX9aMGTP0/PPPKycnR08++aT+/Oc/6/PPP1f//v01ffp0nXzyyXrkkUckSevWrdN5552nRYsW6fLLL9dLL72khx9+WJs3b9bpp5/u9/uRVAEAAGbgwh5OxOfemSI9+RNKfOYj3/ErViJxhQoAALAHWyVVJOmZZ57Rr3/9a+3Zs0djxozR008/rQkTJkiSzj//fKWlpWnp0qWtr3/llVd07733aseOHcrKytJjjz2myy67LKDvRVIFAAAAAAAAAAC0sF1SJZxIqgAAAAAAAAAAgBadyRv0CFNMAAAAAAAAAAAAtkZSBQAAAAAAAAAAIAAkVQAAAAAAAAAAAAJAUgUAAAAAAAAAACAAJFUAAAAAAAAAAAACQFIFAAAAAAAAAAAgACRVAAAAAAAAAAAAAkBSBQAAAAAAAAAAIAAkVQAAAAAAAAAAAAJAUgUAAAAAAAAAACAAJFUAAAAAAAAAAAACQFIFAAAAAAAAAAAgACRVAAAAAAAAAAAAAkBSBQAAAAAAAAAAIAAkVQAAAAAAAAAAAAJAUgUAAAAAAAAAACAAJFUAAAAAAAAAAAACQFIFAAAAAAAAAAAgACRVAAAAAAAAAAAAAkBSBQAAAAAAAAAAIAAkVQAAAAAAAAAAAAJAUgUAAAAAAAAAACAAJFUAAAAAAAAAAAACQFIFAAAAAAAAAAAgACRVAAAAAAAAAAAAAkBSBQAAAAAAAAAAIAAkVQAAAAAAAAAAAAIQbXUA4eb1eiVJ9fX1FkcCAAAAAAAAAACs1pIvaMkfGHFcUuXAgQOSpMGDB1scCQAAAAAAAAAAiBQHDhxQUlKS4Wtc3kBSL93IsWPH9PXXX6t3795yuVxtxuvr6zV48GDt3r1biYmJFkQI2B/7EdB17EeAOdiXgK5jPwK6jv0IMAf7EtB17Eft83q9OnDggAYNGqQePYy7pjhupUqPHj10yimn+H1dYmIiHyqgi9iPgK5jPwLMwb4EdB37EdB17EeAOdiXgK5jP2rL3wqVFjSqBwAAAAAAAAAACABJFQAAAAAAAAAAgACQVDlBz549tXDhQvXs2dPqUADbYj8Cuo79CDAH+xLQdexHQNexHwHmYF8Cuo79qOsc16geAAAAAAAAAAAgGKxUAQAAAAAAAAAACABJFQAAAAAAAAAAgACQVAEAAAAAAAAAAAgASRUAAAAAAAAAAIAAkFSR9Oyzz2r06NFKTExUYmKiJk6cqL/97W9WhwXY2qJFi+RyuTRv3jyrQwFs5Ve/+pVcLpfPvxEjRlgdFmA7X331lW688UalpKQoNjZWZ5xxhjZu3Gh1WICtpKWltTknuVwuzZ492+rQANtobm7Wfffdp/T0dMXGxmrYsGF64IEH5PV6rQ4NsJUDBw5o3rx5Gjp0qGJjYzVp0iR99NFHVocFRLSioiJdeeWVGjRokFwul1auXOkz7vV6tWDBAg0cOFCxsbGaMmWKysrKrAnWZkiqSDrllFO0aNEibdq0SRs3btQFF1ygq6++Wp9++qnVoQG29NFHH+n555/X6NGjrQ4FsKVRo0bpm2++af33/vvvWx0SYCv79+9Xbm6uYmJi9Le//U2fffaZnnjiCSUnJ1sdGmArH330kc/5aNWqVZKk6667zuLIAPt49NFH9eyzz+qZZ57R1q1b9eijj+qxxx5TQUGB1aEBtnLzzTdr1apVevHFF/XJJ5/o4osv1pQpU/TVV19ZHRoQsRobG3XmmWdq8eLF7Y4/9thjevrpp/Xcc8/pww8/VHx8vKZOnapvv/02zJHaj8vL9Ih29e3bV7/+9a81a9Ysq0MBbKWhoUFjx47Vb3/7Wz344IMaM2aMnnzySavDAmzjV7/6lVauXKnS0lKrQwFsa/78+SouLtZ7771ndShAtzJv3jy9+eabKisrk8vlsjocwBauuOIK9e/fXy+88ELrtmuvvVaxsbFavny5hZEB9nHw4EH17t1b//M//6PLL7+8dfu4ceN06aWX6sEHH7QwOsAeXC6XXnvtNU2bNk3Sd6tUBg0apDvvvFN33XWXJKmurk79+/fX0qVL9YMf/MDCaCMfK1VO0NzcrJdeekmNjY2aOHGi1eEAtjN79mxdfvnlmjJlitWhALZVVlamQYMGKSMjQzfccIN27dpldUiArbz++usaP368rrvuOvXr10/Z2dn6/e9/b3VYgK0dPnxYy5cv10033URCBeiESZMmafXq1friiy8kSR9//LHef/99XXrppRZHBtjH0aNH1dzcrF69evlsj42NZVU/EKTKykrt2bPH5/ldUlKSJkyYoPXr11sYmT1EWx1ApPjkk080ceJEffvtt0pISNBrr72m0047zeqwAFt56aWXtHnzZuqaAl0wYcIELV26VMOHD9c333yj//iP/9C5556rLVu2qHfv3laHB9hCRUWFnn32Wd1xxx365S9/qY8++khz587VSSedpBkzZlgdHmBLK1euVG1trX70ox9ZHQpgK/Pnz1d9fb1GjBihqKgoNTc366GHHtINN9xgdWiAbfTu3VsTJ07UAw88oJEjR6p///4qLCzU+vXrlZmZaXV4gC3t2bNHktS/f3+f7f37928dQ8dIqvyf4cOHq7S0VHV1dfrLX/6iGTNmaO3atSRWgADt3r1b//7v/65Vq1a1mT0CIHDHz1ocPXq0JkyYoKFDh+rPf/4zJSmBAB07dkzjx4/Xww8/LEnKzs7Wli1b9Nxzz5FUAYL0wgsv6NJLL9WgQYOsDgWwlT//+c9asWKF/vSnP2nUqFEqLS3VvHnzNGjQIM5JQCe8+OKLuummm3TyyScrKipKY8eOVX5+vjZt2mR1aAAciPJf/+ekk05SZmamxo0bp0ceeURnnnmmnnrqKavDAmxj06ZNqqqq0tixYxUdHa3o6GitXbtWTz/9tKKjo9Xc3Gx1iIAt9enTR6eeeqrKy8utDgWwjYEDB7aZGDNy5EhK6QFB2rlzp/7xj3/o5ptvtjoUwHZ+9rOfaf78+frBD36gM844Qz/84Q/105/+VI888ojVoQG2MmzYMK1du1YNDQ3avXu3NmzYoCNHjigjI8Pq0ABbGjBggCRp7969Ptv37t3bOoaOkVTpwLFjx3To0CGrwwBs48ILL9Qnn3yi0tLS1n/jx4/XDTfcoNLSUkVFRVkdImBLDQ0N2r59uwYOHGh1KIBt5Obmatu2bT7bvvjiCw0dOtSiiAB7W7Jkifr16+fTHBhAYJqamtSjh++jl6ioKB07dsyiiAB7i4+P18CBA7V//369/fbbuvrqq60OCbCl9PR0DRgwQKtXr27dVl9frw8//JA+4wGg/Jeku+++W5deeqmGDBmiAwcO6E9/+pPeffddvf3221aHBthG7969dfrpp/tsi4+PV0pKSpvtADp211136corr9TQoUP19ddfa+HChYqKilJ+fr7VoQG28dOf/lSTJk3Sww8/rO9///vasGGDfve73+l3v/ud1aEBtnPs2DEtWbJEM2bMUHQ0t49AZ1155ZV66KGHNGTIEI0aNUolJSX6zW9+o5tuusnq0ABbefvtt+X1ejV8+HCVl5frZz/7mUaMGKGZM2daHRoQsRoaGnyqXlRWVqq0tFR9+/bVkCFDNG/ePD344IPKyspSenq67rvvPg0aNEjTpk2zLmib4KpYUlVVlaZPn65vvvlGSUlJGj16tN5++21ddNFFVocGAHCYL7/8Uvn5+aqpqZHb7dY555yjDz74QG632+rQANs466yz9Nprr+nuu+/W/fffr/T0dD355JM0BQaC8I9//EO7du3iATAQpIKCAt1333267bbbVFVVpUGDBun//b//pwULFlgdGmArdXV1uvvuu/Xll1+qb9++uvbaa/XQQw8pJibG6tCAiLVx40ZNnjy59f933HGHJGnGjBlaunSpfv7zn6uxsVE//vGPVVtbq3POOUd///vf6ZUcAJfX6/VaHQQAAAAAAAAAAECko6cKAAAAAAAAAABAAEiqAAAAAAAAAAAABICkCgAAAAAAAAAAQABIqgAAAAAAAAAAAASApAoAAAAAAAAAAEAASKoAAAAAAAAAAAAEgKQKAAAAAAAAAABAAEiqAAAAAAAAAAAABICkCgAAAAAAAAAAQABIqgAAAAAOt2fPHs2ZM0cZGRnq2bOnBg8erCuvvFKrV6/W4cOHlZqaqkWLFrX7tQ888ID69++vI0eOqLm5WYsWLdKIESMUGxurvn37asKECfqv//qv1td7PB7deuutGjJkiHr27KkBAwZo6tSpKi4u7jC+V199VePHj1efPn0UHx+vMWPG6MUXXzT8mZYuXSqXy9X6LyEhQePGjdOrr74a3C/JRK+99prOPvtsJSUlqXfv3ho1apTmzZtndVgAAAAAAhBtdQAAAAAArLNjxw7l5uaqT58++vWvf60zzjhDR44c0dtvv63Zs2fr888/14033qglS5Zo/vz5Pl/r9Xq1dOlSTZ8+XTExMVqwYIGef/55PfPMMxo/frzq6+u1ceNG7d+/v/Vrrr32Wh0+fFh//OMflZGRob1792r16tWqqanpMMa+ffvqnnvu0YgRI3TSSSfpzTff1MyZM9WvXz9NnTq1w69LTEzUtm3bJEkHDhzQkiVL9P3vf1+ffvqphg8f3sXfXHBWr16t66+/Xg899JCuuuoquVwuffbZZ1q1alXIvmdzc7NcLpd69GBOHQAAANBVLq/X67U6CAAAAADWuOyyy/TPf/5T27ZtU3x8vM9YbW2t+vTpo08++USjR4/We++9p3POOad1/N1339XkyZO1detWjRgxQmPGjNE111yjhQsXtvu9amtrlZycrHfffVfnnXdel+IeO3asLr/8cj3wwAPtji9dulTz5s1TbW1t67Zjx46pV69eWrFiha677jpJ0osvvqinnnqq9ee/4IIL9OSTT6pfv36SpP379+v222/XO++8o4aGBp1yyin65S9/qZkzZ0qSdu/erTvvvFPvvPOOevTooXPPPVdPPfWU0tLS2o1r3rx5+vjjj7VmzRrDn++NN97Q/fffr08++UQJCQk699xz9dprr7XG9O///u964403dOjQIZ133nl6+umnlZWV5fOzL1u2TPPnz9cXX3yh8vJyDRw4UPfcc48KCwtVW1ur008/XY8++qjOP//8QH/tAAAAgOMxVQkAAABwqH379unvf/+7Zs+e3SahIkl9+vSRJJ1xxhk666yz9Ic//MFnfMmSJZo0aZJGjBghSRowYID+93//Vx6Pp93vl5CQoISEBK1cuVKHDh0KKmav16vVq1dr27ZtysvLC/jrmpub9cc//lHSdwmZFkeOHNEDDzygjz/+WCtXrtSOHTv0ox/9qHX8vvvu02effaa//e1v2rp1q5599lmlpqa2fu3UqVPVu3dvvffeeyouLlZCQoIuueQSHT58uN04BgwYoE8//VRbtmzpMNa//vWvuuaaa3TZZZeppKREq1evVk5OTuv4j370I23cuFGvv/661q9fL6/Xq8suu0xHjhxpfU1TU5MeffRR/dd//Zc+/fRT9evXT7fffrvWr1+vl156Sf/85z913XXX6ZJLLlFZWVnAv0cAAADA6VipAgAAADjUhg0bNGHCBL366qu65pprDF/7/PPP66677tI333yjhIQEHThwQAMGDNDTTz+tWbNmSZI+++wzfe9739O2bds0atQoTZo0SVdffbUuvfTS1vf57//+b91yyy06ePCgxo4dq/POO08/+MEPNHr0aMPvX1dXp5NPPlmHDh1SVFSUfvvb3+qmm27q8PVLly7VzJkzW5NFBw8eVExMjJ577jmfpMmJNm7cqLPOOksHDhxQQkKCrrrqKqWmprZJKEnS8uXL9eCDD2rr1q1yuVySpMOHD6tPnz5auXKlLr744jZf09jYqO9///t66623NHToUJ199tm6+OKLdcMNN6hnz56SpEmTJikjI0PLly9v8/VlZWU69dRTVVxcrEmTJkmSampqNHjwYP3xj3/Udddd1/qzl5aW6swzz5Qk7dq1SxkZGdq1a5cGDRrU+n5TpkxRTk6OHn744Q5/JwAAAAD+hZUqAAAAgEN1Zn5Vfn6+mpub9ec//1mS9PLLL6tHjx66/vrrW19z2mmnacuWLfrggw900003qaqqSldeeaVuvvnm1tdce+21+vrrr/X666/rkksu0bvvvquxY8dq6dKlht+/d+/eKi0t1UcffaSHHnpId9xxh959992Avqa0tFQlJSV6+OGH9ZOf/ERvvPFG62s2bdqkK6+8UkOGDFHv3r1by5Lt2rVLknTrrbfqpZde0pgxY/Tzn/9c69ata/3ajz/+WOXl5erdu3frKpy+ffvq22+/1fbt29uNKT4+Xn/9619VXl6ue++9VwkJCbrzzjuVk5OjpqYmSVJpaakuvPDCdr9+69atio6O1oQJE1q3paSkaPjw4dq6dWvrtpNOOsknUfXJJ5+oublZp556amusCQkJWrt2bYexAgAAAGiLRvUAAACAQ2VlZcnlcunzzz/3+9rExER973vf05IlS3TTTTe1Nn1PSEjweV2PHj101lln6ayzztK8efO0fPly/fCHP9Q999yj9PR0SVKvXr100UUX6aKLLtJ9992nm2++WQsXLjRcQdKjRw9lZmZKksaMGaOtW7fqkUceMewHcvzXSNLo0aP1zjvv6NFHH9WVV16pxsZGTZ06VVOnTtWKFSvkdru1a9cuTZ06tbV816WXXqqdO3fqrbfe0qpVq3ThhRdq9uzZevzxx9XQ0KBx48ZpxYoVbb632+02/H0OGzZMw4YN080336x77rlHp556ql5++WXNnDlTsbGxhl8biNjY2NbVM5LU0NCgqKgobdq0SVFRUT6vPfFvCAAAAKBjrFQBAAAAHKpv376aOnWqFi9erMbGxjbjxzd5l6RZs2bp/fff15tvvql169a1lv0yctppp0lSu+9//GuMxttz7NixoPqyREVF6eDBg5Kkzz//XDU1NVq0aJHOPfdcjRgxQlVVVW2+xu12a8aMGVq+fLmefPJJ/e53v5P0XW+WsrIy9evXT5mZmT7/kpKSAo4pLS1NcXFxrb+D0aNHa/Xq1e2+duTIkTp69Kg+/PDD1m01NTXatm1b6++6PdnZ2WpublZVVVWbWAcMGBBwrAAAAIDTsVIFAAAAcLDFixcrNzdXOTk5uv/++zV69GgdPXpUq1at0rPPPutTUiovL0+ZmZmaPn26RowY0drTo8X3vvc95ebmatKkSRowYIAqKyt1991369RTT9WIESNUU1Oj6667TjfddJNGjx6t3r17a+PGjXrsscd09dVXdxjjI488ovHjx2vYsGE6dOiQ3nrrLb344ot69tlnDX82r9erPXv2SPqup8qqVav09ttva8GCBZKkIUOG6KSTTlJBQYF+8pOfaMuWLXrggQd83mPBggUaN26cRo0apUOHDunNN9/UyJEjJUk33HCDfv3rX+vqq6/W/fffr1NOOUU7d+7Uq6++qp///Oc65ZRT2sT0q1/9Sk1NTbrssss0dOhQ1dbW6umnn9aRI0d00UUXSZIWLlyoCy+8UMOGDdMPfvADHT16VG+99ZZ+8YtfKCsrS1dffbVuueUWPf/88+rdu7fmz5+vk08+2fB3eOqpp+qGG27Q9OnT9cQTTyg7O1sej0erV6/W6NGjdfnllxv+LgEAAAB8h5UqAAAAgINlZGRo8+bNmjx5su68806dfvrpuuiii7R69eo2SQuXy6WbbrpJ+/fvb7dJ/NSpU/XGG2/oyiuv1KmnnqoZM2ZoxIgReueddxQdHa2EhARNmDBB//mf/6m8vDydfvrpuu+++3TLLbfomWee6TDGxsZG3XbbbRo1apRyc3P13//931q+fLlPr5b21NfXa+DAgRo4cKBGjhypJ554Qvfff7/uueceSd+tQFm6dKleeeUVnXbaaVq0aJEef/xxn/c46aSTdPfdd2v06NHKy8tTVFSUXnrpJUlSXFycioqKNGTIEP3bv/2bRo4cqVmzZunbb79VYmJiuzGdd955qqioaE1MXXrppdqzZ4/eeecdDR8+XJJ0/vnn65VXXtHrr7+uMWPG6IILLtCGDRta32PJkiUaN26crrjiCk2cOFFer1dvvfWWYmJiDH8fS5Ys0fTp03XnnXdq+PDhmjZtmj766CMNGTLE8OsAAAAA/IvL25nulAAAAAAAAAAAAA7FShUAAAAAAAAAAIAAkFQBAAAAAAAAAAAIAEkVAAAAAAAAAACAAJBUAQAAAAAAAAAACABJFQAAAAAAAAAAgACQVAEAAAAAAAAAAAgASRUAAAAAAAAAAIAAkFQBAAAAAAAAAAAIAEkVAAAAAAAAAACAAJBUAQAAAAAAAAAACABJFQAAAAAAAAAAgAD8/3+gDeL7WSiyAAAAAElFTkSuQmCC",
       "text/plain": [
        "<Figure size 2000x1000 with 1 Axes>"
       ]
@@ -177,10 +177,10 @@
    "execution_count": 7,
    "metadata": {
     "execution": {
-     "iopub.execute_input": "2024-09-12T00:27:14.298235Z",
-     "iopub.status.busy": "2024-09-12T00:27:14.297689Z",
-     "iopub.status.idle": "2024-09-12T00:27:14.318149Z",
-     "shell.execute_reply": "2024-09-12T00:27:14.317536Z"
+     "iopub.execute_input": "2024-09-13T00:27:00.064779Z",
+     "iopub.status.busy": "2024-09-13T00:27:00.064305Z",
+     "iopub.status.idle": "2024-09-13T00:27:00.084235Z",
+     "shell.execute_reply": "2024-09-13T00:27:00.083572Z"
     }
    },
    "outputs": [
@@ -220,7 +220,7 @@
        "      <td>CVE-2021-27104</td>\n",
        "      <td>9.8</td>\n",
        "      <td>0.01277</td>\n",
-       "      <td>0.86014</td>\n",
+       "      <td>0.86020</td>\n",
        "      <td>Accellion FTA contains an OS command injection...</td>\n",
        "      <td>Accellion</td>\n",
        "      <td>FTA</td>\n",
@@ -230,7 +230,7 @@
        "      <td>CVE-2021-27102</td>\n",
        "      <td>7.8</td>\n",
        "      <td>0.00083</td>\n",
-       "      <td>0.36222</td>\n",
+       "      <td>0.36228</td>\n",
        "      <td>Accellion FTA contains an OS command injection...</td>\n",
        "      <td>Accellion</td>\n",
        "      <td>FTA</td>\n",
@@ -240,7 +240,7 @@
        "      <td>CVE-2021-27101</td>\n",
        "      <td>9.8</td>\n",
        "      <td>0.00761</td>\n",
-       "      <td>0.81532</td>\n",
+       "      <td>0.81539</td>\n",
        "      <td>Accellion FTA contains a SQL injection vulnera...</td>\n",
        "      <td>Accellion</td>\n",
        "      <td>FTA</td>\n",
@@ -250,7 +250,7 @@
        "      <td>CVE-2021-27103</td>\n",
        "      <td>9.8</td>\n",
        "      <td>0.01217</td>\n",
-       "      <td>0.85640</td>\n",
+       "      <td>0.85645</td>\n",
        "      <td>Accellion FTA contains a server-side request f...</td>\n",
        "      <td>Accellion</td>\n",
        "      <td>FTA</td>\n",
@@ -260,7 +260,7 @@
        "      <td>CVE-2021-21017</td>\n",
        "      <td>8.8</td>\n",
        "      <td>0.65226</td>\n",
-       "      <td>0.97967</td>\n",
+       "      <td>0.97968</td>\n",
        "      <td>Acrobat Acrobat and Reader contain a heap-base...</td>\n",
        "      <td>Adobe</td>\n",
        "      <td>Acrobat and Reader</td>\n",
@@ -270,7 +270,7 @@
        "      <td>CVE-2021-28550</td>\n",
        "      <td>8.8</td>\n",
        "      <td>0.40916</td>\n",
-       "      <td>0.97365</td>\n",
+       "      <td>0.97366</td>\n",
        "      <td>Adobe Acrobat and Reader contains a use-after-...</td>\n",
        "      <td>Adobe</td>\n",
        "      <td>Acrobat and Reader</td>\n",
@@ -280,7 +280,7 @@
        "      <td>CVE-2018-4939</td>\n",
        "      <td>9.8</td>\n",
        "      <td>0.96914</td>\n",
-       "      <td>0.99755</td>\n",
+       "      <td>0.99754</td>\n",
        "      <td>Adobe ColdFusion contains a deserialization of...</td>\n",
        "      <td>Adobe</td>\n",
        "      <td>ColdFusion</td>\n",
@@ -310,7 +310,7 @@
        "      <td>CVE-2020-5735</td>\n",
        "      <td>8.8</td>\n",
        "      <td>0.02271</td>\n",
-       "      <td>0.89845</td>\n",
+       "      <td>0.89850</td>\n",
        "      <td>Amcrest cameras and NVR contain a stack-based ...</td>\n",
        "      <td>Amcrest</td>\n",
        "      <td>Cameras and Network Video Recorder (NVR)</td>\n",
@@ -321,16 +321,16 @@
       ],
       "text/plain": [
        "              CVE  CVSS3     EPSS  EPSS Percentile  \\\n",
-       "0  CVE-2021-27104    9.8  0.01277          0.86014   \n",
-       "1  CVE-2021-27102    7.8  0.00083          0.36222   \n",
-       "2  CVE-2021-27101    9.8  0.00761          0.81532   \n",
-       "3  CVE-2021-27103    9.8  0.01217          0.85640   \n",
-       "4  CVE-2021-21017    8.8  0.65226          0.97967   \n",
-       "5  CVE-2021-28550    8.8  0.40916          0.97365   \n",
-       "6   CVE-2018-4939    9.8  0.96914          0.99755   \n",
+       "0  CVE-2021-27104    9.8  0.01277          0.86020   \n",
+       "1  CVE-2021-27102    7.8  0.00083          0.36228   \n",
+       "2  CVE-2021-27101    9.8  0.00761          0.81539   \n",
+       "3  CVE-2021-27103    9.8  0.01217          0.85645   \n",
+       "4  CVE-2021-21017    8.8  0.65226          0.97968   \n",
+       "5  CVE-2021-28550    8.8  0.40916          0.97366   \n",
+       "6   CVE-2018-4939    9.8  0.96914          0.99754   \n",
        "7  CVE-2018-15961    9.8  0.97494          0.99984   \n",
        "8   CVE-2018-4878    9.8  0.97272          0.99886   \n",
-       "9   CVE-2020-5735    8.8  0.02271          0.89845   \n",
+       "9   CVE-2020-5735    8.8  0.02271          0.89850   \n",
        "\n",
        "                                         Description     Vendor  \\\n",
        "0  Accellion FTA contains an OS command injection...  Accellion   \n",
diff --git a/epss_kev_nvd.csv b/epss_kev_nvd.csv
index 9647d1d..adf6c92 100644
--- a/epss_kev_nvd.csv
+++ b/epss_kev_nvd.csv
@@ -1,284 +1,284 @@
 CVE,CVSS3,EPSS,EPSS Percentile,Description,Vendor,Product
-CVE-2021-27104,9.8,0.01277,0.86014,Accellion FTA contains an OS command injection vulnerability exploited via a crafted POST request to various admin endpoints.,Accellion,FTA
-CVE-2021-27102,7.8,0.00083,0.36222,Accellion FTA contains an OS command injection vulnerability exploited via a local web service call.,Accellion,FTA
-CVE-2021-27101,9.8,0.00761,0.81532,Accellion FTA contains a SQL injection vulnerability exploited via a crafted host header in a request to document_root.html.,Accellion,FTA
-CVE-2021-27103,9.8,0.01217,0.8564,Accellion FTA contains a server-side request forgery (SSRF) vulnerability exploited via a crafted POST request to wmProgressstat.html.,Accellion,FTA
-CVE-2021-21017,8.8,0.65226,0.97967,Acrobat Acrobat and Reader contain a heap-based buffer overflow vulnerability that could allow an unauthenticated attacker to achieve code execution in the context of the current user.,Adobe,Acrobat and Reader
-CVE-2021-28550,8.8,0.40916,0.97365,Adobe Acrobat and Reader contains a use-after-free vulnerability that could allow an unauthenticated attacker to achieve code execution in the context of the current user.,Adobe,Acrobat and Reader
-CVE-2018-4939,9.8,0.96914,0.99755,Adobe ColdFusion contains a deserialization of untrusted data vulnerability that could allow for code execution.,Adobe,ColdFusion
+CVE-2021-27104,9.8,0.01277,0.8602,Accellion FTA contains an OS command injection vulnerability exploited via a crafted POST request to various admin endpoints.,Accellion,FTA
+CVE-2021-27102,7.8,0.00083,0.36228,Accellion FTA contains an OS command injection vulnerability exploited via a local web service call.,Accellion,FTA
+CVE-2021-27101,9.8,0.00761,0.81539,Accellion FTA contains a SQL injection vulnerability exploited via a crafted host header in a request to document_root.html.,Accellion,FTA
+CVE-2021-27103,9.8,0.01217,0.85645,Accellion FTA contains a server-side request forgery (SSRF) vulnerability exploited via a crafted POST request to wmProgressstat.html.,Accellion,FTA
+CVE-2021-21017,8.8,0.65226,0.97968,Acrobat Acrobat and Reader contain a heap-based buffer overflow vulnerability that could allow an unauthenticated attacker to achieve code execution in the context of the current user.,Adobe,Acrobat and Reader
+CVE-2021-28550,8.8,0.40916,0.97366,Adobe Acrobat and Reader contains a use-after-free vulnerability that could allow an unauthenticated attacker to achieve code execution in the context of the current user.,Adobe,Acrobat and Reader
+CVE-2018-4939,9.8,0.96914,0.99754,Adobe ColdFusion contains a deserialization of untrusted data vulnerability that could allow for code execution.,Adobe,ColdFusion
 CVE-2018-15961,9.8,0.97494,0.99984,Adobe ColdFusion contains an unrestricted file upload vulnerability that could allow for code execution.,Adobe,ColdFusion
 CVE-2018-4878,9.8,0.97272,0.99886,Adobe Flash Player contains a use-after-free vulnerability that could allow for code execution.,Adobe,Flash Player
-CVE-2020-5735,8.8,0.02271,0.89845,"Amcrest cameras and NVR contain a stack-based buffer overflow vulnerability through port 37777 that allows an unauthenticated, remote attacker to crash the device and possibly execute code.",Amcrest,Cameras and Network Video Recorder (NVR)
-CVE-2019-2215,7.8,0.44808,0.97463,"Android Kernel contains a use-after-free vulnerability in binder.c that allows for privilege escalation from an application to the Linux Kernel. This vulnerability was observed chained with CVE-2020-0041 and CVE-2020-0069 under exploit chain ""AbstractEmu.""",Android,Android Kernel
-CVE-2020-0041,7.8,0.00081,0.35494,"Android Kernel binder_transaction of binder.c contains an out-of-bounds write vulnerability due to an incorrect bounds check that could allow for local privilege escalation. This vulnerability was observed chained with CVE-2019-2215 and CVE-2020-0069 under exploit chain ""AbstractEmu.""",Android,Android Kernel
-CVE-2020-0069,7.8,0.00145,0.51216,"Multiple MediaTek chipsets contain an insufficient input validation vulnerability and have missing SELinux restrictions in the Command Queue drivers ioctl handlers. This causes an out-of-bounds write leading to privilege escalation. This vulnerability was observed chained with CVE-2019-2215 and CVE-2020-0041 under exploit chain ""AbstractEmu.""",MediaTek,Multiple Chipsets
+CVE-2020-5735,8.8,0.02271,0.8985,"Amcrest cameras and NVR contain a stack-based buffer overflow vulnerability through port 37777 that allows an unauthenticated, remote attacker to crash the device and possibly execute code.",Amcrest,Cameras and Network Video Recorder (NVR)
+CVE-2019-2215,7.8,0.44808,0.97464,"Android Kernel contains a use-after-free vulnerability in binder.c that allows for privilege escalation from an application to the Linux Kernel. This vulnerability was observed chained with CVE-2020-0041 and CVE-2020-0069 under exploit chain ""AbstractEmu.""",Android,Android Kernel
+CVE-2020-0041,7.8,0.00081,0.35501,"Android Kernel binder_transaction of binder.c contains an out-of-bounds write vulnerability due to an incorrect bounds check that could allow for local privilege escalation. This vulnerability was observed chained with CVE-2019-2215 and CVE-2020-0069 under exploit chain ""AbstractEmu.""",Android,Android Kernel
+CVE-2020-0069,7.8,0.00145,0.51227,"Multiple MediaTek chipsets contain an insufficient input validation vulnerability and have missing SELinux restrictions in the Command Queue drivers ioctl handlers. This causes an out-of-bounds write leading to privilege escalation. This vulnerability was observed chained with CVE-2019-2215 and CVE-2020-0041 under exploit chain ""AbstractEmu.""",MediaTek,Multiple Chipsets
 CVE-2017-9805,8.1,0.97515,0.99989,"Apache Struts REST Plugin uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to remote code execution when deserializing XML payloads.",Apache,Struts
-CVE-2021-42013,9.8,0.97341,0.99915,Apache HTTP Server contains a path traversal vulnerability that allows an attacker to perform remote code execution if files outside directories configured by Alias-like directives are not under default require all denied or if CGI scripts are enabled. This CVE ID resolves an incomplete patch for CVE-2021-41773.,Apache,HTTP Server
-CVE-2021-41773,7.5,0.97477,0.99975,"Apache HTTP Server contains a path traversal vulnerability that allows an attacker to perform remote code execution if files outside directories configured by Alias-like directives are not under default �require all denied� or if CGI scripts are enabled. The original patch issued under this CVE ID is insufficient, please review remediation information under CVE-2021-42013.",Apache,HTTP Server
-CVE-2019-0211,7.8,0.9607,0.99538,"Apache HTTP Server, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute code with the privileges of the parent process (usually root) by manipulating the scoreboard.",Apache,HTTP Server
+CVE-2021-42013,9.8,0.9739,0.99934,Apache HTTP Server contains a path traversal vulnerability that allows an attacker to perform remote code execution if files outside directories configured by Alias-like directives are not under default require all denied or if CGI scripts are enabled. This CVE ID resolves an incomplete patch for CVE-2021-41773.,Apache,HTTP Server
+CVE-2021-41773,7.5,0.97477,0.99976,"Apache HTTP Server contains a path traversal vulnerability that allows an attacker to perform remote code execution if files outside directories configured by Alias-like directives are not under default �require all denied� or if CGI scripts are enabled. The original patch issued under this CVE ID is insufficient, please review remediation information under CVE-2021-42013.",Apache,HTTP Server
+CVE-2019-0211,7.8,0.9607,0.99539,"Apache HTTP Server, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute code with the privileges of the parent process (usually root) by manipulating the scoreboard.",Apache,HTTP Server
 CVE-2016-4437,9.8,0.97135,0.99839,"Apache Shiro contains a vulnerability which may allow remote attackers to execute code or bypass intended access restrictions via an unspecified request parameter when a cipher key has not been configured for the ""remember me"" feature.",Apache,Shiro
 CVE-2019-17558,7.5,0.97511,0.99988,The Apache Solr VelocityResponseWriter plug-in contains an unspecified vulnerability which can allow for remote code execution.,Apache,Solr
 CVE-2020-17530,9.8,0.97257,0.99879,"Forced Object-Graph Navigation Language (OGNL) evaluation in Apache Struts, when evaluated on raw user input in tag attributes, can lead to remote code execution.",Apache,Struts
-CVE-2017-5638,9.8,0.96541,0.99649,"Apache Struts Jakarta Multipart parser allows for malicious file upload using the Content-Type value, leading to remote code execution.",Apache,Struts
+CVE-2017-5638,9.8,0.96541,0.9965,"Apache Struts Jakarta Multipart parser allows for malicious file upload using the Content-Type value, leading to remote code execution.",Apache,Struts
 CVE-2018-11776,8.1,0.97517,0.99991,"Apache Struts contains a vulnerability that allows for remote code execution under two circumstances. One, where the alwaysSelectFullNamespace option is true and the value isn't set for a result defined in underlying configurations and in same time, its upper package configuration have no or wildcard namespace.  Or, using URL tag which doesn't have value and action set and in same time, its upper package configuration have no or wildcard namespace.",Apache,Struts
-CVE-2021-30858,8.8,0.00716,0.80911,"Apple iOS, iPadOS, and macOS WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,"iOS, iPadOS, and macOS"
-CVE-2019-6223,7.5,0.00678,0.80333,Apple iOS and macOS Group FaceTime contains an unspecified vulnerability where the call initiator can cause the recipient's Apple device to answer unknowingly or without user interaction.,Apple,iOS and macOS
-CVE-2021-30860,7.8,0.00233,0.61821,"Apple iOS, iPadOS, macOS, and watchOS CoreGraphics contain an integer overflow vulnerability which may allow code execution when processing a maliciously crafted PDF. The vulnerability is also known under the moniker of FORCEDENTRY.",Apple,Multiple Products
-CVE-2020-27930,7.8,0.00192,0.57278,"Apple iOS, iPadOS, macOS, and watchOS FontParser contain a memory corruption vulnerability which may allow for code execution when processing maliciously crafted front.",Apple,Multiple Products
-CVE-2021-30807,7.8,0.00116,0.46066,"Apple iOS, iPadOS, macOS, and watchOS IOMobileFrameBuffer contain a memory corruption vulnerability which may allow an application to execute code with kernel privileges.",Apple,Multiple Products
-CVE-2020-27950,5.5,0.00778,0.81751,"Apple iOS, iPadOS, macOS, and watchOS contain a memory initialization vulnerability that may allow a malicious application to disclose kernel memory.",Apple,Multiple Products
-CVE-2020-27932,7.8,0.00192,0.57278,"Apple iOS, iPadOS, macOS, and watchOS contain a type confusion vulnerability that may allow a malicious application to execute code with kernel privileges.",Apple,Multiple Products
-CVE-2020-9818,8.8,0.03937,0.92191,"Apple iOS, iPadOS, and watchOS Mail contains an out-of-bounds write vulnerability which may allow memory modification or application termination when processing a maliciously crafted mail message.",Apple,"iOS, iPadOS, and watchOS"
-CVE-2020-9819,4.3,0.00585,0.7858,"Apple iOS, iPadOS, and watchOS Mail contains a memory corruption vulnerability that may allow heap corruption when processing a maliciously crafted mail message.",Apple,"iOS, iPadOS, and watchOS"
-CVE-2021-30762,8.8,0.00579,0.78472,"Apple iOS WebKit contains a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,iOS
-CVE-2021-1782,7.0,0.00212,0.59697,"Apple iOS, iPadOs, macOS, watchOS, and tvOS contain a race condition vulnerability that may allow a malicious application to elevate privileges.",Apple,Multiple Products
-CVE-2021-1870,9.8,0.01702,0.88067,"Apple iOS, iPadOS, and macOS WebKit contain an unspecified logic vulnerability that allows a remote attacker to execute code. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,"iOS, iPadOS, and macOS"
-CVE-2021-1871,9.8,0.01169,0.85289,"Apple iOS, iPadOS, and macOS WebKit contain an unspecified logic vulnerability that allows a remote attacker to execute code. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,"iOS, iPadOS, and macOS"
-CVE-2021-1879,6.1,0.00228,0.61486,"Apple iOS, iPadOS, and watchOS WebKit contain an unspecified vulnerability that allows for universal cross-site scripting (XSS) when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,"iOS, iPadOS, and watchOS"
-CVE-2021-30661,8.8,0.00618,0.79212,"Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit Storage contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,Multiple Products
-CVE-2021-30666,8.8,0.00547,0.77877,"Apple iOS WebKit contains a buffer-overflow vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,iOS
-CVE-2021-30713,7.8,0.00575,0.78387,"Apple macOS Transparency, Consent, and Control (TCC) contains an unspecified permissions issue which may allow a malicious application to bypass privacy preferences.",Apple,macOS
-CVE-2021-30657,5.5,0.56995,0.97759,Apple macOS contains an unspecified logic issue in System Preferences that may allow a malicious application to bypass Gatekeeper checks.,Apple,macOS
-CVE-2021-30665,8.8,0.00485,0.76456,"Apple iOS, iPadOS, macOS, watchOS, and tvOS WebKit contain a memory corruption vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,Multiple Products
-CVE-2021-30663,8.8,0.00422,0.74697,"Apple iOS, iPadOS, macOS, tvOS, and Safari WebKit contain an integer overflow vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,Multiple Products
-CVE-2021-30761,8.8,0.00495,0.76665,"Apple iOS WebKit contains a memory corruption vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,iOS
-CVE-2021-30869,7.8,0.0013,0.48836,"Apple iOS, iPadOS, and macOS contain a type confusion vulnerability in the XNU which may allow a malicious application to execute code with kernel privileges.",Apple,"iOS, iPadOS, and macOS"
-CVE-2020-9859,7.8,0.0007,0.31302,"Apple iOS, iPadOS, macOS, watchOS, and tvOS contain an unspecified vulnerability that may allow an application to execute code with kernel privileges.",Apple,Multiple Products
-CVE-2021-20090,9.8,0.97218,0.99862,"Arcadyan Buffalo firmware contains a path traversal vulnerability that could allow unauthenticated, remote attackers to bypass authentication and access sensitive information. This vulnerability affects multiple routers across several different vendors.",Arcadyan,Buffalo Firmware
+CVE-2021-30858,8.8,0.00716,0.80919,"Apple iOS, iPadOS, and macOS WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,"iOS, iPadOS, and macOS"
+CVE-2019-6223,7.5,0.00678,0.80343,Apple iOS and macOS Group FaceTime contains an unspecified vulnerability where the call initiator can cause the recipient's Apple device to answer unknowingly or without user interaction.,Apple,iOS and macOS
+CVE-2021-30860,7.8,0.00233,0.61831,"Apple iOS, iPadOS, macOS, and watchOS CoreGraphics contain an integer overflow vulnerability which may allow code execution when processing a maliciously crafted PDF. The vulnerability is also known under the moniker of FORCEDENTRY.",Apple,Multiple Products
+CVE-2020-27930,7.8,0.00192,0.5729,"Apple iOS, iPadOS, macOS, and watchOS FontParser contain a memory corruption vulnerability which may allow for code execution when processing maliciously crafted front.",Apple,Multiple Products
+CVE-2021-30807,7.8,0.00116,0.46075,"Apple iOS, iPadOS, macOS, and watchOS IOMobileFrameBuffer contain a memory corruption vulnerability which may allow an application to execute code with kernel privileges.",Apple,Multiple Products
+CVE-2020-27950,5.5,0.00778,0.81757,"Apple iOS, iPadOS, macOS, and watchOS contain a memory initialization vulnerability that may allow a malicious application to disclose kernel memory.",Apple,Multiple Products
+CVE-2020-27932,7.8,0.00192,0.5729,"Apple iOS, iPadOS, macOS, and watchOS contain a type confusion vulnerability that may allow a malicious application to execute code with kernel privileges.",Apple,Multiple Products
+CVE-2020-9818,8.8,0.03937,0.92196,"Apple iOS, iPadOS, and watchOS Mail contains an out-of-bounds write vulnerability which may allow memory modification or application termination when processing a maliciously crafted mail message.",Apple,"iOS, iPadOS, and watchOS"
+CVE-2020-9819,4.3,0.00585,0.78588,"Apple iOS, iPadOS, and watchOS Mail contains a memory corruption vulnerability that may allow heap corruption when processing a maliciously crafted mail message.",Apple,"iOS, iPadOS, and watchOS"
+CVE-2021-30762,8.8,0.00579,0.7848,"Apple iOS WebKit contains a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,iOS
+CVE-2021-1782,7.0,0.00212,0.59708,"Apple iOS, iPadOs, macOS, watchOS, and tvOS contain a race condition vulnerability that may allow a malicious application to elevate privileges.",Apple,Multiple Products
+CVE-2021-1870,9.8,0.01702,0.88072,"Apple iOS, iPadOS, and macOS WebKit contain an unspecified logic vulnerability that allows a remote attacker to execute code. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,"iOS, iPadOS, and macOS"
+CVE-2021-1871,9.8,0.01169,0.85296,"Apple iOS, iPadOS, and macOS WebKit contain an unspecified logic vulnerability that allows a remote attacker to execute code. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,"iOS, iPadOS, and macOS"
+CVE-2021-1879,6.1,0.00228,0.61497,"Apple iOS, iPadOS, and watchOS WebKit contain an unspecified vulnerability that allows for universal cross-site scripting (XSS) when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,"iOS, iPadOS, and watchOS"
+CVE-2021-30661,8.8,0.00618,0.79222,"Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit Storage contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,Multiple Products
+CVE-2021-30666,8.8,0.00547,0.77886,"Apple iOS WebKit contains a buffer-overflow vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,iOS
+CVE-2021-30713,7.8,0.00575,0.78396,"Apple macOS Transparency, Consent, and Control (TCC) contains an unspecified permissions issue which may allow a malicious application to bypass privacy preferences.",Apple,macOS
+CVE-2021-30657,5.5,0.56995,0.9776,Apple macOS contains an unspecified logic issue in System Preferences that may allow a malicious application to bypass Gatekeeper checks.,Apple,macOS
+CVE-2021-30665,8.8,0.00485,0.76464,"Apple iOS, iPadOS, macOS, watchOS, and tvOS WebKit contain a memory corruption vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,Multiple Products
+CVE-2021-30663,8.8,0.00422,0.74703,"Apple iOS, iPadOS, macOS, tvOS, and Safari WebKit contain an integer overflow vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,Multiple Products
+CVE-2021-30761,8.8,0.00495,0.76674,"Apple iOS WebKit contains a memory corruption vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,iOS
+CVE-2021-30869,7.8,0.0013,0.48844,"Apple iOS, iPadOS, and macOS contain a type confusion vulnerability in the XNU which may allow a malicious application to execute code with kernel privileges.",Apple,"iOS, iPadOS, and macOS"
+CVE-2020-9859,7.8,0.0007,0.31307,"Apple iOS, iPadOS, macOS, watchOS, and tvOS contain an unspecified vulnerability that may allow an application to execute code with kernel privileges.",Apple,Multiple Products
+CVE-2021-20090,9.8,0.97218,0.99863,"Arcadyan Buffalo firmware contains a path traversal vulnerability that could allow unauthenticated, remote attackers to bypass authentication and access sensitive information. This vulnerability affects multiple routers across several different vendors.",Arcadyan,Buffalo Firmware
 CVE-2021-27562,5.5,0.95412,0.99428,"Arm Trusted Firmware contains an out-of-bounds write vulnerability allowing the non-secure (NS) world to trigger a system halt, overwrite secure data, or print out secure data when calling secure functions under the non-secure processing environment (NSPE) handler mode. This vulnerability affects Yealink Device Management servers.",Arm,Trusted Firmware
-CVE-2021-28664,8.8,0.0042,0.74639,"Arm Mali Graphics Processing Unit (GPU) kernel driver contains an unspecified vulnerability that may allow a non-privileged user to gain write access to read-only memory, gain root privilege, corrupt memory, and modify the memory of other processes.",Arm,Mali Graphics Processing Unit (GPU)
-CVE-2021-28663,8.8,0.01485,0.87125,"Arm Mali Graphics Processing Unit (GPU) kernel driver contains a use-after-free vulnerability that may allow a non-privileged user to make improper operations on GPU memory to gain root privilege, and/or disclose information.",Arm,Mali Graphics Processing Unit (GPU)
+CVE-2021-28664,8.8,0.0042,0.74645,"Arm Mali Graphics Processing Unit (GPU) kernel driver contains an unspecified vulnerability that may allow a non-privileged user to gain write access to read-only memory, gain root privilege, corrupt memory, and modify the memory of other processes.",Arm,Mali Graphics Processing Unit (GPU)
+CVE-2021-28663,8.8,0.01583,0.87625,"Arm Mali Graphics Processing Unit (GPU) kernel driver contains a use-after-free vulnerability that may allow a non-privileged user to make improper operations on GPU memory to gain root privilege, and/or disclose information.",Arm,Mali Graphics Processing Unit (GPU)
 CVE-2019-3398,8.8,0.96969,0.99769,"Atlassian Confluence Server and Data Center contain a path traversal vulnerability in the downloadallattachments resource that may allow a privileged, remote attacker to write files. Exploitation can lead to remote code execution.",Atlassian,Confluence Server and Data Center
 CVE-2021-26084,9.8,0.97409,0.99944,Atlassian Confluence Server and Data Server contain an Object-Graph Navigation Language (OGNL) injection vulnerability that may allow an unauthenticated attacker to execute code.,Atlassian,Confluence Server and Data Center
 CVE-2019-11580,9.8,0.97458,0.99966,Atlassian Crowd and Crowd Data Center contain a remote code execution vulnerability resulting from a pdkinstall development plugin being incorrectly enabled in release builds.,Atlassian,Crowd and Crowd Data Center
 CVE-2019-3396,9.8,0.97394,0.99936,Atlassian Confluence Server and Data Center contain a server-side template injection vulnerability that may allow an attacker to achieve path traversal and remote code execution.,Atlassian,Confluence Server and Data Server
 CVE-2021-42258,9.8,0.97322,0.99909,"BQE BillQuick Web Suite contains an SQL injection vulnerability when accessing the username parameter that may allow for unauthenticated, remote code execution.",BQE,BillQuick Web Suite
-CVE-2020-3452,7.5,0.97459,0.99966,Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an improper input validation vulnerability when HTTP requests process URLs.  An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device.,Cisco,Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
+CVE-2020-3452,7.5,0.97459,0.99967,Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an improper input validation vulnerability when HTTP requests process URLs.  An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device.,Cisco,Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
 CVE-2020-3580,6.1,0.97074,0.99805,Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an insufficient input validation vulnerability for user-supplied input by the web services interface.  Successful exploitation could allow an attacker to perform cross-site scripting (XSS) in the context of the interface or access sensitive browser-based information.,Cisco,Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
 CVE-2021-1497,9.8,0.97545,0.99997,Cisco HyperFlex HX Installer Virtual Machine contains an insufficient input validation vulnerability which could allow an attacker to execute commands on an affected device as the root user.,Cisco,HyperFlex HX
 CVE-2021-1498,9.8,0.97545,0.99997,Cisco HyperFlex HX Installer Virtual Machine contains an insufficient input validation vulnerability which could allow an attacker to execute commands on an affected device as the tomcat8 user.,Cisco,HyperFlex HX
-CVE-2018-0171,9.8,0.85075,0.98594,"Cisco IOS and IOS XE Software improperly validates packet data, allowing an unauthenticated, remote attacker to trigger a reload of an affected device, cause a denial-of-service (DoS) condition, or perform code execution on the affected device.",Cisco,IOS and IOS XE
-CVE-2020-3118,8.8,0.00219,0.60362,"Cisco IOS XR improperly validates string input from certain fields in Cisco Discovery Protocol messages. Exploitation could allow an unauthenticated, adjacent attacker to execute code with administrative privileges or cause a reload on an affected device.",Cisco,IOS XR
-CVE-2020-3566,8.6,0.00371,0.73107,"Cisco IOS XR Distance Vector Multicast Routing Protocol (DVMRP) incorrectly handles Internet Group Management Protocol (IGMP) packets. Exploitation could allow an unauthenticated, remote attacker to immediately crash the IGMP process or make it consume available memory and eventually crash.",Cisco,IOS XR
-CVE-2020-3569,8.6,0.00371,0.73107,"Cisco IOS XR Distance Vector Multicast Routing Protocol (DVMRP) incorrectly handles Internet Group Management Protocol (IGMP) packets. Exploitation could allow an unauthenticated, remote attacker to immediately crash the IGMP process or make it consume available memory and eventually crash.",Cisco,IOS XR
-CVE-2020-3161,9.8,0.03013,0.9113,Cisco IP Phones contain an improper input validation vulnerability for HTTP requests. Exploitation could allow an attacker to execute code remotely with root privileges or cause a denial-of-service (DoS) condition.,Cisco,Cisco IP Phones
+CVE-2018-0171,9.8,0.85075,0.98596,"Cisco IOS and IOS XE Software improperly validates packet data, allowing an unauthenticated, remote attacker to trigger a reload of an affected device, cause a denial-of-service (DoS) condition, or perform code execution on the affected device.",Cisco,IOS and IOS XE
+CVE-2020-3118,8.8,0.00219,0.60373,"Cisco IOS XR improperly validates string input from certain fields in Cisco Discovery Protocol messages. Exploitation could allow an unauthenticated, adjacent attacker to execute code with administrative privileges or cause a reload on an affected device.",Cisco,IOS XR
+CVE-2020-3566,8.6,0.00371,0.73113,"Cisco IOS XR Distance Vector Multicast Routing Protocol (DVMRP) incorrectly handles Internet Group Management Protocol (IGMP) packets. Exploitation could allow an unauthenticated, remote attacker to immediately crash the IGMP process or make it consume available memory and eventually crash.",Cisco,IOS XR
+CVE-2020-3569,8.6,0.00371,0.73113,"Cisco IOS XR Distance Vector Multicast Routing Protocol (DVMRP) incorrectly handles Internet Group Management Protocol (IGMP) packets. Exploitation could allow an unauthenticated, remote attacker to immediately crash the IGMP process or make it consume available memory and eventually crash.",Cisco,IOS XR
+CVE-2020-3161,9.8,0.03013,0.91134,Cisco IP Phones contain an improper input validation vulnerability for HTTP requests. Exploitation could allow an attacker to execute code remotely with root privileges or cause a denial-of-service (DoS) condition.,Cisco,Cisco IP Phones
 CVE-2019-1653,7.5,0.97555,0.99998,Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers contain improper access controls for URLs. Exploitation could allow an attacker to download the router configuration or detailed diagnostic information.,Cisco,Small Business RV320 and RV325 Routers
 CVE-2018-0296,7.5,0.97435,0.99958,Cisco Adaptive Security Appliance (ASA) contains an improper input validation vulnerability with HTTP URLs. Exploitation could allow an attacker to cause a denial-of-service (DoS) condition or information disclosure.,Cisco,Adaptive Security Appliance (ASA)
-CVE-2019-13608,7.5,0.00625,0.79352,Citrix StoreFront Server contains an XML External Entity (XXE) processing vulnerability that may allow an unauthenticated attacker to retrieve potentially sensitive information.,Citrix,StoreFront Server
+CVE-2019-13608,7.5,0.00625,0.79362,Citrix StoreFront Server contains an XML External Entity (XXE) processing vulnerability that may allow an unauthenticated attacker to retrieve potentially sensitive information.,Citrix,StoreFront Server
 CVE-2020-8193,6.5,0.97463,0.99969,"Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an authorization bypass vulnerability that may allow unauthenticated access to certain URL endpoints. The attacker must have access to the NetScaler IP (NSIP) in order to perform exploitation.",Citrix,"Application Delivery Controller (ADC), Gateway, and SD-WAN WANOP Appliance"
 CVE-2020-8195,6.5,0.89151,0.98818,"Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an information disclosure vulnerability.",Citrix,"Application Delivery Controller (ADC), Gateway, and SD-WAN WANOP Appliance"
-CVE-2020-8196,4.3,0.00478,0.76285,"Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an information disclosure vulnerability.",Citrix,"Application Delivery Controller (ADC), Gateway, and SD-WAN WANOP Appliance"
-CVE-2019-19781,9.8,0.97504,0.99986,"Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an unspecified vulnerability that could allow an unauthenticated attacker to perform code execution.",Citrix,"Application Delivery Controller (ADC), Gateway, and SD-WAN WANOP Appliance"
-CVE-2019-11634,9.8,0.02353,0.90024,Citrix Workspace Application and Receiver for Windows contains remote code execution vulnerability resulting from local drive access preferences not being enforced into the clients' local drives.,Citrix,Workspace Application and Receiver for Windows
-CVE-2020-29557,9.8,0.06893,0.9406,D-Link DIR-825 R1 devices contain a buffer overflow vulnerability in the web interface that may allow for remote code execution.,D-Link,DIR-825 R1 Devices
-CVE-2020-25506,9.8,0.97384,0.99933,D-Link DNS-320 device contains a command injection vulnerability in the sytem_mgr.cgi component that may allow for remote code execution.,D-Link,DNS-320 Device
-CVE-2018-15811,7.5,0.04489,0.92639,DotNetNuke (DNN) contains an inadequate encryption strength vulnerability resulting from the use of a weak encryption algorithm to protect input parameters.,DotNetNuke (DNN),DotNetNuke (DNN)
-CVE-2018-18325,7.5,0.04489,0.92639,DotNetNuke (DNN) contains an inadequate encryption strength vulnerability resulting from the use of a weak encryption algorithm to protect input parameters. This CVE ID resolves an incomplete patch for CVE-2018-15811.,DotNetNuke (DNN),DotNetNuke (DNN)
-CVE-2017-9822,8.8,0.97347,0.99918,DotNetNuke (DNN) contains a vulnerability that may allow for remote code execution via cookie deserialization.,DotNetNuke (DNN),DotNetNuke (DNN)
-CVE-2019-15752,7.8,0.00689,0.80499,Docker Desktop Community Edition contains a vulnerability that may allow local users to escalate privileges by placing a trojan horse docker-credential-wincred.exe file in %PROGRAMDATA%\DockerDesktop\version-bin\.,Docker,Desktop Community Edition
+CVE-2020-8196,4.3,0.00478,0.76292,"Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an information disclosure vulnerability.",Citrix,"Application Delivery Controller (ADC), Gateway, and SD-WAN WANOP Appliance"
+CVE-2019-19781,9.8,0.97498,0.99985,"Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an unspecified vulnerability that could allow an unauthenticated attacker to perform code execution.",Citrix,"Application Delivery Controller (ADC), Gateway, and SD-WAN WANOP Appliance"
+CVE-2019-11634,9.8,0.02353,0.90029,Citrix Workspace Application and Receiver for Windows contains remote code execution vulnerability resulting from local drive access preferences not being enforced into the clients' local drives.,Citrix,Workspace Application and Receiver for Windows
+CVE-2020-29557,9.8,0.07642,0.94295,D-Link DIR-825 R1 devices contain a buffer overflow vulnerability in the web interface that may allow for remote code execution.,D-Link,DIR-825 R1 Devices
+CVE-2020-25506,9.8,0.97384,0.99932,D-Link DNS-320 device contains a command injection vulnerability in the sytem_mgr.cgi component that may allow for remote code execution.,D-Link,DNS-320 Device
+CVE-2018-15811,7.5,0.04489,0.92644,DotNetNuke (DNN) contains an inadequate encryption strength vulnerability resulting from the use of a weak encryption algorithm to protect input parameters.,DotNetNuke (DNN),DotNetNuke (DNN)
+CVE-2018-18325,7.5,0.04489,0.92644,DotNetNuke (DNN) contains an inadequate encryption strength vulnerability resulting from the use of a weak encryption algorithm to protect input parameters. This CVE ID resolves an incomplete patch for CVE-2018-15811.,DotNetNuke (DNN),DotNetNuke (DNN)
+CVE-2017-9822,8.8,0.97347,0.99917,DotNetNuke (DNN) contains a vulnerability that may allow for remote code execution via cookie deserialization.,DotNetNuke (DNN),DotNetNuke (DNN)
+CVE-2019-15752,7.8,0.00689,0.80509,Docker Desktop Community Edition contains a vulnerability that may allow local users to escalate privileges by placing a trojan horse docker-credential-wincred.exe file in %PROGRAMDATA%\DockerDesktop\version-bin\.,Docker,Desktop Community Edition
 CVE-2020-8515,9.8,0.97276,0.99889,"DrayTek Vigor3900, Vigor2960, and Vigor300B routers contain an unspecified vulnerability that allows for remote code execution.",DrayTek,Multiple Vigor Routers
 CVE-2018-7600,9.8,0.9756,1.0,"Drupal Core contains a remote code execution vulnerability that could allow an attacker to exploit multiple attack vectors on a Drupal site, resulting in complete site compromise.",Drupal,Drupal Core
 CVE-2021-22205,10.0,0.97358,0.99922,"GitHub Community and Enterprise Editions that utilize the ability to upload images through GitLab Workhorse are vulnerable to remote code execution. Workhorse passes image file extensions through ExifTool, which improperly validates the image files.",GitLab,Community and Enterprise Editions
 CVE-2018-6789,9.8,0.95806,0.99493,Exim contains a buffer overflow vulnerability in the base64d function part of the SMTP listener that may allow for remote code execution.,Exim,Exim
-CVE-2020-8657,9.8,0.18236,0.96287,"EyesOfNetwork contains a use of hard-coded credentials vulnerability, as it uses the same API key by default. Exploitation allows an attacker to calculate or guess the admin access token.",EyesOfNetwork,EyesOfNetwork
-CVE-2020-8655,7.8,0.0052,0.77255,EyesOfNetwork contains an improper privilege management vulnerability that may allow a user to run commands as root via a crafted Nmap Scripting Engine (NSE) script to nmap7.,EyesOfNetwork,EyesOfNetwork
+CVE-2020-8657,9.8,0.18236,0.96289,"EyesOfNetwork contains a use of hard-coded credentials vulnerability, as it uses the same API key by default. Exploitation allows an attacker to calculate or guess the admin access token.",EyesOfNetwork,EyesOfNetwork
+CVE-2020-8655,7.8,0.0052,0.77266,EyesOfNetwork contains an improper privilege management vulnerability that may allow a user to run commands as root via a crafted Nmap Scripting Engine (NSE) script to nmap7.,EyesOfNetwork,EyesOfNetwork
 CVE-2020-5902,9.8,0.9754,0.99996,F5 BIG-IP Traffic Management User Interface (TMUI) contains a remote code execution vulnerability in undisclosed pages.,F5,BIG-IP
 CVE-2021-22986,9.8,0.97487,0.9998,"F5 BIG-IP and BIG-IQ Centralized Management contain a remote code execution vulnerability in the iControl REST interface that allows unauthenticated attackers with network access to execute system commands, create or delete files, and disable services.",F5,BIG-IP and BIG-IQ Centralized Management
-CVE-2021-35464,9.8,0.97349,0.99919,"ForgeRock Access Management (AM) Core Server allows an attacker who sends a specially crafted HTTP request to one of three endpoints (/ccversion/Version, /ccversion/Masthead, or /ccversion/ButtonFrame) to execute code in the context of the current user (unless ForgeRock AM is running as root user, which the vendor does not recommend).",ForgeRock,Access Management (AM)
-CVE-2019-5591,6.5,0.00234,0.61892,Fortinet FortiOS contains a default configuration vulnerability that may allow an unauthenticated attacker on the same subnet to intercept sensitive information by impersonating the Lightweight Directory Access Protocol (LDAP) server.,Fortinet,FortiOS
-CVE-2020-12812,9.8,0.02923,0.91007,Fortinet FortiOS SSL VPN contains an improper authentication vulnerability that may allow a user to login successfully without being prompted for the second factor of authentication (FortiToken) if they change the case in their username.,Fortinet,FortiOS
-CVE-2018-13379,9.8,0.96863,0.99737,Fortinet FortiOS SSL VPN web portal contains a path traversal vulnerability that may allow an unauthenticated attacker to download FortiOS system files through specially crafted HTTP resource requests.,Fortinet,FortiOS
-CVE-2020-16010,8.8,0.00322,0.71149,"Google Chrome for Android UI contains a heap buffer overflow vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page.",Google,Chrome for Android UI
-CVE-2020-15999,6.5,0.0292,0.91001,"Google Chrome uses FreeType, an open-source software library to render fonts, which contains a heap buffer overflow vulnerability in the function Load_SBit_Png when processing PNG images embedded into fonts. This vulnerability is part of an exploit chain with CVE-2020-17087 on Windows and CVE-2020-16010 on Android.",Google,Chrome FreeType
-CVE-2021-21166,8.8,0.03804,0.92056,"Google Chromium contains a race condition vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium
-CVE-2020-16017,9.6,0.00229,0.61586,"Google Chrome contains a use-after-free vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page.  ",Google,Chrome
-CVE-2021-37976,6.5,0.16285,0.96093,"Google Chromium contains an information disclosure vulnerability within the core memory component that allows a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium
-CVE-2020-16009,8.8,0.89732,0.98853,"Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
-CVE-2021-30632,8.8,0.61062,0.97874,"Google Chromium V8 Engine contains an out-of-bounds write vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
-CVE-2020-16013,8.8,0.00374,0.73227,"Google Chromium V8 Engine contains an inappropriate implementation vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
-CVE-2021-30633,9.6,0.00721,0.80989,"Google Chromium Indexed DB API contains a use-after-free vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium Indexed DB API
-CVE-2021-21148,8.8,0.01101,0.84766,"Google Chromium V8 Engine contains a heap buffer overflow vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
-CVE-2021-37973,9.6,0.01619,0.87782,"Google Chromium Portals contains a use-after-free vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. This vulnerability affects web browsers that utilize Chromium, including Google Chrome and Microsoft Edge.",Google,Chromium Portals
-CVE-2021-30551,8.8,0.35549,0.97216,"Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
-CVE-2021-37975,8.8,0.15706,0.96035,"Google Chromium V8 Engine contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
+CVE-2021-35464,9.8,0.97349,0.99918,"ForgeRock Access Management (AM) Core Server allows an attacker who sends a specially crafted HTTP request to one of three endpoints (/ccversion/Version, /ccversion/Masthead, or /ccversion/ButtonFrame) to execute code in the context of the current user (unless ForgeRock AM is running as root user, which the vendor does not recommend).",ForgeRock,Access Management (AM)
+CVE-2019-5591,6.5,0.00234,0.61902,Fortinet FortiOS contains a default configuration vulnerability that may allow an unauthenticated attacker on the same subnet to intercept sensitive information by impersonating the Lightweight Directory Access Protocol (LDAP) server.,Fortinet,FortiOS
+CVE-2020-12812,9.8,0.02923,0.91011,Fortinet FortiOS SSL VPN contains an improper authentication vulnerability that may allow a user to login successfully without being prompted for the second factor of authentication (FortiToken) if they change the case in their username.,Fortinet,FortiOS
+CVE-2018-13379,9.8,0.96972,0.99772,Fortinet FortiOS SSL VPN web portal contains a path traversal vulnerability that may allow an unauthenticated attacker to download FortiOS system files through specially crafted HTTP resource requests.,Fortinet,FortiOS
+CVE-2020-16010,8.8,0.00322,0.71157,"Google Chrome for Android UI contains a heap buffer overflow vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page.",Google,Chrome for Android UI
+CVE-2020-15999,6.5,0.0292,0.91004,"Google Chrome uses FreeType, an open-source software library to render fonts, which contains a heap buffer overflow vulnerability in the function Load_SBit_Png when processing PNG images embedded into fonts. This vulnerability is part of an exploit chain with CVE-2020-17087 on Windows and CVE-2020-16010 on Android.",Google,Chrome FreeType
+CVE-2021-21166,8.8,0.03804,0.92061,"Google Chromium contains a race condition vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium
+CVE-2020-16017,9.6,0.00229,0.61596,"Google Chrome contains a use-after-free vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page.  ",Google,Chrome
+CVE-2021-37976,6.5,0.16285,0.96095,"Google Chromium contains an information disclosure vulnerability within the core memory component that allows a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium
+CVE-2020-16009,8.8,0.89732,0.98854,"Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
+CVE-2021-30632,8.8,0.61062,0.97875,"Google Chromium V8 Engine contains an out-of-bounds write vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
+CVE-2020-16013,8.8,0.00374,0.73233,"Google Chromium V8 Engine contains an inappropriate implementation vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
+CVE-2021-30633,9.6,0.00721,0.80997,"Google Chromium Indexed DB API contains a use-after-free vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium Indexed DB API
+CVE-2021-21148,8.8,0.01101,0.84772,"Google Chromium V8 Engine contains a heap buffer overflow vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
+CVE-2021-37973,9.6,0.01619,0.87788,"Google Chromium Portals contains a use-after-free vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. This vulnerability affects web browsers that utilize Chromium, including Google Chrome and Microsoft Edge.",Google,Chromium Portals
+CVE-2021-30551,8.8,0.35549,0.97218,"Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
+CVE-2021-37975,8.8,0.15706,0.96037,"Google Chromium V8 Engine contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
 CVE-2020-6418,8.8,0.97082,0.99812,"Google Chromium V8 Engine contains a type confusion vulnerability allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
-CVE-2021-30554,8.8,0.01817,0.88501,"Google Chromium WebGL contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium WebGL
-CVE-2021-21206,8.8,0.04553,0.92688,"Google Chromium Blink contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium Blink
-CVE-2021-38000,6.1,0.03117,0.91269,"Google Chromium Intents contains an improper input validation vulnerability that allows a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium Intents
-CVE-2021-38003,8.8,0.02825,0.90875,"Google Chromium V8 Engine has a bug in JSON.stringify, where the internal TheHole value can leak to script code, causing memory corruption. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
-CVE-2021-21224,8.8,0.73095,0.98175,"Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to execute code inside a sandbox via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
-CVE-2021-21193,8.8,0.01139,0.85044,"Google Chromium Blink contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium Blink
+CVE-2021-30554,8.8,0.01817,0.88506,"Google Chromium WebGL contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium WebGL
+CVE-2021-21206,8.8,0.04553,0.92691,"Google Chromium Blink contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium Blink
+CVE-2021-38000,6.1,0.03117,0.91272,"Google Chromium Intents contains an improper input validation vulnerability that allows a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium Intents
+CVE-2021-38003,8.8,0.02825,0.90879,"Google Chromium V8 Engine has a bug in JSON.stringify, where the internal TheHole value can leak to script code, causing memory corruption. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
+CVE-2021-21224,8.8,0.73095,0.98177,"Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to execute code inside a sandbox via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
+CVE-2021-21193,8.8,0.01139,0.85051,"Google Chromium Blink contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium Blink
 CVE-2021-21220,8.8,0.95278,0.99406,"Google Chromium V8 Engine contains an improper input validation vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
-CVE-2021-30563,8.8,0.00374,0.73227,"Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
-CVE-2020-4430,4.3,0.96062,0.99537,IBM Data Risk Manager contains a directory traversal vulnerability that could allow a remote authenticated attacker to traverse directories and send a specially crafted URL request to download arbitrary files from the system.,IBM,Data Risk Manager
-CVE-2020-4427,9.8,0.02468,0.90279,"IBM Data Risk Manager contains a security bypass vulnerability that could allow a remote attacker to bypass security restrictions when configured with SAML authentication. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to bypass the authentication process and gain full administrative access to the system.",IBM,Data Risk Manager
-CVE-2020-4428,9.1,0.00544,0.77826,"IBM Data Risk Manager contains an unspecified vulnerability which could allow a remote, authenticated attacker to execute commands on the system.�",IBM,Data Risk Manager
-CVE-2019-4716,9.8,0.12437,0.95548,"IBM Planning Analytics is vulnerable to a configuration overwrite that allows an unauthenticated user to login as ""admin"", and then execute code as root or SYSTEM via TM1 scripting.",IBM,Planning Analytics
-CVE-2016-3715,5.5,0.81823,0.98453,"ImageMagick contains an unspecified vulnerability that could allow users to delete files by using ImageMagick's 'ephemeral' pseudo protocol, which deletes files after reading.",ImageMagick,ImageMagick
+CVE-2021-30563,8.8,0.00374,0.73233,"Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
+CVE-2020-4430,4.3,0.96062,0.99538,IBM Data Risk Manager contains a directory traversal vulnerability that could allow a remote authenticated attacker to traverse directories and send a specially crafted URL request to download arbitrary files from the system.,IBM,Data Risk Manager
+CVE-2020-4427,9.8,0.02468,0.90284,"IBM Data Risk Manager contains a security bypass vulnerability that could allow a remote attacker to bypass security restrictions when configured with SAML authentication. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to bypass the authentication process and gain full administrative access to the system.",IBM,Data Risk Manager
+CVE-2020-4428,9.1,0.00544,0.77835,"IBM Data Risk Manager contains an unspecified vulnerability which could allow a remote, authenticated attacker to execute commands on the system.�",IBM,Data Risk Manager
+CVE-2019-4716,9.8,0.12437,0.95549,"IBM Planning Analytics is vulnerable to a configuration overwrite that allows an unauthenticated user to login as ""admin"", and then execute code as root or SYSTEM via TM1 scripting.",IBM,Planning Analytics
+CVE-2016-3715,5.5,0.81823,0.98454,"ImageMagick contains an unspecified vulnerability that could allow users to delete files by using ImageMagick's 'ephemeral' pseudo protocol, which deletes files after reading.",ImageMagick,ImageMagick
 CVE-2016-3718,5.5,0.92964,0.9911,ImageMagick contains an unspecified vulnerability that allows attackers to perform server-side request forgery (SSRF) via a crafted image.,ImageMagick,ImageMagick
 CVE-2020-15505,9.8,0.97541,0.99996,"Ivanti MobileIron's Core & Connector, Sentry, and Monitor and Reporting Database (RDB) products contain an unspecified vulnerability that allows for remote code execution.",Ivanti,MobileIron Multiple Products
-CVE-2021-30116,9.8,0.66108,0.97985,Kaseya Virtual System/Server Administrator (VSA) contains an information disclosure vulnerability allowing an attacker to obtain the sessionId that can be used to execute further attacks against the system.,Kaseya,Virtual System/Server Administrator (VSA)
+CVE-2021-30116,9.8,0.66108,0.97986,Kaseya Virtual System/Server Administrator (VSA) contains an information disclosure vulnerability allowing an attacker to obtain the sessionId that can be used to execute further attacks against the system.,Kaseya,Virtual System/Server Administrator (VSA)
 CVE-2020-7961,9.8,0.97414,0.99948,Liferay Portal contains a deserialization of untrusted data vulnerability that allows remote attackers to execute code via JSON web services.,Liferay,Liferay Portal
-CVE-2021-23874,7.8,0.00114,0.45653,"McAfee Total Protection (MTP) contains an improper privilege management vulnerability that allows a local user to gain elevated privileges and execute code, bypassing MTP self-defense.",McAfee,McAfee Total Protection (MTP)
-CVE-2021-22506,7.5,0.00425,0.74768,Micro Focus Access Manager contains an information leakage vulnerability resulting from a SAML service provider redirection issue when the Assertion Consumer Service URL is used.,Micro Focus,Micro Focus Access Manager
+CVE-2021-23874,7.8,0.00114,0.45661,"McAfee Total Protection (MTP) contains an improper privilege management vulnerability that allows a local user to gain elevated privileges and execute code, bypassing MTP self-defense.",McAfee,McAfee Total Protection (MTP)
+CVE-2021-22506,7.5,0.00425,0.74775,Micro Focus Access Manager contains an information leakage vulnerability resulting from a SAML service provider redirection issue when the Assertion Consumer Service URL is used.,Micro Focus,Micro Focus Access Manager
 CVE-2021-22502,9.8,0.97505,0.99986,Micro Focus Operation Bridge Report (OBR) contains an unspecified vulnerability that allows for remote code execution.,Micro Focus,Operation Bridge Reporter (OBR)
-CVE-2014-1812,,0.00374,0.73224,Microsoft Windows Active Directory contains a privilege escalation vulnerability due to the way it distributes passwords that are configured using Group Policy preferences. An authenticated attacker who successfully exploits the vulnerability could decrypt the passwords and use them to elevate privileges on the domain.,Microsoft,Windows
+CVE-2014-1812,,0.00374,0.73229,Microsoft Windows Active Directory contains a privilege escalation vulnerability due to the way it distributes passwords that are configured using Group Policy preferences. An authenticated attacker who successfully exploits the vulnerability could decrypt the passwords and use them to elevate privileges on the domain.,Microsoft,Windows
 CVE-2021-38647,9.8,0.97427,0.99954,Microsoft Open Management Infrastructure (OMI) within Azure VM Management Extensions contains an unspecified vulnerability allowing remote code execution.,Microsoft,Open Management Infrastructure (OMI)
-CVE-2016-0167,7.8,0.00884,0.82873,Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation via a crafted application,Microsoft,Win32k
-CVE-2020-0878,4.2,0.03055,0.91192,Microsoft Edge and Internet Explorer contain a memory corruption vulnerability that allows attackers to execute code in the context of the current user.,Microsoft,Edge and Internet Explorer
-CVE-2021-31955,5.5,0.01042,0.84299,Microsoft Windows Kernel contains an unspecified vulnerability that allows for information disclosure. Successful exploitation allows attackers to read the contents of kernel memory from a user-mode process.,Microsoft,Windows
-CVE-2021-1647,7.8,0.35001,0.97201,Microsoft Defender contains an unspecified vulnerability that allows for remote code execution.,Microsoft,Defender
-CVE-2021-33739,8.4,0.00099,0.41843,Microsoft Desktop Window Manager (DWM) Core Library contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows
-CVE-2016-0185,7.8,0.96474,0.99626,Microsoft Windows Media Center contains a remote code execution vulnerability when Windows Media Center opens a specially crafted Media Center link (.mcl) file that references malicious code.,Microsoft,Windows
-CVE-2020-0683,7.8,0.00043,0.10059,"Microsoft Windows Installer contains a privilege escalation vulnerability when MSI packages process symbolic links, which allows attackers to bypass access restrictions to add or remove files.",Microsoft,Windows
-CVE-2020-17087,7.8,0.36533,0.97248,Microsoft Windows kernel contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows
-CVE-2021-33742,7.5,0.34184,0.9717,Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for remote code execution.,Microsoft,Windows
-CVE-2021-31199,5.2,0.0054,0.7773,Microsoft Enhanced Cryptographic Provider contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Enhanced Cryptographic Provider
-CVE-2021-33771,7.8,0.00086,0.37158,Microsoft Windows kernel contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows
-CVE-2021-31956,7.8,0.0014,0.50434,Microsoft Windows New Technology File System (NTFS) contains an unspecified vulnerability that allows attackers to escalate privileges via a specially crafted application.,Microsoft,Windows
-CVE-2021-31201,5.2,0.00407,0.74261,Microsoft Enhanced Cryptographic Provider contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Enhanced Cryptographic Provider
-CVE-2021-31979,7.8,0.00086,0.37158,Microsoft Windows kernel contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows
-CVE-2020-0938,7.8,0.94868,0.99334,"Microsoft Windows Adobe Font Manager Library contains an unspecified vulnerability when handling specially crafted multi-master fonts (Adobe Type 1 PostScript format) that allows for remote code execution for all systems except Windows 10. For systems running Windows 10, an attacker who successfully exploited the vulnerability could execute code in an AppContainer sandbox context with limited privileges and capabilities.",Microsoft,Windows
-CVE-2020-17144,8.4,0.32403,0.97108,Microsoft Exchange Server improperly validates cmdlet arguments which allow an attacker to perform remote code execution.,Microsoft,Exchange Server
-CVE-2020-0986,7.8,0.00059,0.26104,Microsoft Windows kernel contains an unspecified vulnerability when handling objects in memory that allows attackers to escalate privileges and execute code in kernel mode.,Microsoft,Windows
+CVE-2016-0167,7.8,0.00884,0.82879,Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation via a crafted application,Microsoft,Win32k
+CVE-2020-0878,4.2,0.03055,0.91195,Microsoft Edge and Internet Explorer contain a memory corruption vulnerability that allows attackers to execute code in the context of the current user.,Microsoft,Edge and Internet Explorer
+CVE-2021-31955,5.5,0.01042,0.84304,Microsoft Windows Kernel contains an unspecified vulnerability that allows for information disclosure. Successful exploitation allows attackers to read the contents of kernel memory from a user-mode process.,Microsoft,Windows
+CVE-2021-1647,7.8,0.35001,0.97203,Microsoft Defender contains an unspecified vulnerability that allows for remote code execution.,Microsoft,Defender
+CVE-2021-33739,8.4,0.00099,0.41855,Microsoft Desktop Window Manager (DWM) Core Library contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows
+CVE-2016-0185,7.8,0.96474,0.99627,Microsoft Windows Media Center contains a remote code execution vulnerability when Windows Media Center opens a specially crafted Media Center link (.mcl) file that references malicious code.,Microsoft,Windows
+CVE-2020-0683,7.8,0.00043,0.10057,"Microsoft Windows Installer contains a privilege escalation vulnerability when MSI packages process symbolic links, which allows attackers to bypass access restrictions to add or remove files.",Microsoft,Windows
+CVE-2020-17087,7.8,0.36533,0.97249,Microsoft Windows kernel contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows
+CVE-2021-33742,7.5,0.34184,0.97173,Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for remote code execution.,Microsoft,Windows
+CVE-2021-31199,5.2,0.0054,0.7774,Microsoft Enhanced Cryptographic Provider contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Enhanced Cryptographic Provider
+CVE-2021-33771,7.8,0.00086,0.37164,Microsoft Windows kernel contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows
+CVE-2021-31956,7.8,0.0014,0.50444,Microsoft Windows New Technology File System (NTFS) contains an unspecified vulnerability that allows attackers to escalate privileges via a specially crafted application.,Microsoft,Windows
+CVE-2021-31201,5.2,0.00407,0.74266,Microsoft Enhanced Cryptographic Provider contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Enhanced Cryptographic Provider
+CVE-2021-31979,7.8,0.00086,0.37164,Microsoft Windows kernel contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows
+CVE-2020-0938,7.8,0.94868,0.99335,"Microsoft Windows Adobe Font Manager Library contains an unspecified vulnerability when handling specially crafted multi-master fonts (Adobe Type 1 PostScript format) that allows for remote code execution for all systems except Windows 10. For systems running Windows 10, an attacker who successfully exploited the vulnerability could execute code in an AppContainer sandbox context with limited privileges and capabilities.",Microsoft,Windows
+CVE-2020-17144,8.4,0.32403,0.97109,Microsoft Exchange Server improperly validates cmdlet arguments which allow an attacker to perform remote code execution.,Microsoft,Exchange Server
+CVE-2020-0986,7.8,0.00059,0.26111,Microsoft Windows kernel contains an unspecified vulnerability when handling objects in memory that allows attackers to escalate privileges and execute code in kernel mode.,Microsoft,Windows
 CVE-2020-1020,8.8,0.94679,0.993,"Microsoft Windows Adobe Font Manager Library contains an unspecified vulnerability when handling specially crafted multi-master fonts (Adobe Type 1 PostScript format) that allows for remote code execution for all systems except Windows 10. For systems running Windows 10, an attacker who successfully exploited the vulnerability could execute code in an AppContainer sandbox context with limited privileges and capabilities.",Microsoft,Windows
-CVE-2021-38645,7.8,0.00073,0.32425,Microsoft Open Management Infrastructure (OMI) within Azure VM Management Extensions contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Open Management Infrastructure (OMI)
-CVE-2021-34523,9.0,0.80969,0.98404,Microsoft Exchange Server contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Exchange Server
-CVE-2017-7269,9.8,0.97321,0.99908,"Microsoft Windows Server 2003 R2 contains a buffer overflow vulnerability in Internet Information Services (IIS) 6.0 which allows remote attackers to execute code via a long header beginning with ""If: <http://"" in a PROPFIND request.",Microsoft,Internet Information Services (IIS)
-CVE-2021-36948,7.8,0.00043,0.10273,Microsoft Windows Update Medic Service contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows
-CVE-2021-38649,7.0,0.00073,0.32425,Microsoft Open Management Infrastructure (OMI) within Azure VM Management Extensions contains an unspecified vulnerability allowing privilege escalation.,Microsoft,Open Management Infrastructure (OMI)
+CVE-2021-38645,7.8,0.00073,0.32433,Microsoft Open Management Infrastructure (OMI) within Azure VM Management Extensions contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Open Management Infrastructure (OMI)
+CVE-2021-34523,9.0,0.80969,0.98405,Microsoft Exchange Server contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Exchange Server
+CVE-2017-7269,9.8,0.97321,0.99909,"Microsoft Windows Server 2003 R2 contains a buffer overflow vulnerability in Internet Information Services (IIS) 6.0 which allows remote attackers to execute code via a long header beginning with ""If: <http://"" in a PROPFIND request.",Microsoft,Internet Information Services (IIS)
+CVE-2021-36948,7.8,0.00043,0.10272,Microsoft Windows Update Medic Service contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows
+CVE-2021-38649,7.0,0.00073,0.32433,Microsoft Open Management Infrastructure (OMI) within Azure VM Management Extensions contains an unspecified vulnerability allowing privilege escalation.,Microsoft,Open Management Infrastructure (OMI)
 CVE-2020-0688,8.8,0.97067,0.99803,"Microsoft Exchange Server Validation Key fails to properly create unique keys at install time, allowing for remote code execution.",Microsoft,Exchange Server
-CVE-2017-0143,8.8,0.96304,0.99584,Microsoft Windows Server Message Block 1.0 (SMBv1) contains an unspecified vulnerability that allows for remote code execution.,Microsoft,Windows
-CVE-2016-7255,7.8,0.02689,0.90668,Microsoft Win32k kernel-mode driver fails to properly handle objects in memory which allows for privilege escalation. Successful exploitation allows an attacker to run code in kernel mode.,Microsoft,Win32k
+CVE-2017-0143,8.8,0.96304,0.99585,Microsoft Windows Server Message Block 1.0 (SMBv1) contains an unspecified vulnerability that allows for remote code execution.,Microsoft,Windows
+CVE-2016-7255,7.8,0.02689,0.90674,Microsoft Win32k kernel-mode driver fails to properly handle objects in memory which allows for privilege escalation. Successful exploitation allows an attacker to run code in kernel mode.,Microsoft,Win32k
 CVE-2019-0708,9.8,0.97476,0.99975,"Microsoft Remote Desktop Services, formerly known as Terminal Service, contains an unspecified vulnerability that allows an unauthenticated attacker to connect to the target system using RDP and send specially crafted requests. Successful exploitation allows for remote code execution. The vulnerability is also known under the moniker of BlueKeep.",Microsoft,Remote Desktop Services
 CVE-2021-34473,9.1,0.97296,0.99897,Microsoft Exchange Server contains an unspecified vulnerability that allows for remote code execution.,Microsoft,Exchange Server
-CVE-2020-1464,7.8,0.26303,0.96833,"Microsoft Windows contains a spoofing vulnerability when Windows incorrectly validates file signatures, allowing an attacker to bypass security features and load improperly signed files.",Microsoft,Windows
-CVE-2021-1732,7.8,0.00431,0.74986,Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Win32k
+CVE-2020-1464,7.8,0.26303,0.96834,"Microsoft Windows contains a spoofing vulnerability when Windows incorrectly validates file signatures, allowing an attacker to bypass security features and load improperly signed files.",Microsoft,Windows
+CVE-2021-1732,7.8,0.00431,0.74992,Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Win32k
 CVE-2021-34527,8.8,0.9679,0.99719,Microsoft Windows Print Spooler contains an unspecified vulnerability due to the Windows Print Spooler service improperly performing privileged file operations. Successful exploitation allows an attacker to perform remote code execution with SYSTEM privileges. The vulnerability is also known under the moniker of PrintNightmare.,Microsoft,Windows
 CVE-2021-31207,6.6,0.96349,0.99596,Microsoft Exchange Server contains an unspecified vulnerability that allows for security feature bypass.,Microsoft,Exchange Server
-CVE-2019-0803,7.8,0.00448,0.7554,Microsoft Win32k contains an unspecified vulnerability due to it failing to properly handle objects in memory causing privilege escalation. Successful exploitation allows an attacker to run code in kernel mode.,Microsoft,Win32k
-CVE-2020-1040,9.0,0.00354,0.72476,Microsoft Hyper-V RemoteFX vGPU contains an improper input validation vulnerability due to the host server failing to properly validate input from an authenticated user on a guest operating system. Successful exploitation allows for remote code execution on the host operating system.,Microsoft,Hyper-V RemoteFX
-CVE-2021-28310,7.8,0.00058,0.24621,Microsoft Windows Win32k contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Win32k
+CVE-2019-0803,7.8,0.00448,0.75547,Microsoft Win32k contains an unspecified vulnerability due to it failing to properly handle objects in memory causing privilege escalation. Successful exploitation allows an attacker to run code in kernel mode.,Microsoft,Win32k
+CVE-2020-1040,9.0,0.00354,0.72483,Microsoft Hyper-V RemoteFX vGPU contains an improper input validation vulnerability due to the host server failing to properly validate input from an authenticated user on a guest operating system. Successful exploitation allows for remote code execution on the host operating system.,Microsoft,Hyper-V RemoteFX
+CVE-2021-28310,7.8,0.00058,0.24632,Microsoft Windows Win32k contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Win32k
 CVE-2020-1350,10.0,0.94399,0.99262,"Microsoft Windows DNS Servers fail to properly handle requests, allowing an attacker to perform remote code execution in the context of the Local System Account. The vulnerability is also known under the moniker of SIGRed.",Microsoft,Windows
-CVE-2021-26411,8.8,0.03995,0.92235,Microsoft Internet Explorer contains an unspecified vulnerability that allows for memory corruption.,Microsoft,Internet Explorer
-CVE-2019-0859,7.8,0.00042,0.05115,Microsoft Win32k fails to properly handle objects in memory causing privilege escalation. Successful exploitation allows an attacker to run code in kernel mode.,Microsoft,Win32k
-CVE-2021-40444,8.8,0.97097,0.99822,Microsoft MSHTML contains a unspecified vulnerability that allows for remote code execution.,Microsoft,MSHTML
+CVE-2021-26411,8.8,0.03995,0.9224,Microsoft Internet Explorer contains an unspecified vulnerability that allows for memory corruption.,Microsoft,Internet Explorer
+CVE-2019-0859,7.8,0.00042,0.05116,Microsoft Win32k fails to properly handle objects in memory causing privilege escalation. Successful exploitation allows an attacker to run code in kernel mode.,Microsoft,Win32k
+CVE-2021-40444,8.8,0.97097,0.99821,Microsoft MSHTML contains a unspecified vulnerability that allows for remote code execution.,Microsoft,MSHTML
 CVE-2017-8759,7.8,0.97154,0.99842,Microsoft .NET Framework contains a remote code execution vulnerability when processing untrusted input that could allow an attacker to take control of an affected system.,Microsoft,.NET Framework
-CVE-2018-8653,7.5,0.01973,0.89063,"Microsoft Internet Explorer contains a memory corruption vulnerability due to how the Scripting Engine handles objects in memory, leading to remote code execution.",Microsoft,Internet Explorer
-CVE-2019-0797,7.8,0.00042,0.05115,Microsoft Win32k contains a privilege escalation vulnerability when the Win32k component fails to properly handle objects in memory. Successful exploitation allows an attacker to execute code in kernel mode.,Microsoft,Win32k
-CVE-2021-36942,7.5,0.81633,0.98448,Microsoft Windows Local Security Authority (LSA) contains a spoofing vulnerability allowing an unauthenticated attacker to call a method on the LSARPC interface and coerce the domain controller to authenticate against another server using NTLM.,Microsoft,Windows
-CVE-2019-1215,7.8,0.00043,0.10059,"Microsoft Windows contains an unspecified vulnerability due to the way ws2ifsl.sys (Winsock) handles objects in memory, allowing for privilege escalation. Successful exploitation allows an attacker to execute code with elevated privileges.",Microsoft,Windows
-CVE-2018-0798,8.8,0.88308,0.98764,Microsoft Office contains a memory corruption vulnerability due to the way objects are handled in memory. Successful exploitation allows for remote code execution in the context of the current user. This vulnerability is known to be chained with CVE-2018-0802.,Microsoft,Office
-CVE-2018-0802,7.8,0.96498,0.99632,Microsoft Office contains a memory corruption vulnerability due to the way objects are handled in memory. Successful exploitation allows for remote code execution in the context of the current user. This vulnerability is known to be chained with CVE-2018-0798.,Microsoft,Office
+CVE-2018-8653,7.5,0.01973,0.89068,"Microsoft Internet Explorer contains a memory corruption vulnerability due to how the Scripting Engine handles objects in memory, leading to remote code execution.",Microsoft,Internet Explorer
+CVE-2019-0797,7.8,0.00042,0.05116,Microsoft Win32k contains a privilege escalation vulnerability when the Win32k component fails to properly handle objects in memory. Successful exploitation allows an attacker to execute code in kernel mode.,Microsoft,Win32k
+CVE-2021-36942,7.5,0.81633,0.98449,Microsoft Windows Local Security Authority (LSA) contains a spoofing vulnerability allowing an unauthenticated attacker to call a method on the LSARPC interface and coerce the domain controller to authenticate against another server using NTLM.,Microsoft,Windows
+CVE-2019-1215,7.8,0.00043,0.10057,"Microsoft Windows contains an unspecified vulnerability due to the way ws2ifsl.sys (Winsock) handles objects in memory, allowing for privilege escalation. Successful exploitation allows an attacker to execute code with elevated privileges.",Microsoft,Windows
+CVE-2018-0798,8.8,0.88308,0.98765,Microsoft Office contains a memory corruption vulnerability due to the way objects are handled in memory. Successful exploitation allows for remote code execution in the context of the current user. This vulnerability is known to be chained with CVE-2018-0802.,Microsoft,Office
+CVE-2018-0802,7.8,0.96498,0.99633,Microsoft Office contains a memory corruption vulnerability due to the way objects are handled in memory. Successful exploitation allows for remote code execution in the context of the current user. This vulnerability is known to be chained with CVE-2018-0798.,Microsoft,Office
 CVE-2012-0158,8.8,0.97421,0.9995,"Microsoft MSCOMCTL.OCX contains an unspecified vulnerability that allows for remote code execution, allowing an attacker to take complete control of an affected system under the context of the current user.",Microsoft,MSCOMCTL.OCX
 CVE-2015-1641,7.8,0.89,0.98808,Microsoft Office contains a memory corruption vulnerability due to failure to properly handle rich text format files in memory. Successful exploitation allows for remote code execution in the context of the current user.,Microsoft,Office
-CVE-2021-27085,8.8,0.23101,0.96644,Microsoft Internet Explorer contains an unspecified vulnerability that allows for remote code execution.,Microsoft,Internet Explorer
+CVE-2021-27085,8.8,0.23101,0.96646,Microsoft Internet Explorer contains an unspecified vulnerability that allows for remote code execution.,Microsoft,Internet Explorer
 CVE-2019-0541,8.8,0.97334,0.99912,Microsoft MSHTML engine contains an improper input validation vulnerability that allows for remote code execution vulnerability.,Microsoft,MSHTML
 CVE-2017-11882,7.8,0.97437,0.99958,Microsoft Office contains a memory corruption vulnerability that allows remote code execution in the context of the current user.,Microsoft,Office
-CVE-2020-0674,7.5,0.97217,0.99861,Microsoft Internet Explorer contains a memory corruption vulnerability due to the way the Scripting Engine handles objects in memory. Successful exploitation could allow remote code execution in the context of the current user.,Microsoft,Internet Explorer
-CVE-2021-27059,7.6,0.29362,0.96985,Microsoft Office contains an unspecified vulnerability that allows for remote code execution.,Microsoft,Office
-CVE-2019-1367,7.5,0.87214,0.98702,Microsoft Internet Explorer contains a memory corruption vulnerability in how the scripting engine handles objects in memory. Successful exploitation allows for remote code execution in the context of the current user.,Microsoft,Internet Explorer
+CVE-2020-0674,7.5,0.97217,0.99862,Microsoft Internet Explorer contains a memory corruption vulnerability due to the way the Scripting Engine handles objects in memory. Successful exploitation could allow remote code execution in the context of the current user.,Microsoft,Internet Explorer
+CVE-2021-27059,7.6,0.29362,0.96987,Microsoft Office contains an unspecified vulnerability that allows for remote code execution.,Microsoft,Office
+CVE-2019-1367,7.5,0.87214,0.98703,Microsoft Internet Explorer contains a memory corruption vulnerability in how the scripting engine handles objects in memory. Successful exploitation allows for remote code execution in the context of the current user.,Microsoft,Internet Explorer
 CVE-2017-0199,7.8,0.97518,0.99992,Microsoft Office and WordPad contain an unspecified vulnerability due to the way the applications parse specially crafted files. Successful exploitation allows for remote code execution.,Microsoft,Office and WordPad
-CVE-2020-1380,7.8,0.25154,0.96778,Microsoft Internet Explorer contains a memory corruption vulnerability which can allow for remote code execution in the context of the current user.,Microsoft,Internet Explorer
+CVE-2020-1380,7.8,0.25154,0.96779,Microsoft Internet Explorer contains a memory corruption vulnerability which can allow for remote code execution in the context of the current user.,Microsoft,Internet Explorer
 CVE-2019-1429,7.5,0.96876,0.99742,Microsoft Internet Explorer contains a memory corruption vulnerability which can allow for remote code execution in the context of the current user.,Microsoft,Internet Explorer
-CVE-2017-11774,7.8,0.88567,0.98782,Microsoft Office Outlook contains a security feature bypass vulnerability due to improperly handling objects in memory. Successful exploitation allows an attacker to execute commands.,Microsoft,Office
-CVE-2020-0968,7.5,0.35858,0.97226,"Microsoft Internet Explorer contains a memory corruption vulnerability due to how the Scripting Engine handles objects in memory, leading to remote code execution.",Microsoft,Internet Explorer
-CVE-2020-1472,5.5,0.42199,0.97392,Microsoft's Netlogon Remote Protocol (MS-NRPC) contains a privilege escalation vulnerability when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller. An attacker who successfully exploits the vulnerability could run a specially crafted application on a device on the network. The vulnerability is also known under the moniker of Zerologon.,Microsoft,Netlogon
-CVE-2021-26855,9.1,0.97462,0.99967,Microsoft Exchange Server contains an unspecified vulnerability that allows for remote code execution. This vulnerability is part of the ProxyLogon exploit chain.,Microsoft,Exchange Server
-CVE-2021-26858,7.8,0.17445,0.96217,Microsoft Exchange Server contains an unspecified vulnerability that allows for remote code execution. This vulnerability is part of the ProxyLogon exploit chain.,Microsoft,Exchange Server
+CVE-2017-11774,7.8,0.88567,0.98783,Microsoft Office Outlook contains a security feature bypass vulnerability due to improperly handling objects in memory. Successful exploitation allows an attacker to execute commands.,Microsoft,Office
+CVE-2020-0968,7.5,0.35858,0.97229,"Microsoft Internet Explorer contains a memory corruption vulnerability due to how the Scripting Engine handles objects in memory, leading to remote code execution.",Microsoft,Internet Explorer
+CVE-2020-1472,5.5,0.42199,0.97394,Microsoft's Netlogon Remote Protocol (MS-NRPC) contains a privilege escalation vulnerability when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller. An attacker who successfully exploits the vulnerability could run a specially crafted application on a device on the network. The vulnerability is also known under the moniker of Zerologon.,Microsoft,Netlogon
+CVE-2021-26855,9.1,0.97462,0.99968,Microsoft Exchange Server contains an unspecified vulnerability that allows for remote code execution. This vulnerability is part of the ProxyLogon exploit chain.,Microsoft,Exchange Server
+CVE-2021-26858,7.8,0.17445,0.96219,Microsoft Exchange Server contains an unspecified vulnerability that allows for remote code execution. This vulnerability is part of the ProxyLogon exploit chain.,Microsoft,Exchange Server
 CVE-2021-27065,7.8,0.96804,0.99722,Microsoft Exchange Server contains an unspecified vulnerability that allows for remote code execution. This vulnerability is part of the ProxyLogon exploit chain.,Microsoft,Exchange Server
-CVE-2020-1054,7.8,0.01029,0.84171,Microsoft Win32k contains a privilege escalation vulnerability when the Windows kernel-mode driver fails to properly handle objects in memory. Successful exploitation allows an attacker to execute code in kernel mode.,Microsoft,Win32k
+CVE-2020-1054,7.8,0.01029,0.84177,Microsoft Win32k contains a privilege escalation vulnerability when the Windows kernel-mode driver fails to properly handle objects in memory. Successful exploitation allows an attacker to execute code in kernel mode.,Microsoft,Win32k
 CVE-2021-1675,7.8,0.9645,0.99619,Microsoft Windows Print Spooler contains an unspecified vulnerability that allows for remote code execution.,Microsoft,Windows
-CVE-2021-34448,6.8,0.95698,0.99474,Microsoft Windows Scripting Engine contains an unspecified vulnerability that allows for memory corruption.,Microsoft,Windows
-CVE-2020-0601,8.1,0.96964,0.99767,"Microsoft Windows CryptoAPI (Crypt32.dll) contains a spoofing vulnerability in the way it validates Elliptic Curve Cryptography (ECC) certificates. An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source. A successful exploit could also allow the attacker to conduct man-in-the-middle attacks and decrypt confidential information on user connections to the affected software. The vulnerability is also known under the moniker of CurveBall.",Microsoft,Windows
+CVE-2021-34448,6.8,0.95698,0.99475,Microsoft Windows Scripting Engine contains an unspecified vulnerability that allows for memory corruption.,Microsoft,Windows
+CVE-2020-0601,8.1,0.96964,0.99766,"Microsoft Windows CryptoAPI (Crypt32.dll) contains a spoofing vulnerability in the way it validates Elliptic Curve Cryptography (ECC) certificates. An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source. A successful exploit could also allow the attacker to conduct man-in-the-middle attacks and decrypt confidential information on user connections to the affected software. The vulnerability is also known under the moniker of CurveBall.",Microsoft,Windows
 CVE-2019-0604,9.8,0.97416,0.99949,Microsoft SharePoint fails to check the source markup of an application package. An attacker who successfully exploits the vulnerability could run remote code in the context of the SharePoint application pool and the SharePoint server farm account.,Microsoft,SharePoint
 CVE-2020-0646,9.8,0.97418,0.99949,Microsoft .NET Framework contains an improper input validation vulnerability that allows for remote code execution.,Microsoft,.NET Framework
-CVE-2019-0808,7.8,0.18038,0.96269,Microsoft Win32k contains a privilege escalation vulnerability due to the component failing to properly handle objects in memory. Successful exploitation allows an attacker to run code in kernel mode.,Microsoft,Win32k
-CVE-2021-26857,7.8,0.60407,0.97859,Microsoft Exchange Server contains an unspecified vulnerability that allows for remote code execution. This vulnerability is part of the ProxyLogon exploit chain.,Microsoft,Exchange Server
-CVE-2020-1147,7.8,0.86182,0.98642,"Microsoft .NET Framework, Microsoft SharePoint, and Visual Studio contain a remote code execution vulnerability when the software fails to check the source markup of XML file input. Successful exploitation allows an attacker to execute code in the context of the process responsible for deserialization of the XML content.",Microsoft,".NET Framework, SharePoint, Visual Studio"
-CVE-2019-1214,7.8,0.00098,0.41722,Microsoft Windows Common Log File System (CLFS) driver improperly handles objects in memory which can allow for privilege escalation.,Microsoft,Windows
-CVE-2016-3235,7.8,0.01295,0.86137,Microsoft Office Object Linking & Embedding (OLE) dynamic link library (DLL) contains a side loading vulnerability due to it improperly validating input before loading libraries. Successful exploitation allows for remote code execution.,Microsoft,Office
-CVE-2019-0863,7.8,0.00269,0.68349,"Microsoft Windows Error Reporting (WER) contains a privilege escalation vulnerability due to the way it handles files, allowing for code execution in kernel mode.",Microsoft,Windows
-CVE-2021-36955,7.8,0.00073,0.32425,Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows
+CVE-2019-0808,7.8,0.18038,0.96271,Microsoft Win32k contains a privilege escalation vulnerability due to the component failing to properly handle objects in memory. Successful exploitation allows an attacker to run code in kernel mode.,Microsoft,Win32k
+CVE-2021-26857,7.8,0.60407,0.9786,Microsoft Exchange Server contains an unspecified vulnerability that allows for remote code execution. This vulnerability is part of the ProxyLogon exploit chain.,Microsoft,Exchange Server
+CVE-2020-1147,7.8,0.86182,0.98643,"Microsoft .NET Framework, Microsoft SharePoint, and Visual Studio contain a remote code execution vulnerability when the software fails to check the source markup of XML file input. Successful exploitation allows an attacker to execute code in the context of the process responsible for deserialization of the XML content.",Microsoft,".NET Framework, SharePoint, Visual Studio"
+CVE-2019-1214,7.8,0.00098,0.41734,Microsoft Windows Common Log File System (CLFS) driver improperly handles objects in memory which can allow for privilege escalation.,Microsoft,Windows
+CVE-2016-3235,7.8,0.01295,0.86142,Microsoft Office Object Linking & Embedding (OLE) dynamic link library (DLL) contains a side loading vulnerability due to it improperly validating input before loading libraries. Successful exploitation allows for remote code execution.,Microsoft,Office
+CVE-2019-0863,7.8,0.00269,0.68354,"Microsoft Windows Error Reporting (WER) contains a privilege escalation vulnerability due to the way it handles files, allowing for code execution in kernel mode.",Microsoft,Windows
+CVE-2021-36955,7.8,0.00073,0.32433,Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows
 CVE-2021-38648,7.8,0.96455,0.9962,Microsoft Open Management Infrastructure (OMI) within Azure VM Management Extensions contains an unspecified vulnerability allowing privilege escalation.,Microsoft,Open Management Infrastructure (OMI)
-CVE-2020-6819,8.1,0.03374,0.91588,"Mozilla Firefox and Thunderbird contain a race condition vulnerability when running the nsDocShell destructor under certain conditions. The race condition creates a use-after-free vulnerability, causing unspecified impacts.",Mozilla,Firefox and Thunderbird
-CVE-2020-6820,8.1,0.00891,0.82968,"Mozilla Firefox and Thunderbird contain a race condition vulnerability when handling a ReadableStream under certain conditions. The race condition creates a use-after-free vulnerability, causing unspecified impacts.",Mozilla,Firefox and Thunderbird
-CVE-2019-17026,8.8,0.44826,0.97464,Mozilla Firefox and Thunderbird contain a type confusion vulnerability due to incorrect alias information in the IonMonkey JIT compiler when setting array elements.,Mozilla,Firefox and Thunderbird
-CVE-2019-15949,8.8,0.51563,0.97623,Nagios XI contains a remote code execution vulnerability in which a user can modify the check_plugin executable and insert malicious commands to execute as root.,Nagios,Nagios XI
+CVE-2020-6819,8.1,0.03374,0.91593,"Mozilla Firefox and Thunderbird contain a race condition vulnerability when running the nsDocShell destructor under certain conditions. The race condition creates a use-after-free vulnerability, causing unspecified impacts.",Mozilla,Firefox and Thunderbird
+CVE-2020-6820,8.1,0.00891,0.82974,"Mozilla Firefox and Thunderbird contain a race condition vulnerability when handling a ReadableStream under certain conditions. The race condition creates a use-after-free vulnerability, causing unspecified impacts.",Mozilla,Firefox and Thunderbird
+CVE-2019-17026,8.8,0.44826,0.97465,Mozilla Firefox and Thunderbird contain a type confusion vulnerability due to incorrect alias information in the IonMonkey JIT compiler when setting array elements.,Mozilla,Firefox and Thunderbird
+CVE-2019-15949,8.8,0.51563,0.97624,Nagios XI contains a remote code execution vulnerability in which a user can modify the check_plugin executable and insert malicious commands to execute as root.,Nagios,Nagios XI
 CVE-2020-26919,9.8,0.97211,0.99859,Netgear JGS516PE devices contain a missing function level access control vulnerability.,NETGEAR,JGS516PE Devices
-CVE-2019-19356,7.5,0.95969,0.9952,Netis WF2419 devices contains an unspecified vulnerability that allows an attacker to perform remote code execution as root through the router's web management page.,Netis,WF2419 Devices
+CVE-2019-19356,7.5,0.95969,0.99521,Netis WF2419 devices contains an unspecified vulnerability that allows an attacker to perform remote code execution as root through the router's web management page.,Netis,WF2419 Devices
 CVE-2020-2555,9.8,0.96975,0.99773,"Multiple Oracle products contain a remote code execution vulnerability that allows an unauthenticated attacker with network access via T3 or HTTP to takeover the affected system. Impacted Oracle products: Oracle Coherence in Fusion Middleware, Oracle Utilities Framework, Oracle Retail Assortment Planning, Oracle Commerce, Oracle Communications Diameter Signaling Router (DSR).",Oracle,Multiple Products
 CVE-2012-3152,9.1,0.97094,0.9982,Oracle Fusion Middleware Reports Developer contains an unspecified vulnerability that allows remote attackers to affect confidentiality and integrity of affected systems.,Oracle,Fusion Middleware
-CVE-2020-14871,10.0,0.86309,0.98651,"Oracle Solaris and Oracle ZFS Storage Appliance Kit contain an unspecified vulnerability causing high impacts to confidentiality, integrity, and availability of affected systems.",Oracle,Solaris and Zettabyte File System (ZFS)
+CVE-2020-14871,10.0,0.86309,0.98652,"Oracle Solaris and Oracle ZFS Storage Appliance Kit contain an unspecified vulnerability causing high impacts to confidentiality, integrity, and availability of affected systems.",Oracle,Solaris and Zettabyte File System (ZFS)
 CVE-2015-4852,9.8,0.96729,0.99701,"Oracle WebLogic Server contains a deserialization of untrusted data vulnerability within Apache Commons, which can allow for for remote code execution.",Oracle,WebLogic Server
 CVE-2020-14750,9.8,0.97531,0.99994,Oracle WebLogic Server contains an unspecified vulnerability allowing an unauthenticated attacker to perform remote code execution. This vulnerability is related to CVE-2020-14882.,Oracle,WebLogic Server
 CVE-2020-14882,9.8,0.97468,0.99971,"Oracle WebLogic Server contains an unspecified vulnerability, which is assessed to allow for remote code execution, based on this vulnerability being related to CVE-2020-14750.",Oracle,WebLogic Server
 CVE-2020-14883,7.2,0.97392,0.99935,"Oracle WebLogic Server contains an unspecified vulnerability in the Console component with high impacts to confidentilaity, integrity, and availability.",Oracle,WebLogic Server
-CVE-2020-8644,9.8,0.95803,0.99491,PlaySMS contains a server-side template injection vulnerability that allows for remote code execution.,PlaySMS,PlaySMS
+CVE-2020-8644,9.8,0.95803,0.99492,PlaySMS contains a server-side template injection vulnerability that allows for remote code execution.,PlaySMS,PlaySMS
 CVE-2019-18935,9.8,0.90557,0.98904,Progress Telerik UI for ASP.NET AJAX contains a deserialization of untrusted data vulnerability through RadAsyncUpload which leads to code execution on the server in the context of the w3wp.exe process.,Progress,Telerik UI for ASP.NET AJAX
-CVE-2021-22893,10.0,0.96131,0.99551,"Ivanti Pulse Connect Secure contains a use-after-free vulnerability that allow a remote, unauthenticated attacker to execute code via license services.",Ivanti,Pulse Connect Secure
-CVE-2020-8243,7.2,0.00486,0.76479,Ivanti Pulse Connect Secure contains an unspecified vulnerability in the admin web interface that could allow an authenticated attacker to upload a custom template to perform code execution.,Ivanti,Pulse Connect Secure
-CVE-2021-22900,7.2,0.00517,0.77188,Ivanti Pulse Connect Secure contains an unrestricted file upload vulnerability that allows an authenticated administrator to perform a file write via a maliciously crafted archive upload in the administrator web interface.,Ivanti,Pulse Connect Secure
-CVE-2021-22894,8.8,0.00562,0.78138,Ivanti Pulse Connect Secure Collaboration Suite contains a buffer overflow vulnerabilities that allows a remote authenticated users to execute code as the root user via maliciously crafted meeting room.,Ivanti,Pulse Connect Secure
-CVE-2020-8260,7.2,0.03534,0.91764,Pulse Connect Secure contains an unspecified vulnerability that allows an authenticated attacker to perform code execution using uncontrolled gzip extraction.,Ivanti,Pulse Connect Secure
-CVE-2021-22899,8.8,0.00287,0.69391,Ivanti Pulse Connect Secure contains a command injection vulnerability that allows remote authenticated users to perform remote code execution via Windows File Resource Profiles.,Ivanti,Pulse Connect Secure
-CVE-2019-11510,10.0,0.97309,0.99903,Ivanti Pulse Connect Secure contains an arbitrary file read vulnerability that allows an unauthenticated remote attacker with network access via HTTPS to send a specially crafted URI.,Ivanti,Pulse Connect Secure
+CVE-2021-22893,10.0,0.96131,0.99552,"Ivanti Pulse Connect Secure contains a use-after-free vulnerability that allow a remote, unauthenticated attacker to execute code via license services.",Ivanti,Pulse Connect Secure
+CVE-2020-8243,7.2,0.00486,0.76487,Ivanti Pulse Connect Secure contains an unspecified vulnerability in the admin web interface that could allow an authenticated attacker to upload a custom template to perform code execution.,Ivanti,Pulse Connect Secure
+CVE-2021-22900,7.2,0.00517,0.77199,Ivanti Pulse Connect Secure contains an unrestricted file upload vulnerability that allows an authenticated administrator to perform a file write via a maliciously crafted archive upload in the administrator web interface.,Ivanti,Pulse Connect Secure
+CVE-2021-22894,8.8,0.00562,0.78147,Ivanti Pulse Connect Secure Collaboration Suite contains a buffer overflow vulnerabilities that allows a remote authenticated users to execute code as the root user via maliciously crafted meeting room.,Ivanti,Pulse Connect Secure
+CVE-2020-8260,7.2,0.03534,0.91767,Pulse Connect Secure contains an unspecified vulnerability that allows an authenticated attacker to perform code execution using uncontrolled gzip extraction.,Ivanti,Pulse Connect Secure
+CVE-2021-22899,8.8,0.00287,0.69397,Ivanti Pulse Connect Secure contains a command injection vulnerability that allows remote authenticated users to perform remote code execution via Windows File Resource Profiles.,Ivanti,Pulse Connect Secure
+CVE-2019-11510,10.0,0.97309,0.99904,Ivanti Pulse Connect Secure contains an arbitrary file read vulnerability that allows an unauthenticated remote attacker with network access via HTTPS to send a specially crafted URI.,Ivanti,Pulse Connect Secure
 CVE-2019-11539,7.2,0.96869,0.99739,Ivanti Pulse Connect Secure and Policy Secure allows an authenticated attacker from the admin web interface to inject and execute commands.,Ivanti,Pulse Connect Secure and Pulse Policy Secure
-CVE-2021-1906,5.5,0.002,0.58307,Multiple Qualcomm chipsets contain a detection of error condition without action vulnerability when improper handling of address deregistration on failure can lead to new GPU address allocation failure.,Qualcomm,Multiple Chipsets
-CVE-2021-1905,7.8,0.00078,0.3412,Multiple Qualcomm Chipsets contain a use after free vulnerability due to improper handling of memory mapping of multiple processes simultaneously.,Qualcomm,Multiple Chipsets
-CVE-2020-10221,8.8,0.96688,0.99691,rConfig lib/ajaxHandlers/ajaxAddTemplate.php contains an OS command injection vulnerability that allows remote attackers to execute OS commands via shell metacharacters in the fileName POST parameter.,rConfig,rConfig
+CVE-2021-1906,5.5,0.002,0.58318,Multiple Qualcomm chipsets contain a detection of error condition without action vulnerability when improper handling of address deregistration on failure can lead to new GPU address allocation failure.,Qualcomm,Multiple Chipsets
+CVE-2021-1905,7.8,0.00078,0.34126,Multiple Qualcomm Chipsets contain a use after free vulnerability due to improper handling of memory mapping of multiple processes simultaneously.,Qualcomm,Multiple Chipsets
+CVE-2020-10221,8.8,0.96688,0.99692,rConfig lib/ajaxHandlers/ajaxAddTemplate.php contains an OS command injection vulnerability that allows remote attackers to execute OS commands via shell metacharacters in the fileName POST parameter.,rConfig,rConfig
 CVE-2021-35395,9.8,0.96735,0.99702,Realtek AP-Router SDK HTTP web server boa contains a buffer overflow vulnerability due to unsafe copies of some overly long parameters submitted in the form that lead to denial-of-service (DoS).,Realtek,AP-Router SDK
-CVE-2017-16651,7.8,0.01484,0.8712,"Roundcube Webmail contains a file disclosure vulnerability caused by insufficient input validation in conjunction with file-based attachment plugins, which are used by default.",Roundcube,Roundcube Webmail
+CVE-2017-16651,7.8,0.01484,0.87125,"Roundcube Webmail contains a file disclosure vulnerability caused by insufficient input validation in conjunction with file-based attachment plugins, which are used by default.",Roundcube,Roundcube Webmail
 CVE-2020-11652,6.5,0.97175,0.99849,SaltStack Salt contains a path traversal vulnerability in the salt-master process ClearFuncs which allows directory access to authenticated users. Salt users who follow fundamental internet security guidelines and best practices are not affected by this vulnerability.,SaltStack,Salt
 CVE-2020-11651,9.8,0.97478,0.99976,"SaltStack Salt contains an authentication bypass vulnerability in the salt-master process ClearFuncs due to improperly validating method calls. The vulnerability allows a remote user to access some methods without authentication, which can be used to retrieve user tokens from the salt master and/or run commands on salt minions. Salt users who follow fundamental internet security guidelines and best practices are not affected by this vulnerability.",SaltStack,Salt
-CVE-2020-16846,9.8,0.96905,0.99752,SaltStack Salt allows an unauthenticated user with network access to the Salt API to use shell injections to run code on the Salt API using the SSH client. This vulnerability affects any users running the Salt API.,SaltStack,Salt
-CVE-2018-2380,6.6,0.02333,0.89981,SAP Customer Relationship Management (CRM) contains a path traversal vulnerability that allows an attacker to exploit insufficient validation of path information provided by users.,SAP,Customer Relationship Management (CRM)
-CVE-2010-5326,10.0,0.16132,0.9608,"SAP NetWeaver Application Server Java Platforms Invoker Servlet does not require authentication, allowing for remote code execution via a HTTP or HTTPS request.",SAP,NetWeaver
+CVE-2020-16846,9.8,0.96905,0.99751,SaltStack Salt allows an unauthenticated user with network access to the Salt API to use shell injections to run code on the Salt API using the SSH client. This vulnerability affects any users running the Salt API.,SaltStack,Salt
+CVE-2018-2380,6.6,0.02333,0.89986,SAP Customer Relationship Management (CRM) contains a path traversal vulnerability that allows an attacker to exploit insufficient validation of path information provided by users.,SAP,Customer Relationship Management (CRM)
+CVE-2010-5326,10.0,0.16132,0.96081,"SAP NetWeaver Application Server Java Platforms Invoker Servlet does not require authentication, allowing for remote code execution via a HTTP or HTTPS request.",SAP,NetWeaver
 CVE-2016-9563,6.5,0.91883,0.98996,"SAP NetWeaver Application Server Java Platforms contains an unspecified vulnerability in BC-BMT-BPM-DSK which allows remote, authenticated users to conduct XML External Entity (XXE) attacks.",SAP,NetWeaver
 CVE-2020-6287,10.0,0.97488,0.99981,SAP NetWeaver Application Server Java Platforms contains a missing authentication for critical function vulnerability allowing unauthenticated access to execute configuration tasks and create administrative users.,SAP,NetWeaver
 CVE-2020-6207,9.8,0.97432,0.99956,SAP Solution Manager User Experience Monitoring contains a missing authentication for critical function vulnerability which results in complete compromise of all SMDAgents connected to the Solution Manager.,SAP,Solution Manager
 CVE-2016-3976,7.5,0.97405,0.99942,SAP NetWeaver Application Server Java Platforms contains a directory traversal vulnerability via a ..\ (dot dot backslash) in the fileName parameter to CrashFileDownloadServlet. This allows remote attackers to read files.,SAP,NetWeaver
-CVE-2019-16256,9.8,0.04417,0.9258,SIMalliance Toolbox Browser contains an command injection vulnerability that could allow remote attackers to retrieve location and IMEI information or execute a range of other attacks by modifying the attack message.,SIMalliance,Toolbox Browser
-CVE-2020-10148,9.8,0.97234,0.99868,SolarWinds Orion API contains an authentication bypass vulnerability that could allow a remote attacker to execute API commands.,SolarWinds,Orion
+CVE-2019-16256,9.8,0.04417,0.92584,SIMalliance Toolbox Browser contains an command injection vulnerability that could allow remote attackers to retrieve location and IMEI information or execute a range of other attacks by modifying the attack message.,SIMalliance,Toolbox Browser
+CVE-2020-10148,9.8,0.97234,0.99869,SolarWinds Orion API contains an authentication bypass vulnerability that could allow a remote attacker to execute API commands.,SolarWinds,Orion
 CVE-2021-35211,10.0,0.92739,0.99084,SolarWinds Serv-U contains an unspecified memory escape vulnerability which can allow for remote code execution.,SolarWinds,Serv-U
-CVE-2016-3643,7.8,0.00123,0.47491,SolarWinds Virtualization Manager allows for privilege escalation through leveraging a misconfiguration of sudo.,SolarWinds,Virtualization Manager
+CVE-2016-3643,7.8,0.00123,0.475,SolarWinds Virtualization Manager allows for privilege escalation through leveraging a misconfiguration of sudo.,SolarWinds,Virtualization Manager
 CVE-2020-10199,8.8,0.97342,0.99916,Sonatype Nexus Repository contains an unspecified vulnerability that allows for remote code execution.,Sonatype,Nexus Repository
-CVE-2021-20021,9.8,0.0101,0.84038,SonicWall Email Security contains an improper privilege management vulnerability that allows an attacker to create an administrative account by sending a crafted HTTP request to the remote host. This vulnerability has known usage in a SonicWall Email Security exploit chain along with CVE-2021-20022 and CVE-2021-20023 to achieve privilege escalation.,SonicWall,SonicWall Email Security
+CVE-2021-20021,9.8,0.0101,0.84043,SonicWall Email Security contains an improper privilege management vulnerability that allows an attacker to create an administrative account by sending a crafted HTTP request to the remote host. This vulnerability has known usage in a SonicWall Email Security exploit chain along with CVE-2021-20022 and CVE-2021-20023 to achieve privilege escalation.,SonicWall,SonicWall Email Security
 CVE-2019-7481,7.5,0.91058,0.98941,SonicWall SMA100 contains a SQL injection vulnerability allowing an unauthenticated user to gain read-only access to unauthorized resources.,SonicWall,SMA100
-CVE-2021-20022,7.2,0.00333,0.71662,SonicWall Email Security contains an unrestricted upload of file with dangerous type vulnerability that allows a post-authenticated attacker to upload a file to the remote host. This vulnerability has known usage in a SonicWall Email Security exploit chain along with CVE-2021-20021 and CVE-2021-20023 to achieve privilege escalation.,SonicWall,SonicWall Email Security
+CVE-2021-20022,7.2,0.00333,0.71668,SonicWall Email Security contains an unrestricted upload of file with dangerous type vulnerability that allows a post-authenticated attacker to upload a file to the remote host. This vulnerability has known usage in a SonicWall Email Security exploit chain along with CVE-2021-20021 and CVE-2021-20023 to achieve privilege escalation.,SonicWall,SonicWall Email Security
 CVE-2021-20023,4.9,0.9256,0.99065,SonicWall Email Security contains a path traversal vulnerability that allows a post-authenticated attacker to read files on the remote host. This vulnerability has known usage in a SonicWall Email Security exploit chain along with CVE-2021-20021 and CVE-2021-20022 to achieve privilege escalation.,SonicWall,SonicWall Email Security
-CVE-2021-20016,9.8,0.02628,0.90559,SonicWall SSLVPN SMA100 contains a SQL injection vulnerability that allows remote exploitation for credential access by an unauthenticated attacker.,SonicWall,SSLVPN SMA100
-CVE-2020-12271,9.8,0.01204,0.85552,"Sophos Firewall operating system (SFOS) firmware contains a SQL injection vulnerability when configured with either the administration (HTTPS) service or the User Portal is exposed on the WAN zone. Successful exploitation may cause remote code execution to exfiltrate usernames and hashed passwords for the local device admin(s), portal admins, and user accounts used for remote access (but not external Active Directory or LDAP passwords).",Sophos,SFOS
-CVE-2020-10181,9.8,0.45988,0.97505,Sumavision Enhanced Multimedia Router (EMR) contains a cross-site request forgery (CSRF) vulnerability allowing the creation of users with elevated privileges as administrator on a device.,Sumavision,Enhanced Multimedia Router (EMR)
-CVE-2017-6327,8.8,0.17533,0.96223,"Symantec Messaging Gateway contains an unspecified vulnerability which can allow for remote code execution. With the ability to perform remote code execution, an attacker may also desire to perform privilege escalating actions.",Symantec,Symantec Messaging Gateway
-CVE-2019-18988,7.0,0.00358,0.72603,"TeamViewer Desktop allows for bypass of remote-login access control because the same AES key is used for different customers' installations. If an attacker were to know this key, they could decrypt protected information stored in registry or configuration files or decryption of the Unattended Access password to the system (which allows for remote login to the system).",TeamViewer,Desktop
-CVE-2017-9248,9.8,0.24982,0.96768,"Progress Telerik UI for ASP.NET AJAX and Sitefinity have a cryptographic weakness in Telerik.Web.UI.dll that can be exploited to disclose encryption keys (Telerik.Web.UI.DialogParametersEncryptionKey and/or the MachineKey), perform cross-site-scripting (XSS) attacks, compromise the ASP.NET ViewState, and/or upload and download files.",Progress,ASP.NET AJAX and Sitefinity
+CVE-2021-20016,9.8,0.02628,0.90565,SonicWall SSLVPN SMA100 contains a SQL injection vulnerability that allows remote exploitation for credential access by an unauthenticated attacker.,SonicWall,SSLVPN SMA100
+CVE-2020-12271,9.8,0.01204,0.85558,"Sophos Firewall operating system (SFOS) firmware contains a SQL injection vulnerability when configured with either the administration (HTTPS) service or the User Portal is exposed on the WAN zone. Successful exploitation may cause remote code execution to exfiltrate usernames and hashed passwords for the local device admin(s), portal admins, and user accounts used for remote access (but not external Active Directory or LDAP passwords).",Sophos,SFOS
+CVE-2020-10181,9.8,0.45988,0.97507,Sumavision Enhanced Multimedia Router (EMR) contains a cross-site request forgery (CSRF) vulnerability allowing the creation of users with elevated privileges as administrator on a device.,Sumavision,Enhanced Multimedia Router (EMR)
+CVE-2017-6327,8.8,0.17533,0.96225,"Symantec Messaging Gateway contains an unspecified vulnerability which can allow for remote code execution. With the ability to perform remote code execution, an attacker may also desire to perform privilege escalating actions.",Symantec,Symantec Messaging Gateway
+CVE-2019-18988,7.0,0.00358,0.7261,"TeamViewer Desktop allows for bypass of remote-login access control because the same AES key is used for different customers' installations. If an attacker were to know this key, they could decrypt protected information stored in registry or configuration files or decryption of the Unattended Access password to the system (which allows for remote login to the system).",TeamViewer,Desktop
+CVE-2017-9248,9.8,0.24982,0.96771,"Progress Telerik UI for ASP.NET AJAX and Sitefinity have a cryptographic weakness in Telerik.Web.UI.dll that can be exploited to disclose encryption keys (Telerik.Web.UI.DialogParametersEncryptionKey and/or the MachineKey), perform cross-site-scripting (XSS) attacks, compromise the ASP.NET ViewState, and/or upload and download files.",Progress,ASP.NET AJAX and Sitefinity
 CVE-2021-31755,9.8,0.97175,0.99848,Tenda AC11 devices contain a stack buffer overflow vulnerability in /goform/setmac which allows attackers to execute code via a crafted post request.,Tenda,AC11 Router
 CVE-2020-10987,9.8,0.96377,0.99602,Tenda AC1900 Router AC15 Model contains an unspecified vulnerability that allows remote attackers to execute system commands via the deviceName POST parameter.,Tenda,AC1900 Router AC15 Model
 CVE-2018-14558,9.8,0.93619,0.99174,"Tenda AC7, AC9, and AC10 devices contain a command injection vulnerability due to  the ""formsetUsbUnload"" function executes a dosystemCmd function with untrusted input. Successful exploitation allows an attacker to execute OS commands via a crafted goform/setUsbUnload request.",Tenda,"AC7, AC9, and AC10 Routers"
-CVE-2018-20062,9.8,0.96918,0.99756,"ThinkPHP ""noneCms"" contains an unspecified vulnerability that allows for remote code execution through crafted use of the filter parameter.",ThinkPHP,noneCms
+CVE-2018-20062,9.8,0.96918,0.99755,"ThinkPHP ""noneCms"" contains an unspecified vulnerability that allows for remote code execution through crafted use of the filter parameter.",ThinkPHP,noneCms
 CVE-2019-9082,8.8,0.97453,0.99964,ThinkPHP contains an unspecified vulnerability that allows for remote code execution via public//?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]= followed by the command.,ThinkPHP,ThinkPHP
-CVE-2019-18187,7.5,0.11307,0.9533,"Trend Micro OfficeScan contains a directory traversal vulnerability by extracting files from a zip file to a specific folder on the OfficeScan server, leading to remote code execution.",Trend Micro,OfficeScan
-CVE-2020-8467,8.8,0.02721,0.90722,Trend Micro Apex One and OfficeScan contain an unspecified vulnerability within a migration tool component that allows for remote code execution.,Trend Micro,Apex One and OfficeScan
-CVE-2020-8468,8.8,0.00452,0.75652,"Trend Micro Apex One, OfficeScan, and Worry-Free Business Security agents contain a content validation escape vulnerability that could allow an attacker to manipulate certain agent client components.",Trend Micro,"Apex One, OfficeScan and Worry-Free Business Security Agents"
-CVE-2020-24557,7.8,0.00088,0.38327,"Trend Micro Apex One, OfficeScan, and Worry-Free Business Security on Microsoft Windows contain an improper access control vulnerability that may allow an attacker to manipulate a particular product folder to disable the security temporarily, abuse a specific Windows function, and attain privilege escalation.",Trend Micro,"Apex One, OfficeScan, and Worry-Free Business Security"
-CVE-2020-8599,9.8,0.17464,0.96218,Trend Micro Apex One and OfficeScan server contain a vulnerable EXE file that could allow a remote attacker to write data to a path on affected installations and bypass root login.,Trend Micro,Apex One and OfficeScan
-CVE-2021-36742,7.8,0.00137,0.49977,"Trend Micro Apex One, Apex One as a Service, and Worry-Free Business Security contain an improper input validation vulnerability that allows for privilege escalation.",Trend Micro,"Apex One, Apex One as a Service, and Worry-Free Business Security"
-CVE-2021-36741,8.8,0.14894,0.95911,"Trend Micro Apex One, Apex One as a Service, and Worry-Free Business Security contain an improper input validation vulnerability that allows a remote attacker to upload files.",Trend Micro,"Apex One, Apex One as a Service, and Worry-Free Business Security"
-CVE-2019-20085,7.5,0.67056,0.98004,TVT devices utilizing NVMS-1000 software contain a directory traversal vulnerability via GET /.. requests.,TVT,NVMS-1000
-CVE-2020-5849,7.5,0.97094,0.9982,Unraid contains an authentication bypass vulnerability that allows attackers to gain access to the administrative interface. This CVE is chainable with CVE-2020-5847 for remote code execution.,Unraid,Unraid
+CVE-2019-18187,7.5,0.11307,0.95331,"Trend Micro OfficeScan contains a directory traversal vulnerability by extracting files from a zip file to a specific folder on the OfficeScan server, leading to remote code execution.",Trend Micro,OfficeScan
+CVE-2020-8467,8.8,0.02721,0.90728,Trend Micro Apex One and OfficeScan contain an unspecified vulnerability within a migration tool component that allows for remote code execution.,Trend Micro,Apex One and OfficeScan
+CVE-2020-8468,8.8,0.00452,0.7566,"Trend Micro Apex One, OfficeScan, and Worry-Free Business Security agents contain a content validation escape vulnerability that could allow an attacker to manipulate certain agent client components.",Trend Micro,"Apex One, OfficeScan and Worry-Free Business Security Agents"
+CVE-2020-24557,7.8,0.00088,0.38334,"Trend Micro Apex One, OfficeScan, and Worry-Free Business Security on Microsoft Windows contain an improper access control vulnerability that may allow an attacker to manipulate a particular product folder to disable the security temporarily, abuse a specific Windows function, and attain privilege escalation.",Trend Micro,"Apex One, OfficeScan, and Worry-Free Business Security"
+CVE-2020-8599,9.8,0.17464,0.9622,Trend Micro Apex One and OfficeScan server contain a vulnerable EXE file that could allow a remote attacker to write data to a path on affected installations and bypass root login.,Trend Micro,Apex One and OfficeScan
+CVE-2021-36742,7.8,0.00137,0.49986,"Trend Micro Apex One, Apex One as a Service, and Worry-Free Business Security contain an improper input validation vulnerability that allows for privilege escalation.",Trend Micro,"Apex One, Apex One as a Service, and Worry-Free Business Security"
+CVE-2021-36741,8.8,0.14894,0.95913,"Trend Micro Apex One, Apex One as a Service, and Worry-Free Business Security contain an improper input validation vulnerability that allows a remote attacker to upload files.",Trend Micro,"Apex One, Apex One as a Service, and Worry-Free Business Security"
+CVE-2019-20085,7.5,0.67056,0.98005,TVT devices utilizing NVMS-1000 software contain a directory traversal vulnerability via GET /.. requests.,TVT,NVMS-1000
+CVE-2020-5849,7.5,0.97094,0.99819,Unraid contains an authentication bypass vulnerability that allows attackers to gain access to the administrative interface. This CVE is chainable with CVE-2020-5847 for remote code execution.,Unraid,Unraid
 CVE-2020-5847,9.8,0.97071,0.99804,Unraid contains a vulnerability due to the insecure use of the extract PHP function that can be abused to execute remote code as root. This CVE is chainable with CVE-2020-5849 for initial access.,Unraid,Unraid
 CVE-2019-16759,9.8,0.97507,0.99988,The PHP module within vBulletin contains an unspecified vulnerability that allows for remote code execution via the widgetConfig[code] parameter in an ajax/render/widget_php routestring request.,vBulletin,vBulletin
-CVE-2020-17496,9.8,0.97471,0.99973,The PHP module within vBulletin contains an unspecified vulnerability that allows for remote code execution via crafted subWidgets data in an ajax/render/widget_tabbedcontainer_tab_panel request. This CVE ID resolves an incomplete patch for CVE-2019-16759.,vBulletin,vBulletin
-CVE-2019-5544,9.8,0.02887,0.9097,VMware ESXi and Horizon Desktop as a Service (DaaS) OpenSLP contains a heap-based buffer overflow vulnerability that allows an attacker with network access to port 427 to overwrite the heap of the OpenSLP service to perform remote code execution.,VMware,VMware ESXi and Horizon DaaS
-CVE-2020-3992,9.8,0.3661,0.9725,VMware ESXi OpenSLP contains a use-after-free vulnerability that allows an attacker residing in the management network with access to port 427 to perform remote code execution.,VMware,ESXi
-CVE-2020-3950,7.8,0.00438,0.75278,"VMware Fusion, Remote Console (VMRC) for Mac, and Horizon Client for Mac contain a privilege escalation vulnerability due to improper use of setuid binaries that allows attackers to escalate privileges to root.",VMware,Multiple Products
+CVE-2020-17496,9.8,0.97471,0.99974,The PHP module within vBulletin contains an unspecified vulnerability that allows for remote code execution via crafted subWidgets data in an ajax/render/widget_tabbedcontainer_tab_panel request. This CVE ID resolves an incomplete patch for CVE-2019-16759.,vBulletin,vBulletin
+CVE-2019-5544,9.8,0.02887,0.90974,VMware ESXi and Horizon Desktop as a Service (DaaS) OpenSLP contains a heap-based buffer overflow vulnerability that allows an attacker with network access to port 427 to overwrite the heap of the OpenSLP service to perform remote code execution.,VMware,VMware ESXi and Horizon DaaS
+CVE-2020-3992,9.8,0.3661,0.97252,VMware ESXi OpenSLP contains a use-after-free vulnerability that allows an attacker residing in the management network with access to port 427 to perform remote code execution.,VMware,ESXi
+CVE-2020-3950,7.8,0.00438,0.75284,"VMware Fusion, Remote Console (VMRC) for Mac, and Horizon Client for Mac contain a privilege escalation vulnerability due to improper use of setuid binaries that allows attackers to escalate privileges to root.",VMware,Multiple Products
 CVE-2021-22005,9.8,0.97316,0.99907,VMware vCenter Server contains a file upload vulnerability in the Analytics service that allows a user with network access to port 443 to execute code.,VMware,vCenter Server
-CVE-2020-3952,9.8,0.71143,0.98118,VMware vCenter Server contains an information disclosure vulnerability in the VMware Directory Service (vmdir) when the Platform Services Controller (PSC) does not correctly implement access controls. Successful exploitation allows an attacker with network access to port 389 to extract sensitive information.,VMware,vCenter Server
-CVE-2021-21972,9.8,0.97359,0.99924,VMware vCenter Server vSphere Client contains a remote code execution vulnerability in a vCenter Server plugin which allows an attacker with network access to port 443 to execute commands with unrestricted privileges on the underlying operating system.,VMware,vCenter Server
+CVE-2020-3952,9.8,0.71143,0.98119,VMware vCenter Server contains an information disclosure vulnerability in the VMware Directory Service (vmdir) when the Platform Services Controller (PSC) does not correctly implement access controls. Successful exploitation allows an attacker with network access to port 389 to extract sensitive information.,VMware,vCenter Server
+CVE-2021-21972,9.8,0.97359,0.99923,VMware vCenter Server vSphere Client contains a remote code execution vulnerability in a vCenter Server plugin which allows an attacker with network access to port 443 to execute commands with unrestricted privileges on the underlying operating system.,VMware,vCenter Server
 CVE-2021-21985,9.8,0.97435,0.99957,"VMware vSphere Client contains an improper input validation vulnerability in the Virtual SAN Health Check plug-in, which is enabled by default in vCenter Server, which allows for remote code execution.",VMware,vCenter Server
-CVE-2020-4006,9.1,0.47822,0.9754,"VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector contain a command injection vulnerability. An attacker with network access to the administrative configurator on port 8443 and a valid password for the configurator administrator account can execute commands with unrestricted privileges on the underlying operating system.",VMware,Multiple Products
-CVE-2020-25213,9.8,0.97464,0.99969,WordPress File Manager plugin contains a remote code execution vulnerability that allows unauthenticated users to execute PHP code and upload malicious files on a target site.,WordPress,File Manager Plugin
+CVE-2020-4006,9.1,0.47822,0.97542,"VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector contain a command injection vulnerability. An attacker with network access to the administrative configurator on port 8443 and a valid password for the configurator administrator account can execute commands with unrestricted privileges on the underlying operating system.",VMware,Multiple Products
+CVE-2020-25213,9.8,0.97464,0.9997,WordPress File Manager plugin contains a remote code execution vulnerability that allows unauthenticated users to execute PHP code and upload malicious files on a target site.,WordPress,File Manager Plugin
 CVE-2020-11738,7.5,0.97426,0.99953,WordPress Snap Creek Duplicator plugin contains a file download vulnerability when an administrator creates a new copy of their site that allows an attacker to download the generated files from their Wordpress dashboard. This vulnerability affects Duplicator and Dulplicator Pro.,WordPress,Snap Creek Duplicator Plugin
 CVE-2019-9978,6.1,0.96566,0.99659,WordPress Social Warfare plugin contains a cross-site scripting (XSS) vulnerability that allows for remote code execution. This vulnerability affects Social Warfare and Social Warfare Pro.,WordPress,Social Warfare Plugin
 CVE-2021-27561,9.8,0.97469,0.99972,Yealink Device Management contains a server-side request forgery (SSRF) vulnerability that allows for unauthenticated remote code execution.,Yealink,Device Management
@@ -287,884 +287,884 @@ CVE-2020-10189,9.8,0.97303,0.99901,Zoho ManageEngine Desktop Central contains a
 CVE-2019-8394,6.5,0.96752,0.99708,Zoho ManageEngine ServiceDesk Plus (SDP) contains an unspecified vulnerability that allows remote users to upload files via login page customization.,Zoho,ManageEngine
 CVE-2020-29583,9.8,0.96319,0.99587,"Zyxel firewalls (ATP, USG, VM) and AP Controllers (NXC2500 and NXC5500) contain a use of hard-coded credentials vulnerability in an undocumented account (""zyfwp"") with an unchangeable password.",Zyxel,Multiple Products
 CVE-2021-22204,7.8,0.96681,0.9969,Improper neutralization of user data in the DjVu file format in Exiftool versions 7.44 and up allows arbitrary code execution when parsing the malicious image,Perl,Exiftool
-CVE-2021-40449,7.8,0.00214,0.59906,Unspecified vulnerability allows for an authenticated user to escalate privileges.,Microsoft,Windows
-CVE-2021-42321,8.8,0.9654,0.99649,An authenticated attacker could leverage improper validation in cmdlet arguments within Microsoft Exchange and perform remote code execution.,Microsoft,Exchange
-CVE-2021-42292,7.8,0.08806,0.94664,A security feature bypass vulnerability in Microsoft Excel would allow a local user to perform arbitrary code execution.,Microsoft,Office
-CVE-2020-11261,7.8,0.00167,0.54175,"Memory corruption due to improper check to return error when user application requests memory allocation of a huge size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables",Qualcomm,"Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables"
+CVE-2021-40449,7.8,0.00214,0.59917,Unspecified vulnerability allows for an authenticated user to escalate privileges.,Microsoft,Windows
+CVE-2021-42321,8.8,0.9654,0.9965,An authenticated attacker could leverage improper validation in cmdlet arguments within Microsoft Exchange and perform remote code execution.,Microsoft,Exchange
+CVE-2021-42292,7.8,0.08806,0.94666,A security feature bypass vulnerability in Microsoft Excel would allow a local user to perform arbitrary code execution.,Microsoft,Office
+CVE-2020-11261,7.8,0.00167,0.54181,"Memory corruption due to improper check to return error when user application requests memory allocation of a huge size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables",Qualcomm,"Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables"
 CVE-2018-14847,9.1,0.9746,0.99967,MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.,MikroTik,RouterOS
-CVE-2021-37415,9.8,0.93145,0.99127,Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable to authentication bypass that allows a few REST-API URLs without authentication,Zoho,ManageEngine ServiceDesk Plus (SDP)
+CVE-2021-37415,9.8,0.93145,0.99128,Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable to authentication bypass that allows a few REST-API URLs without authentication,Zoho,ManageEngine ServiceDesk Plus (SDP)
 CVE-2021-40438,9.0,0.9678,0.99715,A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.,Apache,Apache
 CVE-2021-44077,9.8,0.97404,0.99942,"Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulnerable to unauthenticated remote code execution",Zoho,ManageEngine ServiceDesk Plus (SDP) / SupportCenter Plus
 CVE-2021-44515,9.8,0.97409,0.99944,Zoho Desktop Central contains an authentication bypass vulnerability that could allow an attacker to execute arbitrary code in the Desktop Central MSP server.,Zoho,Desktop Central
-CVE-2019-13272,7.8,0.00271,0.68447,Kernel/ptrace.c in Linux kernel mishandles contains an improper privilege management vulnerability that allows local users to obtain root access.,Linux,Kernel
+CVE-2019-13272,7.8,0.00271,0.68453,Kernel/ptrace.c in Linux kernel mishandles contains an improper privilege management vulnerability that allows local users to obtain root access.,Linux,Kernel
 CVE-2021-35394,9.8,0.96648,0.99678,RealTek Jungle SDK contains multiple memory corruption vulnerabilities which can allow an attacker to perform remote code execution.,Realtek,Jungle Software Development Kit (SDK)
-CVE-2019-7238,9.8,0.97364,0.99925,Sonatype Nexus Repository Manager before 3.15.0 has an incorrect access control vulnerability. Exploitation allows for remote code execution.,Sonatype,Nexus Repository Manager
-CVE-2019-0193,7.2,0.93505,0.99166,The optional Apache Solr module DataImportHandler contains a code injection vulnerability.,Apache,Solr
-CVE-2021-44168,7.8,0.00146,0.51353,"Fortinet FortiOS ""execute restore src-vis"" downloads code without integrity checking, allowing an attacker to arbitrarily download files.",Fortinet,FortiOS
+CVE-2019-7238,9.8,0.97364,0.99924,Sonatype Nexus Repository Manager before 3.15.0 has an incorrect access control vulnerability. Exploitation allows for remote code execution.,Sonatype,Nexus Repository Manager
+CVE-2019-0193,7.2,0.93505,0.99167,The optional Apache Solr module DataImportHandler contains a code injection vulnerability.,Apache,Solr
+CVE-2021-44168,7.8,0.00146,0.51363,"Fortinet FortiOS ""execute restore src-vis"" downloads code without integrity checking, allowing an attacker to arbitrarily download files.",Fortinet,FortiOS
 CVE-2017-17562,8.1,0.97431,0.99956,Embedthis GoAhead before 3.6.5 allows remote code execution if CGI is enabled and a CGI program is dynamically linked.,Embedthis,GoAhead
 CVE-2017-12149,9.8,0.9381,0.99195,"The JBoss Application Server, shipped with Red Hat Enterprise Application Platform 5.2, allows an attacker to execute arbitrary code via crafted serialized data.",Red Hat,JBoss Application Server
-CVE-2010-1871,8.8,0.9597,0.9952,"JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, allows attackers to perform remote code execution. This vulnerability can only be exploited when the Java Security Manager is not properly configured.",Red Hat,JBoss Seam 2
+CVE-2010-1871,8.8,0.9597,0.99521,"JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, allows attackers to perform remote code execution. This vulnerability can only be exploited when the Java Security Manager is not properly configured.",Red Hat,JBoss Seam 2
 CVE-2020-17463,9.8,0.94297,0.9925,"FUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or /navigation/items.",Fuel CMS,Fuel CMS
-CVE-2020-8816,7.2,0.95353,0.99417,Pi-hole Web v4.3.2 (aka AdminLTE) allows Remote Code Execution by privileged dashboard users via a crafted DHCP static lease.,Pi-hole,AdminLTE
-CVE-2019-10758,9.9,0.97448,0.99961,mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method.,MongoDB,mongo-express
+CVE-2020-8816,7.2,0.95353,0.99418,Pi-hole Web v4.3.2 (aka AdminLTE) allows Remote Code Execution by privileged dashboard users via a crafted DHCP static lease.,Pi-hole,AdminLTE
+CVE-2019-10758,9.9,0.97448,0.99962,mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method.,MongoDB,mongo-express
 CVE-2021-44228,10.0,0.96694,0.99693,"Apache Log4j2 contains a vulnerability where JNDI features do not protect against attacker-controlled JNDI-related endpoints, allowing for remote code execution.",Apache,Log4j2
-CVE-2021-43890,7.1,0.13154,0.95653,"Microsoft Windows AppX Installer contains a spoofing vulnerability which has a high impacts to confidentiality, integrity, and availability.",Microsoft,Windows
-CVE-2021-4102,8.8,0.02927,0.91016,"Google Chromium V8 Engine contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
-CVE-2021-22017,5.3,0.06208,0.9373,Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization.,VMware,vCenter Server
+CVE-2021-43890,7.1,0.13154,0.95654,"Microsoft Windows AppX Installer contains a spoofing vulnerability which has a high impacts to confidentiality, integrity, and availability.",Microsoft,Windows
+CVE-2021-4102,8.8,0.02927,0.91019,"Google Chromium V8 Engine contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
+CVE-2021-22017,5.3,0.06208,0.93733,Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization.,VMware,vCenter Server
 CVE-2021-36260,9.8,0.97477,0.99976,A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation.,Hikvision,Security cameras web server
-CVE-2020-6572,8.8,0.0051,0.77012,Google Chrome Media contains a use-after-free vulnerability that allows a remote attacker to execute code via a crafted HTML page.,Google,Chrome Media
-CVE-2019-1458,7.8,0.97121,0.99832,"A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k EoP.",Microsoft,Win32k
-CVE-2013-3900,,0.73512,0.98184,A remote code execution vulnerability exists in the way that the WinVerifyTrust function handles Windows Authenticode signature verification for PE files.,Microsoft,WinVerifyTrust function
+CVE-2020-6572,8.8,0.0051,0.77023,Google Chrome Media contains a use-after-free vulnerability that allows a remote attacker to execute code via a crafted HTML page.,Google,Chrome Media
+CVE-2019-1458,7.8,0.97121,0.99831,"A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k EoP.",Microsoft,Win32k
+CVE-2013-3900,,0.73512,0.98185,A remote code execution vulnerability exists in the way that the WinVerifyTrust function handles Windows Authenticode signature verification for PE files.,Microsoft,WinVerifyTrust function
 CVE-2019-2725,9.8,0.97559,1.0,Injection vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services).,Oracle,WebLogic Server
 CVE-2019-9670,9.8,0.97489,0.99982,Improper Restriction of XML External Entity Reference vulnerability affecting Synacor Zimbra Collaboration (ZCS).,Synacor,Zimbra Collaboration (ZCS)
-CVE-2018-13382,7.5,0.66616,0.97996,An Improper Authorization vulnerability in Fortinet FortiOS and FortiProxy under SSL VPN web portal allows an unauthenticated attacker to modify the password.,Fortinet,FortiOS and FortiProxy
-CVE-2018-13383,6.5,0.00817,0.82213,A heap buffer overflow in Fortinet FortiOS and FortiProxy may cause the SSL VPN web service termination for logged in users.,Fortinet,FortiOS and FortiProxy
+CVE-2018-13382,7.5,0.66616,0.97997,An Improper Authorization vulnerability in Fortinet FortiOS and FortiProxy under SSL VPN web portal allows an unauthenticated attacker to modify the password.,Fortinet,FortiOS and FortiProxy
+CVE-2018-13383,6.5,0.00817,0.8222,A heap buffer overflow in Fortinet FortiOS and FortiProxy may cause the SSL VPN web service termination for logged in users.,Fortinet,FortiOS and FortiProxy
 CVE-2019-1579,8.1,0.96768,0.99713,Remote Code Execution in PAN-OS with GlobalProtect Portal or GlobalProtect Gateway Interface enabled.,Palo Alto Networks,PAN-OS
 CVE-2019-10149,9.8,0.9741,0.99946,Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.,Exim,Mail Transfer Agent (MTA)
 CVE-2015-7450,9.8,0.97021,0.99788,"Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and social products allow remote attackers to execute arbitrary commands",IBM,WebSphere Application Server and Server Hypervisor Edition
 CVE-2017-1000486,9.8,0.97013,0.99784,Primetek Primefaces is vulnerable to a weak encryption flaw resulting in remote code execution,Primetek,Primefaces Application
 CVE-2019-7609,10.0,0.97271,0.99885,Kibana contain an arbitrary code execution flaw in the Timelion visualizer.,Elastic,Kibana
-CVE-2021-27860,8.8,0.28518,0.9694,"A vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software allows a remote, unauthenticated attacker to upload a file to any location on the filesystem.",FatPipe,"WARP, IPVPN, and MPVPN software"
-CVE-2021-32648,9.1,0.02231,0.89754,In affected versions of the october/system package an attacker can request an account password reset and then gain access to the account using a specially crafted request.,October CMS,October CMS
+CVE-2021-27860,8.8,0.28518,0.96941,"A vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software allows a remote, unauthenticated attacker to upload a file to any location on the filesystem.",FatPipe,"WARP, IPVPN, and MPVPN software"
+CVE-2021-32648,9.1,0.02231,0.89758,In affected versions of the october/system package an attacker can request an account password reset and then gain access to the account using a specially crafted request.,October CMS,October CMS
 CVE-2021-25296,8.8,0.96474,0.99626,Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios XI server.,Nagios,Nagios XI
 CVE-2021-25297,8.8,0.96474,0.99626,Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios XI server.,Nagios,Nagios XI
 CVE-2021-25298,8.8,0.96474,0.99626,Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios XI server.,Nagios,Nagios XI
 CVE-2021-40870,9.8,0.93336,0.99149,"Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal.",Aviatrix,Aviatrix Controller
-CVE-2021-33766,7.3,0.34749,0.97192,Microsoft Exchange Server contains an information disclosure vulnerability which can allow an unauthenticated attacker to steal email traffic from target.,Microsoft,Exchange Server
+CVE-2021-33766,7.3,0.34749,0.97194,Microsoft Exchange Server contains an information disclosure vulnerability which can allow an unauthenticated attacker to steal email traffic from target.,Microsoft,Exchange Server
 CVE-2021-21975,7.5,0.97338,0.99914,Server Side Request Forgery (SSRF) in vRealize Operations Manager API prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API to perform a SSRF attack to steal administrative credentials.,VMware,vRealize Operations Manager API
 CVE-2021-21315,7.8,0.97126,0.99836,"In this vulnerability, an attacker can send a malicious payload that will exploit the name parameter. After successful exploitation, attackers can execute remote.",Npm package,System Information Library for Node.JS
-CVE-2021-22991,9.8,0.80377,0.98383,"The Traffic Management Microkernel of BIG-IP ASM Risk Engine has a buffer overflow vulnerability, leading to a bypassing of URL-based access controls.",F5,BIG-IP Traffic Management Microkernel
-CVE-2020-14864,7.5,0.57376,0.97769,"Path traversal vulnerability, where an attacker can target the preview FilePath parameter of the getPreviewImage function to get access to arbitrary system file.",Oracle,Intelligence Enterprise Edition
-CVE-2020-13671,8.8,0.01617,0.87775,Improper sanitization in the extension file names is present in Drupal core.,Drupal,Drupal core
+CVE-2021-22991,9.8,0.80377,0.98384,"The Traffic Management Microkernel of BIG-IP ASM Risk Engine has a buffer overflow vulnerability, leading to a bypassing of URL-based access controls.",F5,BIG-IP Traffic Management Microkernel
+CVE-2020-14864,7.5,0.57376,0.9777,"Path traversal vulnerability, where an attacker can target the preview FilePath parameter of the getPreviewImage function to get access to arbitrary system file.",Oracle,Intelligence Enterprise Edition
+CVE-2020-13671,8.8,0.01617,0.87781,Improper sanitization in the extension file names is present in Drupal core.,Drupal,Drupal core
 CVE-2020-11978,8.8,0.97416,0.99949,A remote code/command injection vulnerability was discovered in one of the example DAGs shipped with Airflow.,Apache,Airflow
-CVE-2020-13927,9.8,0.96651,0.99678,The previous default setting for Airflow's Experimental API was to allow all API requests without authentication.,Apache,Airflow's Experimental API
-CVE-2006-1547,7.5,0.08923,0.94705,ActionForm in Apache Struts versions before 1.2.9 with BeanUtils 1.7 contains a vulnerability that allows for denial-of-service (DoS).,Apache,Struts 1
+CVE-2020-13927,9.8,0.96651,0.99679,The previous default setting for Airflow's Experimental API was to allow all API requests without authentication.,Apache,Airflow's Experimental API
+CVE-2006-1547,7.5,0.08923,0.94707,ActionForm in Apache Struts versions before 1.2.9 with BeanUtils 1.7 contains a vulnerability that allows for denial-of-service (DoS).,Apache,Struts 1
 CVE-2012-0391,,0.28789,0.96951,The ExceptionDelegator component in Apache Struts 2 before 2.2.3.1 contains an improper input validation vulnerability that allows for remote code execution.,Apache,Struts 2
 CVE-2018-8453,7.8,0.95061,0.99365,Microsoft Windows Win32k contains a vulnerability that allows an attacker to escalate privileges.,Microsoft,Win32k
-CVE-2021-35247,5.3,0.0068,0.80355,SolarWinds Serv-U versions 15.2.5 and earlier contain an improper input validation vulnerability that allows attackers to build and send queries without sanitization.,SolarWinds,Serv-U
-CVE-2022-22587,9.8,0.00263,0.66661,Apple IOMobileFrameBuffer contains a memory corruption vulnerability which can allow a malicious application to execute arbitrary code with kernel privileges.,Apple,iOS and macOS
+CVE-2021-35247,5.3,0.0068,0.80365,SolarWinds Serv-U versions 15.2.5 and earlier contain an improper input validation vulnerability that allows attackers to build and send queries without sanitization.,SolarWinds,Serv-U
+CVE-2022-22587,9.8,0.00263,0.66668,Apple IOMobileFrameBuffer contains a memory corruption vulnerability which can allow a malicious application to execute arbitrary code with kernel privileges.,Apple,iOS and macOS
 CVE-2021-20038,9.8,0.94524,0.99281,SonicWall SMA 100 devies are vulnerable to an unauthenticated stack-based buffer overflow vulnerability where exploitation can result in code execution.,SonicWall,SMA 100 Appliances
 CVE-2020-5722,9.8,0.97518,0.99992,Grandstream UCM6200 series is vulnerable to an unauthenticated remote SQL injection via crafted HTTP request. Exploitation can allow for code execution as root.,Grandstream,UCM6200
 CVE-2020-0787,7.8,0.90954,0.9893,Microsoft Windows BITS is vulnerable to to a privilege elevation vulnerability if it improperly handles symbolic links. An actor can exploit this vulnerability to execute arbitrary code with system-level privileges.,Microsoft,Windows
 CVE-2017-5689,9.8,0.97395,0.99937,Intel products contain a vulnerability which can allow attackers to perform privilege escalation.,Intel,"Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageability"
 CVE-2014-1776,9.8,0.95988,0.99524,Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code in the context of the current user.,Microsoft,Internet Explorer
 CVE-2014-6271,9.8,0.97365,0.99925,"GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code.",GNU,Bourne-Again Shell (Bash)
-CVE-2014-7169,9.8,0.87505,0.98716,"GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code. This CVE correctly remediates the vulnerability in CVE-2014-6271.",GNU,Bourne-Again Shell (Bash)
-CVE-2022-21882,7.8,0.0011,0.4496,Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Win32k
-CVE-2021-36934,7.8,0.0041,0.74337,"If a Volume Shadow Copy (VSS) shadow copy of the system drive is available, users can read the SAM file which would allow any user to escalate privileges to SYSTEM level.",Microsoft,Windows
+CVE-2014-7169,9.8,0.87505,0.98717,"GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code. This CVE correctly remediates the vulnerability in CVE-2014-6271.",GNU,Bourne-Again Shell (Bash)
+CVE-2022-21882,7.8,0.0011,0.44971,Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Win32k
+CVE-2021-36934,7.8,0.0041,0.74342,"If a Volume Shadow Copy (VSS) shadow copy of the system drive is available, users can read the SAM file which would allow any user to escalate privileges to SYSTEM level.",Microsoft,Windows
 CVE-2020-0796,10.0,0.97397,0.99939,A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server or client.,Microsoft,SMBv3
 CVE-2018-1000861,9.8,0.97305,0.99901,A code execution vulnerability exists in the Stapler web framework used by Jenkins,Jenkins,Jenkins Stapler Web Framework
 CVE-2017-9791,9.8,0.97453,0.99964,The Struts 1 plugin in Apache Struts might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage.,Apache,Struts 1
 CVE-2017-8464,8.8,0.9747,0.99973,Windows Shell in multiple versions of Microsoft Windows allows local users or remote attackers to execute arbitrary code via a crafted .LNK file,Microsoft,Windows
 CVE-2017-10271,7.5,0.97182,0.9985,Oracle Corporation WebLogic Server contains a vulnerability that allows for remote code execution.,Oracle,WebLogic Server
-CVE-2017-0263,7.8,0.58871,0.97821,Microsoft Win32k contains a privilege escalation vulnerability due to the Windows kernel-mode driver failing to properly handle objects in memory.,Microsoft,Win32k
-CVE-2017-0262,7.8,0.3291,0.97126,A remote code execution vulnerability exists in Microsoft Office.,Microsoft,Office
-CVE-2017-0145,8.8,0.96185,0.99561,The SMBv1 server in multiple Microsoft Windows versions allows remote attackers to execute arbitrary code via crafted packets.,Microsoft,SMBv1
+CVE-2017-0263,7.8,0.58871,0.97822,Microsoft Win32k contains a privilege escalation vulnerability due to the Windows kernel-mode driver failing to properly handle objects in memory.,Microsoft,Win32k
+CVE-2017-0262,7.8,0.3291,0.97128,A remote code execution vulnerability exists in Microsoft Office.,Microsoft,Office
+CVE-2017-0145,8.8,0.96185,0.99562,The SMBv1 server in multiple Microsoft Windows versions allows remote attackers to execute arbitrary code via crafted packets.,Microsoft,SMBv1
 CVE-2017-0144,8.8,0.96402,0.99608,The SMBv1 server in multiple Microsoft Windows versions allows remote attackers to execute arbitrary code via crafted packets.,Microsoft,SMBv1
-CVE-2016-3088,9.8,0.96675,0.99688,The Fileserver web application in Apache ActiveMQ allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request,Apache,ActiveMQ
+CVE-2016-3088,9.8,0.96675,0.99689,The Fileserver web application in Apache ActiveMQ allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request,Apache,ActiveMQ
 CVE-2015-2051,9.8,0.96931,0.9976,D-Link DIR-645 Wired/Wireless Router allows remote attackers to execute arbitrary commands via a GetDeviceSettings action to the HNAP interface.,D-Link,DIR-645 Router
 CVE-2015-1635,,0.97538,0.99995,Microsoft HTTP protocol stack (HTTP.sys) contains a vulnerability that allows for remote code execution.,Microsoft,HTTP.sys
-CVE-2015-1130,,0.00047,0.17914,The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges.,Apple,OS X
-CVE-2014-4404,7.8,0.02064,0.89301,"Heap-based buffer overflow in IOHIDFamily in Apple OS X, which affects, iOS before 8 and Apple TV before 7, allows attackers to execute arbitrary code in a privileged context.",Apple,OS X
-CVE-2022-22620,8.8,0.00243,0.64959,"Apple iOS, iPadOS, and macOS WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,"iOS, iPadOS, and macOS"
-CVE-2022-24086,9.8,0.22602,0.96615,Adobe Commerce and Magento Open Source contain an improper input validation vulnerability which can allow for arbitrary code execution.,Adobe,Commerce and Magento Open Source
-CVE-2022-0609,8.8,0.04135,0.92362,"Google Chromium Animation contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium Animation
-CVE-2019-0752,7.5,0.95437,0.99432,A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer,Microsoft,Internet Explorer
+CVE-2015-1130,,0.00047,0.17912,The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges.,Apple,OS X
+CVE-2014-4404,7.8,0.02064,0.89306,"Heap-based buffer overflow in IOHIDFamily in Apple OS X, which affects, iOS before 8 and Apple TV before 7, allows attackers to execute arbitrary code in a privileged context.",Apple,OS X
+CVE-2022-22620,8.8,0.00243,0.64967,"Apple iOS, iPadOS, and macOS WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,"iOS, iPadOS, and macOS"
+CVE-2022-24086,9.8,0.22602,0.96616,Adobe Commerce and Magento Open Source contain an improper input validation vulnerability which can allow for arbitrary code execution.,Adobe,Commerce and Magento Open Source
+CVE-2022-0609,8.8,0.04135,0.92367,"Google Chromium Animation contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium Animation
+CVE-2019-0752,7.5,0.95437,0.99433,A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer,Microsoft,Internet Explorer
 CVE-2018-8174,7.5,0.97392,0.99935,"A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka ""Windows VBScript Engine Remote Code Execution""",Microsoft,Windows
 CVE-2018-20250,7.8,0.97332,0.99912,WinRAR Absolute Path Traversal vulnerability leads to Remote Code Execution,RARLAB,WinRAR
-CVE-2018-15982,9.8,0.97341,0.99916,Adobe Flash Player com.adobe.tvsdk.mediacore.metadata Use After Free Vulnerability,Adobe,Flash Player
-CVE-2017-9841,9.8,0.97479,0.99976,"PHPUnit allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a ""<?php "" substring, as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php URI.",PHPUnit,PHPUnit
-CVE-2014-1761,7.8,0.63601,0.9793,Microsoft Word contains a memory corruption vulnerability which when exploited could allow for remote code execution.,Microsoft,Word
+CVE-2018-15982,9.8,0.97341,0.99915,Adobe Flash Player com.adobe.tvsdk.mediacore.metadata Use After Free Vulnerability,Adobe,Flash Player
+CVE-2017-9841,9.8,0.97479,0.99977,"PHPUnit allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a ""<?php "" substring, as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php URI.",PHPUnit,PHPUnit
+CVE-2014-1761,7.8,0.63601,0.97931,Microsoft Word contains a memory corruption vulnerability which when exploited could allow for remote code execution.,Microsoft,Word
 CVE-2013-3906,7.8,0.96638,0.99675,Microsoft Graphics Component contains a memory corruption vulnerability which can allow for remote code execution.,Microsoft,Graphics Component
-CVE-2022-23131,9.8,0.97065,0.99803,Unsafe client-side session storage leading to authentication bypass/instance takeover via Zabbix Frontend with configured SAML.,Zabbix,Frontend
-CVE-2022-23134,5.3,0.60853,0.97868,Malicious actors can pass step checks and potentially change the configuration of Zabbix Frontend.,Zabbix,Frontend
-CVE-2022-24682,6.1,0.01933,0.88944,Zimbra webmail clients running versions 8.8.15 P29 & P30 contain a XSS vulnerability that would allow attackers to steal session cookie files.,Zimbra,Webmail
+CVE-2022-23131,9.8,0.97065,0.99802,Unsafe client-side session storage leading to authentication bypass/instance takeover via Zabbix Frontend with configured SAML.,Zabbix,Frontend
+CVE-2022-23134,5.3,0.60853,0.97869,Malicious actors can pass step checks and potentially change the configuration of Zabbix Frontend.,Zabbix,Frontend
+CVE-2022-24682,6.1,0.01933,0.88949,Zimbra webmail clients running versions 8.8.15 P29 & P30 contain a XSS vulnerability that would allow attackers to steal session cookie files.,Zimbra,Webmail
 CVE-2017-8570,7.8,0.97276,0.99889,A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory.,Microsoft,Office
-CVE-2017-0222,8.8,0.58447,0.97813,A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory.,Microsoft,Internet Explorer
+CVE-2017-0222,8.8,0.58447,0.97814,A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory.,Microsoft,Internet Explorer
 CVE-2014-6352,7.8,0.94904,0.99342,Microsoft Windows allow remote attackers to execute arbitrary code via a crafted OLE object.,Microsoft,Windows
-CVE-2022-20708,8.0,0.00262,0.66617,"A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).",Cisco,"Small Business RV160, RV260, RV340, and RV345 Series Routers"
-CVE-2022-20703,8.0,0.01435,0.86876,"A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).",Cisco,"Small Business RV160, RV260, RV340, and RV345 Series Routers"
-CVE-2022-20701,7.8,0.00598,0.78837,"A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).",Cisco,"Small Business RV160, RV260, RV340, and RV345 Series Routers"
-CVE-2022-20700,9.8,0.00514,0.77097,"A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).",Cisco,"Small Business RV160, RV260, RV340, and RV345 Series Routers"
-CVE-2022-20699,9.8,0.96229,0.99569,"A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).",Cisco,"Small Business RV160, RV260, RV340, and RV345 Series Routers"
-CVE-2021-41379,5.5,0.01682,0.88006,Microsoft Windows Installer contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows
+CVE-2022-20708,8.0,0.00262,0.66623,"A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).",Cisco,"Small Business RV160, RV260, RV340, and RV345 Series Routers"
+CVE-2022-20703,8.0,0.01435,0.8688,"A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).",Cisco,"Small Business RV160, RV260, RV340, and RV345 Series Routers"
+CVE-2022-20701,7.8,0.00598,0.78847,"A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).",Cisco,"Small Business RV160, RV260, RV340, and RV345 Series Routers"
+CVE-2022-20700,9.8,0.00514,0.77108,"A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).",Cisco,"Small Business RV160, RV260, RV340, and RV345 Series Routers"
+CVE-2022-20699,9.8,0.96229,0.9957,"A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).",Cisco,"Small Business RV160, RV260, RV340, and RV345 Series Routers"
+CVE-2021-41379,5.5,0.01682,0.88012,Microsoft Windows Installer contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows
 CVE-2020-1938,9.8,0.97284,0.99893,"Apache Tomcat treats Apache JServ Protocol (AJP) connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited.",Apache,Tomcat
-CVE-2020-11899,5.4,0.00533,0.77564,The Treck TCP/IP stack contains an IPv6 out-of-bounds read vulnerability.,Treck TCP/IP stack,IPv6
-CVE-2019-16928,9.8,0.67676,0.9802,Exim contains an out-of-bounds write vulnerability which can allow for remote code execution.,Exim,Exim Internet Mailer
+CVE-2020-11899,5.4,0.00396,0.73938,The Treck TCP/IP stack contains an IPv6 out-of-bounds read vulnerability.,Treck TCP/IP stack,IPv6
+CVE-2019-16928,9.8,0.67676,0.98021,Exim contains an out-of-bounds write vulnerability which can allow for remote code execution.,Exim,Exim Internet Mailer
 CVE-2019-1652,7.2,0.97437,0.99958,"A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker with administrative privileges on an affected device to execute arbitrary commands.",Cisco,Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers
-CVE-2019-1297,8.8,0.04151,0.9238,A remote code execution vulnerability exists in Microsoft Excel when the software fails to properly handle objects in memory.,Microsoft,Excel
-CVE-2018-8581,7.4,0.02117,0.89435,A privilege escalation vulnerability exists in Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could attempt to impersonate any other user of the Exchange server.,Microsoft,Exchange Server
-CVE-2018-8298,7.5,0.64297,0.97943,The ChakraCore scripting engine contains a type confusion vulnerability which can allow for remote code execution.,ChakraCore,ChakraCore scripting engine
-CVE-2018-0180,5.9,0.00139,0.5033,"A vulnerability in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition.",Cisco,IOS Software
-CVE-2018-0179,5.9,0.00139,0.5033,"A vulnerability in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition.",Cisco,IOS Software
-CVE-2018-0175,8.0,0.00515,0.77139,"Format string vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device.",Cisco,"IOS, XR, and XE Software"
-CVE-2018-0174,8.6,0.01322,0.86286,A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow for denial-of-service (DoS).,Cisco,IOS XE Software
-CVE-2018-0173,8.6,0.01322,0.86286,A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 (DHCPv4) packets can allow for denial-of-service (DoS).,Cisco,IOS and IOS XE Software
-CVE-2018-0172,8.6,0.01096,0.84738,A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow for denial-of-service (DoS).,Cisco,IOS and IOS XE Software
-CVE-2018-0167,8.8,0.0065,0.79821,"There is a buffer overflow vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software which could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code.",Cisco,"IOS, XR, and XE Software"
-CVE-2018-0161,6.3,0.00334,0.71725,"A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software running on certain models of Cisco Catalyst Switches could allow an authenticated, remote attacker to cause a denial-of-service (DoS) condition.",Cisco,IOS Software
-CVE-2018-0159,7.5,0.00414,0.74487,"A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial-of-service (DoS) condition.",Cisco,IOS Software and Cisco IOS XE Software
-CVE-2018-0158,8.6,0.01871,0.8871,"A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial-of-service (DoS) condition.",Cisco,IOS Software and Cisco IOS XE Software
-CVE-2018-0156,7.5,0.0051,0.77028,"A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial-of-service (DoS) condition.",Cisco,IOS Software and Cisco IOS XE Software
-CVE-2018-0155,8.6,0.00438,0.75275,"A vulnerability in the Bidirectional Forwarding Detection (BFD) offload implementation of Cisco Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches could allow an unauthenticated, remote attacker to cause a crash of the iosd process, causing a denial-of-service (DoS) condition.",Cisco,Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches
-CVE-2018-0154,7.5,0.00414,0.74487,"A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN (ISM-VPN) running Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial-of-service (DoS) condition.",Cisco,IOS Software
-CVE-2018-0151,9.8,0.03537,0.91767,"A vulnerability in the quality of service (QoS) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges.",Cisco,IOS and IOS XE Software
+CVE-2019-1297,8.8,0.04151,0.92384,A remote code execution vulnerability exists in Microsoft Excel when the software fails to properly handle objects in memory.,Microsoft,Excel
+CVE-2018-8581,7.4,0.02117,0.8944,A privilege escalation vulnerability exists in Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could attempt to impersonate any other user of the Exchange server.,Microsoft,Exchange Server
+CVE-2018-8298,7.5,0.64297,0.97944,The ChakraCore scripting engine contains a type confusion vulnerability which can allow for remote code execution.,ChakraCore,ChakraCore scripting engine
+CVE-2018-0180,5.9,0.00139,0.5034,"A vulnerability in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition.",Cisco,IOS Software
+CVE-2018-0179,5.9,0.00139,0.5034,"A vulnerability in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition.",Cisco,IOS Software
+CVE-2018-0175,8.0,0.00515,0.7715,"Format string vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device.",Cisco,"IOS, XR, and XE Software"
+CVE-2018-0174,8.6,0.01322,0.8629,A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow for denial-of-service (DoS).,Cisco,IOS XE Software
+CVE-2018-0173,8.6,0.01322,0.8629,A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 (DHCPv4) packets can allow for denial-of-service (DoS).,Cisco,IOS and IOS XE Software
+CVE-2018-0172,8.6,0.01096,0.84744,A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow for denial-of-service (DoS).,Cisco,IOS and IOS XE Software
+CVE-2018-0167,8.8,0.0065,0.79832,"There is a buffer overflow vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software which could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code.",Cisco,"IOS, XR, and XE Software"
+CVE-2018-0161,6.3,0.00334,0.71731,"A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software running on certain models of Cisco Catalyst Switches could allow an authenticated, remote attacker to cause a denial-of-service (DoS) condition.",Cisco,IOS Software
+CVE-2018-0159,7.5,0.00414,0.74492,"A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial-of-service (DoS) condition.",Cisco,IOS Software and Cisco IOS XE Software
+CVE-2018-0158,8.6,0.01871,0.88715,"A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial-of-service (DoS) condition.",Cisco,IOS Software and Cisco IOS XE Software
+CVE-2018-0156,7.5,0.0051,0.77038,"A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial-of-service (DoS) condition.",Cisco,IOS Software and Cisco IOS XE Software
+CVE-2018-0155,8.6,0.00438,0.75281,"A vulnerability in the Bidirectional Forwarding Detection (BFD) offload implementation of Cisco Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches could allow an unauthenticated, remote attacker to cause a crash of the iosd process, causing a denial-of-service (DoS) condition.",Cisco,Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches
+CVE-2018-0154,7.5,0.00414,0.74492,"A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN (ISM-VPN) running Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial-of-service (DoS) condition.",Cisco,IOS Software
+CVE-2018-0151,9.8,0.03537,0.91771,"A vulnerability in the quality of service (QoS) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges.",Cisco,IOS and IOS XE Software
 CVE-2017-8540,7.8,0.94557,0.99286,"The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to memory corruption. aka ""Microsoft Malware Protection Engine Remote Code Execution Vulnerability"".",Microsoft,Malware Protection Engine
-CVE-2017-6744,8.8,0.02337,0.89989,"The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 1 contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6.",Cisco,IOS software
-CVE-2017-6743,8.8,0.01589,0.87652,"The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.",Cisco,IOS and IOS XE Software
-CVE-2017-6740,8.8,0.019,0.88818,"The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.",Cisco,IOS and IOS XE Software
-CVE-2017-6739,8.8,0.019,0.88818,"The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.",Cisco,IOS and IOS XE Software
-CVE-2017-6738,8.8,0.019,0.88818,"The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.",Cisco,IOS and IOS XE Software
-CVE-2017-6737,8.8,0.019,0.88818,"The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.",Cisco,IOS and IOS XE Software
-CVE-2017-6736,8.8,0.24497,0.96719,"The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.",Cisco,IOS and IOS XE Software
-CVE-2017-6663,6.5,0.0019,0.57121,"A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause autonomic nodes of an affected system to reload, resulting in denial-of-service (DoS).",Cisco,IOS and IOS XE Software
-CVE-2017-6627,7.5,0.0036,0.72715,"A vulnerability in the UDP processing code of Cisco IOS and IOS XE could allow an unauthenticated, remote attacker to cause the input queue of an affected system to hold UDP packets, causing an interface queue wedge and denial of service.",Cisco,IOS and IOS XE Software
-CVE-2017-12319,5.9,0.00139,0.5033,"A vulnerability in the Border Gateway Protocol (BGP) over an Ethernet Virtual Private Network (EVPN) for Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload, resulting in a denial of service (DoS) condition, or potentially corrupt the BGP routing table, which could result in network instability.",Cisco,IOS XE Software
-CVE-2017-12240,9.8,0.06113,0.93685,"The Dynamic Host Configuration Protocol (DHCP) relay subsystem of Cisco IOS and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system.",Cisco,IOS and IOS XE Software
-CVE-2017-12238,6.5,0.0019,0.57121,"A vulnerability in the Virtual Private LAN Service (VPLS) code of Cisco IOS for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, adjacent attacker to cause a denial of service.",Cisco,Catalyst 6800 Series Switches
-CVE-2017-12237,7.5,0.00347,0.7218,"A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS and Cisco IOS XE could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, or a reload of an affected device that leads to a denial of service.",Cisco,IOS and IOS XE Software
-CVE-2017-12235,7.5,0.00347,0.7218,"A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol (PN-DCP) for Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service.",Cisco,IOS software
-CVE-2017-12234,7.5,0.00347,0.7218,"There is a vulnerability in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service.",Cisco,IOS software
-CVE-2017-12233,7.5,0.00347,0.7218,"There is a vulnerability in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service.",Cisco,IOS software
-CVE-2017-12232,6.5,0.0019,0.57121,"A vulnerability in the implementation of a protocol in Cisco Integrated Services Routers Generation 2 (ISR G2) Routers running Cisco IOS could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service.",Cisco,IOS software
-CVE-2017-12231,7.5,0.00347,0.7218,"A vulnerability in the implementation of Network Address Translation (NAT) functionality in Cisco IOS could allow an unauthenticated, remote attacker to cause a denial of service.",Cisco,IOS software
-CVE-2017-11826,7.8,0.95845,0.99498,A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.,Microsoft,Office
-CVE-2017-11292,8.8,0.03868,0.92109,Adobe Flash Player contains a type confusion vulnerability which can allow for remote code execution.,Adobe,Flash Player
+CVE-2017-6744,8.8,0.02337,0.89994,"The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 1 contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6.",Cisco,IOS software
+CVE-2017-6743,8.8,0.01589,0.87659,"The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.",Cisco,IOS and IOS XE Software
+CVE-2017-6740,8.8,0.019,0.88823,"The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.",Cisco,IOS and IOS XE Software
+CVE-2017-6739,8.8,0.019,0.88823,"The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.",Cisco,IOS and IOS XE Software
+CVE-2017-6738,8.8,0.019,0.88823,"The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.",Cisco,IOS and IOS XE Software
+CVE-2017-6737,8.8,0.019,0.88823,"The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.",Cisco,IOS and IOS XE Software
+CVE-2017-6736,8.8,0.24497,0.96721,"The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.",Cisco,IOS and IOS XE Software
+CVE-2017-6663,6.5,0.0019,0.57133,"A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause autonomic nodes of an affected system to reload, resulting in denial-of-service (DoS).",Cisco,IOS and IOS XE Software
+CVE-2017-6627,7.5,0.0036,0.72721,"A vulnerability in the UDP processing code of Cisco IOS and IOS XE could allow an unauthenticated, remote attacker to cause the input queue of an affected system to hold UDP packets, causing an interface queue wedge and denial of service.",Cisco,IOS and IOS XE Software
+CVE-2017-12319,5.9,0.00139,0.5034,"A vulnerability in the Border Gateway Protocol (BGP) over an Ethernet Virtual Private Network (EVPN) for Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload, resulting in a denial of service (DoS) condition, or potentially corrupt the BGP routing table, which could result in network instability.",Cisco,IOS XE Software
+CVE-2017-12240,9.8,0.06113,0.93689,"The Dynamic Host Configuration Protocol (DHCP) relay subsystem of Cisco IOS and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system.",Cisco,IOS and IOS XE Software
+CVE-2017-12238,6.5,0.0019,0.57133,"A vulnerability in the Virtual Private LAN Service (VPLS) code of Cisco IOS for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, adjacent attacker to cause a denial of service.",Cisco,Catalyst 6800 Series Switches
+CVE-2017-12237,7.5,0.00347,0.72188,"A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS and Cisco IOS XE could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, or a reload of an affected device that leads to a denial of service.",Cisco,IOS and IOS XE Software
+CVE-2017-12235,7.5,0.00347,0.72188,"A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol (PN-DCP) for Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service.",Cisco,IOS software
+CVE-2017-12234,7.5,0.00347,0.72188,"There is a vulnerability in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service.",Cisco,IOS software
+CVE-2017-12233,7.5,0.00347,0.72188,"There is a vulnerability in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service.",Cisco,IOS software
+CVE-2017-12232,6.5,0.0019,0.57133,"A vulnerability in the implementation of a protocol in Cisco Integrated Services Routers Generation 2 (ISR G2) Routers running Cisco IOS could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service.",Cisco,IOS software
+CVE-2017-12231,7.5,0.00347,0.72188,"A vulnerability in the implementation of Network Address Translation (NAT) functionality in Cisco IOS could allow an unauthenticated, remote attacker to cause a denial of service.",Cisco,IOS software
+CVE-2017-11826,7.8,0.95342,0.99414,A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.,Microsoft,Office
+CVE-2017-11292,8.8,0.03868,0.92114,Adobe Flash Player contains a type confusion vulnerability which can allow for remote code execution.,Adobe,Flash Player
 CVE-2017-0261,7.8,0.91135,0.98947,Microsoft Office contains a use-after-free vulnerability which can allow for remote code execution.,Microsoft,Office
-CVE-2017-0001,7.8,0.00127,0.48271,"The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges",Microsoft,Graphics Device Interface (GDI)
-CVE-2016-8562,7.5,0.01608,0.87729,An improper privilege management vulnerability exists within the Siemens SIMATIC Communication Processor (CP) that allows a privileged attacker to remotely cause a denial of service.,Siemens,SIMATIC CP
-CVE-2016-7855,8.8,0.14019,0.95778,Use-after-free vulnerability in Adobe Flash Player Windows and OS and Linux allows remote attackers to execute arbitrary code.,Adobe,Flash Player
-CVE-2016-7262,7.8,0.38433,0.973,A security feature bypass vulnerability exists when Microsoft Office improperly handles input. An attacker who successfully exploited the vulnerability could execute arbitrary commands.,Microsoft,Excel
-CVE-2016-7193,7.8,0.73525,0.98185,Microsoft Office contains a memory corruption vulnerability which can allow for remote code execution.,Microsoft,Office
-CVE-2016-5195,7.0,0.81662,0.98449,Race condition in mm/gup.c in the Linux kernel allows local users to escalate privileges.,Linux,Kernel
+CVE-2017-0001,7.8,0.00127,0.48279,"The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges",Microsoft,Graphics Device Interface (GDI)
+CVE-2016-8562,7.5,0.01608,0.87735,An improper privilege management vulnerability exists within the Siemens SIMATIC Communication Processor (CP) that allows a privileged attacker to remotely cause a denial of service.,Siemens,SIMATIC CP
+CVE-2016-7855,8.8,0.14019,0.9578,Use-after-free vulnerability in Adobe Flash Player Windows and OS and Linux allows remote attackers to execute arbitrary code.,Adobe,Flash Player
+CVE-2016-7262,7.8,0.38433,0.97302,A security feature bypass vulnerability exists when Microsoft Office improperly handles input. An attacker who successfully exploited the vulnerability could execute arbitrary commands.,Microsoft,Excel
+CVE-2016-7193,7.8,0.73525,0.98186,Microsoft Office contains a memory corruption vulnerability which can allow for remote code execution.,Microsoft,Office
+CVE-2016-5195,7.0,0.81662,0.9845,Race condition in mm/gup.c in the Linux kernel allows local users to escalate privileges.,Linux,Kernel
 CVE-2016-4117,9.8,0.97369,0.99927,An access of resource using incompatible type vulnerability exists within Adobe Flash Player that allows an attacker to perform remote code execution.,Adobe,Flash Player
 CVE-2016-1019,9.8,0.95317,0.99411,Adobe Flash Player allows remote attackers to cause a denial of service or possibly execute arbitrary code.,Adobe,Flash Player
-CVE-2016-0099,7.8,0.01238,0.85772,A privilege escalation vulnerability exists in Microsoft Windows if the Windows Secondary Logon Service fails to properly manage request handles in memory. An attacker who successfully exploited this vulnerability could run arbitrary code as an administrator.,Microsoft,Windows
-CVE-2015-7645,7.8,0.95814,0.99495,Adobe Flash Player allows remote attackers to execute arbitrary code via a crafted SWF file.,Adobe,Flash Player
+CVE-2016-0099,7.8,0.01238,0.85777,A privilege escalation vulnerability exists in Microsoft Windows if the Windows Secondary Logon Service fails to properly manage request handles in memory. An attacker who successfully exploited this vulnerability could run arbitrary code as an administrator.,Microsoft,Windows
+CVE-2015-7645,7.8,0.95814,0.99496,Adobe Flash Player allows remote attackers to execute arbitrary code via a crafted SWF file.,Adobe,Flash Player
 CVE-2015-5119,9.8,0.97315,0.99907,A use-after-free vulnerability exists within the ActionScript 3 ByteArray class in Adobe Flash Player that allows an attacker to perform remote code execution.,Adobe,Flash Player
-CVE-2015-4902,,0.00906,0.83116,Unspecified vulnerability in Oracle Java SE allows remote attackers to affect integrity via Unknown vectors related to deployment.,Oracle,Java SE
+CVE-2015-4902,,0.00906,0.83121,Unspecified vulnerability in Oracle Java SE allows remote attackers to affect integrity via Unknown vectors related to deployment.,Oracle,Java SE
 CVE-2015-3043,9.8,0.3115,0.9706,A memory corruption vulnerability exists in Adobe Flash Player that allows an attacker to perform remote code execution.,Adobe,Flash Player
-CVE-2015-2590,9.8,0.0315,0.91305,An unspecified vulnerability exists within Oracle Java Runtime Environment that allows an attacker to perform remote code execution.,Oracle,Java SE
-CVE-2015-2545,7.8,0.96196,0.99564,Microsoft Office allows remote attackers to execute arbitrary code via a crafted EPS image.,Microsoft,Office
-CVE-2015-2424,8.8,0.28735,0.9695,Microsoft PowerPoint allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document.,Microsoft,PowerPoint
-CVE-2015-2387,7.8,0.00113,0.45466,ATMFD.DLL in the Adobe Type Manager Font Driver in Microsoft Windows Server allows local users to gain privileges via a crafted application.,Microsoft,ATM Font Driver
-CVE-2015-1701,7.8,0.37185,0.97264,An unspecified vulnerability exists in the Win32k.sys kernel-mode driver in Microsoft Windows Server that allows a local attacker to execute arbitrary code with elevated privileges.,Microsoft,Win32k
-CVE-2015-1642,7.8,0.86732,0.98675,Microsoft Office contains a memory corruption vulnerability that allows remote attackers to execute arbitrary code via a crafted document.,Microsoft,Office
-CVE-2014-4114,7.8,0.9641,0.9961,A vulnerability exists in Windows Object Linking & Embedding (OLE) that could allow remote code execution if a user opens a file that contains a specially crafted OLE object.,Microsoft,Windows
-CVE-2014-0496,,0.02405,0.90139,Adobe Reader and Acrobat contain a use-after-free vulnerability which can allow for code execution.,Adobe,Reader and Acrobat
-CVE-2013-5065,7.8,0.43239,0.97426,Microsoft Windows NDProxy.sys in the kernel contains an improper input validation vulnerability which can allow a local attacker to escalate privileges.,Microsoft,Windows
+CVE-2015-2590,9.8,0.0315,0.91309,An unspecified vulnerability exists within Oracle Java Runtime Environment that allows an attacker to perform remote code execution.,Oracle,Java SE
+CVE-2015-2545,7.8,0.96196,0.99565,Microsoft Office allows remote attackers to execute arbitrary code via a crafted EPS image.,Microsoft,Office
+CVE-2015-2424,8.8,0.28735,0.96951,Microsoft PowerPoint allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document.,Microsoft,PowerPoint
+CVE-2015-2387,7.8,0.00113,0.45475,ATMFD.DLL in the Adobe Type Manager Font Driver in Microsoft Windows Server allows local users to gain privileges via a crafted application.,Microsoft,ATM Font Driver
+CVE-2015-1701,7.8,0.37185,0.97266,An unspecified vulnerability exists in the Win32k.sys kernel-mode driver in Microsoft Windows Server that allows a local attacker to execute arbitrary code with elevated privileges.,Microsoft,Win32k
+CVE-2015-1642,7.8,0.86732,0.98676,Microsoft Office contains a memory corruption vulnerability that allows remote attackers to execute arbitrary code via a crafted document.,Microsoft,Office
+CVE-2014-4114,7.8,0.9641,0.99611,A vulnerability exists in Windows Object Linking & Embedding (OLE) that could allow remote code execution if a user opens a file that contains a specially crafted OLE object.,Microsoft,Windows
+CVE-2014-0496,,0.02405,0.90143,Adobe Reader and Acrobat contain a use-after-free vulnerability which can allow for code execution.,Adobe,Reader and Acrobat
+CVE-2013-5065,7.8,0.43239,0.97427,Microsoft Windows NDProxy.sys in the kernel contains an improper input validation vulnerability which can allow a local attacker to escalate privileges.,Microsoft,Windows
 CVE-2013-3897,8.8,0.97032,0.99791,A use-after-free vulnerability exists within CDisplayPointer in Microsoft Internet Explorer that allows an attacker to remotely execute arbitrary code.,Microsoft,Internet Explorer
 CVE-2013-3346,9.8,0.97044,0.99796,Adobe Reader and Acrobat contain a memory corruption vulnerability which can allow attackers to execute arbitrary code or cause a denial of service.,Adobe,Reader and Acrobat
-CVE-2013-1675,6.5,0.06148,0.93705,"Mozilla Firefox does not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sensitive information from process memory via a crafted web site.",Mozilla,Firefox
+CVE-2013-1675,6.5,0.06148,0.93709,"Mozilla Firefox does not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sensitive information from process memory via a crafted web site.",Mozilla,Firefox
 CVE-2013-1347,8.8,0.97402,0.99941,This vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer.,Microsoft,Internet Explorer
-CVE-2013-0641,7.8,0.81442,0.98436,A buffer overflow vulnerability exists in Adobe Reader which allows an attacker to perform remote code execution.,Adobe,Reader
-CVE-2013-0640,7.8,0.92624,0.99072,An memory corruption vulnerability exists in the acroform.dll in Adobe Reader that allows an attacker to perform remote code execution.,Adobe,Reader and Acrobat
-CVE-2013-0632,9.8,0.97094,0.99819,An authentication bypass vulnerability exists in Adobe ColdFusion which could result in an unauthorized user gaining administrative access.,Adobe,ColdFusion
+CVE-2013-0641,7.8,0.81442,0.98438,A buffer overflow vulnerability exists in Adobe Reader which allows an attacker to perform remote code execution.,Adobe,Reader
+CVE-2013-0640,7.8,0.92624,0.99073,An memory corruption vulnerability exists in the acroform.dll in Adobe Reader that allows an attacker to perform remote code execution.,Adobe,Reader and Acrobat
+CVE-2013-0632,9.8,0.97094,0.99818,An authentication bypass vulnerability exists in Adobe ColdFusion which could result in an unauthorized user gaining administrative access.,Adobe,ColdFusion
 CVE-2012-4681,,0.97516,0.9999,The Java Runtime Environment (JRE) component in Oracle Java SE allow for remote code execution.,Oracle,Java SE
-CVE-2012-1856,8.8,0.92424,0.99055,The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office allows remote attackers to execute arbitrary code via a crafted (1) document or (2) web page that triggers system-state corruption.,Microsoft,Office
-CVE-2012-1723,9.8,0.96532,0.99646,"Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE allows remote attackers to affect confidentiality, integrity, and availability via Unknown vectors related to Hotspot.",Oracle,Java SE
-CVE-2012-1535,7.8,0.9471,0.99307,Unspecified vulnerability in Adobe Flash Player allows remote attackers to execute arbitrary code or cause a denial of service via crafted SWF content.,Adobe,Flash Player
+CVE-2012-1856,8.8,0.92424,0.99056,The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office allows remote attackers to execute arbitrary code via a crafted (1) document or (2) web page that triggers system-state corruption.,Microsoft,Office
+CVE-2012-1723,9.8,0.96532,0.99647,"Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE allows remote attackers to affect confidentiality, integrity, and availability via Unknown vectors related to Hotspot.",Oracle,Java SE
+CVE-2012-1535,7.8,0.9471,0.99308,Unspecified vulnerability in Adobe Flash Player allows remote attackers to execute arbitrary code or cause a denial of service via crafted SWF content.,Adobe,Flash Player
 CVE-2012-0507,,0.96717,0.99698,An incorrect type vulnerability exists in the Concurrency component of Oracle's Java Runtime Environment allows an attacker to remotely execute arbitrary code.,Oracle,Java SE
-CVE-2011-3544,9.8,0.95641,0.99466,An access control vulnerability exists in the Applet Rhino Script Engine component of Oracle's Java Runtime Environment allows an attacker to remotely execute arbitrary code.,Oracle,Java SE JDK and JRE
+CVE-2011-3544,9.8,0.95641,0.99467,An access control vulnerability exists in the Applet Rhino Script Engine component of Oracle's Java Runtime Environment allows an attacker to remotely execute arbitrary code.,Oracle,Java SE JDK and JRE
 CVE-2011-1889,9.8,0.80387,0.98384,A remote code execution vulnerability exists in the Forefront Threat Management Gateway (TMG) Firewall Client Winsock provider that could allow code execution in the security context of the client application.,Microsoft,Forefront Threat Management Gateway (TMG)
 CVE-2011-0611,8.8,0.96091,0.99542,Adobe Flash Player contains a vulnerability that allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content.,Adobe,Flash Player
 CVE-2010-3333,7.8,0.97294,0.99895,A stack-based buffer overflow vulnerability exists in the parsing of RTF data in Microsoft Office and earlier allows an attacker to perform remote code execution.,Microsoft,Office
-CVE-2010-0232,7.8,0.00993,0.83911,"The kernel in Microsoft Windows, when access to 16-bit applications is enabled on a 32-bit x86 platform, does not properly validate certain BIOS calls, which allows local users to gain privileges.",Microsoft,Windows
-CVE-2010-0188,7.8,0.16337,0.96097,Unspecified vulnerability in Adobe Reader and Acrobat allows attackers to cause a denial of service or possibly execute arbitrary code.,Adobe,Reader and Acrobat
-CVE-2009-3129,7.8,0.97208,0.99857,Microsoft Office Excel allows remote attackers to execute arbitrary code via a spreadsheet with a FEATHEADER record containing an invalid cbHdrData size element that affects a pointer offset.,Microsoft,Excel
-CVE-2009-1123,7.8,0.28471,0.96938,"The kernel in Microsoft Windows does not properly validate changes to unspecified kernel objects, which allows local users to gain privileges via a crafted application.",Microsoft,Windows
-CVE-2008-3431,8.8,0.00199,0.58135,An input validation vulnerability exists in the VBoxDrv.sys driver of Sun xVM VirtualBox which allows attackers to locally execute arbitrary code.,Oracle,VirtualBox
+CVE-2010-0232,7.8,0.00993,0.83917,"The kernel in Microsoft Windows, when access to 16-bit applications is enabled on a 32-bit x86 platform, does not properly validate certain BIOS calls, which allows local users to gain privileges.",Microsoft,Windows
+CVE-2010-0188,7.8,0.16337,0.96099,Unspecified vulnerability in Adobe Reader and Acrobat allows attackers to cause a denial of service or possibly execute arbitrary code.,Adobe,Reader and Acrobat
+CVE-2009-3129,7.8,0.97208,0.99858,Microsoft Office Excel allows remote attackers to execute arbitrary code via a spreadsheet with a FEATHEADER record containing an invalid cbHdrData size element that affects a pointer offset.,Microsoft,Excel
+CVE-2009-1123,7.8,0.28471,0.96939,"The kernel in Microsoft Windows does not properly validate changes to unspecified kernel objects, which allows local users to gain privileges via a crafted application.",Microsoft,Windows
+CVE-2008-3431,8.8,0.00199,0.58145,An input validation vulnerability exists in the VBoxDrv.sys driver of Sun xVM VirtualBox which allows attackers to locally execute arbitrary code.,Oracle,VirtualBox
 CVE-2008-2992,7.8,0.97274,0.99887,Adobe Acrobat and Reader contain an input validation issue in a JavaScript method that could potentially lead to remote code execution.,Adobe,Acrobat and Reader
-CVE-2004-0210,7.8,0.00195,0.5773,A privilege elevation vulnerability exists in the POSIX subsystem. This vulnerability could allow a logged on user to take complete control of the system.,Microsoft,Windows
-CVE-2002-0367,7.8,0.01989,0.89098,"smss.exe debugging subsystem in Microsoft Windows does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges.",Microsoft,Windows
-CVE-2022-26486,9.6,0.00269,0.6834,Mozilla Firefox contains a use-after-free vulnerability in WebGPU IPC Framework which can be exploited to perform arbitrary code execution.,Mozilla,Firefox
-CVE-2022-26485,8.8,0.00856,0.82617,Mozilla Firefox contains a use-after-free vulnerability in XSLT parameter processing which can be exploited to perform arbitrary code execution.,Mozilla,Firefox
-CVE-2021-21973,5.3,0.13702,0.95734,VMware vCenter Server and Cloud Foundation Server contain a SSRF vulnerability due to improper validation of URLs in a vCenter Server plugin. This allows for information disclosure.,VMware,vCenter Server and Cloud Foundation
-CVE-2020-8218,7.2,0.02583,0.90492,A code injection vulnerability exists in Pulse Connect Secure that allows an attacker to crafted a URI to perform an arbitrary code execution via the admin web interface.,Pulse Secure,Pulse Connect Secure
+CVE-2004-0210,7.8,0.00195,0.57742,A privilege elevation vulnerability exists in the POSIX subsystem. This vulnerability could allow a logged on user to take complete control of the system.,Microsoft,Windows
+CVE-2002-0367,7.8,0.01989,0.89103,"smss.exe debugging subsystem in Microsoft Windows does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges.",Microsoft,Windows
+CVE-2022-26486,9.6,0.00269,0.68346,Mozilla Firefox contains a use-after-free vulnerability in WebGPU IPC Framework which can be exploited to perform arbitrary code execution.,Mozilla,Firefox
+CVE-2022-26485,8.8,0.00856,0.82623,Mozilla Firefox contains a use-after-free vulnerability in XSLT parameter processing which can be exploited to perform arbitrary code execution.,Mozilla,Firefox
+CVE-2021-21973,5.3,0.13702,0.95736,VMware vCenter Server and Cloud Foundation Server contain a SSRF vulnerability due to improper validation of URLs in a vCenter Server plugin. This allows for information disclosure.,VMware,vCenter Server and Cloud Foundation
+CVE-2020-8218,7.2,0.02583,0.90498,A code injection vulnerability exists in Pulse Connect Secure that allows an attacker to crafted a URI to perform an arbitrary code execution via the admin web interface.,Pulse Secure,Pulse Connect Secure
 CVE-2019-11581,9.8,0.97326,0.9991,Atlassian Jira Server and Data Center contain a server-side template injection vulnerability which can allow for remote code execution.,Atlassian,Jira Server and Data Center
 CVE-2017-6077,9.8,0.96387,0.99604,NETGEAR DGN2200 wireless routers contain a vulnerability that allows for remote code execution.,NETGEAR,Wireless Router DGN2200
 CVE-2016-6277,8.8,0.97337,0.99914,"NETGEAR confirmed multiple routers allow unauthenticated web pages to pass form input directly to the command-line interface, permitting remote code execution.",NETGEAR,Multiple Routers
-CVE-2013-0631,7.5,0.8232,0.98474,"Adobe Coldfusion contains an unspecified vulnerability, which could result in information disclosure from a compromised server.",Adobe,ColdFusion
+CVE-2013-0631,7.5,0.8232,0.98475,"Adobe Coldfusion contains an unspecified vulnerability, which could result in information disclosure from a compromised server.",Adobe,ColdFusion
 CVE-2013-0629,7.5,0.92087,0.99017,"Adobe Coldfusion contains a directory traversal vulnerability, which could permit an unauthorized user access to restricted directories.",Adobe,ColdFusion
-CVE-2013-0625,9.8,0.6342,0.97927,"Adobe Coldfusion contains an authentication bypass vulnerability, which could result in an unauthorized user gaining administrative access.",Adobe,ColdFusion
+CVE-2013-0625,9.8,0.6342,0.97928,"Adobe Coldfusion contains an authentication bypass vulnerability, which could result in an unauthorized user gaining administrative access.",Adobe,ColdFusion
 CVE-2009-3960,6.5,0.94277,0.99247,"Adobe BlazeDS, which is utilized in LifeCycle and Coldfusion, contains a vulnerability that allows for information disclosure.",Adobe,BlazeDS
-CVE-2020-5135,9.8,0.02684,0.90656,A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall.,SonicWall,SonicOS
-CVE-2019-1405,7.8,0.001,0.41982,A privilege escalation vulnerability exists when the Windows UPnP service improperly allows COM object creation.,Microsoft,Windows
-CVE-2019-1322,7.8,0.00563,0.78182,A privilege escalation vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context.,Microsoft,Windows
-CVE-2019-1315,7.8,0.87735,0.98725,A privilege escalation vulnerability exists when Windows Error Reporting manager improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.,Microsoft,Windows
-CVE-2019-1253,7.8,0.00071,0.31645,A privilege escalation vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.,Microsoft,Windows
-CVE-2019-1132,7.8,0.00042,0.05115,A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory.,Microsoft,Win32k
-CVE-2019-1129,7.8,0.8793,0.98741,A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context.,Microsoft,Windows
-CVE-2019-1069,7.8,0.00434,0.75081,A privilege escalation vulnerability exists in the way the Task Scheduler Service validates certain file operations.,Microsoft,Task Scheduler
+CVE-2020-5135,9.8,0.02684,0.90662,A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall.,SonicWall,SonicOS
+CVE-2019-1405,7.8,0.001,0.41994,A privilege escalation vulnerability exists when the Windows UPnP service improperly allows COM object creation.,Microsoft,Windows
+CVE-2019-1322,7.8,0.00563,0.78191,A privilege escalation vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context.,Microsoft,Windows
+CVE-2019-1315,7.8,0.87735,0.98726,A privilege escalation vulnerability exists when Windows Error Reporting manager improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.,Microsoft,Windows
+CVE-2019-1253,7.8,0.00071,0.31651,A privilege escalation vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.,Microsoft,Windows
+CVE-2019-1132,7.8,0.00042,0.05116,A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory.,Microsoft,Win32k
+CVE-2019-1129,7.8,0.8793,0.98742,A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context.,Microsoft,Windows
+CVE-2019-1069,7.8,0.00434,0.75087,A privilege escalation vulnerability exists in the way the Task Scheduler Service validates certain file operations.,Microsoft,Task Scheduler
 CVE-2019-1064,7.8,0.88404,0.98769,A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context.,Microsoft,Windows
-CVE-2019-0841,7.8,0.86552,0.98661,A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context.,Microsoft,Windows
-CVE-2019-0543,7.8,0.00334,0.71718,A privilege escalation vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context.,Microsoft,Windows
+CVE-2019-0841,7.8,0.86552,0.98662,A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context.,Microsoft,Windows
+CVE-2019-0543,7.8,0.00334,0.71724,A privilege escalation vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context.,Microsoft,Windows
 CVE-2018-8120,7.0,0.97407,0.99943,A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory.,Microsoft,Win32k
-CVE-2017-0101,7.8,0.00187,0.56744,A privilege escalation vulnerability exists when the Windows Transaction Manager improperly handles objects in memory.,Microsoft,Windows
-CVE-2016-3309,7.8,0.00423,0.74736,A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.,Microsoft,Windows
-CVE-2015-2546,,0.00367,0.72992,The kernel-mode driver in Microsoft Windows OS and Server allows local users to gain privileges via a crafted application.,Microsoft,Win32k
-CVE-2022-26318,9.8,0.86008,0.98636,"On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code.",WatchGuard,Firebox and XTM Appliances
-CVE-2022-26143,9.8,0.05917,0.93596,"A vulnerability has been identified in MiCollab and MiVoice Business Express that may allow a malicious actor to gain unauthorized access to sensitive information and services, cause performance degradations or a denial of service condition on the affected system.",Mitel,"MiCollab, MiVoice Business Express"
-CVE-2022-21999,7.8,0.00286,0.69331,Microsoft Windows Print Spooler contains an unspecified vulnerability which can allow for privilege escalation.,Microsoft,Windows
+CVE-2017-0101,7.8,0.00187,0.56756,A privilege escalation vulnerability exists when the Windows Transaction Manager improperly handles objects in memory.,Microsoft,Windows
+CVE-2016-3309,7.8,0.00423,0.74742,A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.,Microsoft,Windows
+CVE-2015-2546,,0.00367,0.72998,The kernel-mode driver in Microsoft Windows OS and Server allows local users to gain privileges via a crafted application.,Microsoft,Win32k
+CVE-2022-26318,9.8,0.86008,0.98637,"On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code.",WatchGuard,Firebox and XTM Appliances
+CVE-2022-26143,9.8,0.05917,0.93599,"A vulnerability has been identified in MiCollab and MiVoice Business Express that may allow a malicious actor to gain unauthorized access to sensitive information and services, cause performance degradations or a denial of service condition on the affected system.",Mitel,"MiCollab, MiVoice Business Express"
+CVE-2022-21999,7.8,0.00286,0.69337,Microsoft Windows Print Spooler contains an unspecified vulnerability which can allow for privilege escalation.,Microsoft,Windows
 CVE-2021-42237,9.8,0.97532,0.99995,Sitcore XP contains an insecure deserialization vulnerability which can allow for remote code execution.,Sitecore,XP
-CVE-2021-22941,9.8,0.01186,0.85426,Improper Access Control in Citrix ShareFile storage zones controller may allow an unauthenticated attacker to remotely compromise the storage zones controller.,Citrix,ShareFile
-CVE-2020-9377,8.8,0.9697,0.99771,D-Link DIR-610 devices allow remote code execution via the cmd parameter to command.php.,D-Link,DIR-610 Devices
+CVE-2021-22941,9.8,0.01186,0.85431,Improper Access Control in Citrix ShareFile storage zones controller may allow an unauthenticated attacker to remotely compromise the storage zones controller.,Citrix,ShareFile
+CVE-2020-9377,8.8,0.9697,0.9977,D-Link DIR-610 devices allow remote code execution via the cmd parameter to command.php.,D-Link,DIR-610 Devices
 CVE-2020-9054,9.8,0.96978,0.99774,"Multiple Zyxel network-attached storage (NAS) devices contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code.",Zyxel,Multiple Network-Attached Storage (NAS) Devices
 CVE-2020-7247,9.8,0.97505,0.99987,"smtp_mailaddr in smtp_session.c in OpenSMTPD, as used in OpenBSD and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session.",OpenBSD,OpenSMTPD
 CVE-2020-5410,7.5,0.97082,0.99812,"Spring, by VMware Tanzu, Cloud Config contains a path traversal vulnerability that allows applications to serve arbitrary configuration files.",VMware Tanzu,Spring Cloud Configuration (Config) Server
 CVE-2020-25223,9.8,0.97525,0.99993,A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM.,Sophos,SG UTM
-CVE-2020-2506,9.8,0.00732,0.81139,QNAP Helpdesk contains an improper access control vulnerability which could allow an attacker to gain privileges or to read sensitive information.,QNAP Systems,Helpdesk
-CVE-2020-2021,10.0,0.00451,0.75608,Palo Alto Networks PAN-OS contains a vulnerability in SAML which allows an attacker to bypass authentication.,Palo Alto Networks,PAN-OS
-CVE-2020-1956,8.8,0.96879,0.99744,Apache Kylin contains an OS command injection vulnerability which could permit an attacker to perform remote code execution.,Apache,Kylin
-CVE-2020-1631,9.8,0.00529,0.77483,"A path traversal vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN (DVPN), Firewall Authentication Pass-Through with Web-Redirect, and Zero Touch Provisioning (ZTP) allows an unauthenticated attacker to perform remote code execution.",Juniper,Junos OS
+CVE-2020-2506,9.8,0.00732,0.81147,QNAP Helpdesk contains an improper access control vulnerability which could allow an attacker to gain privileges or to read sensitive information.,QNAP Systems,Helpdesk
+CVE-2020-2021,10.0,0.00451,0.75615,Palo Alto Networks PAN-OS contains a vulnerability in SAML which allows an attacker to bypass authentication.,Palo Alto Networks,PAN-OS
+CVE-2020-1956,8.8,0.96879,0.99743,Apache Kylin contains an OS command injection vulnerability which could permit an attacker to perform remote code execution.,Apache,Kylin
+CVE-2020-1631,9.8,0.00529,0.77493,"A path traversal vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN (DVPN), Firewall Authentication Pass-Through with Web-Redirect, and Zero Touch Provisioning (ZTP) allows an unauthenticated attacker to perform remote code execution.",Juniper,Junos OS
 CVE-2019-6340,8.1,0.97364,0.99925,"In Drupal Core, some field types do not properly sanitize data from non-form sources. This can lead to arbitrary PHP code execution in some cases.",Drupal,Core
 CVE-2019-2616,7.2,0.94993,0.99355,"Oracle BI Publisher, formerly XML Publisher, contains an unspecified vulnerability that allows for various unauthorized actions. Open-source reporting attributes this vulnerability to allowing for authentication bypass.",Oracle,BI Publisher (Formerly XML Publisher)
-CVE-2019-16920,9.8,0.97139,0.9984,Multiple D-Link routers contain a command injection vulnerability which can allow attackers to achieve full system compromise.,D-Link,Multiple Routers
+CVE-2019-16920,9.8,0.97139,0.99839,Multiple D-Link routers contain a command injection vulnerability which can allow attackers to achieve full system compromise.,D-Link,Multiple Routers
 CVE-2019-15107,9.8,0.97448,0.99961,An issue was discovered in Webmin. The parameter old in password_change.cgi contains a command injection vulnerability.,Webmin,Webmin
-CVE-2019-12991,8.8,0.23216,0.9665,Authenticated Command Injection in Citrix SD-WAN Appliance and NetScaler SD-WAN Appliance.,Citrix,SD-WAN and NetScaler
-CVE-2019-12989,9.8,0.06252,0.93752,Citrix SD-WAN and NetScaler SD-WAN allow SQL Injection.,Citrix,SD-WAN and NetScaler
-CVE-2019-11043,9.8,0.97222,0.99864,"In some versions of PHP in certain configurations of FPM setup, it is possible to cause FPM module to write past allocated buffers allowing the possibility of remote code execution.",PHP,FastCGI Process Manager (FPM)
+CVE-2019-12991,8.8,0.23216,0.96653,Authenticated Command Injection in Citrix SD-WAN Appliance and NetScaler SD-WAN Appliance.,Citrix,SD-WAN and NetScaler
+CVE-2019-12989,9.8,0.06252,0.93755,Citrix SD-WAN and NetScaler SD-WAN allow SQL Injection.,Citrix,SD-WAN and NetScaler
+CVE-2019-11043,9.8,0.97217,0.99862,"In some versions of PHP in certain configurations of FPM setup, it is possible to cause FPM module to write past allocated buffers allowing the possibility of remote code execution.",PHP,FastCGI Process Manager (FPM)
 CVE-2019-10068,9.8,0.97238,0.9987,Kentico contains a failure to validate security headers. This deserialization can led to unauthenticated remote code execution.,Kentico,Xperience
-CVE-2019-1003030,9.9,0.08978,0.9472,"Jenkins Matrix Project plugin contains a vulnerability which can allow users to escape the sandbox, opening opportunity to perform remote code execution.",Jenkins,Matrix Project Plugin
-CVE-2019-0903,8.8,0.04299,0.92495,A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system.,Microsoft,Graphics Device Interface (GDI)
-CVE-2018-8414,8.8,0.76707,0.98256,A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths.,Microsoft,Windows
+CVE-2019-1003030,9.9,0.08978,0.94723,"Jenkins Matrix Project plugin contains a vulnerability which can allow users to escape the sandbox, opening opportunity to perform remote code execution.",Jenkins,Matrix Project Plugin
+CVE-2019-0903,8.8,0.04299,0.925,A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system.,Microsoft,Graphics Device Interface (GDI)
+CVE-2018-8414,8.8,0.76707,0.98257,A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths.,Microsoft,Windows
 CVE-2018-8373,7.5,0.89632,0.98847,A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer.,Microsoft,Internet Explorer Scripting Engine
 CVE-2018-6961,8.1,0.29804,0.97007,VMware SD-WAN Edge by VeloCloud contains a command injection vulnerability in the local web UI component. Successful exploitation of this issue could result in remote code execution.,VMware,SD-WAN Edge
 CVE-2018-14839,9.8,0.9388,0.99206,LG N1A1 NAS 3718.510 is affected by a remote code execution vulnerability.,LG,N1A1 NAS
 CVE-2018-1273,9.8,0.97241,0.99871,Spring Data Commons contains a property binder vulnerability which can allow an attacker to perform remote code execution.,VMware Tanzu,Spring Data Commons
 CVE-2018-11138,9.8,0.92283,0.99038,The '/common/download_agent_installer.php' script in the Quest KACE System Management Appliance is accessible by anonymous users and can be abused to perform remote code execution.,Quest,KACE System Management Appliance
-CVE-2018-0147,9.8,0.02321,0.89962,"A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insecure deserialization of user-supplied content by the affected software.",Cisco,Secure Access Control System (ACS)
-CVE-2018-0125,9.8,0.52964,0.97657,"A vulnerability in the web interface of the Cisco VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as root and gain full control of an affected system.",Cisco,VPN Routers
+CVE-2018-0147,9.8,0.02321,0.89967,"A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insecure deserialization of user-supplied content by the affected software.",Cisco,Secure Access Control System (ACS)
+CVE-2018-0125,9.8,0.52964,0.97658,"A vulnerability in the web interface of the Cisco VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as root and gain full control of an affected system.",Cisco,VPN Routers
 CVE-2017-6334,8.8,0.96741,0.99705,dnslookup.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands,NETGEAR,DGN2200 Devices
 CVE-2017-6316,9.8,0.96702,0.99695,"A vulnerability has been identified in the management interface of Citrix NetScaler SD-WAN Enterprise and Standard Edition and Citrix CloudBridge Virtual WAN Edition that could result in an unauthenticated, remote attacker being able to execute arbitrary code as a root user. This vulnerability also affects XenMobile Server.",Citrix,"NetScaler SD-WAN Enterprise, CloudBridge Virtual WAN, and XenMobile Server"
 CVE-2017-3881,9.8,0.97481,0.99977,"A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges.",Cisco,IOS and IOS XE
 CVE-2017-12617,8.1,0.9744,0.9996,"When running Apache Tomcat, it is possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.",Apache,Tomcat
 CVE-2017-12615,8.1,0.97208,0.99858,"When running Apache Tomcat on Windows with HTTP PUTs enabled, it is possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.",Apache,Tomcat
-CVE-2017-0146,8.8,0.96271,0.99576,The SMBv1 server in Microsoft Windows allows remote attackers to perform remote code execution.,Microsoft,Windows
-CVE-2016-7892,8.8,0.02201,0.89673,Adobe Flash Player has an exploitable use-after-free vulnerability in the TextField class.,Adobe,Flash Player
-CVE-2016-4171,9.8,0.18445,0.96306,Unspecified vulnerability in Adobe Flash Player allows for remote code execution.,Adobe,Flash Player
-CVE-2016-1555,9.8,0.97385,0.99934,Multiple NETGEAR Wireless Access Point devices allows unauthenticated web pages to pass form input directly to the command-line interface. Exploitation allows for arbitrary code execution.,NETGEAR,Wireless Access Point (WAP) Devices
-CVE-2016-11021,7.2,0.96267,0.99574,setSystemCommand on D-Link DCS-930L devices allows a remote attacker to execute code via an OS command.,D-Link,DCS-930L Devices
-CVE-2016-10174,9.8,0.97207,0.99856,The NETGEAR WNR2000v5 router contains a buffer overflow which can be exploited to achieve remote code execution.,NETGEAR,WNR2000v5 Router
-CVE-2016-0752,7.5,0.9719,0.99852,Directory traversal vulnerability in Action View in Ruby on Rails allows remote attackers to read arbitrary files.,Rails,Ruby on Rails
-CVE-2015-4068,9.1,0.83212,0.98508,Directory traversal vulnerability in Arcserve UDP allows remote attackers to obtain sensitive information or cause a denial of service.,Arcserve,Unified Data Protection (UDP)
-CVE-2015-3035,7.5,0.87815,0.98731,Directory traversal vulnerability in multiple TP-Link Archer devices allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to login/.,TP-Link,Multiple Archer Devices
+CVE-2017-0146,8.8,0.96271,0.99577,The SMBv1 server in Microsoft Windows allows remote attackers to perform remote code execution.,Microsoft,Windows
+CVE-2016-7892,8.8,0.02201,0.89677,Adobe Flash Player has an exploitable use-after-free vulnerability in the TextField class.,Adobe,Flash Player
+CVE-2016-4171,9.8,0.18445,0.96308,Unspecified vulnerability in Adobe Flash Player allows for remote code execution.,Adobe,Flash Player
+CVE-2016-1555,9.8,0.97385,0.99933,Multiple NETGEAR Wireless Access Point devices allows unauthenticated web pages to pass form input directly to the command-line interface. Exploitation allows for arbitrary code execution.,NETGEAR,Wireless Access Point (WAP) Devices
+CVE-2016-11021,7.2,0.96267,0.99575,setSystemCommand on D-Link DCS-930L devices allows a remote attacker to execute code via an OS command.,D-Link,DCS-930L Devices
+CVE-2016-10174,9.8,0.97207,0.99857,The NETGEAR WNR2000v5 router contains a buffer overflow which can be exploited to achieve remote code execution.,NETGEAR,WNR2000v5 Router
+CVE-2016-0752,7.5,0.9719,0.99853,Directory traversal vulnerability in Action View in Ruby on Rails allows remote attackers to read arbitrary files.,Rails,Ruby on Rails
+CVE-2015-4068,9.1,0.83212,0.9851,Directory traversal vulnerability in Arcserve UDP allows remote attackers to obtain sensitive information or cause a denial of service.,Arcserve,Unified Data Protection (UDP)
+CVE-2015-3035,7.5,0.87815,0.98732,Directory traversal vulnerability in multiple TP-Link Archer devices allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to login/.,TP-Link,Multiple Archer Devices
 CVE-2015-1427,9.8,0.97261,0.9988,The Groovy scripting engine in Elasticsearch allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands.,Elastic,Elasticsearch
 CVE-2015-1187,9.8,0.93173,0.99128,The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to perform remote code execution.,D-Link and TRENDnet,Multiple Devices
 CVE-2015-0666,,0.97294,0.99895,Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) allows remote attackers to read arbitrary files.,Cisco,Prime Data Center Network Manager (DCNM)
 CVE-2014-6332,,0.97316,0.99908,OleAut32.dll in OLE in Microsoft Windows allows remote attackers to remotely execute code via a crafted web site.,Microsoft,Windows
-CVE-2014-6324,8.8,0.96133,0.99552,The Kerberos Key Distribution Center (KDC) in Microsoft allows remote authenticated domain users to obtain domain administrator privileges.,Microsoft,Kerberos Key Distribution Center (KDC)
+CVE-2014-6324,8.8,0.96133,0.99553,The Kerberos Key Distribution Center (KDC) in Microsoft allows remote authenticated domain users to obtain domain administrator privileges.,Microsoft,Kerberos Key Distribution Center (KDC)
 CVE-2014-6287,9.8,0.9734,0.99915,The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (HFS or HttpFileServer) allows remote attackers to execute arbitrary programs.,Rejetto,HTTP File Server (HFS)
-CVE-2014-3120,,0.53209,0.97661,"Elasticsearch enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code.",Elastic,Elasticsearch
-CVE-2014-0130,7.5,0.00539,0.77694,Directory traversal vulnerability in actionpack/lib/abstract_controller/base.rb in the implicit-render implementation in Ruby on Rails allows remote attackers to read arbitrary files via a crafted request.,Rails,Ruby on Rails
-CVE-2013-5223,5.4,0.00875,0.82801,"A cross-site scripting (XSS) vulnerability exists in the D-Link DSL-2760U gateway, allowing remote authenticated users to inject arbitrary web script or HTML.",D-Link,DSL-2760U
-CVE-2013-4810,9.8,0.86336,0.98653,"HP ProCurve Manager (PCM), PCM+, Identity Driven Manager (IDM), and Application Lifecycle Management allow remote attackers to execute arbitrary code via a marshalled object to (1) EJBInvokerServlet or (2) JMXInvokerServlet.",Hewlett Packard (HP),"ProCurve Manager (PCM), PCM+, Identity Driven Manager (IDM), and Application Lifecycle Management"
+CVE-2014-3120,,0.53209,0.97662,"Elasticsearch enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code.",Elastic,Elasticsearch
+CVE-2014-0130,7.5,0.00539,0.77703,Directory traversal vulnerability in actionpack/lib/abstract_controller/base.rb in the implicit-render implementation in Ruby on Rails allows remote attackers to read arbitrary files via a crafted request.,Rails,Ruby on Rails
+CVE-2013-5223,5.4,0.00875,0.82806,"A cross-site scripting (XSS) vulnerability exists in the D-Link DSL-2760U gateway, allowing remote authenticated users to inject arbitrary web script or HTML.",D-Link,DSL-2760U
+CVE-2013-4810,9.8,0.86336,0.98654,"HP ProCurve Manager (PCM), PCM+, Identity Driven Manager (IDM), and Application Lifecycle Management allow remote attackers to execute arbitrary code via a marshalled object to (1) EJBInvokerServlet or (2) JMXInvokerServlet.",Hewlett Packard (HP),"ProCurve Manager (PCM), PCM+, Identity Driven Manager (IDM), and Application Lifecycle Management"
 CVE-2013-2251,9.8,0.97299,0.99898,Apache Struts allows remote attackers to execute arbitrary Object-Graph Navigation Language (OGNL) expressions.,Apache,Struts
 CVE-2012-1823,9.8,0.91491,0.98967,"sapi/cgi/cgi_main.c in PHP, when configured as a CGI script, does not properly handle query strings, which allows remote attackers to execute arbitrary code.",PHP,PHP
-CVE-2010-4345,7.8,0.01123,0.84942,Exim allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands.,Exim,Exim
-CVE-2010-4344,9.8,0.74965,0.98216,Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session.,Exim,Exim
-CVE-2010-3035,7.5,0.05913,0.93589,"Cisco IOS XR, when BGP is the configured routing feature, allows remote attackers to cause a denial-of-service (DoS).",Cisco,IOS XR
+CVE-2010-4345,7.8,0.01123,0.84947,Exim allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands.,Exim,Exim
+CVE-2010-4344,9.8,0.74965,0.98217,Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session.,Exim,Exim
+CVE-2010-3035,7.5,0.05913,0.93593,"Cisco IOS XR, when BGP is the configured routing feature, allows remote attackers to cause a denial-of-service (DoS).",Cisco,IOS XR
 CVE-2010-2861,9.8,0.9683,0.99729,A directory traversal vulnerability exists in the administrator console in Adobe ColdFusion which allows remote attackers to read arbitrary files.,Adobe,ColdFusion
-CVE-2009-2055,,0.00534,0.77581,"Cisco IOS XR,when BGP is the configured routing feature, allows remote attackers to cause a denial-of-service (DoS).",Cisco,IOS XR
-CVE-2009-1151,9.8,0.88938,0.98803,Setup script used to generate configuration can be fooled using a crafted POST request to include arbitrary PHP code in generated configuration file.,phpMyAdmin,phpMyAdmin
-CVE-2009-0927,,0.97463,0.99968,Stack-based buffer overflow in Adobe Reader and Adobe Acrobat allows remote attackers to execute arbitrary code.,Adobe,Reader and Acrobat
+CVE-2009-2055,,0.00534,0.7759,"Cisco IOS XR,when BGP is the configured routing feature, allows remote attackers to cause a denial-of-service (DoS).",Cisco,IOS XR
+CVE-2009-1151,9.8,0.88938,0.98804,Setup script used to generate configuration can be fooled using a crafted POST request to include arbitrary PHP code in generated configuration file.,phpMyAdmin,phpMyAdmin
+CVE-2009-0927,,0.97463,0.99969,Stack-based buffer overflow in Adobe Reader and Adobe Acrobat allows remote attackers to execute arbitrary code.,Adobe,Reader and Acrobat
 CVE-2005-2773,9.8,0.93878,0.99206,HP OpenView Network Node Manager could allow a remote attacker to execute arbitrary commands on the system.,Hewlett Packard (HP),OpenView Network Node Manager
-CVE-2022-1096,8.8,0.01397,0.86706,"Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
+CVE-2022-1096,8.8,0.01397,0.86711,"Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
 CVE-2022-0543,10.0,0.97196,0.99853,"Redis is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution.",Redis,Debian-specific Redis Servers
-CVE-2021-38646,7.8,0.19324,0.96384,Microsoft Office Access Connectivity Engine contains an unspecified vulnerability which can allow for remote code execution.,Microsoft,Office
-CVE-2021-34486,7.8,0.00638,0.79571,Microsoft Windows Event Tracing contains an unspecified vulnerability which can allow for privilege escalation.,Microsoft,Windows
-CVE-2021-26085,5.3,0.95939,0.99515,Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a pre-authorization arbitrary file read vulnerability in the /s/ endpoint.,Atlassian,Confluence Server
-CVE-2021-20028,9.8,0.02391,0.90102,SonicWall Secure Remote Access (SRA) products contain an improper neutralization of a SQL Command leading to SQL injection.,SonicWall,Secure Remote Access (SRA)
-CVE-2019-7483,7.5,0.00999,0.8395,"In SonicWall SMA100, an unauthenticated Directory Traversal vulnerability in the handleWAFRedirect CGI allows the user to test for the presence of a file on the server.",SonicWall,SMA100
-CVE-2018-8440,7.8,0.96832,0.9973,An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).,Microsoft,Windows
-CVE-2018-8406,7.8,0.00117,0.46317,An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory.,Microsoft,DirectX Graphics Kernel (DXGKRNL)
-CVE-2018-8405,7.8,0.00117,0.46317,An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory.,Microsoft,DirectX Graphics Kernel (DXGKRNL)
-CVE-2017-0213,7.3,0.01982,0.89085,Microsoft Windows COM Aggregate Marshaler allows for privilege escalation when an attacker runs a specially crafted application.,Microsoft,Windows
-CVE-2017-0059,4.3,0.89816,0.9886,Microsoft Internet Explorer allow remote attackers to obtain sensitive information from process memory via a crafted web site.,Microsoft,Internet Explorer
-CVE-2017-0037,8.1,0.96927,0.99759,"Microsoft Edge and Internet Explorer have a type confusion vulnerability in mshtml.dll, which allows remote code execution.",Microsoft,Edge and Internet Explorer
-CVE-2016-7201,8.8,0.96182,0.9956,The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute remote code or cause a denial of service (memory corruption) via a crafted web site.,Microsoft,Edge
-CVE-2016-7200,8.8,0.95507,0.99444,The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute remote code or cause a denial of service (memory corruption) via a crafted web site.,Microsoft,Edge
+CVE-2021-38646,7.8,0.19324,0.96386,Microsoft Office Access Connectivity Engine contains an unspecified vulnerability which can allow for remote code execution.,Microsoft,Office
+CVE-2021-34486,7.8,0.00638,0.79581,Microsoft Windows Event Tracing contains an unspecified vulnerability which can allow for privilege escalation.,Microsoft,Windows
+CVE-2021-26085,5.3,0.95939,0.99516,Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a pre-authorization arbitrary file read vulnerability in the /s/ endpoint.,Atlassian,Confluence Server
+CVE-2021-20028,9.8,0.02391,0.90107,SonicWall Secure Remote Access (SRA) products contain an improper neutralization of a SQL Command leading to SQL injection.,SonicWall,Secure Remote Access (SRA)
+CVE-2019-7483,7.5,0.00999,0.83955,"In SonicWall SMA100, an unauthenticated Directory Traversal vulnerability in the handleWAFRedirect CGI allows the user to test for the presence of a file on the server.",SonicWall,SMA100
+CVE-2018-8440,7.8,0.96832,0.99729,An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).,Microsoft,Windows
+CVE-2018-8406,7.8,0.00117,0.46326,An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory.,Microsoft,DirectX Graphics Kernel (DXGKRNL)
+CVE-2018-8405,7.8,0.00117,0.46326,An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory.,Microsoft,DirectX Graphics Kernel (DXGKRNL)
+CVE-2017-0213,7.3,0.01982,0.89091,Microsoft Windows COM Aggregate Marshaler allows for privilege escalation when an attacker runs a specially crafted application.,Microsoft,Windows
+CVE-2017-0059,4.3,0.89816,0.98861,Microsoft Internet Explorer allow remote attackers to obtain sensitive information from process memory via a crafted web site.,Microsoft,Internet Explorer
+CVE-2017-0037,8.1,0.96927,0.99758,"Microsoft Edge and Internet Explorer have a type confusion vulnerability in mshtml.dll, which allows remote code execution.",Microsoft,Edge and Internet Explorer
+CVE-2016-7201,8.8,0.96182,0.99561,The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute remote code or cause a denial of service (memory corruption) via a crafted web site.,Microsoft,Edge
+CVE-2016-7200,8.8,0.95507,0.99445,The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute remote code or cause a denial of service (memory corruption) via a crafted web site.,Microsoft,Edge
 CVE-2016-0189,7.5,0.96511,0.99638,"The Microsoft JScript nd VBScript engines, as used in Internet Explorer and other products, allow attackers to execute remote code or cause a denial of service (memory corruption) via a crafted web site.",Microsoft,Internet Explorer
-CVE-2016-0151,7.8,0.71989,0.98144,"The Client-Server Run-time Subsystem (CSRSS) in Microsoft mismanages process tokens, which allows local users to gain privileges via a crafted application.",Microsoft,Client-Server Run-time Subsystem (CSRSS)
-CVE-2016-0040,7.8,0.15457,0.96008,The kernel in Microsoft Windows allows local users to gain privileges via a crafted application.,Microsoft,Windows
-CVE-2015-2426,,0.9738,0.99932,A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts.,Microsoft,Windows
-CVE-2015-2419,8.8,0.96584,0.99662,JScript in Microsoft Internet Explorer allows remote attackers to execute remote code or cause a denial of service (memory corruption) via a crafted web site.,Microsoft,Internet Explorer
-CVE-2015-1770,8.8,0.3904,0.97316,Microsoft Office allows remote attackers to execute arbitrary code via a crafted Office document.,Microsoft,Office
-CVE-2013-3660,7.8,0.82861,0.98495,"The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft does not properly initialize a pointer for the next object in a certain list, which allows local users to gain privileges.",Microsoft,Win32k
+CVE-2016-0151,7.8,0.71989,0.98145,"The Client-Server Run-time Subsystem (CSRSS) in Microsoft mismanages process tokens, which allows local users to gain privileges via a crafted application.",Microsoft,Client-Server Run-time Subsystem (CSRSS)
+CVE-2016-0040,7.8,0.15457,0.9601,The kernel in Microsoft Windows allows local users to gain privileges via a crafted application.,Microsoft,Windows
+CVE-2015-2426,,0.9738,0.99931,A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts.,Microsoft,Windows
+CVE-2015-2419,8.8,0.96584,0.99663,JScript in Microsoft Internet Explorer allows remote attackers to execute remote code or cause a denial of service (memory corruption) via a crafted web site.,Microsoft,Internet Explorer
+CVE-2015-1770,8.8,0.3904,0.97318,Microsoft Office allows remote attackers to execute arbitrary code via a crafted Office document.,Microsoft,Office
+CVE-2013-3660,7.8,0.82861,0.98497,"The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft does not properly initialize a pointer for the next object in a certain list, which allows local users to gain privileges.",Microsoft,Win32k
 CVE-2013-2729,9.8,0.90451,0.989,Integer overflow vulnerability in Adobe Reader and Acrobat allows attackers to execute remote code.,Adobe,Reader and Acrobat
-CVE-2013-2551,8.8,0.9603,0.99529,Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute remote code via a crafted web site that triggers access to a deleted object.,Microsoft,Internet Explorer
-CVE-2013-2465,,0.8626,0.9865,"Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE allows remote attackers to affect confidentiality, integrity, and availability via Unknown vectors related to 2D",Oracle,Java SE
-CVE-2013-1690,8.8,0.22218,0.96594,"Mozilla Firefox and Thunderbird do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial-of-service (DoS) or possibly execute malicious code via a crafted web site.",Mozilla,Firefox and Thunderbird
+CVE-2013-2551,8.8,0.9603,0.9953,Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute remote code via a crafted web site that triggers access to a deleted object.,Microsoft,Internet Explorer
+CVE-2013-2465,,0.8626,0.98651,"Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE allows remote attackers to affect confidentiality, integrity, and availability via Unknown vectors related to 2D",Oracle,Java SE
+CVE-2013-1690,8.8,0.22218,0.96595,"Mozilla Firefox and Thunderbird do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial-of-service (DoS) or possibly execute malicious code via a crafted web site.",Mozilla,Firefox and Thunderbird
 CVE-2012-5076,,0.9689,0.99747,The default Java security properties configuration did not restrict access to the com.sun.org.glassfish.external and com.sun.org.glassfish.gmbal packages. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions.,Oracle,Java SE
-CVE-2012-2539,7.8,0.94239,0.99241,Microsoft Word allows attackers to execute remote code or cause a denial-of-service (DoS) via crafted RTF data.,Microsoft,Word
-CVE-2012-2034,,0.01948,0.88989,Adobe Flash Player contains a memory corruption vulnerability that allows for remote code execution or denial-of-service (DoS).,Adobe,Flash Player
-CVE-2012-0518,4.7,0.00866,0.82706,Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware allows remote attackers to affect integrity via Unknown vectors,Oracle,Fusion Middleware
-CVE-2011-2005,7.8,0.04978,0.93011,"afd.sys in the Ancillary Function Driver in Microsoft Windows does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application.",Microsoft,Ancillary Function Driver (afd.sys)
-CVE-2010-4398,7.8,0.01568,0.8755,"Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows allows local users to gain privileges, and bypass the User Account Control (UAC) feature.",Microsoft,Windows
-CVE-2022-26871,9.8,0.15835,0.96053,An arbitrary file upload vulnerability in Trend Micro Apex Central could allow for remote code execution.,Trend Micro,Apex Central
-CVE-2022-1040,9.8,0.97457,0.99964,An authentication bypass vulnerability in User Portal and Webadmin of Sophos Firewall allows for remote code execution.,Sophos,Firewall
-CVE-2021-34484,7.8,0.00049,0.18903,Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows
-CVE-2021-28799,9.8,0.87991,0.98746,QNAP NAS running HBS 3 contains an improper authorization vulnerability which can allow remote attackers to log in to a device.,QNAP,Network Attached Storage (NAS)
-CVE-2021-21551,7.8,0.00301,0.70055,"Dell dbutil driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial-of-service (DoS), or information disclosure.",Dell,dbutil Driver
+CVE-2012-2539,7.8,0.94239,0.99242,Microsoft Word allows attackers to execute remote code or cause a denial-of-service (DoS) via crafted RTF data.,Microsoft,Word
+CVE-2012-2034,,0.01948,0.88995,Adobe Flash Player contains a memory corruption vulnerability that allows for remote code execution or denial-of-service (DoS).,Adobe,Flash Player
+CVE-2012-0518,4.7,0.00866,0.8271,Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware allows remote attackers to affect integrity via Unknown vectors,Oracle,Fusion Middleware
+CVE-2011-2005,7.8,0.04978,0.93013,"afd.sys in the Ancillary Function Driver in Microsoft Windows does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application.",Microsoft,Ancillary Function Driver (afd.sys)
+CVE-2010-4398,7.8,0.01568,0.87556,"Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows allows local users to gain privileges, and bypass the User Account Control (UAC) feature.",Microsoft,Windows
+CVE-2022-26871,9.8,0.15835,0.96055,An arbitrary file upload vulnerability in Trend Micro Apex Central could allow for remote code execution.,Trend Micro,Apex Central
+CVE-2022-1040,9.8,0.97457,0.99965,An authentication bypass vulnerability in User Portal and Webadmin of Sophos Firewall allows for remote code execution.,Sophos,Firewall
+CVE-2021-34484,7.8,0.00049,0.18902,Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows
+CVE-2021-28799,9.8,0.87991,0.98747,QNAP NAS running HBS 3 contains an improper authorization vulnerability which can allow remote attackers to log in to a device.,QNAP,Network Attached Storage (NAS)
+CVE-2021-21551,7.8,0.00301,0.70061,"Dell dbutil driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial-of-service (DoS), or information disclosure.",Dell,dbutil Driver
 CVE-2018-10562,9.8,0.97423,0.99951,"Dasan GPON Routers contain an authentication bypass vulnerability. When combined with CVE-2018-10561, exploitation can allow an attacker to perform remote code execution.",Dasan,Gigabit Passive Optical Network (GPON) Routers
 CVE-2018-10561,9.8,0.96971,0.99771,"Dasan GPON Routers contain an authentication bypass vulnerability. When combined with CVE-2018-10562, exploitation can allow an attacker to perform remote code execution.",Dasan,Gigabit Passive Optical Network (GPON) Routers
-CVE-2022-22965,9.8,0.97483,0.99977,Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding.,VMware,Spring Framework
-CVE-2022-22675,7.8,0.0014,0.50398,macOS Monterey contains an out-of-bounds write vulnerability that could allow an application to execute arbitrary code with kernel privileges.,Apple,macOS
-CVE-2022-22674,5.5,0.00062,0.27332,macOS Monterey contains an out-of-bounds read vulnerability that could allow an application to read kernel memory.,Apple,macOS
+CVE-2022-22965,9.8,0.97483,0.99978,Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding.,VMware,Spring Framework
+CVE-2022-22675,7.8,0.0014,0.50408,macOS Monterey contains an out-of-bounds write vulnerability that could allow an application to execute arbitrary code with kernel privileges.,Apple,macOS
+CVE-2022-22674,5.5,0.00062,0.27339,macOS Monterey contains an out-of-bounds read vulnerability that could allow an application to read kernel memory.,Apple,macOS
 CVE-2021-45382,9.8,0.96701,0.99694,A remote code execution vulnerability exists in all series H/W revisions routers via the DDNS function in ncc2 binary file.,D-Link,Multiple Routers
-CVE-2021-3156,7.8,0.95813,0.99495,"Sudo contains an off-by-one error that can result in a heap-based buffer overflow, which allows for privilege escalation.",Sudo,Sudo
+CVE-2021-3156,7.8,0.95813,0.99496,"Sudo contains an off-by-one error that can result in a heap-based buffer overflow, which allows for privilege escalation.",Sudo,Sudo
 CVE-2021-31166,9.8,0.97244,0.99873,Microsoft HTTP Protocol Stack contains a vulnerability in http.sys that allows for remote code execution.,Microsoft,HTTP Protocol Stack
 CVE-2017-0148,8.1,0.96083,0.99541,The SMBv1 server in Microsoft allows remote attackers to execute arbitrary code via crafted packets.,Microsoft,SMBv1 server
-CVE-2022-23176,8.8,0.01564,0.87538,WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access.,WatchGuard,Firebox and XTM
-CVE-2021-42287,7.5,0.0063,0.79427,Microsoft Active Directory Domain Services contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Active Directory
-CVE-2021-42278,7.5,0.0063,0.79427,Microsoft Active Directory Domain Services contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Active Directory
-CVE-2021-39793,7.8,0.00066,0.29996,Google Pixel contains a possible out-of-bounds write due to a logic error in the code that could lead to local escalation of privilege.,Google,Pixel
-CVE-2021-27852,9.8,0.01562,0.87525,Deserialization of Untrusted Data vulnerability in CheckboxWeb.dll of Checkbox Survey allows an unauthenticated remote attacker to execute arbitrary code.,Checkbox,Checkbox Survey
-CVE-2021-22600,7.0,0.00067,0.30273,Linux Kernel contains a flaw in the packet socket (AF_PACKET) implementation which could lead to incorrectly freeing memory. A local user could exploit this for denial-of-service (DoS) or possibly for privilege escalation.,Linux,Kernel
-CVE-2020-2509,9.8,0.00235,0.6202,QNAP NAS devices contain a command injection vulnerability which could allow attackers to perform remote code execution.,QNAP,QNAP Network-Attached Storage (NAS)
-CVE-2017-11317,9.8,0.86814,0.98685,Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX allows remote attackers to perform arbitrary file uploads or execute arbitrary code.,Telerik,User Interface (UI) for ASP.NET AJAX
-CVE-2022-24521,7.8,0.00044,0.13997,Microsoft Windows Common Log File System (CLFS) Driver contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows
+CVE-2022-23176,8.8,0.01564,0.87543,WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access.,WatchGuard,Firebox and XTM
+CVE-2021-42287,7.5,0.0063,0.79437,Microsoft Active Directory Domain Services contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Active Directory
+CVE-2021-42278,7.5,0.0063,0.79437,Microsoft Active Directory Domain Services contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Active Directory
+CVE-2021-39793,7.8,0.00066,0.30003,Google Pixel contains a possible out-of-bounds write due to a logic error in the code that could lead to local escalation of privilege.,Google,Pixel
+CVE-2021-27852,9.8,0.01562,0.8753,Deserialization of Untrusted Data vulnerability in CheckboxWeb.dll of Checkbox Survey allows an unauthenticated remote attacker to execute arbitrary code.,Checkbox,Checkbox Survey
+CVE-2021-22600,7.0,0.00067,0.3028,Linux Kernel contains a flaw in the packet socket (AF_PACKET) implementation which could lead to incorrectly freeing memory. A local user could exploit this for denial-of-service (DoS) or possibly for privilege escalation.,Linux,Kernel
+CVE-2020-2509,9.8,0.00235,0.6203,QNAP NAS devices contain a command injection vulnerability which could allow attackers to perform remote code execution.,QNAP,QNAP Network-Attached Storage (NAS)
+CVE-2017-11317,9.8,0.86814,0.98686,Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX allows remote attackers to perform arbitrary file uploads or execute arbitrary code.,Telerik,User Interface (UI) for ASP.NET AJAX
+CVE-2022-24521,7.8,0.00044,0.13994,Microsoft Windows Common Log File System (CLFS) Driver contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows
 CVE-2018-7602,9.8,0.97284,0.99893,A remote code execution vulnerability exists within multiple subsystems of Drupal that can allow attackers to exploit multiple attack vectors on a Drupal site.,Drupal,Core
-CVE-2018-20753,9.8,0.10562,0.95151,Kaseya VSA RMM allows unprivileged remote attackers to execute PowerShell payloads on all managed devices.,Kaseya,Virtual System/Server Administrator (VSA)
-CVE-2015-5123,9.8,0.56191,0.97741,Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player allows remote attackers to execute code or cause a denial-of-service (DoS).,Adobe,Flash Player
-CVE-2015-5122,9.8,0.97354,0.9992,Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player allows remote attackers to execute code or cause a denial-of-service (DoS).,Adobe,Flash Player
+CVE-2018-20753,9.8,0.10562,0.95153,Kaseya VSA RMM allows unprivileged remote attackers to execute PowerShell payloads on all managed devices.,Kaseya,Virtual System/Server Administrator (VSA)
+CVE-2015-5123,9.8,0.56191,0.97742,Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player allows remote attackers to execute code or cause a denial-of-service (DoS).,Adobe,Flash Player
+CVE-2015-5122,9.8,0.97354,0.99919,Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player allows remote attackers to execute code or cause a denial-of-service (DoS).,Adobe,Flash Player
 CVE-2015-3113,9.8,0.53536,0.97671,Heap-based buffer overflow vulnerability in Adobe Flash Player allows remote attackers to execute code.,Adobe,Flash Player
 CVE-2015-2502,8.8,0.92212,0.99033,Microsoft Internet Explorer contains a memory corruption vulnerability that allows an attacker to execute code or cause a denial-of-service (DoS).,Microsoft,Internet Explorer
 CVE-2015-0313,9.8,0.97264,0.99881,Use-after-free vulnerability in Adobe Flash Player allows remote attackers to execute code.,Adobe,Flash Player
 CVE-2015-0311,9.8,0.97203,0.99855,Unspecified vulnerability in Adobe Flash Player allows remote attackers to execute code.,Adobe,Flash Player
-CVE-2014-9163,,0.07166,0.94153,Stack-based buffer overflow in Adobe Flash Player allows attackers to execute code remotely.,Adobe,Flash Player
+CVE-2014-9163,,0.07166,0.9416,Stack-based buffer overflow in Adobe Flash Player allows attackers to execute code remotely.,Adobe,Flash Player
 CVE-2022-22954,9.8,0.97493,0.99983,VMware Workspace ONE Access and Identity Manager allow for remote code execution due to server-side template injection.,VMware,Workspace ONE Access and Identity Manager
-CVE-2022-22960,7.8,0.00146,0.5136,"VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts.",VMware,Multiple Products
-CVE-2022-1364,8.8,0.02049,0.89263,"Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
-CVE-2019-3929,9.8,0.97445,0.9996,"Multiple Crestron products are vulnerable to command injection via the file_transfer.cgi HTTP endpoint. A remote, unauthenticated attacker can use this vulnerability to execute operating system commands as root.",Crestron,Multiple Products
+CVE-2022-22960,7.8,0.00146,0.5137,"VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts.",VMware,Multiple Products
+CVE-2022-1364,8.8,0.02049,0.89268,"Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
+CVE-2019-3929,9.8,0.97445,0.99961,"Multiple Crestron products are vulnerable to command injection via the file_transfer.cgi HTTP endpoint. A remote, unauthenticated attacker can use this vulnerability to execute operating system commands as root.",Crestron,Multiple Products
 CVE-2019-16057,9.8,0.97559,0.99999,The login_mgr.cgi script in D-Link DNS-320 is vulnerable to remote code execution.,D-Link,DNS-320 Storage Device
-CVE-2018-7841,9.8,0.01227,0.85708,A SQL Injection vulnerability exists in U.motion Builder software which could cause unwanted code execution when an improper set of characters is entered.,Schneider Electric,U.motion Builder
-CVE-2016-4523,7.5,0.0937,0.94834,The WAP interface in Trihedral VTScada (formerly VTS) allows remote attackers to cause a denial-of-service (DoS).,Trihedral,VTScada (formerly VTS)
-CVE-2014-0780,9.8,0.9368,0.99179,"InduSoft Web Studio NTWebServer contains a directory traversal vulnerability that allows remote attackers to read administrative passwords in APP files, allowing for remote code execution.",InduSoft,Web Studio
-CVE-2010-5330,9.8,0.01962,0.89025,Certain Ubiquiti devices contain a command injection vulnerability via a GET request to stainfo.cgi.,Ubiquiti,AirOS
+CVE-2018-7841,9.8,0.01227,0.85714,A SQL Injection vulnerability exists in U.motion Builder software which could cause unwanted code execution when an improper set of characters is entered.,Schneider Electric,U.motion Builder
+CVE-2016-4523,7.5,0.0937,0.94837,The WAP interface in Trihedral VTScada (formerly VTS) allows remote attackers to cause a denial-of-service (DoS).,Trihedral,VTScada (formerly VTS)
+CVE-2014-0780,9.8,0.9368,0.9918,"InduSoft Web Studio NTWebServer contains a directory traversal vulnerability that allows remote attackers to read administrative passwords in APP files, allowing for remote code execution.",InduSoft,Web Studio
+CVE-2010-5330,9.8,0.01962,0.89031,Certain Ubiquiti devices contain a command injection vulnerability via a GET request to stainfo.cgi.,Ubiquiti,AirOS
 CVE-2007-3010,9.8,0.95934,0.99515,masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server allows remote attackers to execute arbitrary commands.,Alcatel,OmniPCX Enterprise
-CVE-2018-6882,6.1,0.00749,0.81367,Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability that might allow remote attackers to inject arbitrary web script or HTML.,Zimbra,Collaboration Suite (ZCS)
-CVE-2019-3568,9.8,0.02267,0.89833,A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of RTCP packets sent to a target phone number.,Meta Platforms,WhatsApp
+CVE-2018-6882,6.1,0.00749,0.81375,Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability that might allow remote attackers to inject arbitrary web script or HTML.,Zimbra,Collaboration Suite (ZCS)
+CVE-2019-3568,9.8,0.02267,0.89838,A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of RTCP packets sent to a target phone number.,Meta Platforms,WhatsApp
 CVE-2022-22718,7.8,0.00051,0.20663,Microsoft Windows Print Spooler contains an unspecified vulnerability which allow for privilege escalation.,Microsoft,Windows
 CVE-2022-29464,9.8,0.97415,0.99948,"Multiple WSO2 products allow for unrestricted file upload, resulting in remote code execution.",WSO2,Multiple Products
-CVE-2022-26904,7.0,0.00123,0.47447,Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows
-CVE-2022-21919,7.0,0.00383,0.73525,Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows
-CVE-2022-0847,7.8,0.12091,0.95489,"Linux kernel contains an improper initialization vulnerability where an unprivileged local user could escalate their privileges on the system. This vulnerability has the moniker of ""Dirty Pipe.""",Linux,Kernel
-CVE-2021-41357,7.8,0.00088,0.38624,Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Win32k
-CVE-2021-40450,7.8,0.00088,0.38624,Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Win32k
-CVE-2019-1003029,9.9,0.00768,0.81618,"Jenkins Script Security Plugin contains a protection mechanism failure, allowing an attacker to bypass the sandbox.",Jenkins,Script Security Plugin
-CVE-2021-1789,8.8,0.01171,0.85298,"A type confusion issue affecting multiple Apple products allows processing of maliciously crafted web content, leading to arbitrary code execution.",Apple,Multiple Products
-CVE-2019-8506,8.8,0.0517,0.93153,"A type confusion issue affecting multiple Apple products allows processing of maliciously crafted web content, leading to arbitrary code execution.",Apple,Multiple Products
-CVE-2014-4113,7.8,0.67733,0.98024,Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Win32k
-CVE-2014-0322,8.8,0.97231,0.99866,Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute code.,Microsoft,Internet Explorer
+CVE-2022-26904,7.0,0.00123,0.47454,Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows
+CVE-2022-21919,7.0,0.00383,0.73529,Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows
+CVE-2022-0847,7.8,0.12091,0.95491,"Linux kernel contains an improper initialization vulnerability where an unprivileged local user could escalate their privileges on the system. This vulnerability has the moniker of ""Dirty Pipe.""",Linux,Kernel
+CVE-2021-41357,7.8,0.00088,0.3863,Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Win32k
+CVE-2021-40450,7.8,0.00088,0.3863,Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Win32k
+CVE-2019-1003029,9.9,0.00768,0.81625,"Jenkins Script Security Plugin contains a protection mechanism failure, allowing an attacker to bypass the sandbox.",Jenkins,Script Security Plugin
+CVE-2021-1789,8.8,0.01171,0.85304,"A type confusion issue affecting multiple Apple products allows processing of maliciously crafted web content, leading to arbitrary code execution.",Apple,Multiple Products
+CVE-2019-8506,8.8,0.0517,0.93156,"A type confusion issue affecting multiple Apple products allows processing of maliciously crafted web content, leading to arbitrary code execution.",Apple,Multiple Products
+CVE-2014-4113,7.8,0.67733,0.98026,Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Win32k
+CVE-2014-0322,8.8,0.97231,0.99867,Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute code.,Microsoft,Internet Explorer
 CVE-2014-0160,7.5,0.97368,0.99926,"The TLS and DTLS implementations in OpenSSL do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information.",OpenSSL,OpenSSL
 CVE-2022-1388,9.8,0.97486,0.99979,"F5 BIG-IP contains a missing authentication in critical function vulnerability which can allow for remote code execution, creation or deletion of files, or disabling services.",F5,BIG-IP
 CVE-2022-30525,9.8,0.97462,0.99968,A command injection vulnerability in the CGI program of some Zyxel firewall versions could allow an attacker to modify specific files and then execute some OS commands on a vulnerable device.,Zyxel,Multiple Firewalls
 CVE-2022-22947,10.0,0.97516,0.9999,"Spring Cloud Gateway applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured.",VMware,Spring Cloud Gateway
-CVE-2022-20821,6.5,0.00367,0.72986,Cisco IOS XR software health check opens TCP port 6379 by default on activation. An attacker can connect to the Redis instance on the open port and allow access to the Redis instance that is running within the NOSi container.,Cisco,IOS XR
-CVE-2021-1048,7.8,0.00064,0.28631,Android kernel contains a use-after-free vulnerability that allows for privilege escalation.,Android,Kernel
-CVE-2021-0920,6.4,0.00064,0.28761,"Android kernel contains a race condition, which allows for a use-after-free vulnerability. Exploitation can allow for privilege escalation.",Android,Kernel
-CVE-2021-30883,7.8,0.00222,0.60808,"Apple iOS, macOS, watchOS, and tvOS contain a memory corruption vulnerability that could allow for remote code execution.",Apple,Multiple Products
-CVE-2020-1027,7.8,0.00072,0.32184,An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.,Microsoft,Windows
-CVE-2020-0638,7.8,0.00069,0.30936,Microsoft Update Notification Manager contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Update Notification Manager
-CVE-2019-7286,7.8,0.00339,0.71901,"Apple iOS, macOS, watchOS, and tvOS contain a memory corruption vulnerability that could allow for privilege escalation.",Apple,Multiple Products
-CVE-2019-7287,7.8,0.00125,0.47858,Apple iOS contains a memory corruption vulnerability which could allow an attacker to perform remote code execution.,Apple,iOS
-CVE-2019-0676,6.5,0.0165,0.87888,An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory. An attacker who successfully exploited this vulnerability could test for the presence of files on disk.,Microsoft,Internet Explorer
+CVE-2022-20821,6.5,0.00367,0.72992,Cisco IOS XR software health check opens TCP port 6379 by default on activation. An attacker can connect to the Redis instance on the open port and allow access to the Redis instance that is running within the NOSi container.,Cisco,IOS XR
+CVE-2021-1048,7.8,0.00064,0.28642,Android kernel contains a use-after-free vulnerability that allows for privilege escalation.,Android,Kernel
+CVE-2021-0920,6.4,0.00064,0.28771,"Android kernel contains a race condition, which allows for a use-after-free vulnerability. Exploitation can allow for privilege escalation.",Android,Kernel
+CVE-2021-30883,7.8,0.00222,0.60819,"Apple iOS, macOS, watchOS, and tvOS contain a memory corruption vulnerability that could allow for remote code execution.",Apple,Multiple Products
+CVE-2020-1027,7.8,0.00072,0.32192,An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.,Microsoft,Windows
+CVE-2020-0638,7.8,0.00069,0.30942,Microsoft Update Notification Manager contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Update Notification Manager
+CVE-2019-7286,7.8,0.00339,0.71909,"Apple iOS, macOS, watchOS, and tvOS contain a memory corruption vulnerability that could allow for privilege escalation.",Apple,Multiple Products
+CVE-2019-7287,7.8,0.00125,0.47868,Apple iOS contains a memory corruption vulnerability which could allow an attacker to perform remote code execution.,Apple,iOS
+CVE-2019-0676,6.5,0.0165,0.87894,An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory. An attacker who successfully exploited this vulnerability could test for the presence of files on disk.,Microsoft,Internet Explorer
 CVE-2019-5786,6.5,0.97233,0.99868,Google Chrome Blink contains a heap use-after-free vulnerability that allows an attacker to potentially perform out of bounds memory access via a crafted HTML page.,Google,Chrome Blink
-CVE-2019-0703,6.5,0.00199,0.58111,"An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests, which could lead to information disclosure from the server.",Microsoft,Windows
-CVE-2019-0880,7.8,0.00042,0.05115,A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity.,Microsoft,Windows
+CVE-2019-0703,6.5,0.00199,0.58121,"An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests, which could lead to information disclosure from the server.",Microsoft,Windows
+CVE-2019-0880,7.8,0.00042,0.05116,A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity.,Microsoft,Windows
 CVE-2019-13720,8.8,0.97395,0.99937,Google Chrome WebAudio contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page.,Google,Chrome WebAudio
-CVE-2019-11707,8.8,0.80865,0.98402,"Mozilla Firefox and Thunderbird contain a type confusion vulnerability that can occur when manipulating JavaScript objects due to issues in Array.pop, allowing for an exploitable crash.",Mozilla,Firefox and Thunderbird
-CVE-2019-11708,10.0,0.02539,0.90415,Mozilla Firefox and Thunderbird contain a sandbox escape vulnerability that could result in remote code execution.,Mozilla,Firefox and Thunderbird
-CVE-2019-8720,8.8,0.0068,0.80357,WebKitGTK contains a memory corruption vulnerability which can allow an attacker to perform remote code execution.,WebKitGTK,WebKitGTK
-CVE-2019-18426,8.2,0.00936,0.83392,A vulnerability in WhatsApp Desktop when paired with WhatsApp for iPhone allows cross-site scripting and local file reading.,Meta Platforms,WhatsApp
-CVE-2019-1385,7.8,0.00281,0.68998,"A privilege escalation vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.",Microsoft,Windows
-CVE-2019-1130,7.8,0.8793,0.98741,A privilege escalation vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links.,Microsoft,Windows
-CVE-2018-5002,9.8,0.03104,0.91251,Adobe Flash Player have a stack-based buffer overflow vulnerability that could lead to remote code execution.,Adobe,Flash Player
-CVE-2018-8589,7.8,0.00129,0.48603,A privilege escalation vulnerability exists when Windows improperly handles calls to Win32k.sys. An attacker who successfully exploited this vulnerability could run remote code in the security context of the local system.,Microsoft,Win32k
-CVE-2018-8611,7.8,0.00089,0.39041,A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory.,Microsoft,Windows
-CVE-2018-19953,6.1,0.00379,0.73398,A cross-site scripting vulnerability affecting QNAP NAS File Station could allow remote attackers to inject malicious code.,QNAP,Network Attached Storage (NAS)
-CVE-2018-19949,9.8,0.00672,0.80207,A command injection vulnerability affecting QNAP NAS File Station could allow remote attackers to run commands.,QNAP,Network Attached Storage (NAS)
-CVE-2018-19943,5.4,0.00176,0.5546,A cross-site scripting vulnerability affecting QNAP NAS File Station could allow remote attackers to inject malicious code.,QNAP,Network Attached Storage (NAS)
-CVE-2017-0147,7.5,0.928,0.99089,The SMBv1 server in Microsoft Windows allows remote attackers to obtain sensitive information from process memory via a crafted packet.,Microsoft,SMBv1 server
-CVE-2017-0022,6.5,0.78472,0.98319,"Microsoft XML Core Services (MSXML) improperly handles objects in memory, allowing attackers to test for files on disk via a crafted web site.",Microsoft,XML Core Services
-CVE-2017-0005,7.8,0.00117,0.46442,The Graphics Device Interface (GDI) in Microsoft Windows allows local users to gain privileges via a crafted application.,Microsoft,Windows
+CVE-2019-11707,8.8,0.80865,0.98403,"Mozilla Firefox and Thunderbird contain a type confusion vulnerability that can occur when manipulating JavaScript objects due to issues in Array.pop, allowing for an exploitable crash.",Mozilla,Firefox and Thunderbird
+CVE-2019-11708,10.0,0.02539,0.9042,Mozilla Firefox and Thunderbird contain a sandbox escape vulnerability that could result in remote code execution.,Mozilla,Firefox and Thunderbird
+CVE-2019-8720,8.8,0.0068,0.80366,WebKitGTK contains a memory corruption vulnerability which can allow an attacker to perform remote code execution.,WebKitGTK,WebKitGTK
+CVE-2019-18426,8.2,0.00936,0.83397,A vulnerability in WhatsApp Desktop when paired with WhatsApp for iPhone allows cross-site scripting and local file reading.,Meta Platforms,WhatsApp
+CVE-2019-1385,7.8,0.00281,0.69003,"A privilege escalation vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.",Microsoft,Windows
+CVE-2019-1130,7.8,0.8793,0.98742,A privilege escalation vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links.,Microsoft,Windows
+CVE-2018-5002,9.8,0.03104,0.91255,Adobe Flash Player have a stack-based buffer overflow vulnerability that could lead to remote code execution.,Adobe,Flash Player
+CVE-2018-8589,7.8,0.00129,0.48611,A privilege escalation vulnerability exists when Windows improperly handles calls to Win32k.sys. An attacker who successfully exploited this vulnerability could run remote code in the security context of the local system.,Microsoft,Win32k
+CVE-2018-8611,7.8,0.00089,0.39046,A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory.,Microsoft,Windows
+CVE-2018-19953,6.1,0.00379,0.73405,A cross-site scripting vulnerability affecting QNAP NAS File Station could allow remote attackers to inject malicious code.,QNAP,Network Attached Storage (NAS)
+CVE-2018-19949,9.8,0.00672,0.80217,A command injection vulnerability affecting QNAP NAS File Station could allow remote attackers to run commands.,QNAP,Network Attached Storage (NAS)
+CVE-2018-19943,5.4,0.00176,0.5547,A cross-site scripting vulnerability affecting QNAP NAS File Station could allow remote attackers to inject malicious code.,QNAP,Network Attached Storage (NAS)
+CVE-2017-0147,7.5,0.928,0.9909,The SMBv1 server in Microsoft Windows allows remote attackers to obtain sensitive information from process memory via a crafted packet.,Microsoft,SMBv1 server
+CVE-2017-0022,6.5,0.78472,0.98321,"Microsoft XML Core Services (MSXML) improperly handles objects in memory, allowing attackers to test for files on disk via a crafted web site.",Microsoft,XML Core Services
+CVE-2017-0005,7.8,0.00117,0.46451,The Graphics Device Interface (GDI) in Microsoft Windows allows local users to gain privileges via a crafted application.,Microsoft,Windows
 CVE-2017-0149,8.8,0.50916,0.97606,Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code or cause a denial-of-service (DoS) via a crafted website.,Microsoft,Internet Explorer
-CVE-2017-0210,8.8,0.0219,0.89647,"A privilege escalation vulnerability exists when Internet Explorer does not properly enforce cross-domain policies, which could allow an attacker to access information.",Microsoft,Internet Explorer
-CVE-2017-8291,7.8,0.5219,0.97637,"Artifex Ghostscript allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a ""/OutputFile.",Artifex,Ghostscript
-CVE-2017-8543,9.8,0.45986,0.97505,Microsoft Windows allows an attacker to take control of the affected system when Windows Search fails to handle objects in memory.,Microsoft,Windows
-CVE-2017-18362,9.8,0.04914,0.92968,ConnectWise ManagedITSync integration for Kaseya VSA is vulnerable to unauthenticated remote commands that allow full direct access to the Kaseya VSA database.,Kaseya,Virtual System/Server Administrator (VSA)
-CVE-2016-0162,4.3,0.06132,0.93694,An information disclosure vulnerability exists when Internet Explorer does not properly handle JavaScript. The vulnerability could allow an attacker to detect specific files on the user's computer.,Microsoft,Internet Explorer
+CVE-2017-0210,8.8,0.0219,0.89652,"A privilege escalation vulnerability exists when Internet Explorer does not properly enforce cross-domain policies, which could allow an attacker to access information.",Microsoft,Internet Explorer
+CVE-2017-8291,7.8,0.5219,0.97638,"Artifex Ghostscript allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a ""/OutputFile.",Artifex,Ghostscript
+CVE-2017-8543,9.8,0.45986,0.97506,Microsoft Windows allows an attacker to take control of the affected system when Windows Search fails to handle objects in memory.,Microsoft,Windows
+CVE-2017-18362,9.8,0.04914,0.92971,ConnectWise ManagedITSync integration for Kaseya VSA is vulnerable to unauthenticated remote commands that allow full direct access to the Kaseya VSA database.,Kaseya,Virtual System/Server Administrator (VSA)
+CVE-2016-0162,4.3,0.06132,0.93698,An information disclosure vulnerability exists when Internet Explorer does not properly handle JavaScript. The vulnerability could allow an attacker to detect specific files on the user's computer.,Microsoft,Internet Explorer
 CVE-2016-3351,6.5,0.70722,0.98104,An information disclosure vulnerability exists in the way that certain functions in Internet Explorer and Edge handle objects in memory. The vulnerability could allow an attacker to detect specific files on the user's computer.,Microsoft,Internet Explorer and Edge
-CVE-2016-4655,5.5,0.56742,0.97753,The Apple iOS kernel allows attackers to obtain sensitive information from memory via a crafted application.,Apple,iOS
-CVE-2016-4656,7.8,0.06186,0.93721,A memory corruption vulnerability in Apple iOS kernel allows attackers to execute code in a privileged context or cause a denial-of-service (DoS) via a crafted application.,Apple,iOS
-CVE-2016-4657,8.8,0.78136,0.98309,"Apple iOS WebKit contains a memory corruption vulnerability that allows attackers to execute remote code or cause a denial-of-service (DoS) via a crafted web site. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,iOS
+CVE-2016-4655,5.5,0.56742,0.97754,The Apple iOS kernel allows attackers to obtain sensitive information from memory via a crafted application.,Apple,iOS
+CVE-2016-4656,7.8,0.06186,0.93725,A memory corruption vulnerability in Apple iOS kernel allows attackers to execute code in a privileged context or cause a denial-of-service (DoS) via a crafted application.,Apple,iOS
+CVE-2016-4657,8.8,0.78136,0.9831,"Apple iOS WebKit contains a memory corruption vulnerability that allows attackers to execute remote code or cause a denial-of-service (DoS) via a crafted web site. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,iOS
 CVE-2016-6366,8.8,0.96864,0.99737,A buffer overflow vulnerability in the Simple Network Management Protocol (SNMP) code of Cisco ASA software could allow an attacker to cause a reload of the affected system or to remotely execute code.,Cisco,Adaptive Security Appliance (ASA)
 CVE-2016-6367,7.8,0.96394,0.99606,"A vulnerability in the command-line interface (CLI) parser of Cisco ASA software could allow an authenticated, local attacker to create a denial-of-service (DoS) condition or potentially execute code.",Cisco,Adaptive Security Appliance (ASA)
-CVE-2016-3298,6.5,0.59859,0.97846,An information disclosure vulnerability exists when the Microsoft Internet Messaging API improperly handles objects in memory. An attacker who successfully exploited this vulnerability could allow the attacker to test for the presence of files on disk.,Microsoft,Internet Explorer
-CVE-2019-3010,8.8,0.00343,0.72032,Oracle Solaris component: XScreenSaver contains an unspecified vulnerability that allows for privilege escalation.,Oracle,Solaris
-CVE-2016-3393,7.8,0.75872,0.98234,A remote code execution vulnerability exists due to the way the Windows GDI component handles objects in the memory. An attacker who successfully exploits this vulnerability could take control of the affected system.,Microsoft,Windows
-CVE-2016-7256,8.8,0.83752,0.98535,A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploits this vulnerability could take control of the affected system.,Microsoft,Windows
+CVE-2016-3298,6.5,0.59859,0.97847,An information disclosure vulnerability exists when the Microsoft Internet Messaging API improperly handles objects in memory. An attacker who successfully exploited this vulnerability could allow the attacker to test for the presence of files on disk.,Microsoft,Internet Explorer
+CVE-2019-3010,8.8,0.00343,0.7204,Oracle Solaris component: XScreenSaver contains an unspecified vulnerability that allows for privilege escalation.,Oracle,Solaris
+CVE-2016-3393,7.8,0.75872,0.98235,A remote code execution vulnerability exists due to the way the Windows GDI component handles objects in the memory. An attacker who successfully exploits this vulnerability could take control of the affected system.,Microsoft,Windows
+CVE-2016-7256,8.8,0.83752,0.98537,A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploits this vulnerability could take control of the affected system.,Microsoft,Windows
 CVE-2016-1010,8.8,0.94129,0.99232,Integer overflow vulnerability in Adobe Flash Player and AIR allows attackers to execute code.,Adobe,Flash Player and AIR
-CVE-2016-0984,8.8,0.07371,0.94213,Use-after-free vulnerability in Adobe Flash Player and Adobe AIR allows attackers to execute code.,Adobe,Flash Player and AIR
-CVE-2016-0034,8.8,0.71645,0.98134,"Microsoft Silverlight mishandles negative offsets during decoding, which allows attackers to execute remote code or cause a denial-of-service (DoS).",Microsoft,Silverlight
-CVE-2015-0310,,0.91036,0.98938,"Adobe Flash Player does not properly restrict discovery of memory addresses, which allows attackers to bypass the address space layout randomization (ASLR) protection mechanism.",Adobe,Flash Player
-CVE-2015-0016,7.8,0.88772,0.98796,Directory traversal vulnerability in the TS WebProxy (TSWbPrxy) component in Microsoft Windows allows remote attackers to escalate privileges.,Microsoft,Windows
-CVE-2015-0071,6.5,0.08371,0.94524,Microsoft Internet Explorer allows remote attackers to bypass the address space layout randomization (ASLR) protection mechanism via a crafted web site.,Microsoft,Internet Explorer
-CVE-2015-2360,,0.00084,0.36606,Win32k.sys in the kernel-mode drivers in Microsoft Windows allows local users to gain privileges or cause denial-of-service (DoS).,Microsoft,Win32k
-CVE-2015-2425,8.8,0.7937,0.98345,Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).,Microsoft,Internet Explorer
-CVE-2015-1769,,0.0014,0.50464,A privilege escalation vulnerability exists when the Windows Mount Manager component improperly processes symbolic links.,Microsoft,Windows
+CVE-2016-0984,8.8,0.07371,0.94219,Use-after-free vulnerability in Adobe Flash Player and Adobe AIR allows attackers to execute code.,Adobe,Flash Player and AIR
+CVE-2016-0034,8.8,0.71645,0.98135,"Microsoft Silverlight mishandles negative offsets during decoding, which allows attackers to execute remote code or cause a denial-of-service (DoS).",Microsoft,Silverlight
+CVE-2015-0310,,0.91036,0.98939,"Adobe Flash Player does not properly restrict discovery of memory addresses, which allows attackers to bypass the address space layout randomization (ASLR) protection mechanism.",Adobe,Flash Player
+CVE-2015-0016,7.8,0.88772,0.98797,Directory traversal vulnerability in the TS WebProxy (TSWbPrxy) component in Microsoft Windows allows remote attackers to escalate privileges.,Microsoft,Windows
+CVE-2015-0071,6.5,0.08371,0.94527,Microsoft Internet Explorer allows remote attackers to bypass the address space layout randomization (ASLR) protection mechanism via a crafted web site.,Microsoft,Internet Explorer
+CVE-2015-2360,,0.00084,0.36614,Win32k.sys in the kernel-mode drivers in Microsoft Windows allows local users to gain privileges or cause denial-of-service (DoS).,Microsoft,Win32k
+CVE-2015-2425,8.8,0.7937,0.98346,Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).,Microsoft,Internet Explorer
+CVE-2015-1769,,0.0014,0.50474,A privilege escalation vulnerability exists when the Windows Mount Manager component improperly processes symbolic links.,Microsoft,Windows
 CVE-2015-4495,8.8,0.89784,0.98858,Moxilla Firefox allows remote attackers to bypass the Same Origin Policy to read arbitrary files or gain privileges.,Mozilla,Firefox
-CVE-2015-8651,8.8,0.41806,0.97383,Integer overflow in Adobe Flash Player allows attackers to execute code.,Adobe,Flash Player
-CVE-2015-6175,7.8,0.00208,0.59223,The kernel in Microsoft Windows contains a vulnerability that allows local users to gain privileges via a crafted application.,Microsoft,Windows
-CVE-2015-1671,7.8,0.87518,0.98716,"A remote code execution vulnerability exists when components of Windows, .NET Framework, Office, Lync, and Silverlight fail to properly handle TrueType fonts.",Microsoft,Windows
-CVE-2014-4148,8.8,0.44203,0.97452,A remote code execution vulnerability exists when the Windows kernel-mode driver improperly handles TrueType fonts.,Microsoft,Windows
-CVE-2014-8439,,0.87573,0.98719,Adobe Flash Player has a vulnerability in the way it handles a dereferenced memory pointer which could lead to code execution.,Adobe,Flash Player
-CVE-2014-4123,8.8,0.35844,0.97225,Microsoft Internet Explorer contains an unspecified vulnerability that allows remote attackers to gain privileges via a crafted web site.,Microsoft,Internet Explorer
-CVE-2014-0546,9.8,0.00753,0.81415,"Adobe Acrobat and Reader on Windows allow attackers to bypass a sandbox protection mechanism, and consequently execute native code in a privileged context.",Adobe,Acrobat and Reader
-CVE-2014-2817,8.8,0.15675,0.96034,Microsoft Internet Explorer cotains an unspecified vulnerability that allows remote attackers to gain privileges via a crafted web site.,Microsoft,Internet Explorer
-CVE-2014-4077,7.8,0.12477,0.95551,Microsoft Input Method Editor (IME) Japanese is a keyboard with Japanese characters that can be enabled on Windows systems as it is included by default (with the default set as disabled). IME Japanese contains an unspecified vulnerability when IMJPDCT.EXE (IME for Japanese) is installed which allows attackers to bypass a sandbox and perform privilege escalation.,Microsoft,Input Method Editor (IME) Japanese
-CVE-2014-3153,7.8,0.00628,0.79387,"The futex_requeue function in kernel/futex.c in Linux kernel does not ensure that calls have two different futex addresses, which allows local users to gain privileges.",Linux,Kernel
+CVE-2015-8651,8.8,0.41806,0.97385,Integer overflow in Adobe Flash Player allows attackers to execute code.,Adobe,Flash Player
+CVE-2015-6175,7.8,0.00208,0.59233,The kernel in Microsoft Windows contains a vulnerability that allows local users to gain privileges via a crafted application.,Microsoft,Windows
+CVE-2015-1671,7.8,0.87518,0.98717,"A remote code execution vulnerability exists when components of Windows, .NET Framework, Office, Lync, and Silverlight fail to properly handle TrueType fonts.",Microsoft,Windows
+CVE-2014-4148,8.8,0.44203,0.97454,A remote code execution vulnerability exists when the Windows kernel-mode driver improperly handles TrueType fonts.,Microsoft,Windows
+CVE-2014-8439,,0.87573,0.9872,Adobe Flash Player has a vulnerability in the way it handles a dereferenced memory pointer which could lead to code execution.,Adobe,Flash Player
+CVE-2014-4123,8.8,0.35844,0.97228,Microsoft Internet Explorer contains an unspecified vulnerability that allows remote attackers to gain privileges via a crafted web site.,Microsoft,Internet Explorer
+CVE-2014-0546,9.8,0.00753,0.81422,"Adobe Acrobat and Reader on Windows allow attackers to bypass a sandbox protection mechanism, and consequently execute native code in a privileged context.",Adobe,Acrobat and Reader
+CVE-2014-2817,8.8,0.15675,0.96035,Microsoft Internet Explorer cotains an unspecified vulnerability that allows remote attackers to gain privileges via a crafted web site.,Microsoft,Internet Explorer
+CVE-2014-4077,7.8,0.12477,0.95553,Microsoft Input Method Editor (IME) Japanese is a keyboard with Japanese characters that can be enabled on Windows systems as it is included by default (with the default set as disabled). IME Japanese contains an unspecified vulnerability when IMJPDCT.EXE (IME for Japanese) is installed which allows attackers to bypass a sandbox and perform privilege escalation.,Microsoft,Input Method Editor (IME) Japanese
+CVE-2014-3153,7.8,0.00628,0.79397,"The futex_requeue function in kernel/futex.c in Linux kernel does not ensure that calls have two different futex addresses, which allows local users to gain privileges.",Linux,Kernel
 CVE-2013-7331,,0.57604,0.97787,An information disclosure vulnerability exists in Internet Explorer which allows resources loaded into memory to be queried. This vulnerability could allow an attacker to detect anti-malware applications.,Microsoft,Internet Explorer
-CVE-2013-3993,6.5,0.09867,0.94971,"Certain APIs within BigInsights can take invalid input that might allow attackers unauthorized access to read, write, modify, or delete data.",IBM,InfoSphere BigInsights
-CVE-2013-3896,5.5,0.10056,0.95037,"Microsoft Silverlight does not properly validate pointers during access to Silverlight elements, which allows remote attackers to obtain sensitive information via a crafted Silverlight application.",Microsoft,Silverlight
-CVE-2013-2423,,0.96738,0.99704,Unspecified vulnerability in hotspot for Java Runtime Environment (JRE) allows remote attackers to affect integrity.,Oracle,Java Runtime Environment (JRE)
-CVE-2013-0431,,0.97033,0.99793,Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle allows remote attackers to bypass the Java security sandbox.,Oracle,Java Runtime Environment (JRE)
+CVE-2013-3993,6.5,0.09867,0.94974,"Certain APIs within BigInsights can take invalid input that might allow attackers unauthorized access to read, write, modify, or delete data.",IBM,InfoSphere BigInsights
+CVE-2013-3896,5.5,0.10056,0.95039,"Microsoft Silverlight does not properly validate pointers during access to Silverlight elements, which allows remote attackers to obtain sensitive information via a crafted Silverlight application.",Microsoft,Silverlight
+CVE-2013-2423,,0.96971,0.99771,Unspecified vulnerability in hotspot for Java Runtime Environment (JRE) allows remote attackers to affect integrity.,Oracle,Java Runtime Environment (JRE)
+CVE-2013-0431,,0.97033,0.99792,Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle allows remote attackers to bypass the Java security sandbox.,Oracle,Java Runtime Environment (JRE)
 CVE-2013-0422,,0.97228,0.99866,A vulnerability in the way Java restricts the permissions of Java applets could allow an attacker to execute commands on a vulnerable system.,Oracle,Java Runtime Environment (JRE)
-CVE-2013-0074,7.8,0.93501,0.99165,"Microsoft Silverlight does not properly validate pointers during HTML object rendering, which allows remote attackers to execute code via a crafted Silverlight application.",Microsoft,Silverlight
-CVE-2012-1710,9.8,0.87053,0.98694,"Unspecified vulnerability in the Oracle WebCenter Forms Recognition component in Oracle Fusion Middleware allows remote attackers to affect confidentiality, integrity, and availability via Unknown vectors related to Designer.",Oracle,Fusion Middleware
-CVE-2010-1428,7.5,0.08822,0.94669,"Unauthenticated access to the JBoss Application Server Web Console (/web-console) is blocked by default. However, it was found that this block was incomplete, and only blocked GET and POST HTTP verbs. A remote attacker could use this flaw to gain access to sensitive information.",Red Hat,JBoss
-CVE-2010-0840,9.8,0.94769,0.99316,"Unspecified vulnerability in the Java Runtime Environment (JRE) in Java SE component allows remote attackers to affect confidentiality, integrity, and availability via Unknown vectors.",Oracle,Java Runtime Environment (JRE)
+CVE-2013-0074,7.8,0.93501,0.99166,"Microsoft Silverlight does not properly validate pointers during HTML object rendering, which allows remote attackers to execute code via a crafted Silverlight application.",Microsoft,Silverlight
+CVE-2012-1710,9.8,0.87053,0.98696,"Unspecified vulnerability in the Oracle WebCenter Forms Recognition component in Oracle Fusion Middleware allows remote attackers to affect confidentiality, integrity, and availability via Unknown vectors related to Designer.",Oracle,Fusion Middleware
+CVE-2010-1428,7.5,0.08822,0.94671,"Unauthenticated access to the JBoss Application Server Web Console (/web-console) is blocked by default. However, it was found that this block was incomplete, and only blocked GET and POST HTTP verbs. A remote attacker could use this flaw to gain access to sensitive information.",Red Hat,JBoss
+CVE-2010-0840,9.8,0.94769,0.99317,"Unspecified vulnerability in the Java Runtime Environment (JRE) in Java SE component allows remote attackers to affect confidentiality, integrity, and availability via Unknown vectors.",Oracle,Java Runtime Environment (JRE)
 CVE-2010-0738,5.3,0.96762,0.9971,"The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method.",Red Hat,JBoss
 CVE-2022-26134,9.8,0.97395,0.99937,Atlassian Confluence Server and Data Center contain a remote code execution vulnerability that allows for an unauthenticated attacker to perform remote code execution.,Atlassian,Confluence Server/Data Center
 CVE-2019-7195,9.8,0.97041,0.99795,QNAP devices running Photo Station contain an external control of file name or path vulnerability allowing remote attackers to access or modify system files.,QNAP,Photo Station
 CVE-2019-7194,9.8,0.97041,0.99795,QNAP devices running Photo Station contain an external control of file name or path vulnerability allowing remote attackers to access or modify system files.,QNAP,Photo Station
 CVE-2019-7193,9.8,0.95151,0.9938,QNAP QTS contains an improper input validation vulnerability allowing remote attackers to inject code on the system.,QNAP,QTS
-CVE-2019-7192,9.8,0.96341,0.99593,QNAP NAS devices running Photo Station contain an improper access control vulnerability allowing remote attackers to gain unauthorized access to the system.,QNAP,Photo Station
-CVE-2019-5825,6.5,0.70181,0.98089,"Google Chromium V8 Engine contains an out-of-bounds write vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
-CVE-2019-15271,8.8,0.00424,0.74745,A deserialization of untrusted data vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an attacker to execute code with root privileges.,Cisco,RV Series Routers
+CVE-2019-7192,9.8,0.96341,0.99594,QNAP NAS devices running Photo Station contain an improper access control vulnerability allowing remote attackers to gain unauthorized access to the system.,QNAP,Photo Station
+CVE-2019-5825,6.5,0.70181,0.9809,"Google Chromium V8 Engine contains an out-of-bounds write vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
+CVE-2019-15271,8.8,0.00424,0.74751,A deserialization of untrusted data vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an attacker to execute code with root privileges.,Cisco,RV Series Routers
 CVE-2018-6065,8.8,0.96458,0.99621,"Google Chromium V8 Engine contains an integer overflow vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
-CVE-2018-4990,8.8,0.03016,0.91133,Adobe Acrobat and Reader have a double free vulnerability that could lead to remote code execution.,Adobe,Acrobat and Reader
-CVE-2018-17480,8.8,0.8674,0.98678,"Google Chromium V8 Engine contains out-of-bounds write vulnerability that allows a remote attacker to execute code inside a sandbox via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
+CVE-2018-4990,8.8,0.03016,0.91137,Adobe Acrobat and Reader have a double free vulnerability that could lead to remote code execution.,Adobe,Acrobat and Reader
+CVE-2018-17480,8.8,0.8674,0.98679,"Google Chromium V8 Engine contains out-of-bounds write vulnerability that allows a remote attacker to execute code inside a sandbox via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
 CVE-2018-17463,8.8,0.97046,0.99798,"Google Chromium V8 Engine contains an unspecified vulnerability that allows a remote attacker to execute code inside a sandbox via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
-CVE-2017-6862,9.8,0.2346,0.96662,Multiple NETGEAR devices contain a buffer overflow vulnerability that allows for authentication bypass and remote code execution.,NETGEAR,Multiple Devices
-CVE-2017-5070,8.8,0.87599,0.9872,"Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to execute code inside a sandbox via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
-CVE-2017-5030,8.8,0.75547,0.98227,"Google Chromium V8 Engine contains a memory corruption vulnerability that allows a remote attacker to execute code via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
-CVE-2016-5198,8.8,0.4608,0.9751,"Google Chromium V8 Engine contains an out-of-bounds memory access vulnerability that allows a remote attacker to perform read/write operations, leading to code execution, via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
-CVE-2016-1646,8.8,0.28906,0.96957,"Google Chromium V8 Engine contains an out-of-bounds read vulnerability that allows a remote attacker to cause a denial of service or possibly have another unspecified impact via crafted JavaScript code. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
+CVE-2017-6862,9.8,0.2346,0.96664,Multiple NETGEAR devices contain a buffer overflow vulnerability that allows for authentication bypass and remote code execution.,NETGEAR,Multiple Devices
+CVE-2017-5070,8.8,0.87599,0.98721,"Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to execute code inside a sandbox via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
+CVE-2017-5030,8.8,0.75547,0.98228,"Google Chromium V8 Engine contains a memory corruption vulnerability that allows a remote attacker to execute code via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
+CVE-2016-5198,8.8,0.4608,0.97512,"Google Chromium V8 Engine contains an out-of-bounds memory access vulnerability that allows a remote attacker to perform read/write operations, leading to code execution, via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
+CVE-2016-1646,8.8,0.28906,0.96959,"Google Chromium V8 Engine contains an out-of-bounds read vulnerability that allows a remote attacker to cause a denial of service or possibly have another unspecified impact via crafted JavaScript code. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
 CVE-2013-1331,7.8,0.95141,0.99378,Microsoft Office contains a buffer overflow vulnerability that allows remote attackers to execute code via crafted PNG data in an Office document.,Microsoft,Office
-CVE-2012-5054,8.8,0.61971,0.97896,Adobe Flash Player contains an integer overflow vulnerability that allows remote attackers to execute code via malformed arguments.,Adobe,Flash Player
-CVE-2012-4969,,0.87844,0.98731,Microsoft Internet Explorer contains a use-after-free vulnerability that allows remote attackers to execute code via a crafted web site.,Microsoft,Internet Explorer
-CVE-2012-1889,8.8,0.9698,0.99774,Microsoft XML Core Services contains a memory corruption vulnerability which could allow for remote code execution.,Microsoft,XML Core Services
-CVE-2012-0767,,0.00278,0.68801,Adobe Flash Player contains a XSS vulnerability that allows remote attackers to inject web script or HTML.,Adobe,Flash Player
+CVE-2012-5054,8.8,0.61971,0.97897,Adobe Flash Player contains an integer overflow vulnerability that allows remote attackers to execute code via malformed arguments.,Adobe,Flash Player
+CVE-2012-4969,,0.87844,0.98732,Microsoft Internet Explorer contains a use-after-free vulnerability that allows remote attackers to execute code via a crafted web site.,Microsoft,Internet Explorer
+CVE-2012-1889,8.8,0.9698,0.99775,Microsoft XML Core Services contains a memory corruption vulnerability which could allow for remote code execution.,Microsoft,XML Core Services
+CVE-2012-0767,,0.00278,0.68806,Adobe Flash Player contains a XSS vulnerability that allows remote attackers to inject web script or HTML.,Adobe,Flash Player
 CVE-2012-0754,,0.97334,0.99913,Adobe Flash Player contains a memory corruption vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).,Adobe,Flash Player
-CVE-2012-0151,7.8,0.88098,0.9875,"The Authenticode Signature Verification function in Microsoft Windows (WinVerifyTrust) does not properly validate the digest of a signed portable executable (PE) file, which allows user-assisted remote attackers to execute code.",Microsoft,Windows
-CVE-2011-2462,9.8,0.96921,0.99757,The Universal 3D (U3D) component in Adobe Acrobat and Reader contains a memory corruption vulnerability which could allow remote attackers to execute code or cause denial-of-service (DoS).,Adobe,Acrobat and Reader
+CVE-2012-0151,7.8,0.88098,0.98751,"The Authenticode Signature Verification function in Microsoft Windows (WinVerifyTrust) does not properly validate the digest of a signed portable executable (PE) file, which allows user-assisted remote attackers to execute code.",Microsoft,Windows
+CVE-2011-2462,9.8,0.96921,0.99756,The Universal 3D (U3D) component in Adobe Acrobat and Reader contains a memory corruption vulnerability which could allow remote attackers to execute code or cause denial-of-service (DoS).,Adobe,Acrobat and Reader
 CVE-2011-0609,7.8,0.95917,0.99511,Adobe Flash Player contains an unspecified vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).,Adobe,Flash Player
-CVE-2010-2883,7.3,0.96074,0.99539,Adobe Acrobat and Reader contain a stack-based buffer overflow vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).,Adobe,Acrobat and Reader
-CVE-2010-2572,7.8,0.94454,0.99271,Microsoft PowerPoint contains a buffer overflow vulnerability that alllows for remote code execution.,Microsoft,PowerPoint
-CVE-2010-1297,7.8,0.88337,0.98767,Adobe Flash Player contains a memory corruption vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).,Adobe,Flash Player
+CVE-2010-2883,7.3,0.96074,0.9954,Adobe Acrobat and Reader contain a stack-based buffer overflow vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).,Adobe,Acrobat and Reader
+CVE-2010-2572,7.8,0.94454,0.9927,Microsoft PowerPoint contains a buffer overflow vulnerability that alllows for remote code execution.,Microsoft,PowerPoint
+CVE-2010-1297,7.8,0.88337,0.98768,Adobe Flash Player contains a memory corruption vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).,Adobe,Flash Player
 CVE-2009-4324,7.8,0.96991,0.99777,Use-after-free vulnerability in Adobe Acrobat and Reader allows remote attackers to execute code via a crafted PDF file.,Adobe,Acrobat and Reader
-CVE-2009-3953,8.8,0.9692,0.99756,Adobe Acrobat and Reader contains an array boundary issue in Universal 3D (U3D) support that could lead to remote code execution.,Adobe,Acrobat and Reader
-CVE-2009-1862,7.8,0.55885,0.97731,Adobe Acrobat and Reader and Adobe Flash Player allows remote attackers to execute code or cause denial-of-service (DoS).,Adobe,"Acrobat and Reader, Flash Player"
-CVE-2009-0563,7.8,0.88089,0.9875,Microsoft Office contains a buffer overflow vulnerability that allows remote attackers to execute code via a Word document with a crafted tag containing an invalid length field.,Microsoft,Office
+CVE-2009-3953,8.8,0.9692,0.99755,Adobe Acrobat and Reader contains an array boundary issue in Universal 3D (U3D) support that could lead to remote code execution.,Adobe,Acrobat and Reader
+CVE-2009-1862,7.8,0.55885,0.97732,Adobe Acrobat and Reader and Adobe Flash Player allows remote attackers to execute code or cause denial-of-service (DoS).,Adobe,"Acrobat and Reader, Flash Player"
+CVE-2009-0563,7.8,0.88089,0.98751,Microsoft Office contains a buffer overflow vulnerability that allows remote attackers to execute code via a Word document with a crafted tag containing an invalid length field.,Microsoft,Office
 CVE-2009-0557,7.8,0.93276,0.99142,Microsoft Office contains an object record corruption vulnerability that allows remote attackers to execute code via a crafted Excel file with a malformed record object.,Microsoft,Office
-CVE-2008-0655,9.8,0.365,0.97247,Adobe Acrobat and Reader contains an unespecified vulnerability described as a design flaw which could allow a specially crafted file to be printed silently an arbitrary number of times.,Adobe,Acrobat and Reader
+CVE-2008-0655,9.8,0.365,0.97249,Adobe Acrobat and Reader contains an unespecified vulnerability described as a design flaw which could allow a specially crafted file to be printed silently an arbitrary number of times.,Adobe,Acrobat and Reader
 CVE-2007-5659,7.8,0.97183,0.9985,Adobe Acrobat and Reader contain a buffer overflow vulnerability that allows remote attackers to execute code via a PDF file with long arguments to unspecified JavaScript methods.,Adobe,Acrobat and Reader
 CVE-2006-2492,8.8,0.75579,0.98229,Microsoft Word and Microsoft Works Suites contain a malformed object pointer which allows attackers to execute code.,Microsoft,Word
 CVE-2021-38163,8.8,0.92569,0.99067,SAP NetWeaver contains a vulnerability that allows unrestricted file upload.,SAP,NetWeaver
-CVE-2016-2386,9.8,0.55904,0.97734,SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.,SAP,NetWeaver
-CVE-2016-2388,5.3,0.01258,0.85883,The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request.,SAP,NetWeaver
-CVE-2022-30190,7.8,0.9637,0.996,A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run code with the privileges of the calling application.,Microsoft,Windows
-CVE-2022-29499,9.8,0.02808,0.9085,The Service Appliance component in Mitel MiVoice Connect allows remote code execution due to incorrect data validation.,Mitel,MiVoice Connect
-CVE-2021-30533,6.5,0.01737,0.8821,"Google Chromium PopupBlocker contains an insufficient policy enforcement vulnerability that allows a remote attacker to bypass navigation restrictions via a crafted iframe. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium PopupBlocker
-CVE-2021-4034,7.8,0.00122,0.47358,The Red Hat polkit pkexec utility contains an out-of-bounds read and write vulnerability that allows for privilege escalation with administrative rights.,Red Hat,Polkit
-CVE-2021-30983,7.8,0.00138,0.50208,Apple iOS and iPadOS contain a buffer overflow vulnerability that could allow an application to execute code with kernel privileges.,Apple,iOS and iPadOS
-CVE-2020-3837,7.8,0.00134,0.4934,"Apple iOS, iPadOS, macOS, tvOS, and watchOS contain a memory corruption vulnerability that could allow an application to execute code with kernel privileges.",Apple,Multiple Products
-CVE-2020-9907,7.8,0.00246,0.65284,"Apple iOS, iPadOS, and tvOS contain a memory corruption vulnerability that could allow an application to execute code with kernel privileges.",Apple,Multiple Products
-CVE-2019-8605,7.8,0.00132,0.49143,"A use-after-free vulnerability in Apple iOS, macOS, tvOS, and watchOS could allow a malicious application to execute code with system privileges.",Apple,Multiple Products
-CVE-2018-4344,7.8,0.00703,0.80711,"Apple iOS, macOS, tvOS, and watchOS contain a memory corruption vulnerability which can allow for code execution.",Apple,Multiple Products
+CVE-2016-2386,9.8,0.55904,0.97735,SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.,SAP,NetWeaver
+CVE-2016-2388,5.3,0.01258,0.85888,The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request.,SAP,NetWeaver
+CVE-2022-30190,7.8,0.9637,0.99601,A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run code with the privileges of the calling application.,Microsoft,Windows
+CVE-2022-29499,9.8,0.02808,0.90854,The Service Appliance component in Mitel MiVoice Connect allows remote code execution due to incorrect data validation.,Mitel,MiVoice Connect
+CVE-2021-30533,6.5,0.01737,0.88215,"Google Chromium PopupBlocker contains an insufficient policy enforcement vulnerability that allows a remote attacker to bypass navigation restrictions via a crafted iframe. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium PopupBlocker
+CVE-2021-4034,7.8,0.00122,0.47365,The Red Hat polkit pkexec utility contains an out-of-bounds read and write vulnerability that allows for privilege escalation with administrative rights.,Red Hat,Polkit
+CVE-2021-30983,7.8,0.00138,0.50218,Apple iOS and iPadOS contain a buffer overflow vulnerability that could allow an application to execute code with kernel privileges.,Apple,iOS and iPadOS
+CVE-2020-3837,7.8,0.00134,0.49347,"Apple iOS, iPadOS, macOS, tvOS, and watchOS contain a memory corruption vulnerability that could allow an application to execute code with kernel privileges.",Apple,Multiple Products
+CVE-2020-9907,7.8,0.00246,0.65293,"Apple iOS, iPadOS, and tvOS contain a memory corruption vulnerability that could allow an application to execute code with kernel privileges.",Apple,Multiple Products
+CVE-2019-8605,7.8,0.00132,0.49152,"A use-after-free vulnerability in Apple iOS, macOS, tvOS, and watchOS could allow a malicious application to execute code with system privileges.",Apple,Multiple Products
+CVE-2018-4344,7.8,0.00703,0.80719,"Apple iOS, macOS, tvOS, and watchOS contain a memory corruption vulnerability which can allow for code execution.",Apple,Multiple Products
 CVE-2022-26925,5.9,0.90714,0.98918,Microsoft Windows Local Security Authority (LSA) contains a spoofing vulnerability where an attacker can coerce the domain controller to authenticate to the attacker using NTLM.,Microsoft,Windows
-CVE-2022-22047,7.8,0.00068,0.30621,Microsoft Windows CSRSS contains an unspecified vulnerability that allows for privilege escalation to SYSTEM privileges.,Microsoft,Windows
-CVE-2022-26138,9.8,0.97242,0.99872,"Atlassian Questions For Confluence App has hard-coded credentials, exposing the username and password in plaintext. A remote unauthenticated attacker can use these credentials to log into Confluence and access all content accessible to users in the confluence-users group.",Atlassian,Confluence
-CVE-2022-27924,7.5,0.09665,0.94918,Zimbra Collaboration (ZCS) allows an attacker to inject memcache commands into a targeted instance which causes an overwrite of arbitrary cached entries.,Zimbra,Collaboration (ZCS)
-CVE-2022-34713,7.8,0.38806,0.97312,A remote code execution vulnerability exists when Microsoft Windows MSDT is called using the URL protocol from a calling application.,Microsoft,Windows
+CVE-2022-22047,7.8,0.00068,0.30626,Microsoft Windows CSRSS contains an unspecified vulnerability that allows for privilege escalation to SYSTEM privileges.,Microsoft,Windows
+CVE-2022-26138,9.8,0.97202,0.99855,"Atlassian Questions For Confluence App has hard-coded credentials, exposing the username and password in plaintext. A remote unauthenticated attacker can use these credentials to log into Confluence and access all content accessible to users in the confluence-users group.",Atlassian,Confluence
+CVE-2022-27924,7.5,0.09665,0.9492,Zimbra Collaboration (ZCS) allows an attacker to inject memcache commands into a targeted instance which causes an overwrite of arbitrary cached entries.,Zimbra,Collaboration (ZCS)
+CVE-2022-34713,7.8,0.38806,0.97313,A remote code execution vulnerability exists when Microsoft Windows MSDT is called using the URL protocol from a calling application.,Microsoft,Windows
 CVE-2022-30333,7.5,0.95237,0.994,"RARLAB UnRAR on Linux and UNIX contains a directory traversal vulnerability, allowing an attacker to write to files during an extract (unpack) operation.",RARLAB,UnRAR
 CVE-2022-27925,7.2,0.94565,0.99287,"Zimbra Collaboration (ZCS) contains flaw in the mboximport functionality, allowing an authenticated attacker to upload arbitrary files to perform remote code execution. This vulnerability was chained with CVE-2022-37042 which allows for unauthenticated remote code execution.",Zimbra,Collaboration (ZCS)
 CVE-2022-37042,9.8,0.97528,0.99994,Zimbra Collaboration (ZCS) contains an authentication bypass vulnerability in MailboxImportServlet. This vulnerability was chained with CVE-2022-27925 which allows for unauthenticated remote code execution.,Zimbra,Collaboration (ZCS)
-CVE-2022-22536,10.0,0.96257,0.99572,"SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server and SAP Web Dispatcher allow HTTP request smuggling. An unauthenticated attacker can prepend a victim's request with arbitrary data, allowing for function execution impersonating the victim or poisoning intermediary Web caches.",SAP,Multiple Products
-CVE-2022-32894,7.8,0.00149,0.51699,Apple iOS and macOS contain an out-of-bounds write vulnerability that could allow an application to execute code with kernel privileges.,Apple,iOS and macOS
-CVE-2022-32893,8.8,0.00593,0.78747,Apple iOS and macOS contain an out-of-bounds write vulnerability that could allow for remote code execution when processing malicious crafted web content.,Apple,iOS and macOS
-CVE-2022-2856,6.5,0.03744,0.91995,"Google Chromium Intents contains an insufficient validation of untrusted input vulnerability that allows a remote attacker to browse to a malicious website via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium Intents
-CVE-2022-26923,8.8,0.0527,0.93207,"An authenticated user could manipulate attributes on computer accounts they own or manage, and acquire a certificate from Active Directory Certificate Services that would allow for privilege escalation to SYSTEM.",Microsoft,Active Directory
-CVE-2022-21971,7.8,0.27578,0.96886,Microsoft Windows Runtime contains an unspecified vulnerability that allows for remote code execution.,Microsoft,Windows
+CVE-2022-22536,10.0,0.96257,0.99573,"SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server and SAP Web Dispatcher allow HTTP request smuggling. An unauthenticated attacker can prepend a victim's request with arbitrary data, allowing for function execution impersonating the victim or poisoning intermediary Web caches.",SAP,Multiple Products
+CVE-2022-32894,7.8,0.00149,0.51709,Apple iOS and macOS contain an out-of-bounds write vulnerability that could allow an application to execute code with kernel privileges.,Apple,iOS and macOS
+CVE-2022-32893,8.8,0.00593,0.78756,Apple iOS and macOS contain an out-of-bounds write vulnerability that could allow for remote code execution when processing malicious crafted web content.,Apple,iOS and macOS
+CVE-2022-2856,6.5,0.03744,0.92,"Google Chromium Intents contains an insufficient validation of untrusted input vulnerability that allows a remote attacker to browse to a malicious website via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium Intents
+CVE-2022-26923,8.8,0.0527,0.9321,"An authenticated user could manipulate attributes on computer accounts they own or manage, and acquire a certificate from Active Directory Certificate Services that would allow for privilege escalation to SYSTEM.",Microsoft,Active Directory
+CVE-2022-21971,7.8,0.27578,0.96887,Microsoft Windows Runtime contains an unspecified vulnerability that allows for remote code execution.,Microsoft,Windows
 CVE-2017-15944,9.8,0.97439,0.99959,"Palo Alto Networks PAN-OS contains multiple, unspecified vulnerabilities which can allow for remote code execution when chained.",Palo Alto Networks,PAN-OS
-CVE-2022-0028,8.6,0.00268,0.68298,A Palo Alto Networks PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks.,Palo Alto Networks,PAN-OS
+CVE-2022-0028,8.6,0.00268,0.68304,A Palo Alto Networks PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks.,Palo Alto Networks,PAN-OS
 CVE-2022-26352,9.8,0.9742,0.9995,"dotCMS ContentResource API contains an unrestricted upload of file with a dangerous type vulnerability that allows for directory traversal, in which the file is saved outside of the intended storage location. Exploitation allows for remote code execution.",dotCMS,dotCMS
 CVE-2022-24706,9.8,0.97488,0.99981,Apache CouchDB contains an insecure default initialization of resource vulnerability which can allow an attacker to escalate to administrative privileges.,Apache,CouchDB
 CVE-2022-24112,9.8,0.97411,0.99946,Apache APISIX contains an authentication bypass vulnerability that allows for remote code execution.,Apache,APISIX
-CVE-2022-22963,9.8,0.97467,0.9997,"When using routing functionality in VMware Tanzu's Spring Cloud Function, it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.",VMware Tanzu,Spring Cloud
-CVE-2022-2294,8.8,0.01324,0.86291,"WebRTC, an open-source project providing web browsers with real-time communication, contains a heap buffer overflow vulnerability that allows an attacker to perform shellcode execution. This vulnerability impacts web browsers using WebRTC including but not limited to Google Chrome.",WebRTC,WebRTC
+CVE-2022-22963,9.8,0.97467,0.99971,"When using routing functionality in VMware Tanzu's Spring Cloud Function, it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.",VMware Tanzu,Spring Cloud
+CVE-2022-2294,8.8,0.01324,0.86296,"WebRTC, an open-source project providing web browsers with real-time communication, contains a heap buffer overflow vulnerability that allows an attacker to perform shellcode execution. This vulnerability impacts web browsers using WebRTC including but not limited to Google Chrome.",WebRTC,WebRTC
 CVE-2021-39226,7.3,0.91179,0.98949,"Grafana contains an authentication bypass vulnerability that allows authenticated and unauthenticated users to view and delete all snapshot data, potentially resulting in complete snapshot data loss.",Grafana Labs,Grafana
-CVE-2021-38406,7.8,0.87986,0.98745,Delta Electronics DOPSoft 2 lacks proper validation of user-supplied data when parsing specific project files (improper input validation) resulting in an out-of-bounds write that allows for code execution.,Delta Electronics,DOPSoft 2
-CVE-2021-31010,7.5,0.00372,0.73129,"In affected versions of Apple iOS, macOS, and watchOS, a sandboxed process may be able to circumvent sandbox restrictions.",Apple,"iOS, macOS, watchOS"
-CVE-2020-36193,7.5,0.88198,0.98758,PEAR Archive_Tar Tar.php allows write operations with directory traversal due to inadequate checking of symbolic links. PEAR stands for PHP Extension and Application Repository and it is an open-source framework and distribution system for reusable PHP components with known usage in third-party products such as Drupal Core and Red Hat Linux.,PEAR,Archive_Tar
-CVE-2020-28949,7.8,0.93455,0.99159,PEAR Archive_Tar allows an unserialization attack because phar: is blocked but PHAR: is not blocked. PEAR stands for PHP Extension and Application Repository and it is an open-source framework and distribution system for reusable PHP components with known usage in third-party products such as Drupal Core and Red Hat Linux.,PEAR,Archive_Tar
-CVE-2022-3075,9.6,0.01027,0.84164,"Google Chromium Mojo contains an insufficient data validation vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium Mojo
-CVE-2022-27593,9.1,0.61189,0.97876,Certain QNAP NAS running Photo Station with internet exposure contain an externally controlled reference to a resource vulnerability which can allow an attacker to modify system files. This vulnerability was observed being utilized in a Deadbolt ransomware campaign.,QNAP,Photo Station
-CVE-2022-26258,9.8,0.72682,0.98162,D-Link DIR-820L contains an unspecified vulnerability in Device Name parameter in /lan.asp which allows for remote code execution.,D-Link,DIR-820L
-CVE-2020-9934,5.5,0.00118,0.46674,"Apple iOS, iPadOS, and macOS contain an unspecified vulnerability involving input validation which can allow a local attacker to view sensitive user information.",Apple,"iOS, iPadOS, and macOS"
-CVE-2018-7445,9.8,0.85476,0.98611,"In MikroTik RouterOS, a stack-based buffer overflow occurs when processing NetBIOS session request messages. Remote attackers with access to the service can exploit this vulnerability and gain code execution on the system.",MikroTik,RouterOS
-CVE-2018-6530,9.8,0.93644,0.99176,Multiple D-Link routers contain an unspecified vulnerability that allows for execution of OS commands.,D-Link,Multiple Routers
+CVE-2021-38406,7.8,0.87986,0.98746,Delta Electronics DOPSoft 2 lacks proper validation of user-supplied data when parsing specific project files (improper input validation) resulting in an out-of-bounds write that allows for code execution.,Delta Electronics,DOPSoft 2
+CVE-2021-31010,7.5,0.00372,0.73134,"In affected versions of Apple iOS, macOS, and watchOS, a sandboxed process may be able to circumvent sandbox restrictions.",Apple,"iOS, macOS, watchOS"
+CVE-2020-36193,7.5,0.88198,0.98759,PEAR Archive_Tar Tar.php allows write operations with directory traversal due to inadequate checking of symbolic links. PEAR stands for PHP Extension and Application Repository and it is an open-source framework and distribution system for reusable PHP components with known usage in third-party products such as Drupal Core and Red Hat Linux.,PEAR,Archive_Tar
+CVE-2020-28949,7.8,0.93455,0.9916,PEAR Archive_Tar allows an unserialization attack because phar: is blocked but PHAR: is not blocked. PEAR stands for PHP Extension and Application Repository and it is an open-source framework and distribution system for reusable PHP components with known usage in third-party products such as Drupal Core and Red Hat Linux.,PEAR,Archive_Tar
+CVE-2022-3075,9.6,0.01027,0.8417,"Google Chromium Mojo contains an insufficient data validation vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium Mojo
+CVE-2022-27593,9.1,0.61189,0.97877,Certain QNAP NAS running Photo Station with internet exposure contain an externally controlled reference to a resource vulnerability which can allow an attacker to modify system files. This vulnerability was observed being utilized in a Deadbolt ransomware campaign.,QNAP,Photo Station
+CVE-2022-26258,9.8,0.72682,0.98163,D-Link DIR-820L contains an unspecified vulnerability in Device Name parameter in /lan.asp which allows for remote code execution.,D-Link,DIR-820L
+CVE-2020-9934,5.5,0.00118,0.46683,"Apple iOS, iPadOS, and macOS contain an unspecified vulnerability involving input validation which can allow a local attacker to view sensitive user information.",Apple,"iOS, iPadOS, and macOS"
+CVE-2018-7445,9.8,0.82209,0.98471,"In MikroTik RouterOS, a stack-based buffer overflow occurs when processing NetBIOS session request messages. Remote attackers with access to the service can exploit this vulnerability and gain code execution on the system.",MikroTik,RouterOS
+CVE-2018-6530,9.8,0.93644,0.99177,Multiple D-Link routers contain an unspecified vulnerability that allows for execution of OS commands.,D-Link,Multiple Routers
 CVE-2018-2628,9.8,0.9751,0.99988,Oracle WebLogic Server contains an unspecified vulnerability which can allow an unauthenticated attacker with T3 network access to compromise the server.,Oracle,WebLogic Server
-CVE-2018-13374,4.3,0.02334,0.89983,Fortinet FortiOS and FortiADC contain an improper access control vulnerability that allows attackers to obtain the LDAP server login credentials configured in FortiGate by pointing a LDAP server connectivity test request to a rogue LDAP server.,Fortinet,FortiOS and FortiADC
+CVE-2018-13374,4.3,0.02334,0.89988,Fortinet FortiOS and FortiADC contain an improper access control vulnerability that allows attackers to obtain the LDAP server login credentials configured in FortiGate by pointing a LDAP server connectivity test request to a rogue LDAP server.,Fortinet,FortiOS and FortiADC
 CVE-2017-5521,8.1,0.97275,0.99888,Multiple NETGEAR devices are prone to admin password disclosure via simple crafted requests to the web management server.,NETGEAR,Multiple Devices
-CVE-2011-4723,,0.00289,0.6947,"The D-Link DIR-300 router stores cleartext passwords, which allows context-dependent attackers to obtain sensitive information.",D-Link,DIR-300 Router
-CVE-2011-1823,7.8,0.00656,0.7992,"The vold volume manager daemon in Android kernel trusts messages from a PF_NETLINK socket, which allows an attacker to execute code and gain root privileges. This vulnerability is associated with GingerBreak and Exploit.AndroidOS.Lotoor.",Android,Android OS
-CVE-2022-37969,7.8,0.00096,0.40936,Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows
-CVE-2022-32917,7.8,0.00067,0.30329,"Apple kernel, which is included in iOS, iPadOS, and macOS, contains an unspecified vulnerability where an application may be able to execute code with kernel privileges.",Apple,"iOS, iPadOS, and macOS"
-CVE-2022-40139,7.2,0.01442,0.86921,Trend Micro Apex One and Apex One as a Service contain an improper validation of rollback mechanism components that could lead to remote code execution.,Trend Micro,Apex One and Apex One as a Service
-CVE-2013-6282,,0.02354,0.90027,The get_user and put_user API functions of the Linux kernel fail to validate the target address when being used on ARM v6k/v7 platforms. This allows an application to read and write kernel memory which could lead to privilege escalation.,Linux,Kernel
-CVE-2013-2597,,0.00157,0.52836,The Code Aurora audio calibration database (acdb) audio driver contains a stack-based buffer overflow vulnerability that allows for privilege escalation. Code Aurora is used in third-party products such as Qualcomm and Android.,Code Aurora,ACDB Audio Driver
-CVE-2013-2596,7.8,0.00094,0.40571,Linux kernel fb_mmap function in drivers/video/fbmem.c contains an integer overflow vulnerability that allows for privilege escalation.,Linux,Kernel
-CVE-2013-2094,,0.00179,0.55785,"Linux kernel fails to check all 64 bits of attr.config passed by user space, resulting to out-of-bounds access of the perf_swevent_enabled array in sw_perf_event_destroy(). Explotation allows for privilege escalation.",Linux,Kernel
+CVE-2011-4723,,0.00289,0.69477,"The D-Link DIR-300 router stores cleartext passwords, which allows context-dependent attackers to obtain sensitive information.",D-Link,DIR-300 Router
+CVE-2011-1823,7.8,0.00656,0.79931,"The vold volume manager daemon in Android kernel trusts messages from a PF_NETLINK socket, which allows an attacker to execute code and gain root privileges. This vulnerability is associated with GingerBreak and Exploit.AndroidOS.Lotoor.",Android,Android OS
+CVE-2022-37969,7.8,0.00096,0.40948,Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows
+CVE-2022-32917,7.8,0.00067,0.30334,"Apple kernel, which is included in iOS, iPadOS, and macOS, contains an unspecified vulnerability where an application may be able to execute code with kernel privileges.",Apple,"iOS, iPadOS, and macOS"
+CVE-2022-40139,7.2,0.01442,0.86926,Trend Micro Apex One and Apex One as a Service contain an improper validation of rollback mechanism components that could lead to remote code execution.,Trend Micro,Apex One and Apex One as a Service
+CVE-2013-6282,,0.02354,0.90031,The get_user and put_user API functions of the Linux kernel fail to validate the target address when being used on ARM v6k/v7 platforms. This allows an application to read and write kernel memory which could lead to privilege escalation.,Linux,Kernel
+CVE-2013-2597,,0.00157,0.52847,The Code Aurora audio calibration database (acdb) audio driver contains a stack-based buffer overflow vulnerability that allows for privilege escalation. Code Aurora is used in third-party products such as Qualcomm and Android.,Code Aurora,ACDB Audio Driver
+CVE-2013-2596,7.8,0.00094,0.40581,Linux kernel fb_mmap function in drivers/video/fbmem.c contains an integer overflow vulnerability that allows for privilege escalation.,Linux,Kernel
+CVE-2013-2094,,0.00179,0.55795,"Linux kernel fails to check all 64 bits of attr.config passed by user space, resulting to out-of-bounds access of the perf_swevent_enabled array in sw_perf_event_destroy(). Explotation allows for privilege escalation.",Linux,Kernel
 CVE-2010-2568,7.8,0.97034,0.99793,Microsoft Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the operating system displays the icon of a malicious shortcut file. An attacker who successfully exploited this vulnerability could execute code as the logged-on user.,Microsoft,Windows
-CVE-2022-35405,9.8,0.97134,0.99839,"Zoho ManageEngine PAM360, Password Manager Pro, and Access Manager Plus contain an unspecified vulnerability that allows for remote code execution.",Zoho,ManageEngine
-CVE-2022-3236,9.8,0.12788,0.95588,A code injection vulnerability in the User Portal and Webadmin of Sophos Firewall allows for remote code execution.,Sophos,Firewall
-CVE-2022-41082,8.0,0.15471,0.96012,"Microsoft Exchange Server contains an unspecified vulnerability that allows for authenticated remote code execution. Dubbed ""ProxyNotShell,"" this vulnerability is chainable with CVE-2022-41040 which allows for the remote code execution.",Microsoft,Exchange Server
-CVE-2022-41040,8.8,0.95898,0.99505,"Microsoft Exchange Server allows for server-side request forgery. Dubbed ""ProxyNotShell,"" this vulnerability is chainable with CVE-2022-41082 which allows for remote code execution.",Microsoft,Exchange Server
+CVE-2022-35405,9.8,0.97134,0.99838,"Zoho ManageEngine PAM360, Password Manager Pro, and Access Manager Plus contain an unspecified vulnerability that allows for remote code execution.",Zoho,ManageEngine
+CVE-2022-3236,9.8,0.12788,0.9559,A code injection vulnerability in the User Portal and Webadmin of Sophos Firewall allows for remote code execution.,Sophos,Firewall
+CVE-2022-41082,8.0,0.15471,0.96014,"Microsoft Exchange Server contains an unspecified vulnerability that allows for authenticated remote code execution. Dubbed ""ProxyNotShell,"" this vulnerability is chainable with CVE-2022-41040 which allows for the remote code execution.",Microsoft,Exchange Server
+CVE-2022-41040,8.8,0.95898,0.99506,"Microsoft Exchange Server allows for server-side request forgery. Dubbed ""ProxyNotShell,"" this vulnerability is chainable with CVE-2022-41082 which allows for remote code execution.",Microsoft,Exchange Server
 CVE-2022-36804,8.8,0.97346,0.99917,"Multiple API endpoints of Atlassian Bitbucket Server and Data Center contain a command injection vulnerability where an attacker with access to a public Bitbucket repository, or with read permissions to a private one, can execute code by sending a malicious HTTP request.",Atlassian,Bitbucket Server and Data Center
-CVE-2022-40684,9.8,0.97357,0.99922,"Fortinet FortiOS, FortiProxy, and FortiSwitchManager contain an authentication bypass vulnerability that could allow an unauthenticated attacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.",Fortinet,Multiple Products
-CVE-2022-41033,7.8,0.00068,0.30621,Microsoft Windows COM+ Event System Service contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows COM+ Event System Service
-CVE-2022-41352,9.8,0.93272,0.9914,Zimbra Collaboration (ZCS) allows an attacker to upload arbitrary files using cpio package to gain incorrect access to any other user accounts.,Zimbra,Collaboration (ZCS)
-CVE-2021-3493,7.8,0.00588,0.78668,"The overlayfs stacking file system in Linux kernel does not properly validate the application of file capabilities against user namespaces, which could lead to privilege escalation.",Linux,Kernel
-CVE-2020-3433,7.8,0.00077,0.3383,Cisco AnyConnect Secure Mobility Client for Windows interprocess communication (IPC) channel allows for insufficient validation of resources that are loaded by the application at run time. An attacker with valid credentials on Windows could execute code on the affected machine with SYSTEM privileges.,Cisco,AnyConnect Secure
-CVE-2020-3153,6.5,0.00083,0.36188,"Cisco AnyConnect Secure Mobility Client for Windows allows for incorrect handling of directory paths. An attacker with valid credentials on Windows would be able to copy malicious files to arbitrary locations with system level privileges. This could include DLL pre-loading, DLL hijacking, and other related attacks.",Cisco,AnyConnect Secure
-CVE-2018-19323,9.8,0.07006,0.94101,"The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges.",GIGABYTE,Multiple Products
-CVE-2018-19322,7.8,0.00771,0.81657,"The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges.",GIGABYTE,Multiple Products
-CVE-2018-19321,7.8,0.00149,0.51777,"The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges.",GIGABYTE,Multiple Products
-CVE-2018-19320,7.8,0.00312,0.70658,"The GDrv low-level driver in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II exposes ring0 memcpy-like functionality that could allow a local attacker to take complete control of the affected system.",GIGABYTE,Multiple Products
-CVE-2022-42827,7.8,0.00095,0.40835,Apple iOS and iPadOS kernel contain an out-of-bounds write vulnerability which can allow an application to perform code execution with kernel privileges.,Apple,iOS and iPadOS
-CVE-2022-3723,8.8,0.01775,0.88349,"Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
-CVE-2022-41091,5.4,0.00262,0.6653,Microsoft Windows Mark of the Web (MOTW) contains a security feature bypass vulnerability resulting in a limited loss of integrity and availability of security features.,Microsoft,Windows
-CVE-2022-41073,7.8,0.00069,0.30988,Microsoft Windows Print Spooler contains an unspecified vulnerability that allows an attacker to gain SYSTEM-level privileges.,Microsoft,Windows
-CVE-2022-41125,7.8,0.00055,0.23698,Microsoft Windows Cryptographic Next Generation (CNG) Key Isolation Service contains an unspecified vulnerability that allows an attacker to gain SYSTEM-level privileges.,Microsoft,Windows
-CVE-2022-41128,8.8,0.56237,0.97742,Microsoft Windows contains an unspecified vulnerability in the JScript9 scripting language which allows for remote code execution.,Microsoft,Windows
-CVE-2021-25337,7.1,0.00096,0.41003,Samsung mobile devices contain an improper access control vulnerability in clipboard service which allows untrusted applications to read or write arbitrary files. This vulnerability was chained with CVE-2021-25369 and CVE-2021-25370.,Samsung,Mobile Devices
-CVE-2021-25369,5.5,0.00118,0.46493,Samsung mobile devices using Mali GPU contains an improper access control vulnerability in sec_log file. Exploitation of the vulnerability exposes sensitive kernel information to the userspace. This vulnerability was chained with CVE-2021-25337 and CVE-2021-25370.,Samsung,Mobile Devices
-CVE-2021-25370,4.4,0.002,0.58307,"Samsung mobile devices using Mali GPU contain an incorrect implementation handling file descriptor in dpu driver. This incorrect implementation results in memory corruption, leading to kernel panic. This vulnerability was chained with CVE-2021-25337 and CVE-2021-25369.",Samsung,Mobile Devices
-CVE-2022-41049,5.4,0.00435,0.75133,Microsoft Windows Mark of the Web (MOTW) contains a security feature bypass vulnerability resulting in a limited loss of integrity and availability of security features.,Microsoft,Windows
-CVE-2021-35587,9.8,0.94749,0.99312,Oracle Fusion Middleware Access Manager allows an unauthenticated attacker with network access via HTTP to takeover the Access Manager product.,Oracle,Fusion Middleware
-CVE-2022-4135,9.6,0.01623,0.878,"Google Chromium GPU contains a heap buffer overflow vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium GPU
-CVE-2022-4262,8.8,0.00407,0.74247,"Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
-CVE-2022-42475,9.8,0.27418,0.96879,"Multiple versions of Fortinet FortiOS SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute arbitrary code or commands via specifically crafted requests.",Fortinet,FortiOS
-CVE-2022-44698,5.4,0.02689,0.90669,Microsoft Defender SmartScreen contains a security feature bypass vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file.,Microsoft,Defender
-CVE-2022-27518,9.8,0.20483,0.96474,"Citrix Application Delivery Controller (ADC) and Gateway, when configured with SAML SP or IdP configuration, contain an authentication bypass vulnerability that allows an attacker to execute code as administrator.",Citrix,Application Delivery Controller (ADC) and Gateway
-CVE-2022-26500,8.8,0.05577,0.93398,The Veeam Distribution Service in the Backup & Replication application allows unauthenticated users to access internal API functions. A remote attacker can send input to the internal API which may lead to uploading and executing of malicious code.,Veeam,Backup & Replication
-CVE-2022-26501,9.8,0.08304,0.94501,The Veeam Distribution Service in the Backup & Replication application allows unauthenticated users to access internal API functions. A remote attacker can send input to the internal API which may lead to uploading and executing of malicious code.,Veeam,Backup & Replication
-CVE-2022-42856,8.8,0.00718,0.80957,Apple iOS contains a type confusion vulnerability when processing maliciously crafted web content leading to code execution.,Apple,iOS
-CVE-2018-5430,8.8,0.05853,0.93557,"TIBCO JasperReports Server contain a vulnerability which may allow any authenticated user read-only access to the contents of the web application, including key configuration files.",TIBCO,JasperReports
-CVE-2018-18809,6.5,0.52964,0.97657,TIBCO JasperReports Library contains a directory-traversal vulnerability that may allow web server users to access contents of the host system.,TIBCO,JasperReports
-CVE-2022-41080,8.8,0.02376,0.90078,"Microsoft Exchange Server contains an unspecified vulnerability that allows for privilege escalation. This vulnerability is chainable with CVE-2022-41082, which allows for remote code execution.",Microsoft,Exchange Server
-CVE-2023-21674,8.8,0.00148,0.51688,Microsoft Windows Advanced Local Procedure Call (ALPC) contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows
+CVE-2022-40684,9.8,0.97357,0.99921,"Fortinet FortiOS, FortiProxy, and FortiSwitchManager contain an authentication bypass vulnerability that could allow an unauthenticated attacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.",Fortinet,Multiple Products
+CVE-2022-41033,7.8,0.00068,0.30626,Microsoft Windows COM+ Event System Service contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows COM+ Event System Service
+CVE-2022-41352,9.8,0.93272,0.99141,Zimbra Collaboration (ZCS) allows an attacker to upload arbitrary files using cpio package to gain incorrect access to any other user accounts.,Zimbra,Collaboration (ZCS)
+CVE-2021-3493,7.8,0.00588,0.78677,"The overlayfs stacking file system in Linux kernel does not properly validate the application of file capabilities against user namespaces, which could lead to privilege escalation.",Linux,Kernel
+CVE-2020-3433,7.8,0.00077,0.33837,Cisco AnyConnect Secure Mobility Client for Windows interprocess communication (IPC) channel allows for insufficient validation of resources that are loaded by the application at run time. An attacker with valid credentials on Windows could execute code on the affected machine with SYSTEM privileges.,Cisco,AnyConnect Secure
+CVE-2020-3153,6.5,0.00083,0.36193,"Cisco AnyConnect Secure Mobility Client for Windows allows for incorrect handling of directory paths. An attacker with valid credentials on Windows would be able to copy malicious files to arbitrary locations with system level privileges. This could include DLL pre-loading, DLL hijacking, and other related attacks.",Cisco,AnyConnect Secure
+CVE-2018-19323,9.8,0.07006,0.94109,"The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges.",GIGABYTE,Multiple Products
+CVE-2018-19322,7.8,0.00771,0.81663,"The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges.",GIGABYTE,Multiple Products
+CVE-2018-19321,7.8,0.00149,0.51786,"The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges.",GIGABYTE,Multiple Products
+CVE-2018-19320,7.8,0.00312,0.70665,"The GDrv low-level driver in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II exposes ring0 memcpy-like functionality that could allow a local attacker to take complete control of the affected system.",GIGABYTE,Multiple Products
+CVE-2022-42827,7.8,0.00095,0.40845,Apple iOS and iPadOS kernel contain an out-of-bounds write vulnerability which can allow an application to perform code execution with kernel privileges.,Apple,iOS and iPadOS
+CVE-2022-3723,8.8,0.01775,0.88354,"Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
+CVE-2022-41091,5.4,0.00262,0.66537,Microsoft Windows Mark of the Web (MOTW) contains a security feature bypass vulnerability resulting in a limited loss of integrity and availability of security features.,Microsoft,Windows
+CVE-2022-41073,7.8,0.00069,0.30994,Microsoft Windows Print Spooler contains an unspecified vulnerability that allows an attacker to gain SYSTEM-level privileges.,Microsoft,Windows
+CVE-2022-41125,7.8,0.00055,0.23707,Microsoft Windows Cryptographic Next Generation (CNG) Key Isolation Service contains an unspecified vulnerability that allows an attacker to gain SYSTEM-level privileges.,Microsoft,Windows
+CVE-2022-41128,8.8,0.56237,0.97743,Microsoft Windows contains an unspecified vulnerability in the JScript9 scripting language which allows for remote code execution.,Microsoft,Windows
+CVE-2021-25337,7.1,0.00096,0.41014,Samsung mobile devices contain an improper access control vulnerability in clipboard service which allows untrusted applications to read or write arbitrary files. This vulnerability was chained with CVE-2021-25369 and CVE-2021-25370.,Samsung,Mobile Devices
+CVE-2021-25369,5.5,0.00118,0.46502,Samsung mobile devices using Mali GPU contains an improper access control vulnerability in sec_log file. Exploitation of the vulnerability exposes sensitive kernel information to the userspace. This vulnerability was chained with CVE-2021-25337 and CVE-2021-25370.,Samsung,Mobile Devices
+CVE-2021-25370,4.4,0.002,0.58318,"Samsung mobile devices using Mali GPU contain an incorrect implementation handling file descriptor in dpu driver. This incorrect implementation results in memory corruption, leading to kernel panic. This vulnerability was chained with CVE-2021-25337 and CVE-2021-25369.",Samsung,Mobile Devices
+CVE-2022-41049,5.4,0.00435,0.75139,Microsoft Windows Mark of the Web (MOTW) contains a security feature bypass vulnerability resulting in a limited loss of integrity and availability of security features.,Microsoft,Windows
+CVE-2021-35587,9.8,0.94749,0.99313,Oracle Fusion Middleware Access Manager allows an unauthenticated attacker with network access via HTTP to takeover the Access Manager product.,Oracle,Fusion Middleware
+CVE-2022-4135,9.6,0.01623,0.87806,"Google Chromium GPU contains a heap buffer overflow vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium GPU
+CVE-2022-4262,8.8,0.00407,0.74252,"Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
+CVE-2022-42475,9.8,0.27418,0.96881,"Multiple versions of Fortinet FortiOS SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute arbitrary code or commands via specifically crafted requests.",Fortinet,FortiOS
+CVE-2022-44698,5.4,0.02689,0.90675,Microsoft Defender SmartScreen contains a security feature bypass vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file.,Microsoft,Defender
+CVE-2022-27518,9.8,0.20483,0.96476,"Citrix Application Delivery Controller (ADC) and Gateway, when configured with SAML SP or IdP configuration, contain an authentication bypass vulnerability that allows an attacker to execute code as administrator.",Citrix,Application Delivery Controller (ADC) and Gateway
+CVE-2022-26500,8.8,0.05577,0.934,The Veeam Distribution Service in the Backup & Replication application allows unauthenticated users to access internal API functions. A remote attacker can send input to the internal API which may lead to uploading and executing of malicious code.,Veeam,Backup & Replication
+CVE-2022-26501,9.8,0.08304,0.94505,The Veeam Distribution Service in the Backup & Replication application allows unauthenticated users to access internal API functions. A remote attacker can send input to the internal API which may lead to uploading and executing of malicious code.,Veeam,Backup & Replication
+CVE-2022-42856,8.8,0.00718,0.80965,Apple iOS contains a type confusion vulnerability when processing maliciously crafted web content leading to code execution.,Apple,iOS
+CVE-2018-5430,8.8,0.05853,0.9356,"TIBCO JasperReports Server contain a vulnerability which may allow any authenticated user read-only access to the contents of the web application, including key configuration files.",TIBCO,JasperReports
+CVE-2018-18809,6.5,0.52964,0.97658,TIBCO JasperReports Library contains a directory-traversal vulnerability that may allow web server users to access contents of the host system.,TIBCO,JasperReports
+CVE-2022-41080,8.8,0.02376,0.90083,"Microsoft Exchange Server contains an unspecified vulnerability that allows for privilege escalation. This vulnerability is chainable with CVE-2022-41082, which allows for remote code execution.",Microsoft,Exchange Server
+CVE-2023-21674,8.8,0.00148,0.51697,Microsoft Windows Advanced Local Procedure Call (ALPC) contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows
 CVE-2022-44877,9.8,0.97257,0.99879,CWP Control Web Panel (formerly CentOS Web Panel) contains an OS command injection vulnerability that allows remote attackers to execute commands via shell metacharacters in the login parameter.,CWP,Control Web Panel
-CVE-2022-47966,9.8,0.97502,0.99985,"Multiple Zoho ManageEngine products contain an unauthenticated remote code execution vulnerability due to the usage of an outdated third-party dependency, Apache Santuario.",Zoho,ManageEngine
-CVE-2017-11357,9.8,0.96533,0.99647,Telerik UI for ASP.NET AJAX contains an insecure direct object reference vulnerability in RadAsyncUpload that can result in file uploads in a limited location and/or remote code execution.,Telerik,User Interface (UI) for ASP.NET AJAX
+CVE-2022-47966,9.8,0.97502,0.99986,"Multiple Zoho ManageEngine products contain an unauthenticated remote code execution vulnerability due to the usage of an outdated third-party dependency, Apache Santuario.",Zoho,ManageEngine
+CVE-2017-11357,9.8,0.96533,0.99648,Telerik UI for ASP.NET AJAX contains an insecure direct object reference vulnerability in RadAsyncUpload that can result in file uploads in a limited location and/or remote code execution.,Telerik,User Interface (UI) for ASP.NET AJAX
 CVE-2022-21587,9.8,0.97034,0.99793,Oracle E-Business Suite contains an unspecified vulnerability that allows an unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator.,Oracle,E-Business Suite
 CVE-2023-22952,8.8,0.53365,0.97668,"Multiple SugarCRM products contain a remote code execution vulnerability in the EmailTemplates. Using a specially crafted request, custom PHP code can be injected through the EmailTemplates.",SugarCRM,Multiple Products
-CVE-2015-2291,7.8,0.00105,0.43541,Intel ethernet diagnostics driver for Windows IQVW32.sys and IQVW64.sys contain an unspecified vulnerability that allows for a denial-of-service (DoS).,Intel,Ethernet Diagnostics Driver for Windows
+CVE-2015-2291,7.8,0.00105,0.4355,Intel ethernet diagnostics driver for Windows IQVW32.sys and IQVW64.sys contain an unspecified vulnerability that allows for a denial-of-service (DoS).,Intel,Ethernet Diagnostics Driver for Windows
 CVE-2022-24990,7.5,0.93955,0.99213,TerraMaster OS contains a remote command execution vulnerability that allows an unauthenticated user to execute commands on the target endpoint.,TerraMaster,TerraMaster OS
-CVE-2023-0669,7.2,0.97133,0.99838,"Fortra (formerly, HelpSystems) GoAnywhere MFT contains a pre-authentication remote code execution vulnerability in the License Response Servlet due to deserializing an attacker-controlled object.",Fortra,GoAnywhere MFT
-CVE-2023-21715,7.3,0.00173,0.55145,"Microsoft Office Publisher contains a security feature bypass vulnerability that allows for a local, authenticated attack on a targeted system.",Microsoft,Office
-CVE-2023-23376,7.8,0.00115,0.45951,Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows
-CVE-2023-23529,8.8,0.002,0.58309,"Apple iOS, MacOS, Safari and iPadOS WebKit contain a type confusion vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,Multiple Products
-CVE-2023-21823,7.8,0.231,0.96644,Microsoft Windows Graphic Component contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows
+CVE-2023-0669,7.2,0.97133,0.99837,"Fortra (formerly, HelpSystems) GoAnywhere MFT contains a pre-authentication remote code execution vulnerability in the License Response Servlet due to deserializing an attacker-controlled object.",Fortra,GoAnywhere MFT
+CVE-2023-21715,7.3,0.00173,0.55156,"Microsoft Office Publisher contains a security feature bypass vulnerability that allows for a local, authenticated attack on a targeted system.",Microsoft,Office
+CVE-2023-23376,7.8,0.00115,0.45961,Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows
+CVE-2023-23529,8.8,0.002,0.5832,"Apple iOS, MacOS, Safari and iPadOS WebKit contain a type confusion vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,Multiple Products
+CVE-2023-21823,7.8,0.231,0.96646,Microsoft Windows Graphic Component contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows
 CVE-2022-46169,9.8,0.96857,0.99736,Cacti contains a command injection vulnerability that allows an unauthenticated user to execute code.,Cacti,Cacti
 CVE-2022-47986,9.8,0.95987,0.99523,"IBM Aspera Faspex could allow a remote attacker to execute code on the system, caused by a YAML deserialization flaw.",IBM,Aspera Faspex
-CVE-2022-41223,6.8,0.00168,0.54247,The Director component in Mitel MiVoice Connect allows an authenticated attacker with internal network access to execute code within the context of the application.,Mitel,MiVoice Connect
-CVE-2022-40765,6.8,0.00168,0.54247,The Mitel Edge Gateway component of MiVoice Connect allows an authenticated attacker with internal network access to execute commands within the context of the system.,Mitel,MiVoice Connect
+CVE-2022-41223,6.8,0.00168,0.54254,The Director component in Mitel MiVoice Connect allows an authenticated attacker with internal network access to execute code within the context of the application.,Mitel,MiVoice Connect
+CVE-2022-40765,6.8,0.00168,0.54254,The Mitel Edge Gateway component of MiVoice Connect allows an authenticated attacker with internal network access to execute commands within the context of the system.,Mitel,MiVoice Connect
 CVE-2022-36537,7.5,0.9262,0.99072,"ZK Framework AuUploader servlets contain an unspecified vulnerability that could allow an attacker to retrieve the content of a file located in the web context. The ZK Framework is an open-source Java framework. This vulnerability can impact multiple products, including but not limited to ConnectWise R1Soft Server Backup Manager.",ZK Framework,AuUploader
 CVE-2022-28810,6.8,0.91299,0.98954,Zoho ManageEngine ADSelfService Plus contains an unspecified vulnerability allowing for remote code execution when performing a password change or reset.,Zoho,ManageEngine
-CVE-2022-33891,8.8,0.97099,0.99823,Apache Spark contains a command injection vulnerability via Spark User Interface (UI) when Access Control Lists (ACLs) are enabled.,Apache,Spark
-CVE-2022-35914,9.8,0.97412,0.99947,"Teclib GLPI contains a remote code execution vulnerability in the third-party library, htmlawed.",Teclib,GLPI
-CVE-2021-39144,8.5,0.96605,0.99668,"XStream contains a remote code execution vulnerability that allows an attacker to manipulate the processed input stream and replace or inject objects that result in the execution of a local command on the server. This vulnerability can affect multiple products, including but not limited to VMware Cloud Foundation.",XStream,XStream
-CVE-2020-5741,7.2,0.71944,0.98143,Plex Media Server contains a remote code execution vulnerability that allows an attacker with access to the server administrator's Plex account to upload a malicious file via the Camera Upload feature and have the media server execute it.,Plex,Media Server
-CVE-2023-23397,9.8,0.86732,0.98674,Microsoft Office Outlook contains a privilege escalation vulnerability that allows for a NTLM Relay attack against another service to authenticate as the user.,Microsoft,Office
-CVE-2023-24880,4.4,0.00954,0.83558,Microsoft Windows SmartScreen contains a security feature bypass vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file.,Microsoft,Windows
-CVE-2022-41328,7.1,0.08118,0.94446,Fortinet FortiOS contains a path traversal vulnerability that may allow a local privileged attacker to read and write files via crafted CLI commands.,Fortinet,FortiOS
+CVE-2022-33891,8.8,0.97099,0.99822,Apache Spark contains a command injection vulnerability via Spark User Interface (UI) when Access Control Lists (ACLs) are enabled.,Apache,Spark
+CVE-2022-35914,9.8,0.97412,0.99948,"Teclib GLPI contains a remote code execution vulnerability in the third-party library, htmlawed.",Teclib,GLPI
+CVE-2021-39144,8.5,0.96605,0.99669,"XStream contains a remote code execution vulnerability that allows an attacker to manipulate the processed input stream and replace or inject objects that result in the execution of a local command on the server. This vulnerability can affect multiple products, including but not limited to VMware Cloud Foundation.",XStream,XStream
+CVE-2020-5741,7.2,0.71944,0.98144,Plex Media Server contains a remote code execution vulnerability that allows an attacker with access to the server administrator's Plex account to upload a malicious file via the Camera Upload feature and have the media server execute it.,Plex,Media Server
+CVE-2023-23397,9.8,0.86732,0.98675,Microsoft Office Outlook contains a privilege escalation vulnerability that allows for a NTLM Relay attack against another service to authenticate as the user.,Microsoft,Office
+CVE-2023-24880,4.4,0.00954,0.83562,Microsoft Windows SmartScreen contains a security feature bypass vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file.,Microsoft,Windows
+CVE-2022-41328,7.1,0.08118,0.94449,Fortinet FortiOS contains a path traversal vulnerability that may allow a local privileged attacker to read and write files via crafted CLI commands.,Fortinet,FortiOS
 CVE-2023-26360,8.6,0.96439,0.99617,Adobe ColdFusion contains a deserialization of untrusted data vulnerability that allows for remote code execution.,Adobe,ColdFusion
-CVE-2013-3163,8.8,0.95847,0.99498,Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code or cause a denial of service via a crafted website.,Microsoft,Internet Explorer
+CVE-2013-3163,8.8,0.95847,0.99499,Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code or cause a denial of service via a crafted website.,Microsoft,Internet Explorer
 CVE-2017-7494,9.8,0.97266,0.99883,"Samba contains a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share and then cause the server to load and execute it.",Samba,Samba
-CVE-2022-42948,9.8,0.03012,0.9113,Fortra Cobalt Strike User Interface contains an unspecified vulnerability rooted in Java Swing that may allow remote code execution.,Fortra,Cobalt Strike
-CVE-2022-39197,6.1,0.00767,0.81605,"Fortra Cobalt Strike contains a cross-site scripting (XSS) vulnerability in Teamserver that would allow an attacker to set a malformed username in the Beacon configuration, allowing them to execute code remotely.",Fortra,Cobalt Strike
-CVE-2021-30900,7.8,0.00238,0.6231,"Apple GPU drivers, included in iOS, iPadOS, and macOS, contain an out-of-bounds write vulnerability that may allow a malicious application to execute code with kernel privileges.",Apple,"iOS, iPadOS, and macOS"
-CVE-2022-38181,8.8,0.60655,0.97865,Arm Mali GPU Kernel Driver contains a use-after-free vulnerability that may allow a non-privileged user to gain root privilege and/or disclose information.,Arm,Mali Graphics Processing Unit (GPU)
-CVE-2023-0266,7.8,0.00082,0.35764,Linux kernel contains a use-after-free vulnerability that allows for privilege escalation to gain ring0 access from the system user.,Linux,Kernel
-CVE-2022-3038,8.8,0.32292,0.97101,"Google Chromium Network Service contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium Network Service
-CVE-2022-22706,7.8,0.71247,0.98121,Arm Mali GPU Kernel Driver contains an unspecified vulnerability that allows a non-privileged user to achieve write access to read-only memory pages.,Arm,Mali Graphics Processing Unit (GPU)
+CVE-2022-42948,9.8,0.03012,0.91133,Fortra Cobalt Strike User Interface contains an unspecified vulnerability rooted in Java Swing that may allow remote code execution.,Fortra,Cobalt Strike
+CVE-2022-39197,6.1,0.00767,0.81611,"Fortra Cobalt Strike contains a cross-site scripting (XSS) vulnerability in Teamserver that would allow an attacker to set a malformed username in the Beacon configuration, allowing them to execute code remotely.",Fortra,Cobalt Strike
+CVE-2021-30900,7.8,0.00238,0.62318,"Apple GPU drivers, included in iOS, iPadOS, and macOS, contain an out-of-bounds write vulnerability that may allow a malicious application to execute code with kernel privileges.",Apple,"iOS, iPadOS, and macOS"
+CVE-2022-38181,8.8,0.60655,0.97867,Arm Mali GPU Kernel Driver contains a use-after-free vulnerability that may allow a non-privileged user to gain root privilege and/or disclose information.,Arm,Mali Graphics Processing Unit (GPU)
+CVE-2023-0266,7.8,0.00082,0.35769,Linux kernel contains a use-after-free vulnerability that allows for privilege escalation to gain ring0 access from the system user.,Linux,Kernel
+CVE-2022-3038,8.8,0.32292,0.97102,"Google Chromium Network Service contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium Network Service
+CVE-2022-22706,7.8,0.71247,0.98122,Arm Mali GPU Kernel Driver contains an unspecified vulnerability that allows a non-privileged user to achieve write access to read-only memory pages.,Arm,Mali Graphics Processing Unit (GPU)
 CVE-2022-27926,6.1,0.9518,0.99386,Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability by allowing an endpoint URL to accept parameters without sanitizing.,Zimbra,Collaboration (ZCS)
-CVE-2021-27876,8.1,0.74314,0.98199,Veritas Backup Exec (BE) Agent contains a file access vulnerability that could allow an attacker to specially craft input parameters on a data management protocol command to access files on the BE Agent machine.,Veritas,Backup Exec Agent
-CVE-2021-27877,9.8,0.7621,0.98241,Veritas Backup Exec (BE) Agent contains an improper authentication vulnerability that could allow an attacker unauthorized access to the BE Agent via SHA authentication scheme.,Veritas,Backup Exec Agent
-CVE-2021-27878,8.8,0.70923,0.98111,Veritas Backup Exec (BE) Agent contains a command execution vulnerability that could allow an attacker to use a data management protocol command to execute a command on the BE Agent machine.,Veritas,Backup Exec Agent
-CVE-2019-1388,7.8,0.09549,0.94886,"Microsoft Windows Certificate Dialog contains a privilege escalation vulnerability, allowing attackers to run processes in an elevated context.",Microsoft,Windows
-CVE-2023-26083,3.3,0.0615,0.93707,Arm Mali GPU Kernel Driver contains an information disclosure vulnerability that allows a non-privileged user to make valid GPU processing operations that expose sensitive kernel metadata.,Arm,Mali Graphics Processing Unit (GPU)
-CVE-2023-28205,8.8,0.00292,0.6969,"Apple iOS, iPadOS, macOS, and Safari WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,Multiple Products
-CVE-2023-28206,8.6,0.00429,0.74914,"Apple iOS, iPadOS, and macOS IOSurfaceAccelerator contain an out-of-bounds write vulnerability that allows an app to execute code with kernel privileges.",Apple,"iOS, iPadOS, and macOS"
-CVE-2023-28252,7.8,0.01629,0.87821,Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows
-CVE-2023-20963,7.8,0.00224,0.61176,Android Framework contains an unspecified vulnerability that allows for privilege escalation after updating an app to a higher Target SDK with no additional execution privileges needed.,Android,Framework
-CVE-2023-29492,9.8,0.04083,0.92331,Novi Survey contains an insecure deserialization vulnerability that allows remote attackers to execute code on the server in the context of the service account.,Novi Survey,Novi Survey
-CVE-2019-8526,7.8,0.00137,0.50081,Apple macOS contains a use-after-free vulnerability that could allow for privilege escalation.,Apple,macOS
-CVE-2023-2033,8.8,0.02174,0.89596,"Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
-CVE-2017-6742,8.8,0.01469,0.87046,"The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.",Cisco,IOS and IOS XE Software
+CVE-2021-27876,8.1,0.74314,0.982,Veritas Backup Exec (BE) Agent contains a file access vulnerability that could allow an attacker to specially craft input parameters on a data management protocol command to access files on the BE Agent machine.,Veritas,Backup Exec Agent
+CVE-2021-27877,9.8,0.7621,0.98242,Veritas Backup Exec (BE) Agent contains an improper authentication vulnerability that could allow an attacker unauthorized access to the BE Agent via SHA authentication scheme.,Veritas,Backup Exec Agent
+CVE-2021-27878,8.8,0.70923,0.98112,Veritas Backup Exec (BE) Agent contains a command execution vulnerability that could allow an attacker to use a data management protocol command to execute a command on the BE Agent machine.,Veritas,Backup Exec Agent
+CVE-2019-1388,7.8,0.09549,0.94888,"Microsoft Windows Certificate Dialog contains a privilege escalation vulnerability, allowing attackers to run processes in an elevated context.",Microsoft,Windows
+CVE-2023-26083,3.3,0.0615,0.9371,Arm Mali GPU Kernel Driver contains an information disclosure vulnerability that allows a non-privileged user to make valid GPU processing operations that expose sensitive kernel metadata.,Arm,Mali Graphics Processing Unit (GPU)
+CVE-2023-28205,8.8,0.00292,0.69695,"Apple iOS, iPadOS, macOS, and Safari WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,Multiple Products
+CVE-2023-28206,8.6,0.00429,0.7492,"Apple iOS, iPadOS, and macOS IOSurfaceAccelerator contain an out-of-bounds write vulnerability that allows an app to execute code with kernel privileges.",Apple,"iOS, iPadOS, and macOS"
+CVE-2023-28252,7.8,0.01629,0.87827,Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows
+CVE-2023-20963,7.8,0.00224,0.61187,Android Framework contains an unspecified vulnerability that allows for privilege escalation after updating an app to a higher Target SDK with no additional execution privileges needed.,Android,Framework
+CVE-2023-29492,9.8,0.04083,0.92336,Novi Survey contains an insecure deserialization vulnerability that allows remote attackers to execute code on the server in the context of the service account.,Novi Survey,Novi Survey
+CVE-2019-8526,7.8,0.00137,0.5009,Apple macOS contains a use-after-free vulnerability that could allow for privilege escalation.,Apple,macOS
+CVE-2023-2033,8.8,0.02174,0.89601,"Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
+CVE-2017-6742,8.8,0.01469,0.87051,"The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.",Cisco,IOS and IOS XE Software
 CVE-2023-28432,7.5,0.90735,0.98919,"MinIO contains a vulnerability in a cluster deployment where MinIO returns all environment variables, which allows for information disclosure.",MinIO,MinIO
 CVE-2023-27350,9.8,0.96848,0.99734,PaperCut MF/NG contains an improper access control vulnerability within the SetupCompleted class that allows authentication bypass and code execution in the context of system.,PaperCut,MF/NG
-CVE-2023-2136,9.6,0.00727,0.81064,"Google Chromium Skia contains an integer overflow vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. This vulnerability affects Google Chrome and ChromeOS, Android, Flutter, and possibly other products.",Google,Chromium Skia
-CVE-2023-1389,8.8,0.05944,0.93613,TP-Link Archer AX-21 contains a command injection vulnerability that allows for remote code execution.,TP-Link,Archer AX21
+CVE-2023-2136,9.6,0.00727,0.81071,"Google Chromium Skia contains an integer overflow vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. This vulnerability affects Google Chrome and ChromeOS, Android, Flutter, and possibly other products.",Google,Chromium Skia
+CVE-2023-1389,8.8,0.05944,0.93616,TP-Link Archer AX-21 contains a command injection vulnerability that allows for remote code execution.,TP-Link,Archer AX21
 CVE-2021-45046,9.0,0.97307,0.99902,"Apache Log4j2 contains a deserialization of untrusted data vulnerability due to the incomplete fix of CVE-2021-44228, where the Thread Context Lookup Pattern is vulnerable to remote code execution in certain non-default configurations.",Apache,Log4j2
 CVE-2023-21839,7.5,0.95127,0.99373,"Oracle WebLogic Server contains an unspecified vulnerability that allows an unauthenticated attacker with network access via T3, IIOP, to compromise Oracle WebLogic Server.",Oracle,WebLogic Server
-CVE-2023-29336,7.8,0.0132,0.86274,Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation up to SYSTEM privileges.,Microsoft,Win32k
+CVE-2023-29336,7.8,0.0132,0.86278,Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation up to SYSTEM privileges.,Microsoft,Win32k
 CVE-2023-25717,9.8,0.95466,0.99437,"Ruckus Wireless Access Point (AP) software contains an unspecified vulnerability in the web services component. If the web services component is enabled on the AP, an attacker can perform cross-site request forgery (CSRF) or remote code execution (RCE). This vulnerability impacts Ruckus ZoneDirector, SmartZone, and Solo APs.",Ruckus Wireless,Multiple Products
-CVE-2021-3560,7.8,0.01177,0.85359,"Red Hat Polkit contains an incorrect authorization vulnerability through the bypassing of credential checks for D-Bus requests, allowing for privilege escalation.",Red Hat,Polkit
-CVE-2014-0196,,0.01914,0.88879,Linux Kernel contains a race condition vulnerability within the n_tty_write function that allows local users to cause a denial-of-service (DoS) or gain privileges via read and write operations with long strings.,Linux,Kernel
-CVE-2010-3904,7.8,0.00132,0.49009,Linux Kernel contains an improper input validation vulnerability in the Reliable Datagram Sockets (RDS) protocol implementation that allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls.,Linux,Kernel
-CVE-2015-5317,,0.04876,0.92938,"Jenkins User Interface (UI) contains an information disclosure vulnerability that allows users to see the names of jobs and builds otherwise inaccessible to them on the ""Fingerprints"" pages.",Jenkins,Jenkins User Interface (UI)
-CVE-2016-3427,9.8,0.49482,0.97578,"Oracle Java SE and JRockit contains an unspecified vulnerability that allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Java Management Extensions (JMX). This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service.",Oracle,Java SE and JRockit
-CVE-2016-8735,9.8,0.7374,0.98189,Apache Tomcat contains an unspecified vulnerability that allows for remote code execution if JmxRemoteLifecycleListener is used and an attacker can reach Java Management Extension (JMX) ports. This CVE exists because this listener wasn't updated for consistency with the Oracle patched issues for CVE-2016-3427 which affected credential types.,Apache,Tomcat
-CVE-2004-1464,5.9,0.01575,0.87595,"Cisco IOS contains an unspecified vulnerability that may block further telnet, reverse telnet, Remote Shell (RSH), Secure Shell (SSH), and in some cases, Hypertext Transport Protocol (HTTP) access to the Cisco device.",Cisco,IOS
+CVE-2021-3560,7.8,0.01177,0.85366,"Red Hat Polkit contains an incorrect authorization vulnerability through the bypassing of credential checks for D-Bus requests, allowing for privilege escalation.",Red Hat,Polkit
+CVE-2014-0196,,0.01914,0.88884,Linux Kernel contains a race condition vulnerability within the n_tty_write function that allows local users to cause a denial-of-service (DoS) or gain privileges via read and write operations with long strings.,Linux,Kernel
+CVE-2010-3904,7.8,0.00132,0.49016,Linux Kernel contains an improper input validation vulnerability in the Reliable Datagram Sockets (RDS) protocol implementation that allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls.,Linux,Kernel
+CVE-2015-5317,,0.04876,0.92941,"Jenkins User Interface (UI) contains an information disclosure vulnerability that allows users to see the names of jobs and builds otherwise inaccessible to them on the ""Fingerprints"" pages.",Jenkins,Jenkins User Interface (UI)
+CVE-2016-3427,9.8,0.49482,0.97579,"Oracle Java SE and JRockit contains an unspecified vulnerability that allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Java Management Extensions (JMX). This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service.",Oracle,Java SE and JRockit
+CVE-2016-8735,9.8,0.7374,0.9819,Apache Tomcat contains an unspecified vulnerability that allows for remote code execution if JmxRemoteLifecycleListener is used and an attacker can reach Java Management Extension (JMX) ports. This CVE exists because this listener wasn't updated for consistency with the Oracle patched issues for CVE-2016-3427 which affected credential types.,Apache,Tomcat
+CVE-2004-1464,5.9,0.01575,0.876,"Cisco IOS contains an unspecified vulnerability that may block further telnet, reverse telnet, Remote Shell (RSH), Secure Shell (SSH), and in some cases, Hypertext Transport Protocol (HTTP) access to the Cisco device.",Cisco,IOS
 CVE-2016-6415,7.5,0.97235,0.99869,"Cisco IOS, IOS XR, and IOS XE contain insufficient condition checks in the part of the code that handles Internet Key Exchange version 1 (IKEv1) security negotiation requests. contains an information disclosure vulnerability in the Internet Key Exchange version 1 (IKEv1) that could allow an attacker to retrieve memory contents. Successful exploitation could allow the attacker to retrieve memory contents, which can lead to information disclosure.",Cisco,"IOS, IOS XR, and IOS XE"
-CVE-2023-21492,4.4,0.00136,0.49787,"Samsung mobile devices running Android 11, 12, and 13 contain an insertion of sensitive information into log file vulnerability that allows a privileged, local attacker to conduct an address space layout randomization (ASLR) bypass.",Samsung,Mobile Devices
-CVE-2023-32409,8.6,0.01592,0.8766,"Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain an unspecified vulnerability that can allow a remote attacker to break out of the Web Content sandbox. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,Multiple Products
-CVE-2023-28204,6.5,0.00265,0.66804,"Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain an out-of-bounds read vulnerability that may disclose sensitive information when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,Multiple Products
-CVE-2023-32373,8.8,0.00145,0.51109,"Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,Multiple Products
-CVE-2023-2868,9.8,0.04928,0.9298,"Barracuda Email Security Gateway (ESG) appliance contains an improper input validation vulnerability of a user-supplied .tar file, leading to remote command injection.",Barracuda Networks,Email Security Gateway (ESG) Appliance
+CVE-2023-21492,4.4,0.00136,0.49795,"Samsung mobile devices running Android 11, 12, and 13 contain an insertion of sensitive information into log file vulnerability that allows a privileged, local attacker to conduct an address space layout randomization (ASLR) bypass.",Samsung,Mobile Devices
+CVE-2023-32409,8.6,0.01592,0.87667,"Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain an unspecified vulnerability that can allow a remote attacker to break out of the Web Content sandbox. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,Multiple Products
+CVE-2023-28204,6.5,0.00265,0.6681,"Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain an out-of-bounds read vulnerability that may disclose sensitive information when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,Multiple Products
+CVE-2023-32373,8.8,0.00145,0.51119,"Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,Multiple Products
+CVE-2023-2868,9.8,0.04928,0.92982,"Barracuda Email Security Gateway (ESG) appliance contains an improper input validation vulnerability of a user-supplied .tar file, leading to remote command injection.",Barracuda Networks,Email Security Gateway (ESG) Appliance
 CVE-2023-28771,9.8,0.89646,0.98848,"Zyxel ATP, USG FLEX, VPN, and ZyWALL/USG firewalls allow for improper error message handling which could allow an unauthenticated attacker to execute OS commands remotely by sending crafted packets to an affected device.",Zyxel,Multiple Firewalls
 CVE-2023-34362,9.8,0.97045,0.99797,"Progress MOVEit Transfer contains a SQL injection vulnerability that could allow an unauthenticated attacker to gain unauthorized access to MOVEit Transfer's database. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker may be able to infer information about the structure and contents of the database in addition to executing SQL statements that alter or delete database elements.",Progress,MOVEit Transfer
-CVE-2023-33009,9.8,0.02249,0.8979,"Zyxel ATP, USG FLEX, USG FLEX 50(W), USG20(W)-VPN, VPN, and ZyWALL/USG firewalls contain a buffer overflow vulnerability in the notification function that could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and remote code execution on an affected device.",Zyxel,Multiple Firewalls
-CVE-2023-33010,9.8,0.02249,0.8979,"Zyxel ATP, USG FLEX, USG FLEX 50(W), USG20(W)-VPN, VPN, and ZyWALL/USG firewalls contain a buffer overflow vulnerability in the ID processing function that could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and remote code execution on an affected device.",Zyxel,Multiple Firewalls
-CVE-2023-3079,8.8,0.12006,0.95471,"Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
-CVE-2023-27997,9.8,0.10727,0.95196,"Fortinet FortiOS and FortiProxy SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute code or commands via specifically crafted requests.",Fortinet,FortiOS and FortiProxy SSL-VPN
+CVE-2023-33009,9.8,0.02249,0.89795,"Zyxel ATP, USG FLEX, USG FLEX 50(W), USG20(W)-VPN, VPN, and ZyWALL/USG firewalls contain a buffer overflow vulnerability in the notification function that could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and remote code execution on an affected device.",Zyxel,Multiple Firewalls
+CVE-2023-33010,9.8,0.02249,0.89795,"Zyxel ATP, USG FLEX, USG FLEX 50(W), USG20(W)-VPN, VPN, and ZyWALL/USG firewalls contain a buffer overflow vulnerability in the ID processing function that could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and remote code execution on an affected device.",Zyxel,Multiple Firewalls
+CVE-2023-3079,8.8,0.12006,0.95472,"Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
+CVE-2023-27997,9.8,0.10727,0.95198,"Fortinet FortiOS and FortiProxy SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute code or commands via specifically crafted requests.",Fortinet,FortiOS and FortiProxy SSL-VPN
 CVE-2023-20887,9.8,0.97084,0.99813,VMware Aria Operations for Networks (formerly vRealize Network Insight) contains a command injection vulnerability that allows a malicious actor with network access to perform an attack resulting in remote code execution.,VMware,Aria Operations for Networks
-CVE-2020-35730,6.1,0.06913,0.94067,Roundcube Webmail contains a cross-site scripting (XSS) vulnerability that allows an attacker to send a plain text e-mail message with Javascript in a link reference element that is mishandled by linkref_addinindex in rcube_string_replacer.php.,Roundcube,Roundcube Webmail
-CVE-2020-12641,9.8,0.12311,0.95524,Roundcube Webmail contains an remote code execution vulnerability that allows attackers to execute code via shell metacharacters in a configuration setting for im_convert_path or im_identify_path.,Roundcube,Roundcube Webmail
-CVE-2021-44026,9.8,0.0143,0.86857,Roundcube Webmail is vulnerable to SQL injection via search or search_params.,Roundcube,Roundcube Webmail
+CVE-2020-35730,6.1,0.06913,0.9407,Roundcube Webmail contains a cross-site scripting (XSS) vulnerability that allows an attacker to send a plain text e-mail message with Javascript in a link reference element that is mishandled by linkref_addinindex in rcube_string_replacer.php.,Roundcube,Roundcube Webmail
+CVE-2020-12641,9.8,0.12311,0.95526,Roundcube Webmail contains an remote code execution vulnerability that allows attackers to execute code via shell metacharacters in a configuration setting for im_convert_path or im_identify_path.,Roundcube,Roundcube Webmail
+CVE-2021-44026,9.8,0.0143,0.86861,Roundcube Webmail is vulnerable to SQL injection via search or search_params.,Roundcube,Roundcube Webmail
 CVE-2016-9079,7.5,0.95868,0.99501,"Mozilla Firefox, Firefox ESR, and Thunderbird contain a use-after-free vulnerability in SVG Animation, targeting Firefox and Tor browser users on Windows.",Mozilla,"Firefox, Firefox ESR, and Thunderbird"
-CVE-2016-0165,7.8,0.00598,0.78838,Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Win32k
-CVE-2023-32434,7.8,0.00086,0.37174,"Apple iOS. iPadOS, macOS, and watchOS contain an integer overflow vulnerability that could allow an application to execute code with kernel privileges.",Apple,Multiple Products
-CVE-2023-32435,8.8,0.00168,0.54464,"Apple iOS, iPadOS, macOS, and Safari WebKit contain a memory corruption vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,Multiple Products
-CVE-2023-32439,8.8,0.00408,0.74295,"Apple iOS, iPadOS, macOS, and Safari WebKit contain a type confusion vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,Multiple Products
-CVE-2023-20867,3.9,0.00293,0.69731,"VMware Tools contains an authentication bypass vulnerability in the vgauth module. A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine. An attacker must have root access over ESXi to exploit this vulnerability.",VMware,Tools
-CVE-2023-27992,9.8,0.03176,0.91337,Multiple Zyxel network-attached storage (NAS) devices contain a pre-authentication command injection vulnerability that could allow an unauthenticated attacker to execute commands remotely via a crafted HTTP request.,Zyxel,Multiple Network-Attached Storage (NAS) Devices
-CVE-2019-17621,9.8,0.96946,0.99763,"D-Link DIR-859 router contains a command execution vulnerability in the UPnP endpoint URL, /gena.cgi. Exploitation allows an unauthenticated remote attacker to execute system commands as root by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local network.",D-Link,DIR-859 Router
-CVE-2019-20500,7.8,0.01622,0.87795,"D-Link DWL-2600AP access point contains an authenticated command injection vulnerability via the Save Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=config_save configBackup or downloadServerip parameter.",D-Link,DWL-2600AP Access Point
-CVE-2021-25487,7.8,0.00067,0.30289,"Samsung mobile devices contain an out-of-bounds read vulnerability within the modem interface driver due to a lack of boundary checking of a buffer in set_skb_priv(), leading to remote code execution by dereference of an invalid function pointer.",Samsung,Mobile Devices
-CVE-2021-25489,5.5,0.00139,0.50313,Samsung mobile devices contain an improper input validation vulnerability within the modem interface driver that results in a format string bug leading to kernel panic.,Samsung,Mobile Devices
-CVE-2021-25394,6.4,0.00078,0.3412,Samsung mobile devices contain a race condition vulnerability within the MFC charger driver that leads to a use-after-free allowing for a write given a radio privilege is compromised.,Samsung,Mobile Devices
-CVE-2021-25395,6.4,0.00238,0.62371,Samsung mobile devices contain a race condition vulnerability within the MFC charger driver that leads to a use-after-free allowing for a write given a radio privilege is compromised.,Samsung,Mobile Devices
-CVE-2021-25371,6.7,0.00078,0.3412,Samsung mobile devices contain an unspecified vulnerability within DSP driver that allows attackers to load ELF libraries inside DSP.,Samsung,Mobile Devices
-CVE-2021-25372,6.7,0.00078,0.3412,Samsung mobile devices contain an improper boundary check vulnerability within DSP driver that allows for out-of-bounds memory access.,Samsung,Mobile Devices
-CVE-2021-29256,8.8,0.02483,0.90318,Arm Mali GPU Kernel Driver contains a use-after-free vulnerability that may allow a non-privileged user to gain root privilege and/or disclose information.,Arm,Mali Graphics Processing Unit (GPU)
-CVE-2023-32046,7.8,0.00187,0.56784,Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows
-CVE-2023-32049,8.8,0.0216,0.89571,Microsoft Windows Defender SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the Open File - Security Warning prompt.,Microsoft,Windows
+CVE-2016-0165,7.8,0.00598,0.78848,Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Win32k
+CVE-2023-32434,7.8,0.00086,0.3718,"Apple iOS. iPadOS, macOS, and watchOS contain an integer overflow vulnerability that could allow an application to execute code with kernel privileges.",Apple,Multiple Products
+CVE-2023-32435,8.8,0.00168,0.54471,"Apple iOS, iPadOS, macOS, and Safari WebKit contain a memory corruption vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,Multiple Products
+CVE-2023-32439,8.8,0.00408,0.743,"Apple iOS, iPadOS, macOS, and Safari WebKit contain a type confusion vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,Multiple Products
+CVE-2023-20867,3.9,0.00293,0.69736,"VMware Tools contains an authentication bypass vulnerability in the vgauth module. A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine. An attacker must have root access over ESXi to exploit this vulnerability.",VMware,Tools
+CVE-2023-27992,9.8,0.03176,0.91341,Multiple Zyxel network-attached storage (NAS) devices contain a pre-authentication command injection vulnerability that could allow an unauthenticated attacker to execute commands remotely via a crafted HTTP request.,Zyxel,Multiple Network-Attached Storage (NAS) Devices
+CVE-2019-17621,9.8,0.96946,0.99762,"D-Link DIR-859 router contains a command execution vulnerability in the UPnP endpoint URL, /gena.cgi. Exploitation allows an unauthenticated remote attacker to execute system commands as root by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local network.",D-Link,DIR-859 Router
+CVE-2019-20500,7.8,0.01622,0.87801,"D-Link DWL-2600AP access point contains an authenticated command injection vulnerability via the Save Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=config_save configBackup or downloadServerip parameter.",D-Link,DWL-2600AP Access Point
+CVE-2021-25487,7.8,0.00067,0.30295,"Samsung mobile devices contain an out-of-bounds read vulnerability within the modem interface driver due to a lack of boundary checking of a buffer in set_skb_priv(), leading to remote code execution by dereference of an invalid function pointer.",Samsung,Mobile Devices
+CVE-2021-25489,5.5,0.00139,0.50323,Samsung mobile devices contain an improper input validation vulnerability within the modem interface driver that results in a format string bug leading to kernel panic.,Samsung,Mobile Devices
+CVE-2021-25394,6.4,0.00078,0.34126,Samsung mobile devices contain a race condition vulnerability within the MFC charger driver that leads to a use-after-free allowing for a write given a radio privilege is compromised.,Samsung,Mobile Devices
+CVE-2021-25395,6.4,0.00238,0.62379,Samsung mobile devices contain a race condition vulnerability within the MFC charger driver that leads to a use-after-free allowing for a write given a radio privilege is compromised.,Samsung,Mobile Devices
+CVE-2021-25371,6.7,0.00078,0.34126,Samsung mobile devices contain an unspecified vulnerability within DSP driver that allows attackers to load ELF libraries inside DSP.,Samsung,Mobile Devices
+CVE-2021-25372,6.7,0.00078,0.34126,Samsung mobile devices contain an improper boundary check vulnerability within DSP driver that allows for out-of-bounds memory access.,Samsung,Mobile Devices
+CVE-2021-29256,8.8,0.02483,0.90323,Arm Mali GPU Kernel Driver contains a use-after-free vulnerability that may allow a non-privileged user to gain root privilege and/or disclose information.,Arm,Mali Graphics Processing Unit (GPU)
+CVE-2023-32046,7.8,0.00187,0.56795,Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows
+CVE-2023-32049,8.8,0.0216,0.89576,Microsoft Windows Defender SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the Open File - Security Warning prompt.,Microsoft,Windows
 CVE-2023-35311,7.5,0.57838,0.97794,Microsoft Outlook contains a security feature bypass vulnerability that allows an attacker to bypass the Microsoft Outlook Security Notice prompt.,Microsoft,Outlook
-CVE-2023-36874,7.8,0.04776,0.92875,Microsoft Windows Error Reporting Service contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows
-CVE-2022-31199,9.8,0.4738,0.97533,"Netwrix Auditor User Activity Video Recording component contains an insecure objection deserialization vulnerability that allows an unauthenticated, remote attacker to execute code as the NT AUTHORITY\SYSTEM user. Successful exploitation requires that the attacker is able to reach port 9004/TCP, which is commonly blocked by standard enterprise firewalling.",Netwrix,Auditor
-CVE-2022-29303,9.8,0.96676,0.99688,SolarView Compact contains a command injection vulnerability due to improper validation of input values on the send test mail console of the product's web server.,SolarView,Compact
-CVE-2023-37450,8.8,0.00186,0.56607,"Apple iOS, iPadOS, macOS, and Safari WebKit contain an unspecified vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,Multiple Products
-CVE-2023-36884,7.5,0.06769,0.94011,"Microsoft Windows Search contains an unspecified vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file, leading to remote code execution.",Microsoft,Windows
-CVE-2023-3519,9.8,0.96591,0.99664,Citrix NetScaler ADC and NetScaler Gateway contains a code injection vulnerability that allows for unauthenticated remote code execution.,Citrix,NetScaler ADC and NetScaler Gateway
-CVE-2023-29298,7.5,0.97081,0.99811,Adobe ColdFusion contains an improper access control vulnerability that allows for a security feature bypass.,Adobe,ColdFusion
+CVE-2023-36874,7.8,0.04776,0.92877,Microsoft Windows Error Reporting Service contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows
+CVE-2022-31199,9.8,0.4738,0.97535,"Netwrix Auditor User Activity Video Recording component contains an insecure objection deserialization vulnerability that allows an unauthenticated, remote attacker to execute code as the NT AUTHORITY\SYSTEM user. Successful exploitation requires that the attacker is able to reach port 9004/TCP, which is commonly blocked by standard enterprise firewalling.",Netwrix,Auditor
+CVE-2022-29303,9.8,0.96676,0.99689,SolarView Compact contains a command injection vulnerability due to improper validation of input values on the send test mail console of the product's web server.,SolarView,Compact
+CVE-2023-37450,8.8,0.00186,0.56618,"Apple iOS, iPadOS, macOS, and Safari WebKit contain an unspecified vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,Multiple Products
+CVE-2023-36884,7.5,0.06769,0.94016,"Microsoft Windows Search contains an unspecified vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file, leading to remote code execution.",Microsoft,Windows
+CVE-2023-3519,9.8,0.96591,0.99665,Citrix NetScaler ADC and NetScaler Gateway contains a code injection vulnerability that allows for unauthenticated remote code execution.,Citrix,NetScaler ADC and NetScaler Gateway
+CVE-2023-29298,7.5,0.97081,0.9981,Adobe ColdFusion contains an improper access control vulnerability that allows for a security feature bypass.,Adobe,ColdFusion
 CVE-2023-38205,7.5,0.95033,0.99362,Adobe ColdFusion contains an improper access control vulnerability that allows for a security feature bypass.,Adobe,ColdFusion
-CVE-2023-35078,9.8,0.97093,0.99818,"Ivanti Endpoint Manager Mobile (EPMM, previously branded MobileIron Core) contains an authentication bypass vulnerability that allows unauthenticated access to specific API paths. An attacker with access to these API paths can access personally identifiable information (PII) such as names, phone numbers, and other mobile device details for users on a vulnerable system. An attacker can also make other configuration changes including installing software and modifying security profiles on registered devices.",Ivanti,Endpoint Manager Mobile (EPMM)
-CVE-2023-38606,5.5,0.00264,0.66683,"Apple iOS, iPadOS, macOS, tvOS, and watchOS contain an unspecified vulnerability allowing an app to modify a sensitive kernel state.",Apple,Multiple Products
-CVE-2023-37580,6.1,0.30442,0.97031,Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability impacting the confidentiality and integrity of data.,Zimbra,Collaboration (ZCS)
-CVE-2023-35081,7.2,0.79545,0.98351,Ivanti Endpoint Manager Mobile (EPMM) contains a path traversal vulnerability that enables an authenticated administrator to perform malicious file writes to the EPMM server. This vulnerability can be used in conjunction with CVE-2023-35078 to bypass authentication and ACLs restrictions (if applicable).,Ivanti,Endpoint Manager Mobile (EPMM)
+CVE-2023-35078,9.8,0.97093,0.99817,"Ivanti Endpoint Manager Mobile (EPMM, previously branded MobileIron Core) contains an authentication bypass vulnerability that allows unauthenticated access to specific API paths. An attacker with access to these API paths can access personally identifiable information (PII) such as names, phone numbers, and other mobile device details for users on a vulnerable system. An attacker can also make other configuration changes including installing software and modifying security profiles on registered devices.",Ivanti,Endpoint Manager Mobile (EPMM)
+CVE-2023-38606,5.5,0.00264,0.66689,"Apple iOS, iPadOS, macOS, tvOS, and watchOS contain an unspecified vulnerability allowing an app to modify a sensitive kernel state.",Apple,Multiple Products
+CVE-2023-37580,6.1,0.30442,0.97032,Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability impacting the confidentiality and integrity of data.,Zimbra,Collaboration (ZCS)
+CVE-2023-35081,7.2,0.79545,0.98352,Ivanti Endpoint Manager Mobile (EPMM) contains a path traversal vulnerability that enables an authenticated administrator to perform malicious file writes to the EPMM server. This vulnerability can be used in conjunction with CVE-2023-35078 to bypass authentication and ACLs restrictions (if applicable).,Ivanti,Endpoint Manager Mobile (EPMM)
 CVE-2017-18368,9.8,0.97497,0.99985,"Zyxel P660HN-T1A routers contain a command injection vulnerability in the Remote System Log forwarding function, which is accessible by an unauthenticated user and exploited via the remote_host parameter of the ViewLog.asp page.",Zyxel,P660HN-T1A Routers
-CVE-2023-38180,7.5,0.01009,0.84023,Microsoft .NET Core and Visual Studio contain an unspecified vulnerability that allows for denial-of-service (DoS).,Microsoft,.NET Core and Visual Studio
+CVE-2023-38180,7.5,0.01009,0.84028,Microsoft .NET Core and Visual Studio contain an unspecified vulnerability that allows for denial-of-service (DoS).,Microsoft,.NET Core and Visual Studio
 CVE-2023-24489,9.8,0.97382,0.99932,Citrix Content Collaboration contains an improper access control vulnerability that could allow an unauthenticated attacker to remotely compromise customer-managed ShareFile storage zones controllers.,Citrix,Content Collaboration
-CVE-2023-26359,9.8,0.68525,0.98041,Adobe ColdFusion contains a deserialization of untrusted data vulnerability that could result in code execution in the context of the current user.,Adobe,ColdFusion
-CVE-2023-38035,9.8,0.97469,0.99972,"Ivanti Sentry, formerly known as MobileIron Sentry, contains an authentication bypass vulnerability that may allow an attacker to bypass authentication controls on the administrative interface due to an insufficiently restrictive Apache HTTPD configuration.",Ivanti,Sentry
-CVE-2023-27532,7.5,0.0308,0.91222,Veeam Backup & Replication Cloud Connect component contains a missing authentication for critical function vulnerability that allows an unauthenticated user operating within the backup infrastructure network perimeter to obtain encrypted credentials stored in the configuration database. This may lead to an attacker gaining access to the backup infrastructure hosts.,Veeam,Backup & Replication
+CVE-2023-26359,9.8,0.68525,0.98043,Adobe ColdFusion contains a deserialization of untrusted data vulnerability that could result in code execution in the context of the current user.,Adobe,ColdFusion
+CVE-2023-38035,9.8,0.97469,0.99973,"Ivanti Sentry, formerly known as MobileIron Sentry, contains an authentication bypass vulnerability that may allow an attacker to bypass authentication controls on the administrative interface due to an insufficiently restrictive Apache HTTPD configuration.",Ivanti,Sentry
+CVE-2023-27532,7.5,0.0308,0.91226,Veeam Backup & Replication Cloud Connect component contains a missing authentication for critical function vulnerability that allows an unauthenticated user operating within the backup infrastructure network perimeter to obtain encrypted credentials stored in the configuration database. This may lead to an attacker gaining access to the backup infrastructure hosts.,Veeam,Backup & Replication
 CVE-2023-38831,7.8,0.31236,0.97063,RARLAB WinRAR contains an unspecified vulnerability that allows an attacker to execute code when a user attempts to view a benign file within a ZIP archive.,RARLAB,WinRAR
-CVE-2023-32315,7.5,0.97022,0.99788,Ignite Realtime Openfire contains a path traversal vulnerability that allows an unauthenticated attacker to access restricted pages in the Openfire Admin Console reserved for administrative users.,Ignite Realtime,Openfire
+CVE-2023-32315,7.5,0.97149,0.99841,Ignite Realtime Openfire contains a path traversal vulnerability that allows an unauthenticated attacker to access restricted pages in the Openfire Admin Console reserved for administrative users.,Ignite Realtime,Openfire
 CVE-2023-33246,9.8,0.96783,0.99717,"Several components of Apache RocketMQ, including NameServer, Broker, and Controller, are exposed to the extranet and lack permission verification. An attacker can exploit this vulnerability by using the update configuration function to execute commands as the system users that RocketMQ is running as or achieve the same effect by forging the RocketMQ protocol content.",Apache,RocketMQ
-CVE-2023-41064,7.8,0.0033,0.71525,"Apple iOS, iPadOS, and macOS contain a buffer overflow vulnerability in ImageIO when processing a maliciously crafted image, which may lead to code execution. This vulnerability was chained with CVE-2023-41061.",Apple,"iOS, iPadOS, and macOS"
-CVE-2023-41061,7.8,0.0007,0.3122,"Apple iOS, iPadOS, and watchOS contain an unspecified vulnerability due to a validation issue affecting Wallet in which a maliciously crafted attachment may result in code execution. This vulnerability was chained with CVE-2023-41064.",Apple,"iOS, iPadOS, and watchOS"
-CVE-2023-36761,6.5,0.0044,0.75324,Microsoft Word contains an unspecified vulnerability that allows for information disclosure.,Microsoft,Word
-CVE-2023-36802,7.8,0.02786,0.90823,Microsoft Streaming Service Proxy contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Streaming Service Proxy
-CVE-2023-35674,7.8,0.00064,0.28877,Android Framework contains an unspecified vulnerability that allows for privilege escalation.,Android,Framework
-CVE-2023-20269,9.1,0.02432,0.90214,"Cisco Adaptive Security Appliance and Firepower Threat Defense contain an unauthorized access vulnerability that could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or establish a clientless SSL VPN session with an unauthorized user.",Cisco,Adaptive Security Appliance and Firepower Threat Defense
+CVE-2023-41064,7.8,0.0033,0.71532,"Apple iOS, iPadOS, and macOS contain a buffer overflow vulnerability in ImageIO when processing a maliciously crafted image, which may lead to code execution. This vulnerability was chained with CVE-2023-41061.",Apple,"iOS, iPadOS, and macOS"
+CVE-2023-41061,7.8,0.0007,0.31226,"Apple iOS, iPadOS, and watchOS contain an unspecified vulnerability due to a validation issue affecting Wallet in which a maliciously crafted attachment may result in code execution. This vulnerability was chained with CVE-2023-41064.",Apple,"iOS, iPadOS, and watchOS"
+CVE-2023-36761,6.5,0.0044,0.7533,Microsoft Word contains an unspecified vulnerability that allows for information disclosure.,Microsoft,Word
+CVE-2023-36802,7.8,0.02786,0.90827,Microsoft Streaming Service Proxy contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Streaming Service Proxy
+CVE-2023-35674,7.8,0.00064,0.28887,Android Framework contains an unspecified vulnerability that allows for privilege escalation.,Android,Framework
+CVE-2023-20269,9.1,0.03378,0.91597,"Cisco Adaptive Security Appliance and Firepower Threat Defense contain an unauthorized access vulnerability that could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or establish a clientless SSL VPN session with an unauthorized user.",Cisco,Adaptive Security Appliance and Firepower Threat Defense
 CVE-2023-4863,8.8,0.63638,0.97931,Google Chromium WebP contains a heap-based buffer overflow vulnerability that allows a remote attacker to perform an out-of-bounds memory write via a crafted HTML page. This vulnerability can affect applications that use the WebP Codec.,Google,Chromium WebP
-CVE-2023-26369,7.8,0.01518,0.87334,Adobe Acrobat and Reader contains an out-of-bounds write vulnerability that allows for code execution.,Adobe,Acrobat and Reader
-CVE-2022-22265,7.8,0.00069,0.30993,Samsung devices with selected Exynos chipsets contain a use-after-free vulnerability that allows malicious memory write and code execution.,Samsung,Mobile Devices
+CVE-2023-26369,7.8,0.01518,0.87339,Adobe Acrobat and Reader contains an out-of-bounds write vulnerability that allows for code execution.,Adobe,Acrobat and Reader
+CVE-2022-22265,7.8,0.00069,0.31,Samsung devices with selected Exynos chipsets contain a use-after-free vulnerability that allows malicious memory write and code execution.,Samsung,Mobile Devices
 CVE-2014-8361,9.8,0.97015,0.99785,Realtek SDK contains an improper input validation vulnerability in the miniigd SOAP service that allows remote attackers to execute malicious code via a crafted NewInternalClient request.,Realtek,SDK
-CVE-2017-6884,8.8,0.97378,0.9993,"Zyxel EMG2926 routers contain a command injection vulnerability located in the diagnostic tools, specifically the nslookup function. A malicious user may exploit numerous vectors to execute malicious commands on the router, such as the ping_ip parameter to the expert/maintenance/diagnostic/nslookup URI.",Zyxel,EMG2926 Routers
+CVE-2017-6884,8.8,0.97378,0.99929,"Zyxel EMG2926 routers contain a command injection vulnerability located in the diagnostic tools, specifically the nslookup function. A malicious user may exploit numerous vectors to execute malicious commands on the router, such as the ping_ip parameter to the expert/maintenance/diagnostic/nslookup URI.",Zyxel,EMG2926 Routers
 CVE-2021-3129,9.8,0.97486,0.9998,Laravel Ignition contains a file upload vulnerability that allows unauthenticated remote attackers to execute malicious code due to insecure usage of file_get_contents() and file_put_contents().,Laravel,Ignition
-CVE-2023-28434,8.8,0.05053,0.93066,"MinIO contains a security feature bypass vulnerability that allows an attacker to use crafted requests to bypass metadata bucket name checking and put an object into any bucket while processing `PostPolicyBucket` to conduct privilege escalation. To carry out this attack, the attacker requires credentials with `arn:aws:s3:::*` permission, as well as enabled Console API access.",MinIO,MinIO
-CVE-2023-41179,7.2,0.00697,0.80633,Trend Micro Apex One and Worry-Free Business Security contain an unspecified vulnerability in the third-party anti-virus uninstaller that could allow an attacker to manipulate the module to conduct remote code execution. An attacker must first obtain administrative console access on the target system in order to exploit this vulnerability.,Trend Micro,Apex One and Worry-Free Business Security
-CVE-2023-41991,5.5,0.02198,0.89664,"Apple iOS, iPadOS, macOS, and watchOS contain an improper certificate validation vulnerability that can allow a malicious app to bypass signature validation.",Apple,Multiple Products
-CVE-2023-41992,7.8,0.00062,0.27332,"Apple iOS, iPadOS, macOS, and watchOS contain an unspecified vulnerability that allows for local privilege escalation.",Apple,Multiple Products
-CVE-2023-41993,8.8,0.00309,0.70471,"Apple iOS, iPadOS, macOS, and Safari WebKit contain an unspecified vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,Multiple Products
-CVE-2018-14667,9.8,0.79976,0.98369,"Red Hat JBoss RichFaces Framework contains an expression language injection vulnerability via the UserResource resource. A remote, unauthenticated attacker could exploit this vulnerability to execute malicious code using a chain of Java serialized objects via org.ajax4jsf.resource.UserResource$UriData.",Red Hat,JBoss RichFaces Framework
+CVE-2023-28434,8.8,0.05053,0.93069,"MinIO contains a security feature bypass vulnerability that allows an attacker to use crafted requests to bypass metadata bucket name checking and put an object into any bucket while processing `PostPolicyBucket` to conduct privilege escalation. To carry out this attack, the attacker requires credentials with `arn:aws:s3:::*` permission, as well as enabled Console API access.",MinIO,MinIO
+CVE-2023-41179,7.2,0.00697,0.80641,Trend Micro Apex One and Worry-Free Business Security contain an unspecified vulnerability in the third-party anti-virus uninstaller that could allow an attacker to manipulate the module to conduct remote code execution. An attacker must first obtain administrative console access on the target system in order to exploit this vulnerability.,Trend Micro,Apex One and Worry-Free Business Security
+CVE-2023-41991,5.5,0.02198,0.89669,"Apple iOS, iPadOS, macOS, and watchOS contain an improper certificate validation vulnerability that can allow a malicious app to bypass signature validation.",Apple,Multiple Products
+CVE-2023-41992,7.8,0.00062,0.27339,"Apple iOS, iPadOS, macOS, and watchOS contain an unspecified vulnerability that allows for local privilege escalation.",Apple,Multiple Products
+CVE-2023-41993,8.8,0.00309,0.70478,"Apple iOS, iPadOS, macOS, and Safari WebKit contain an unspecified vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,Multiple Products
+CVE-2018-14667,9.8,0.79976,0.9837,"Red Hat JBoss RichFaces Framework contains an expression language injection vulnerability via the UserResource resource. A remote, unauthenticated attacker could exploit this vulnerability to execute malicious code using a chain of Java serialized objects via org.ajax4jsf.resource.UserResource$UriData.",Red Hat,JBoss RichFaces Framework
 CVE-2023-5217,8.8,0.30608,0.97039,"Google Chromium libvpx contains a heap buffer overflow vulnerability in vp8 encoding that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could impact web browsers using libvpx, including but not limited to Google Chrome.",Google,Chromium libvpx
-CVE-2023-4211,5.5,0.21262,0.96528,"Arm Mali GPU Kernel Driver contains a use-after-free vulnerability that allows a local, non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.",Arm,Mali GPU Kernel Driver
+CVE-2023-4211,5.5,0.21262,0.96529,"Arm Mali GPU Kernel Driver contains a use-after-free vulnerability that allows a local, non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.",Arm,Mali GPU Kernel Driver
 CVE-2023-42793,9.8,0.97119,0.9983,JetBrains TeamCity contains an authentication bypass vulnerability that allows for remote code execution on TeamCity Server.,JetBrains,TeamCity
-CVE-2023-28229,7.0,0.01434,0.86874,Microsoft Windows Cryptographic Next Generation (CNG) Key Isolation Service contains an unspecified vulnerability that allows an attacker to gain specific limited SYSTEM privileges.,Microsoft,Windows CNG Key Isolation Service
+CVE-2023-28229,7.0,0.01434,0.86879,Microsoft Windows Cryptographic Next Generation (CNG) Key Isolation Service contains an unspecified vulnerability that allows an attacker to gain specific limited SYSTEM privileges.,Microsoft,Windows CNG Key Isolation Service
 CVE-2023-22515,9.8,0.97276,0.9989,Atlassian Confluence Data Center and Server contains a broken access control vulnerability that allows an attacker to create unauthorized Confluence administrator accounts and access Confluence.,Atlassian,Confluence Data Center and Server
 CVE-2023-40044,8.8,0.89366,0.98826,Progress WS_FTP Server contains a deserialization of untrusted data vulnerability in the Ad Hoc Transfer module that allows an authenticated attacker to execute remote commands on the underlying operating system.,Progress,WS_FTP Server
-CVE-2023-42824,7.8,0.00062,0.27332,Apple iOS and iPadOS contain an unspecified vulnerability that allows for local privilege escalation.,Apple,iOS and iPadOS
-CVE-2023-21608,7.8,0.01101,0.84766,Adobe Acrobat and Reader contains a use-after-free vulnerability that allows for code execution in the context of the current user.,Adobe,Acrobat and Reader
-CVE-2023-20109,6.6,0.00761,0.81537,"Cisco IOS and IOS XE contain an out-of-bounds write vulnerability in the Group Encrypted Transport VPN (GET VPN) feature that could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute malicious code or cause a device to crash.",Cisco,IOS and IOS XE
+CVE-2023-42824,7.8,0.00062,0.27339,Apple iOS and iPadOS contain an unspecified vulnerability that allows for local privilege escalation.,Apple,iOS and iPadOS
+CVE-2023-21608,7.8,0.01101,0.84773,Adobe Acrobat and Reader contains a use-after-free vulnerability that allows for code execution in the context of the current user.,Adobe,Acrobat and Reader
+CVE-2023-20109,6.6,0.00761,0.81544,"Cisco IOS and IOS XE contain an out-of-bounds write vulnerability in the Group Encrypted Transport VPN (GET VPN) feature that could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute malicious code or cause a device to crash.",Cisco,IOS and IOS XE
 CVE-2023-41763,5.3,0.61843,0.97894,Microsoft Skype for Business contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Skype for Business
-CVE-2023-36563,5.5,0.0021,0.59441,Microsoft WordPad contains an unspecified vulnerability that allows for information disclosure.,Microsoft,WordPad
-CVE-2023-44487,7.5,0.81326,0.9843,HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS).,IETF,HTTP/2
-CVE-2023-20198,10.0,0.85066,0.98594,"Cisco IOS XE Web UI contains a privilege escalation vulnerability in the web user interface that could allow a remote, unauthenticated attacker to create an account with privilege level 15 access. The attacker can then use that account to gain control of the affected device.",Cisco,IOS XE Web UI
+CVE-2023-36563,5.5,0.0021,0.59453,Microsoft WordPad contains an unspecified vulnerability that allows for information disclosure.,Microsoft,WordPad
+CVE-2023-44487,7.5,0.81326,0.98431,HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS).,IETF,HTTP/2
+CVE-2023-20198,10.0,0.85066,0.98595,"Cisco IOS XE Web UI contains a privilege escalation vulnerability in the web user interface that could allow a remote, unauthenticated attacker to create an account with privilege level 15 access. The attacker can then use that account to gain control of the affected device.",Cisco,IOS XE Web UI
 CVE-2023-4966,7.5,0.97084,0.99813,"Citrix NetScaler ADC and NetScaler Gateway contain a buffer overflow vulnerability that allows for sensitive information disclosure when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.",Citrix,NetScaler ADC and NetScaler Gateway
-CVE-2023-20273,7.2,0.03829,0.92075,"Cisco IOS XE contains a command injection vulnerability in the web user interface. When chained with CVE-2023-20198, the attacker can leverage the new local user to elevate privilege to root and write the implant to the file system. Cisco identified CVE-2023-20273 as the vulnerability exploited to deploy the implant. CVE-2021-1435, previously associated with the exploitation events, is no longer believed to be related to this activity.",Cisco,Cisco IOS XE Web UI
-CVE-2023-5631,5.4,0.0068,0.80355,Roundcube Webmail contains a persistent cross-site scripting (XSS) vulnerability that allows a remote attacker to run malicious JavaScript code.,Roundcube,Webmail
-CVE-2023-46748,8.8,0.00731,0.81124,F5 BIG-IP Configuration utility contains an SQL injection vulnerability that may allow an authenticated attacker with network access through the BIG-IP management port and/or self IP addresses to execute system commands. This vulnerability can be used in conjunction with CVE-2023-46747.,F5,BIG-IP Configuration Utility
-CVE-2023-46747,9.8,0.97226,0.99865,F5 BIG-IP Configuration utility contains an authentication bypass using an alternate path or channel vulnerability due to undisclosed requests that may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute system commands. This vulnerability can be used in conjunction with CVE-2023-46748.,F5,BIG-IP Configuration Utility
-CVE-2023-46604,9.8,0.9688,0.99744,Apache ActiveMQ contains a deserialization of untrusted data vulnerability that may allow a remote attacker with network access to a broker to run shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath.,Apache,ActiveMQ
-CVE-2023-22518,9.8,0.9618,0.99559,Atlassian Confluence Data Center and Server contain an improper authorization vulnerability that can result in significant data loss when exploited by an unauthenticated attacker. There is no impact on confidentiality since the attacker cannot exfiltrate any data.,Atlassian,Confluence Data Center and Server
-CVE-2023-29552,7.5,0.02295,0.89903,"The Service Location Protocol (SLP) contains a denial-of-service (DoS) vulnerability that could allow an unauthenticated, remote attacker to register services and use spoofed UDP traffic to conduct a denial-of-service (DoS) attack with a significant amplification factor.",IETF,Service Location Protocol (SLP)
-CVE-2023-47246,9.8,0.95604,0.99461,SysAid Server (on-premises version) contains a path traversal vulnerability that leads to code execution.,SysAid,SysAid Server
-CVE-2023-36844,5.3,0.44451,0.97456,"Juniper Junos OS on EX Series contains a PHP external variable modification vulnerability that allows an unauthenticated, network-based attacker to control certain, important environment variables. Using a crafted request an attacker is able to modify certain PHP environment variables, leading to partial loss of integrity, which may allow chaining to other vulnerabilities.",Juniper,Junos OS
+CVE-2023-20273,7.2,0.03829,0.9208,"Cisco IOS XE contains a command injection vulnerability in the web user interface. When chained with CVE-2023-20198, the attacker can leverage the new local user to elevate privilege to root and write the implant to the file system. Cisco identified CVE-2023-20273 as the vulnerability exploited to deploy the implant. CVE-2021-1435, previously associated with the exploitation events, is no longer believed to be related to this activity.",Cisco,Cisco IOS XE Web UI
+CVE-2023-5631,5.4,0.0068,0.80365,Roundcube Webmail contains a persistent cross-site scripting (XSS) vulnerability that allows a remote attacker to run malicious JavaScript code.,Roundcube,Webmail
+CVE-2023-46748,8.8,0.00731,0.81132,F5 BIG-IP Configuration utility contains an SQL injection vulnerability that may allow an authenticated attacker with network access through the BIG-IP management port and/or self IP addresses to execute system commands. This vulnerability can be used in conjunction with CVE-2023-46747.,F5,BIG-IP Configuration Utility
+CVE-2023-46747,9.8,0.97226,0.99866,F5 BIG-IP Configuration utility contains an authentication bypass using an alternate path or channel vulnerability due to undisclosed requests that may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute system commands. This vulnerability can be used in conjunction with CVE-2023-46748.,F5,BIG-IP Configuration Utility
+CVE-2023-46604,9.8,0.9688,0.99743,Apache ActiveMQ contains a deserialization of untrusted data vulnerability that may allow a remote attacker with network access to a broker to run shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath.,Apache,ActiveMQ
+CVE-2023-22518,9.8,0.9618,0.9956,Atlassian Confluence Data Center and Server contain an improper authorization vulnerability that can result in significant data loss when exploited by an unauthenticated attacker. There is no impact on confidentiality since the attacker cannot exfiltrate any data.,Atlassian,Confluence Data Center and Server
+CVE-2023-29552,7.5,0.02295,0.89909,"The Service Location Protocol (SLP) contains a denial-of-service (DoS) vulnerability that could allow an unauthenticated, remote attacker to register services and use spoofed UDP traffic to conduct a denial-of-service (DoS) attack with a significant amplification factor.",IETF,Service Location Protocol (SLP)
+CVE-2023-47246,9.8,0.95604,0.99462,SysAid Server (on-premises version) contains a path traversal vulnerability that leads to code execution.,SysAid,SysAid Server
+CVE-2023-36844,5.3,0.44451,0.97458,"Juniper Junos OS on EX Series contains a PHP external variable modification vulnerability that allows an unauthenticated, network-based attacker to control certain, important environment variables. Using a crafted request an attacker is able to modify certain PHP environment variables, leading to partial loss of integrity, which may allow chaining to other vulnerabilities.",Juniper,Junos OS
 CVE-2023-36845,9.8,0.96675,0.99688,"Juniper Junos OS on EX Series and SRX Series contains a PHP external variable modification vulnerability that allows an unauthenticated, network-based attacker to control an important environment variable. Using a crafted request, which sets the variable PHPRC, an attacker is able to modify the PHP execution environment allowing the injection und execution of code.",Juniper,Junos OS
-CVE-2023-36846,5.3,0.00739,0.81225,"Juniper Junos OS on SRX Series contains a missing authentication for critical function vulnerability that allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to user.php that doesn't require authentication, an attacker is able to upload arbitrary files via J-Web, leading to a loss of integrity for a certain part of the file system, which may allow chaining to other vulnerabilities.",Juniper,Junos OS
-CVE-2023-36847,5.3,0.00739,0.81225,"Juniper Junos OS on EX Series contains a missing authentication for critical function vulnerability that allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to installAppPackage.php that doesn't require authentication, an attacker is able to upload arbitrary files via J-Web, leading to a loss of integrity for a certain part of the file system, which may allow chaining to other vulnerabilities.",Juniper,Junos OS
-CVE-2023-36851,5.3,0.00668,0.80131,"Juniper Junos OS on SRX Series contains a missing authentication for critical function vulnerability that allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to webauth_operation.php that doesn't require authentication, an attacker is able to upload arbitrary files via J-Web, leading to a loss of integrity for a certain part of the file system, which may allow chaining to other vulnerabilities.",Juniper,Junos OS
+CVE-2023-36846,5.3,0.00739,0.81233,"Juniper Junos OS on SRX Series contains a missing authentication for critical function vulnerability that allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to user.php that doesn't require authentication, an attacker is able to upload arbitrary files via J-Web, leading to a loss of integrity for a certain part of the file system, which may allow chaining to other vulnerabilities.",Juniper,Junos OS
+CVE-2023-36847,5.3,0.00739,0.81233,"Juniper Junos OS on EX Series contains a missing authentication for critical function vulnerability that allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to installAppPackage.php that doesn't require authentication, an attacker is able to upload arbitrary files via J-Web, leading to a loss of integrity for a certain part of the file system, which may allow chaining to other vulnerabilities.",Juniper,Junos OS
+CVE-2023-36851,5.3,0.00668,0.80141,"Juniper Junos OS on SRX Series contains a missing authentication for critical function vulnerability that allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to webauth_operation.php that doesn't require authentication, an attacker is able to upload arbitrary files via J-Web, leading to a loss of integrity for a certain part of the file system, which may allow chaining to other vulnerabilities.",Juniper,Junos OS
 CVE-2023-36033,7.8,0.00051,0.20577,Microsoft Windows Desktop Window Manager (DWM) Core Library contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Windows
-CVE-2023-36025,8.8,0.00655,0.7991,Microsoft Windows SmartScreen contains a security feature bypass vulnerability that could allow an attacker to bypass Windows Defender SmartScreen checks and their associated prompts.,Microsoft,Windows
-CVE-2023-36036,7.8,0.00048,0.18674,Microsoft Windows Cloud Files Mini Filter Driver contains a privilege escalation vulnerability that could allow an attacker to gain SYSTEM privileges.,Microsoft,Windows
-CVE-2023-36584,5.4,0.00124,0.47626,Microsoft Windows Mark of the Web (MOTW) contains a security feature bypass vulnerability resulting in a limited loss of integrity and availability of security features.,Microsoft,Windows
-CVE-2023-1671,9.8,0.96269,0.99576,Sophos Web Appliance contains a command injection vulnerability in the warn-proceed handler that allows for remote code execution.,Sophos,Web Appliance
+CVE-2023-36025,8.8,0.00655,0.79921,Microsoft Windows SmartScreen contains a security feature bypass vulnerability that could allow an attacker to bypass Windows Defender SmartScreen checks and their associated prompts.,Microsoft,Windows
+CVE-2023-36036,7.8,0.00048,0.18671,Microsoft Windows Cloud Files Mini Filter Driver contains a privilege escalation vulnerability that could allow an attacker to gain SYSTEM privileges.,Microsoft,Windows
+CVE-2023-36584,5.4,0.00124,0.47635,Microsoft Windows Mark of the Web (MOTW) contains a security feature bypass vulnerability resulting in a limited loss of integrity and availability of security features.,Microsoft,Windows
+CVE-2023-1671,9.8,0.96269,0.99577,Sophos Web Appliance contains a command injection vulnerability in the warn-proceed handler that allows for remote code execution.,Sophos,Web Appliance
 CVE-2020-2551,9.8,0.97537,0.99995,Oracle Fusion Middleware contains an unspecified vulnerability in the WLS Core Components that allows an unauthenticated attacker with network access via IIOP to compromise the WebLogic Server.,Oracle,Fusion Middleware
-CVE-2023-4911,7.8,0.01741,0.88222,"GNU C Library's dynamic loader ld.so contains a buffer overflow vulnerability when processing the GLIBC_TUNABLES environment variable, allowing a local attacker to execute code with elevated privileges.",GNU,GNU C Library
-CVE-2023-6345,9.6,0.09932,0.94984,"Google Chromium Skia contains an integer overflow vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a malicious file. This vulnerability affects Google Chrome and ChromeOS, Android, Flutter, and possibly other products.",Google,Chromium Skia
-CVE-2023-49103,7.5,0.94968,0.99351,"ownCloud graphapi contains an information disclosure vulnerability that can reveal sensitive data stored in phpinfo() via GetPhpInfo.php, including administrative credentials.",ownCloud,ownCloud graphapi
-CVE-2023-42917,8.8,0.00173,0.55168,"Apple iOS, iPadOS, macOS, and Safari WebKit contain a memory corruption vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,Multiple Products
-CVE-2023-42916,6.5,0.0026,0.66399,"Apple iOS, iPadOS, macOS, and Safari WebKit contain an out-of-bounds read vulnerability that may disclose sensitive information when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,Multiple Products
-CVE-2023-33107,7.8,0.00064,0.28787,Multiple Qualcomm chipsets contain an integer overflow vulnerability due to memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call.,Qualcomm,Multiple Chipsets
-CVE-2023-33106,7.8,0.00064,0.28787,Multiple Qualcomm chipsets contain a use of out-of-range pointer offset vulnerability due to memory corruption in Graphics while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND.,Qualcomm,Multiple Chipsets
-CVE-2023-33063,7.8,0.00064,0.28787,Multiple Qualcomm chipsets contain a use-after-free vulnerability due to memory corruption in DSP Services during a remote call from HLOS to DSP.,Qualcomm,Multiple Chipsets
-CVE-2022-22071,7.8,0.00114,0.457,Multiple Qualcomm chipsets contain a use-after-free vulnerability when process shell memory is freed using IOCTL munmap call and process initialization is in progress.,Qualcomm,Multiple Chipsets
-CVE-2023-41266,6.5,0.81906,0.98458,"Qlik Sense contains a path traversal vulnerability that allows a remote, unauthenticated attacker to create an anonymous session by sending maliciously crafted HTTP requests. This anonymous session could allow the attacker to send further requests to unauthorized endpoints.",Qlik,Sense
+CVE-2023-4911,7.8,0.01741,0.88227,"GNU C Library's dynamic loader ld.so contains a buffer overflow vulnerability when processing the GLIBC_TUNABLES environment variable, allowing a local attacker to execute code with elevated privileges.",GNU,GNU C Library
+CVE-2023-6345,9.6,0.09932,0.94986,"Google Chromium Skia contains an integer overflow vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a malicious file. This vulnerability affects Google Chrome and ChromeOS, Android, Flutter, and possibly other products.",Google,Chromium Skia
+CVE-2023-49103,7.5,0.94968,0.99352,"ownCloud graphapi contains an information disclosure vulnerability that can reveal sensitive data stored in phpinfo() via GetPhpInfo.php, including administrative credentials.",ownCloud,ownCloud graphapi
+CVE-2023-42917,8.8,0.00173,0.55179,"Apple iOS, iPadOS, macOS, and Safari WebKit contain a memory corruption vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,Multiple Products
+CVE-2023-42916,6.5,0.0026,0.66406,"Apple iOS, iPadOS, macOS, and Safari WebKit contain an out-of-bounds read vulnerability that may disclose sensitive information when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,Multiple Products
+CVE-2023-33107,7.8,0.00064,0.28796,Multiple Qualcomm chipsets contain an integer overflow vulnerability due to memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call.,Qualcomm,Multiple Chipsets
+CVE-2023-33106,7.8,0.00064,0.28796,Multiple Qualcomm chipsets contain a use of out-of-range pointer offset vulnerability due to memory corruption in Graphics while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND.,Qualcomm,Multiple Chipsets
+CVE-2023-33063,7.8,0.00064,0.28796,Multiple Qualcomm chipsets contain a use-after-free vulnerability due to memory corruption in DSP Services during a remote call from HLOS to DSP.,Qualcomm,Multiple Chipsets
+CVE-2022-22071,7.8,0.00114,0.45709,Multiple Qualcomm chipsets contain a use-after-free vulnerability when process shell memory is freed using IOCTL munmap call and process initialization is in progress.,Qualcomm,Multiple Chipsets
+CVE-2023-41266,6.5,0.81906,0.98459,"Qlik Sense contains a path traversal vulnerability that allows a remote, unauthenticated attacker to create an anonymous session by sending maliciously crafted HTTP requests. This anonymous session could allow the attacker to send further requests to unauthorized endpoints.",Qlik,Sense
 CVE-2023-41265,9.9,0.90759,0.98921,Qlik Sense contains an HTTP tunneling vulnerability that allows an attacker to escalate privileges and execute HTTP requests on the backend server hosting the software.,Qlik,Sense
-CVE-2023-6448,9.8,0.03937,0.92192,"Unitronics Vision Series PLCs and HMIs ship with an insecure default password, which if left unchanged, can allow attackers to execute remote commands.",Unitronics,Vision PLC and HMI
-CVE-2023-49897,8.8,0.00976,0.8374,FXC AE1021 and AE1021PE contain an OS command injection vulnerability that allows authenticated users to execute commands via a network.,FXC,"AE1021, AE1021PE"
-CVE-2023-47565,8.8,0.01966,0.89032,QNAP VioStar NVR contains an OS command injection vulnerability that allows authenticated users to execute commands via a network.,QNAP,VioStor NVR
-CVE-2023-7101,7.8,0.08472,0.94553,"Spreadsheet::ParseExcel contains a remote code execution vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of Number format strings within the Excel parsing logic.",Spreadsheet::ParseExcel,Spreadsheet::ParseExcel
-CVE-2023-7024,8.8,0.00696,0.80609,"Google Chromium WebRTC, an open-source project providing web browsers with real-time communication, contains a heap buffer overflow vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could impact web browsers using WebRTC, including but not limited to Google Chrome.",Google,Chromium WebRTC
+CVE-2023-6448,9.8,0.03937,0.92197,"Unitronics Vision Series PLCs and HMIs ship with an insecure default password, which if left unchanged, can allow attackers to execute remote commands.",Unitronics,Vision PLC and HMI
+CVE-2023-49897,8.8,0.00976,0.83744,FXC AE1021 and AE1021PE contain an OS command injection vulnerability that allows authenticated users to execute commands via a network.,FXC,"AE1021, AE1021PE"
+CVE-2023-47565,8.8,0.01966,0.89037,QNAP VioStar NVR contains an OS command injection vulnerability that allows authenticated users to execute commands via a network.,QNAP,VioStor NVR
+CVE-2023-7101,7.8,0.08472,0.94556,"Spreadsheet::ParseExcel contains a remote code execution vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of Number format strings within the Excel parsing logic.",Spreadsheet::ParseExcel,Spreadsheet::ParseExcel
+CVE-2023-7024,8.8,0.00696,0.80617,"Google Chromium WebRTC, an open-source project providing web browsers with real-time communication, contains a heap buffer overflow vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could impact web browsers using WebRTC, including but not limited to Google Chrome.",Google,Chromium WebRTC
 CVE-2023-23752,5.3,0.95146,0.99379,Joomla! contains an improper access control vulnerability that allows unauthorized access to webservice endpoints.,Joomla!,Joomla!
-CVE-2016-20017,9.8,0.0163,0.87822,"D-Link DSL-2750B devices contain a command injection vulnerability that allows remote, unauthenticated command injection via the login.cgi cli parameter.",D-Link,DSL-2750B Devices
-CVE-2023-41990,7.8,0.00073,0.3259,"Apple iOS, iPadOS, macOS, tvOS, and watchOS contain an unspecified vulnerability that allows for code execution when processing a font file.",Apple,Multiple Products
-CVE-2023-27524,9.8,0.9706,0.99802,Apache Superset contains an insecure default initialization of a resource vulnerability that allows an attacker to authenticate and access unauthorized resources on installations that have not altered the default configured SECRET_KEY according to installation instructions.,Apache,Superset
-CVE-2023-29300,9.8,0.96924,0.99758,Adobe ColdFusion contains a deserialization of untrusted data vulnerability that allows for code execution.,Adobe,ColdFusion
-CVE-2023-38203,9.8,0.96583,0.99662,Adobe ColdFusion contains a deserialization of untrusted data vulnerability that allows for code execution.,Adobe,ColdFusion
-CVE-2023-29357,9.8,0.86088,0.98638,"Microsoft SharePoint Server contains an unspecified vulnerability that allows an unauthenticated attacker, who has gained access to spoofed JWT authentication tokens, to use them for executing a network attack. This attack bypasses authentication, enabling the attacker to gain administrator privileges.",Microsoft,SharePoint Server
+CVE-2016-20017,9.8,0.0163,0.87828,"D-Link DSL-2750B devices contain a command injection vulnerability that allows remote, unauthenticated command injection via the login.cgi cli parameter.",D-Link,DSL-2750B Devices
+CVE-2023-41990,7.8,0.00073,0.32598,"Apple iOS, iPadOS, macOS, tvOS, and watchOS contain an unspecified vulnerability that allows for code execution when processing a font file.",Apple,Multiple Products
+CVE-2023-27524,9.8,0.9706,0.99801,Apache Superset contains an insecure default initialization of a resource vulnerability that allows an attacker to authenticate and access unauthorized resources on installations that have not altered the default configured SECRET_KEY according to installation instructions.,Apache,Superset
+CVE-2023-29300,9.8,0.96924,0.99757,Adobe ColdFusion contains a deserialization of untrusted data vulnerability that allows for code execution.,Adobe,ColdFusion
+CVE-2023-38203,9.8,0.96583,0.99663,Adobe ColdFusion contains a deserialization of untrusted data vulnerability that allows for code execution.,Adobe,ColdFusion
+CVE-2023-29357,9.8,0.86088,0.98639,"Microsoft SharePoint Server contains an unspecified vulnerability that allows an unauthenticated attacker, who has gained access to spoofed JWT authentication tokens, to use them for executing a network attack. This attack bypasses authentication, enabling the attacker to gain administrator privileges.",Microsoft,SharePoint Server
 CVE-2023-46805,8.2,0.95023,0.99361,"Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure) and Ivanti Policy Secure gateways contain an authentication bypass vulnerability in the web component that allows an attacker to access restricted resources by bypassing control checks. This vulnerability can be leveraged in conjunction with CVE-2024-21887, a command injection vulnerability.",Ivanti,Connect Secure and Policy Secure
 CVE-2024-21887,9.1,0.96761,0.9971,"Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure) and Ivanti Policy Secure contain a command injection vulnerability in the web components of these products, which can allow an authenticated administrator to send crafted requests to execute code on affected appliances. This vulnerability can be leveraged in conjunction with CVE-2023-46805, an authenticated bypass issue.",Ivanti,Connect Secure and Policy Secure
-CVE-2018-15133,8.1,0.96788,0.99718,"Laravel Framework contains a deserialization of untrusted data vulnerability, allowing for remote command execution. This vulnerability may only be exploited if a malicious user has accessed the application encryption key (APP_KEY environment variable).",Laravel,Laravel Framework
-CVE-2024-0519,8.8,0.00206,0.59073,"Google Chromium V8 Engine contains an out-of-bounds memory access vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
-CVE-2023-6549,7.5,0.00747,0.81322,"Citrix NetScaler ADC and NetScaler Gateway contain a buffer overflow vulnerability that allows for a denial-of-service when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.",Citrix,NetScaler ADC and NetScaler Gateway
-CVE-2023-6548,8.8,0.01611,0.87747,"Citrix NetScaler ADC and NetScaler Gateway contain a code injection vulnerability that allows for authenticated remote code execution on the management interface with access to NSIP, CLIP, or SNIP.",Citrix,NetScaler ADC and NetScaler Gateway
+CVE-2018-15133,8.1,0.96788,0.99717,"Laravel Framework contains a deserialization of untrusted data vulnerability, allowing for remote command execution. This vulnerability may only be exploited if a malicious user has accessed the application encryption key (APP_KEY environment variable).",Laravel,Laravel Framework
+CVE-2024-0519,8.8,0.00206,0.59083,"Google Chromium V8 Engine contains an out-of-bounds memory access vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
+CVE-2023-6549,7.5,0.00747,0.81329,"Citrix NetScaler ADC and NetScaler Gateway contain a buffer overflow vulnerability that allows for a denial-of-service when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.",Citrix,NetScaler ADC and NetScaler Gateway
+CVE-2023-6548,8.8,0.01611,0.87753,"Citrix NetScaler ADC and NetScaler Gateway contain a code injection vulnerability that allows for authenticated remote code execution on the management interface with access to NSIP, CLIP, or SNIP.",Citrix,NetScaler ADC and NetScaler Gateway
 CVE-2023-35082,9.8,0.96746,0.99707,Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core contain an authentication bypass vulnerability that allows unauthorized users to access restricted functionality or resources of the application.,Ivanti,Endpoint Manager Mobile (EPMM) and MobileIron Core
-CVE-2023-34048,9.8,0.04385,0.92557,VMware vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol that allows an attacker to conduct remote code execution.,VMware,vCenter Server
-CVE-2024-23222,8.8,0.00111,0.45115,"Apple iOS, iPadOS, macOS, tvOS, and Safari WebKit contain a type confusion vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,Multiple Products
-CVE-2023-22527,9.8,0.97094,0.9982,Atlassian Confluence Data Center and Server contain an unauthenticated OGNL template injection vulnerability that can lead to remote code execution.,Atlassian,Confluence Data Center and Server
-CVE-2022-48618,7.0,0.00346,0.7214,"Apple iOS, iPadOS, macOS, tvOS, and watchOS contain a time-of-check/time-of-use (TOCTOU) memory corruption vulnerability that allows an attacker with read and write capabilities to bypass Pointer Authentication.",Apple,Multiple Products
+CVE-2023-34048,9.8,0.04385,0.92562,VMware vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol that allows an attacker to conduct remote code execution.,VMware,vCenter Server
+CVE-2024-23222,8.8,0.00111,0.45125,"Apple iOS, iPadOS, macOS, tvOS, and Safari WebKit contain a type confusion vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",Apple,Multiple Products
+CVE-2023-22527,9.8,0.97094,0.99819,Atlassian Confluence Data Center and Server contain an unauthenticated OGNL template injection vulnerability that can lead to remote code execution.,Atlassian,Confluence Data Center and Server
+CVE-2022-48618,7.0,0.00346,0.72148,"Apple iOS, iPadOS, macOS, tvOS, and watchOS contain a time-of-check/time-of-use (TOCTOU) memory corruption vulnerability that allows an attacker with read and write capabilities to bypass Pointer Authentication.",Apple,Multiple Products
 CVE-2024-21893,8.2,0.9068,0.98915,"Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure), Ivanti Policy Secure, and Ivanti Neurons contain a server-side request forgery (SSRF) vulnerability in the SAML component that allows an attacker to access certain restricted resources without authentication.",Ivanti,"Connect Secure, Policy Secure, and Neurons"
-CVE-2023-4762,8.8,0.82636,0.98488,"Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to execute code via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
-CVE-2024-21762,9.8,0.01842,0.88613,Fortinet FortiOS contains an out-of-bound write vulnerability that allows a remote unauthenticated attacker to execute code or commands via specially crafted HTTP requests.,Fortinet,FortiOS
-CVE-2023-43770,6.1,0.1891,0.96348,Roundcube Webmail contains a persistent cross-site scripting (XSS) vulnerability that can lead to information disclosure via malicious link references in plain/text messages.,Roundcube,Webmail
-CVE-2024-21412,8.1,0.00298,0.69929,Microsoft Windows Internet Shortcut Files contains an unspecified vulnerability that allows for a security feature bypass.,Microsoft,Windows
-CVE-2024-21351,7.6,0.04763,0.92867,"Microsoft Windows SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the SmartScreen user experience and inject code to potentially gain code execution, which could lead to some data exposure, lack of system availability, or both.",Microsoft,Windows
-CVE-2020-3259,7.5,0.02709,0.90706,"Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an information disclosure vulnerability. An attacker could retrieve memory contents on an affected device, which could lead to the disclosure of confidential information due to a buffer tracking issue when the software parses invalid URLs that are requested from the web services interface. This vulnerability affects only specific AnyConnect and WebVPN configurations.",Cisco,Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
-CVE-2024-21410,9.8,0.07383,0.94217,Microsoft Exchange Server contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Exchange Server
+CVE-2023-4762,8.8,0.82636,0.9849,"Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to execute code via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
+CVE-2024-21762,9.8,0.01842,0.88619,Fortinet FortiOS contains an out-of-bound write vulnerability that allows a remote unauthenticated attacker to execute code or commands via specially crafted HTTP requests.,Fortinet,FortiOS
+CVE-2023-43770,6.1,0.1891,0.9635,Roundcube Webmail contains a persistent cross-site scripting (XSS) vulnerability that can lead to information disclosure via malicious link references in plain/text messages.,Roundcube,Webmail
+CVE-2024-21412,8.1,0.00298,0.69934,Microsoft Windows Internet Shortcut Files contains an unspecified vulnerability that allows for a security feature bypass.,Microsoft,Windows
+CVE-2024-21351,7.6,0.04763,0.92869,"Microsoft Windows SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the SmartScreen user experience and inject code to potentially gain code execution, which could lead to some data exposure, lack of system availability, or both.",Microsoft,Windows
+CVE-2020-3259,7.5,0.02709,0.90712,"Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an information disclosure vulnerability. An attacker could retrieve memory contents on an affected device, which could lead to the disclosure of confidential information due to a buffer tracking issue when the software parses invalid URLs that are requested from the web services interface. This vulnerability affects only specific AnyConnect and WebVPN configurations.",Cisco,Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
+CVE-2024-21410,9.8,0.07383,0.94222,Microsoft Exchange Server contains an unspecified vulnerability that allows for privilege escalation.,Microsoft,Exchange Server
 CVE-2024-1709,10.0,0.92597,0.99069,"ConnectWise ScreenConnect contains an authentication bypass vulnerability that allows an attacker with network access to the management interface to create a new, administrator-level account on affected devices.",ConnectWise,ScreenConnect
-CVE-2023-29360,8.4,0.00448,0.75531,"Microsoft Streaming Service contains an untrusted pointer dereference vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges.",Microsoft,Streaming Service
-CVE-2024-21338,7.8,0.01426,0.86841,Microsoft Windows Kernel contains an exposed IOCTL with insufficient access control vulnerability within the IOCTL (input and output control) dispatcher in appid.sys that allows a local attacker to achieve privilege escalation.,Microsoft,Windows
-CVE-2023-21237,5.5,0.03923,0.9218,"Android Pixel contains a vulnerability in the Framework component, where the UI may be misleading or insufficient, providing a means to hide a foreground service notification. This could enable a local attacker to disclose sensitive information.",Android,Pixel
+CVE-2023-29360,8.4,0.00448,0.75538,"Microsoft Streaming Service contains an untrusted pointer dereference vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges.",Microsoft,Streaming Service
+CVE-2024-21338,7.8,0.01426,0.86845,Microsoft Windows Kernel contains an exposed IOCTL with insufficient access control vulnerability within the IOCTL (input and output control) dispatcher in appid.sys that allows a local attacker to achieve privilege escalation.,Microsoft,Windows
+CVE-2023-21237,5.5,0.03923,0.92185,"Android Pixel contains a vulnerability in the Framework component, where the UI may be misleading or insufficient, providing a means to hide a foreground service notification. This could enable a local attacker to disclose sensitive information.",Android,Pixel
 CVE-2021-36380,9.8,0.97522,0.99993,Sunhillo SureLine contains an OS command injection vulnerability that allows an attacker to cause a denial-of-service or utilize the device for persistence on the network via shell metacharacters in ipAddr or dnsAddr in /cgi/networkDiag.cgi.,Sunhillo,SureLine
-CVE-2024-23225,7.8,0.00207,0.59115,"Apple iOS, iPadOS, macOS, tvOS, watchOS, and visionOS kernel contain a memory corruption vulnerability that allows an attacker with arbitrary kernel read and write capability to bypass kernel memory protections.",Apple,Multiple Products
-CVE-2024-23296,7.8,0.00207,0.59115,"Apple iOS, iPadOS, macOS, tvOS, and watchOS RTKit contain a memory corruption vulnerability that allows an attacker with arbitrary kernel read and write capability to bypass kernel memory protections.",Apple,Multiple Products
-CVE-2024-27198,9.8,0.97218,0.99863,JetBrains TeamCity contains an authentication bypass vulnerability that allows an attacker to perform admin actions.,JetBrains,TeamCity
+CVE-2024-23225,7.8,0.00207,0.59125,"Apple iOS, iPadOS, macOS, tvOS, watchOS, and visionOS kernel contain a memory corruption vulnerability that allows an attacker with arbitrary kernel read and write capability to bypass kernel memory protections.",Apple,Multiple Products
+CVE-2024-23296,7.8,0.00207,0.59125,"Apple iOS, iPadOS, macOS, tvOS, and watchOS RTKit contain a memory corruption vulnerability that allows an attacker with arbitrary kernel read and write capability to bypass kernel memory protections.",Apple,Multiple Products
+CVE-2024-27198,9.8,0.97218,0.99864,JetBrains TeamCity contains an authentication bypass vulnerability that allows an attacker to perform admin actions.,JetBrains,TeamCity
 CVE-2019-7256,9.8,0.97295,0.99896,Nice Linear eMerge E3-Series contains an OS command injection vulnerability that allows an attacker to conduct remote code execution.,Nice,Linear eMerge E3-Series
 CVE-2021-44529,9.8,0.97123,0.99834,Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) contains a code injection vulnerability that allows an unauthenticated user to execute malicious code with limited permissions (nobody).,Ivanti,Endpoint Manager Cloud Service Appliance (EPM CSA)
-CVE-2023-48788,9.8,0.71085,0.98116,Fortinet FortiClient EMS contains a SQL injection vulnerability that allows an unauthenticated attacker to execute commands as SYSTEM via specifically crafted requests.,Fortinet,FortiClient EMS
-CVE-2023-24955,7.2,0.21819,0.96568,Microsoft SharePoint Server contains a code injection vulnerability that allows an authenticated attacker with Site Owner privileges to execute code remotely.,Microsoft,SharePoint Server
-CVE-2024-29748,7.8,0.00083,0.36127,Android Pixel contains a privilege escalation vulnerability that allows an attacker to interrupt a factory reset triggered by a device admin app.,Android,Pixel
-CVE-2024-29745,5.5,0.00094,0.40528,"Android Pixel contains an information disclosure vulnerability in the fastboot firmware used to support unlocking, flashing, and locking affected devices.",Android,Pixel
+CVE-2023-48788,9.8,0.71085,0.98117,Fortinet FortiClient EMS contains a SQL injection vulnerability that allows an unauthenticated attacker to execute commands as SYSTEM via specifically crafted requests.,Fortinet,FortiClient EMS
+CVE-2023-24955,7.2,0.21819,0.96569,Microsoft SharePoint Server contains a code injection vulnerability that allows an authenticated attacker with Site Owner privileges to execute code remotely.,Microsoft,SharePoint Server
+CVE-2024-29748,7.8,0.00083,0.36132,Android Pixel contains a privilege escalation vulnerability that allows an attacker to interrupt a factory reset triggered by a device admin app.,Android,Pixel
+CVE-2024-29745,5.5,0.00094,0.40539,"Android Pixel contains an information disclosure vulnerability in the fastboot firmware used to support unlocking, flashing, and locking affected devices.",Android,Pixel
 CVE-2024-3273,9.8,0.92501,0.99062,"D-Link DNS-320L, DNS-325, DNS-327L, and DNS-340L contain a command injection vulnerability. When combined with CVE-2024-3272, this can lead to remote, unauthorized code execution.",D-Link,Multiple NAS Devices
-CVE-2024-3272,9.8,0.05866,0.93563,"D-Link DNS-320L, DNS-325, DNS-327L, and DNS-340L contains a hard-coded credential that allows an attacker to conduct authenticated command injection, leading to remote, unauthorized code execution.",D-Link,Multiple NAS Devices
-CVE-2024-3400,10.0,0.96299,0.99583,Palo Alto Networks PAN-OS GlobalProtect feature contains a command injection vulnerability that allows an unauthenticated attacker to execute commands with root privileges on the firewall.,Palo Alto Networks,PAN-OS
+CVE-2024-3272,9.8,0.05866,0.93567,"D-Link DNS-320L, DNS-325, DNS-327L, and DNS-340L contains a hard-coded credential that allows an attacker to conduct authenticated command injection, leading to remote, unauthorized code execution.",D-Link,Multiple NAS Devices
+CVE-2024-3400,10.0,0.96299,0.99584,Palo Alto Networks PAN-OS GlobalProtect feature contains a command injection vulnerability that allows an unauthenticated attacker to execute commands with root privileges on the firewall.,Palo Alto Networks,PAN-OS
 CVE-2022-38028,7.8,0.00051,0.20663,Microsoft Windows Print Spooler service contains a privilege escalation vulnerability. An attacker may modify a JavaScript constraints file and execute it with SYSTEM-level permissions.,Microsoft,Windows
 CVE-2024-4040,10.0,0.96543,0.9965,CrushFTP contains an unspecified sandbox escape vulnerability that allows a remote attacker to escape the CrushFTP virtual file system (VFS).,CrushFTP,CrushFTP
-CVE-2024-20359,6.0,0.00128,0.48375,Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain a privilege escalation vulnerability that can allow local privilege escalation from Administrator to root.,Cisco,Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
-CVE-2024-20353,8.6,0.00181,0.55963,Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an infinite loop vulnerability that can lead to remote denial of service condition.,Cisco,Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
-CVE-2024-29988,8.8,0.00226,0.61286,Microsoft SmartScreen Prompt contains a security feature bypass vulnerability that allows an attacker to bypass the Mark of the Web (MotW) feature. This vulnerability can be chained with CVE-2023-38831 and CVE-2024-21412 to execute a malicious file.,Microsoft,SmartScreen Prompt
-CVE-2023-7028,9.8,0.95705,0.99478,GitLab Community and Enterprise Editions contain an improper access control vulnerability. This allows an attacker to trigger password reset emails to be sent to an unverified email address to ultimately facilitate an account takeover.,GitLab,GitLab CE/EE
-CVE-2024-4671,9.6,0.001,0.4201,"Google Chromium Visuals contains a use-after-free vulnerability that allows a remote attacker to exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium
-CVE-2024-30040,8.8,0.00427,0.74861,Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for a security feature bypass.,Microsoft,Windows
-CVE-2024-30051,7.8,0.00131,0.48916,Microsoft DWM Core Library contains a privilege escalation vulnerability that allows an attacker to gain SYSTEM privileges.,Microsoft,DWM Core Library
-CVE-2024-4761,8.8,0.00223,0.61073,"Google Chromium V8 Engine contains an unspecified out-of-bounds memory write vulnerability via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera. ",Google,Chromium Visuals
-CVE-2021-40655,7.5,0.06838,0.94037,D-Link DIR-605 routers contain an information disclosure vulnerability that allows attackers to obtain a username and password by forging a post request to the /getcfg.php page. ,D-Link,DIR-605 Router
-CVE-2014-100005,8.8,0.87852,0.98732,D-Link DIR-600 routers contain a cross-site request forgery (CSRF) vulnerability that allows an attacker to change router configurations by hijacking an existing administrator session.,D-Link,DIR-600 Router
-CVE-2024-4947,8.8,0.00223,0.61073,Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to execute code via a crafted HTML page.,Google,Chromium V8
+CVE-2024-20359,6.0,0.00128,0.48383,Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain a privilege escalation vulnerability that can allow local privilege escalation from Administrator to root.,Cisco,Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
+CVE-2024-20353,8.6,0.00181,0.55973,Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an infinite loop vulnerability that can lead to remote denial of service condition.,Cisco,Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
+CVE-2024-29988,8.8,0.00298,0.69934,Microsoft SmartScreen Prompt contains a security feature bypass vulnerability that allows an attacker to bypass the Mark of the Web (MotW) feature. This vulnerability can be chained with CVE-2023-38831 and CVE-2024-21412 to execute a malicious file.,Microsoft,SmartScreen Prompt
+CVE-2023-7028,9.8,0.95705,0.99479,GitLab Community and Enterprise Editions contain an improper access control vulnerability. This allows an attacker to trigger password reset emails to be sent to an unverified email address to ultimately facilitate an account takeover.,GitLab,GitLab CE/EE
+CVE-2024-4671,9.6,0.001,0.42022,"Google Chromium Visuals contains a use-after-free vulnerability that allows a remote attacker to exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium
+CVE-2024-30040,8.8,0.00427,0.74867,Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for a security feature bypass.,Microsoft,Windows
+CVE-2024-30051,7.8,0.00131,0.48924,Microsoft DWM Core Library contains a privilege escalation vulnerability that allows an attacker to gain SYSTEM privileges.,Microsoft,DWM Core Library
+CVE-2024-4761,8.8,0.00223,0.61084,"Google Chromium V8 Engine contains an unspecified out-of-bounds memory write vulnerability via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera. ",Google,Chromium Visuals
+CVE-2021-40655,7.5,0.06838,0.9404,D-Link DIR-605 routers contain an information disclosure vulnerability that allows attackers to obtain a username and password by forging a post request to the /getcfg.php page. ,D-Link,DIR-605 Router
+CVE-2014-100005,8.8,0.87852,0.98733,D-Link DIR-600 routers contain a cross-site request forgery (CSRF) vulnerability that allows an attacker to change router configurations by hijacking an existing administrator session.,D-Link,DIR-600 Router
+CVE-2024-4947,8.8,0.00223,0.61084,Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to execute code via a crafted HTML page.,Google,Chromium V8
 CVE-2023-43208,9.8,0.97397,0.99939,NextGen Healthcare Mirth Connect contains a deserialization of untrusted data vulnerability that allows for unauthenticated remote code execution via a specially crafted request.,NextGen Healthcare,Mirth Connect
 CVE-2020-17519,7.5,0.97266,0.99883,Apache Flink contains an improper access control vulnerability that allows an attacker to read any file on the local filesystem of the JobManager through its REST interface.,Apache,Flink
-CVE-2024-5274,8.8,0.00346,0.72161,"Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to execute code via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
-CVE-2024-4978,8.4,0.02833,0.90887,"Justice AV Solutions (JAVS) Viewer installer contains a malicious version of ffmpeg.exe, named fffmpeg.exe (SHA256: 421a4ad2615941b177b6ec4ab5e239c14e62af2ab07c6df1741e2a62223223c4). When run, this creates a backdoor connection to a malicious C2 server.",Justice AV Solutions,Viewer 
-CVE-2024-1086,7.8,0.00291,0.696,Linux kernel contains a use-after-free vulnerability in the netfilter: nf_tables component that allows an attacker to achieve local privilege escalation.,Linux,Kernel
-CVE-2024-24919,8.6,0.94398,0.99261,"Check Point Quantum Security Gateways contain an unspecified information disclosure vulnerability. The vulnerability potentially allows an attacker to access information on Gateways connected to the internet, with IPSec VPN, Remote Access VPN or Mobile Access enabled. This issue affects several product lines from Check Point, including CloudGuard Network, Quantum Scalable Chassis, Quantum Security Gateways, and Quantum Spark Appliances.",Check Point,Quantum Security Gateways
+CVE-2024-5274,8.8,0.00346,0.72169,"Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to execute code via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
+CVE-2024-4978,8.4,0.02833,0.90891,"Justice AV Solutions (JAVS) Viewer installer contains a malicious version of ffmpeg.exe, named fffmpeg.exe (SHA256: 421a4ad2615941b177b6ec4ab5e239c14e62af2ab07c6df1741e2a62223223c4). When run, this creates a backdoor connection to a malicious C2 server.",Justice AV Solutions,Viewer 
+CVE-2024-1086,7.8,0.00291,0.69606,Linux kernel contains a use-after-free vulnerability in the netfilter: nf_tables component that allows an attacker to achieve local privilege escalation.,Linux,Kernel
+CVE-2024-24919,8.6,0.94543,0.99283,"Check Point Quantum Security Gateways contain an unspecified information disclosure vulnerability. The vulnerability potentially allows an attacker to access information on Gateways connected to the internet, with IPSec VPN, Remote Access VPN or Mobile Access enabled. This issue affects several product lines from Check Point, including CloudGuard Network, Quantum Scalable Chassis, Quantum Security Gateways, and Quantum Spark Appliances.",Check Point,Quantum Security Gateways
 CVE-2017-3506,7.4,0.5738,0.9777,"Oracle WebLogic Server, a product within the Fusion Middleware suite, contains an OS command injection vulnerability that allows an attacker to execute arbitrary code via a specially crafted HTTP request that includes a malicious XML document.",Oracle,WebLogic Server
-CVE-2024-4577,9.8,0.9632,0.99588,"PHP, specifically Windows-based PHP used in CGI mode, contains an OS command injection vulnerability that allows for arbitrary code execution. This vulnerability is a patch bypass for CVE-2012-1823.",PHP Group,PHP
-CVE-2024-4610,7.8,0.15862,0.96057,"Arm Bifrost and Valhall GPU kernel drivers contain a use-after-free vulnerability that allows a local, non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.",Arm,Mali GPU Kernel Driver
+CVE-2024-4577,9.8,0.9632,0.99589,"PHP, specifically Windows-based PHP used in CGI mode, contains an OS command injection vulnerability that allows for arbitrary code execution. This vulnerability is a patch bypass for CVE-2012-1823.",PHP Group,PHP
+CVE-2024-4610,7.8,0.15862,0.96059,"Arm Bifrost and Valhall GPU kernel drivers contain a use-after-free vulnerability that allows a local, non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.",Arm,Mali GPU Kernel Driver
 CVE-2024-4358,9.8,0.93852,0.99203,Progress Telerik Report Server contains an authorization bypass by spoofing vulnerability that allows an attacker to obtain unauthorized access.,Progress,Telerik Report Server
-CVE-2024-26169,7.8,0.00052,0.21292,Microsoft Windows Error Reporting Service contains an improper privilege management vulnerability that allows a local attacker with user permissions to gain SYSTEM privileges.,Microsoft,Windows
-CVE-2024-32896,7.8,0.00083,0.36127,Android Pixel contains an unspecified vulnerability in the firmware that allows for privilege escalation.,Android,Pixel
-CVE-2020-13965,6.1,0.0079,0.81907,Roundcube Webmail contains a cross-site scripting (XSS) vulnerability that allows a remote attacker to manipulate data via a malicious XML attachment.,Roundcube,Webmail
-CVE-2022-2586,7.8,0.00842,0.82482,"Linux Kernel contains a use-after-free vulnerability in the nft_object, allowing local attackers to escalate privileges. ",Linux,Kernel
+CVE-2024-26169,7.8,0.00052,0.21297,Microsoft Windows Error Reporting Service contains an improper privilege management vulnerability that allows a local attacker with user permissions to gain SYSTEM privileges.,Microsoft,Windows
+CVE-2024-32896,7.8,0.00083,0.36132,Android Pixel contains an unspecified vulnerability in the firmware that allows for privilege escalation.,Android,Pixel
+CVE-2020-13965,6.1,0.0079,0.81914,Roundcube Webmail contains a cross-site scripting (XSS) vulnerability that allows a remote attacker to manipulate data via a malicious XML attachment.,Roundcube,Webmail
+CVE-2022-2586,7.8,0.00842,0.82486,"Linux Kernel contains a use-after-free vulnerability in the nft_object, allowing local attackers to escalate privileges. ",Linux,Kernel
 CVE-2022-24816,9.8,0.96672,0.99687,"OSGeo GeoServer JAI-EXT contains a code injection vulnerability that, when programs use jt-jiffle and allow Jiffle script to be provided via network request, could allow remote code execution.",OSGeo,JAI-EXT
-CVE-2024-20399,6.7,0.00311,0.70594,"Cisco NX-OS contains a command injection vulnerability in the command line interface (CLI) that could allow an authenticated, local attacker to execute commands as root on the underlying operating system of an affected device.",Cisco,NX-OS
+CVE-2024-20399,6.7,0.00311,0.70601,"Cisco NX-OS contains a command injection vulnerability in the command line interface (CLI) that could allow an authenticated, local attacker to execute commands as root on the underlying operating system of an affected device.",Cisco,NX-OS
 CVE-2024-23692,9.8,0.95755,0.99485,"Rejetto HTTP File Server contains an improper neutralization of special elements used in a template engine vulnerability. This allows a remote, unauthenticated attacker to execute commands on the affected system by sending a specially crafted HTTP request.",Rejetto,HTTP File Server
-CVE-2024-38080,7.8,0.00043,0.10101,Microsoft Windows Hyper-V contains a privilege escalation vulnerability that allows a local attacker with user permissions to gain SYSTEM privileges.,Microsoft,Windows 
-CVE-2024-38112,7.5,0.64669,0.97955,"Microsoft Windows MSHTML Platform contains a spoofing vulnerability that has a high impact to confidentiality, integrity, and availability.",Microsoft,Windows
+CVE-2024-38080,7.8,0.00043,0.10099,Microsoft Windows Hyper-V contains a privilege escalation vulnerability that allows a local attacker with user permissions to gain SYSTEM privileges.,Microsoft,Windows 
+CVE-2024-38112,7.5,0.64669,0.97956,"Microsoft Windows MSHTML Platform contains a spoofing vulnerability that has a high impact to confidentiality, integrity, and availability.",Microsoft,Windows
 CVE-2024-36401,9.8,0.9588,0.99504,OSGeo GeoServer GeoTools contains an improper neutralization of directives in dynamically evaluated code vulnerability due to unsafely evaluating property names as XPath expressions. This allows unauthenticated attackers to conduct remote code execution via specially crafted input.,OSGeo,GeoServer
-CVE-2022-22948,6.5,0.00777,0.81741,"VMware vCenter Server contains an incorrect default file permissions vulnerability that allows a remote, privileged attacker to gain access to sensitive information.",VMware,vCenter Server
-CVE-2024-28995,7.5,0.9587,0.99501,SolarWinds Serv-U contains a path traversal vulnerability that allows an attacker access to read sensitive files on the host machine.,SolarWinds,Serv-U
+CVE-2022-22948,6.5,0.00777,0.81747,"VMware vCenter Server contains an incorrect default file permissions vulnerability that allows a remote, privileged attacker to gain access to sensitive information.",VMware,vCenter Server
+CVE-2024-28995,7.5,0.9587,0.99502,SolarWinds Serv-U contains a path traversal vulnerability that allows an attacker access to read sensitive files on the host machine.,SolarWinds,Serv-U
 CVE-2024-34102,9.8,0.97316,0.99907,Adobe Commerce and Magento Open Source contain an improper restriction of XML external entity reference (XXE) vulnerability that allows for remote code execution.,Adobe,Commerce and Magento Open Source
-CVE-2024-39891,5.3,0.11792,0.95431,Twilio Authy contains an information disclosure vulnerability in its API that allows an unauthenticated endpoint to accept a request containing a phone number and respond with information about whether the phone number was registered with Authy.,Twilio,Authy
+CVE-2024-39891,5.3,0.11792,0.95432,Twilio Authy contains an information disclosure vulnerability in its API that allows an unauthenticated endpoint to accept a request containing a phone number and respond with information about whether the phone number was registered with Authy.,Twilio,Authy
 CVE-2012-4792,8.8,0.94642,0.99296,"Microsoft Internet Explorer contains a use-after-free vulnerability that allows a remote attacker to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly allocated or (2) is deleted, as demonstrated by a CDwnBindInfo object.",Microsoft,Internet Explorer
-CVE-2023-45249,9.8,0.12209,0.95513,Acronis Cyber Infrastructure (ACI) allows an unauthenticated user to execute commands remotely due to the use of default passwords.,Acronis,Cyber Infrastructure (ACI)
-CVE-2024-5217,9.8,0.96091,0.99542,"ServiceNow Washington DC, Vancouver, and earlier Now Platform releases contain an incomplete list of disallowed inputs vulnerability in the GlideExpression script. An unauthenticated user could exploit this vulnerability to execute code remotely.",ServiceNow,"Utah, Vancouver, and Washington DC Now"
+CVE-2023-45249,9.8,0.12209,0.95514,Acronis Cyber Infrastructure (ACI) allows an unauthenticated user to execute commands remotely due to the use of default passwords.,Acronis,Cyber Infrastructure (ACI)
+CVE-2024-5217,9.8,0.96091,0.99543,"ServiceNow Washington DC, Vancouver, and earlier Now Platform releases contain an incomplete list of disallowed inputs vulnerability in the GlideExpression script. An unauthenticated user could exploit this vulnerability to execute code remotely.",ServiceNow,"Utah, Vancouver, and Washington DC Now"
 CVE-2024-4879,9.8,0.96507,0.99637,"ServiceNow Utah, Vancouver, and Washington DC Now releases contain a jelly template injection vulnerability in UI macros. An unauthenticated user could exploit this vulnerability to execute code remotely. ",ServiceNow,"Utah, Vancouver, and Washington DC Now"
-CVE-2024-37085,7.2,0.01412,0.86775,VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user management by re-creating the configured AD group ('ESXi Admins' by default) after it was deleted from AD.,VMware,ESXi
+CVE-2024-37085,7.2,0.01412,0.86779,VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user management by re-creating the configured AD group ('ESXi Admins' by default) after it was deleted from AD.,VMware,ESXi
 CVE-2018-0824,8.8,0.97001,0.99779,Microsoft COM for Windows contains a deserialization of untrusted data vulnerability that allows for privilege escalation and remote code execution via a specially crafted file or script.,Microsoft,Windows
 CVE-2024-32113,9.8,0.90405,0.98896,Apache OFBiz contains a path traversal vulnerability that could allow for remote code execution.,Apache,OFBiz
-CVE-2024-36971,7.8,0.00105,0.43773,"Android contains an unspecified vulnerability in the kernel that allows for remote code execution. This vulnerability resides in Linux Kernel and could impact other products, including but not limited to Android OS.",Android,Kernel
-CVE-2024-38107,7.8,0.00043,0.10101,"Microsoft Windows Power Dependency Coordinator contains an unspecified vulnerability that allows for privilege escalation, enabling a local attacker to obtain SYSTEM privileges.",Microsoft,Windows
-CVE-2024-38106,7.0,0.00043,0.10101,"Microsoft Windows Kernel contains an unspecified vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges. Successful exploitation of this vulnerability requires an attacker to win a race condition.",Microsoft,Windows
-CVE-2024-38193,7.8,0.00043,0.10101,"Microsoft Windows Ancillary Function Driver for WinSock contains an unspecified vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges.",Microsoft,Windows
-CVE-2024-38213,6.5,0.01422,0.86819,Microsoft Windows SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the SmartScreen user experience via a malicious file.,Microsoft,Windows
-CVE-2024-38178,7.5,0.02297,0.89908,Microsoft Windows Scripting Engine contains a memory corruption vulnerability that allows unauthenticated attacker to initiate remote code execution via a specially crafted URL.,Microsoft,Windows
-CVE-2024-38189,8.8,0.01546,0.87452,Microsoft Project contains an unspecified vulnerability that allows for remote code execution via a malicious file.,Microsoft,Project
-CVE-2024-28986,9.8,0.02983,0.91087,SolarWinds Web Help Desk contains a deserialization of untrusted data vulnerability that could allow for remote code execution.,SolarWinds,Web Help Desk
+CVE-2024-36971,7.8,0.00105,0.43782,"Android contains an unspecified vulnerability in the kernel that allows for remote code execution. This vulnerability resides in Linux Kernel and could impact other products, including but not limited to Android OS.",Android,Kernel
+CVE-2024-38107,7.8,0.00043,0.10099,"Microsoft Windows Power Dependency Coordinator contains an unspecified vulnerability that allows for privilege escalation, enabling a local attacker to obtain SYSTEM privileges.",Microsoft,Windows
+CVE-2024-38106,7.0,0.00043,0.10099,"Microsoft Windows Kernel contains an unspecified vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges. Successful exploitation of this vulnerability requires an attacker to win a race condition.",Microsoft,Windows
+CVE-2024-38193,7.8,0.00043,0.10099,"Microsoft Windows Ancillary Function Driver for WinSock contains an unspecified vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges.",Microsoft,Windows
+CVE-2024-38213,6.5,0.01422,0.86823,Microsoft Windows SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the SmartScreen user experience via a malicious file.,Microsoft,Windows
+CVE-2024-38178,7.5,0.02297,0.89913,Microsoft Windows Scripting Engine contains a memory corruption vulnerability that allows unauthenticated attacker to initiate remote code execution via a specially crafted URL.,Microsoft,Windows
+CVE-2024-38189,8.8,0.01546,0.87457,Microsoft Project contains an unspecified vulnerability that allows for remote code execution via a malicious file.,Microsoft,Project
+CVE-2024-28986,9.8,0.02983,0.91091,SolarWinds Web Help Desk contains a deserialization of untrusted data vulnerability that could allow for remote code execution.,SolarWinds,Web Help Desk
 CVE-2024-23897,9.8,0.97026,0.9979,"Jenkins Command Line Interface (CLI) contains a path traversal vulnerability that allows attackers limited read access to certain files, which can lead to code execution.",Jenkins,Jenkins Command Line Interface (CLI)
-CVE-2021-31196,7.2,0.06174,0.93716,Microsoft Exchange Server contains an information disclosure vulnerability that allows for remote code execution.,Microsoft,Exchange Server
-CVE-2022-0185,8.4,0.00337,0.71842,Linux kernel contains a heap-based buffer overflow vulnerability in the legacy_parse_param function in the Filesystem Context functionality. This allows an attacker to open a filesystem that does not support the Filesystem Context API and ultimately escalate privileges.,Linux,Kernel
+CVE-2021-31196,7.2,0.06174,0.93719,Microsoft Exchange Server contains an information disclosure vulnerability that allows for remote code execution.,Microsoft,Exchange Server
+CVE-2022-0185,8.4,0.00337,0.7185,Linux kernel contains a heap-based buffer overflow vulnerability in the legacy_parse_param function in the Filesystem Context functionality. This allows an attacker to open a filesystem that does not support the Filesystem Context API and ultimately escalate privileges.,Linux,Kernel
 CVE-2021-33045,9.8,0.93321,0.99148,Dahua IP cameras and related products contain an authentication bypass vulnerability when the loopback device is specified by the client during authentication.,Dahua,IP Camera Firmware
 CVE-2021-33044,9.8,0.95229,0.99397,Dahua IP cameras and related products contain an authentication bypass vulnerability when the NetKeyboard type argument is specified by the client during authentication.,Dahua,IP Camera Firmware
-CVE-2024-39717,7.2,0.0026,0.66386,"The Versa Director GUI contains an unrestricted upload of file with dangerous type vulnerability that allows administrators with Provider-Data-Center-Admin or Provider-Data-Center-System-Admin privileges to customize the user interface. The “Change Favicon” (Favorite Icon) enables the upload of a .png file, which can be exploited to upload a malicious file with a .png extension disguised as an image.",Versa,Director
-CVE-2024-7971,8.8,0.00159,0.53087,"Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
-CVE-2024-38856,9.8,0.93274,0.99141,Apache OFBiz contains an incorrect authorization vulnerability that could allow remote code execution via a Groovy payload in the context of the OFBiz user process by an unauthenticated attacker.,Apache,OFBiz
-CVE-2024-7965,8.8,0.00159,0.53087,"Google Chromium V8 contains an inappropriate implementation vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
-CVE-2024-7262,7.8,0.04703,0.92825,Kingsoft WPS Office contains a path traversal vulnerability in promecefpluginhost.exe on Windows that allows an attacker to load an arbitrary Windows library.,Kingsoft,WPS Office
-CVE-2021-20124,7.5,0.49184,0.97566,Draytek VigorConnect contains a path traversal vulnerability in the file download functionality of the WebServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root privileges.,DrayTek,VigorConnect
-CVE-2021-20123,7.5,0.49447,0.97577,Draytek VigorConnect contains a path traversal vulnerability in the DownloadFileServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root privileges. ,DrayTek,VigorConnect
-CVE-2024-40766,,0.01179,0.85377,"SonicWall SonicOS contains an improper access control vulnerability that could lead to unauthorized resource access and, under certain conditions, may cause the firewall to crash.",SonicWall,SonicOS
-CVE-2017-1000253,7.8,0.06297,0.93774,Linux kernel contains a position-independent executable (PIE) stack buffer corruption vulnerability in load_elf_ binary() that allows a local attacker to escalate privileges. ,Linux,Kernel
+CVE-2024-39717,7.2,0.0026,0.66393,"The Versa Director GUI contains an unrestricted upload of file with dangerous type vulnerability that allows administrators with Provider-Data-Center-Admin or Provider-Data-Center-System-Admin privileges to customize the user interface. The “Change Favicon” (Favorite Icon) enables the upload of a .png file, which can be exploited to upload a malicious file with a .png extension disguised as an image.",Versa,Director
+CVE-2024-7971,8.8,0.00159,0.53099,"Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
+CVE-2024-38856,9.8,0.93274,0.99142,Apache OFBiz contains an incorrect authorization vulnerability that could allow remote code execution via a Groovy payload in the context of the OFBiz user process by an unauthenticated attacker.,Apache,OFBiz
+CVE-2024-7965,8.8,0.00159,0.53099,"Google Chromium V8 contains an inappropriate implementation vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",Google,Chromium V8
+CVE-2024-7262,7.8,0.01147,0.85112,Kingsoft WPS Office contains a path traversal vulnerability in promecefpluginhost.exe on Windows that allows an attacker to load an arbitrary Windows library.,Kingsoft,WPS Office
+CVE-2021-20124,7.5,0.49184,0.97567,Draytek VigorConnect contains a path traversal vulnerability in the file download functionality of the WebServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root privileges.,DrayTek,VigorConnect
+CVE-2021-20123,7.5,0.49447,0.97579,Draytek VigorConnect contains a path traversal vulnerability in the DownloadFileServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root privileges. ,DrayTek,VigorConnect
+CVE-2024-40766,9.8,0.01021,0.8413,"SonicWall SonicOS contains an improper access control vulnerability that could lead to unauthorized resource access and, under certain conditions, may cause the firewall to crash.",SonicWall,SonicOS
+CVE-2017-1000253,7.8,0.06297,0.93777,Linux kernel contains a position-independent executable (PIE) stack buffer corruption vulnerability in load_elf_ binary() that allows a local attacker to escalate privileges. ,Linux,Kernel
 CVE-2016-3714,8.4,0.97355,0.9992,"ImageMagick contains an improper input validation vulnerability that affects the EPHEMERAL, HTTPS, MVG, MSL, TEXT, SHOW, WIN, and PLT coders. This allows a remote attacker to execute arbitrary code via shell metacharacters in a crafted image.",ImageMagick,ImageMagick
-CVE-2024-38217,5.4,0.00382,0.73487,"Microsoft Windows Mark of the Web (MOTW) contains a protection mechanism failure vulnerability that allows an attacker to bypass MOTW-based defenses. This can result in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MOTW tagging.",Microsoft,Windows
-CVE-2024-38014,7.8,0.00146,0.51297,Microsoft Windows Installer contains an improper privilege management vulnerability that could allow an attacker to gain SYSTEM privileges.,Microsoft,Windows
-CVE-2024-43491,9.8,0.00712,0.80862,Microsoft Windows Update contains a use-after-free vulnerability that allows for remote code execution.,Microsoft,Windows
-CVE-2024-38226,7.3,0.00144,0.51072,Microsoft Publisher contains a protection mechanism failure vulnerability that allows attacker to bypass Office macro policies used to block untrusted or malicious files.,Microsoft,Publisher
+CVE-2024-38217,5.4,0.00268,0.68262,"Microsoft Windows Mark of the Web (MOTW) contains a protection mechanism failure vulnerability that allows an attacker to bypass MOTW-based defenses. This can result in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MOTW tagging.",Microsoft,Windows
+CVE-2024-38014,7.8,0.00055,0.23597,Microsoft Windows Installer contains an improper privilege management vulnerability that could allow an attacker to gain SYSTEM privileges.,Microsoft,Windows
+CVE-2024-43491,9.8,0.02321,0.89966,Microsoft Windows Update contains a use-after-free vulnerability that allows for remote code execution.,Microsoft,Windows
+CVE-2024-38226,7.3,0.00051,0.20762,Microsoft Publisher contains a protection mechanism failure vulnerability that allows attacker to bypass Office macro policies used to block untrusted or malicious files.,Microsoft,Publisher
diff --git a/epss_kev_nvd.png b/epss_kev_nvd.png
index d2e9612..b1a85f6 100644
Binary files a/epss_kev_nvd.png and b/epss_kev_nvd.png differ