From 67e1777f10471e9e36e8e6c47f105d3b57f4e0ef Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 14 Nov 2024 00:21:05 +0000 Subject: [PATCH] generated content from 2024-11-14 --- mapping.csv | 232 ++++++++++++++++++ ...-00fd3e2e-9675-4eb9-af39-2440047b8264.json | 22 ++ ...-016f4cfa-00c7-48e6-9bfc-0adf32e3b189.json | 22 ++ ...-01e09050-c6e1-47a7-98a9-f0a9b6ce303b.json | 22 ++ ...-04746481-2d83-47dd-bbbb-b11089e1bd6b.json | 22 ++ ...-04b36a0a-2e98-4464-a495-40e50bf34728.json | 22 ++ ...-0530b3e9-eb4a-42df-9d0e-8e45d385901c.json | 22 ++ ...-0658444c-2ee6-4e56-ac97-9836c46884be.json | 22 ++ ...-0719aac7-563c-4ea9-ab61-7d4afdff9c19.json | 22 ++ ...-07bac0b0-869b-4a0f-8a05-fc88580eba6f.json | 22 ++ ...-0987bdf9-fc8a-44d9-bffe-e9319c68b46e.json | 22 ++ ...-0aaa56e6-1f30-44a1-86d0-71fe3e824d5b.json | 22 ++ ...-0c233897-db41-4456-9d19-3bfe57a36957.json | 22 ++ ...-0d45415f-a00b-4db9-af86-36aa4b25b9d6.json | 22 ++ ...-0d4e5dc5-fc46-4600-a17c-30751ba35760.json | 22 ++ ...-13549501-5dbe-47f7-9a64-598a58ba5693.json | 22 ++ ...-135d74fa-2bdd-4818-ad9a-6261486fc253.json | 22 ++ ...-1552bf39-8a7d-49e0-9edb-89216f506ec9.json | 22 ++ ...-15fddb59-abf7-4819-a62a-49f8bcab3e05.json | 22 ++ ...-16b52ea4-e089-489a-8e37-a93e0fb46b1a.json | 22 ++ ...-16d59d74-ec0a-41f6-b744-3651c7ed9162.json | 22 ++ ...-1702cb30-a604-41ab-8225-7fef51f4dcb8.json | 22 ++ ...-177ff812-8480-444e-8973-d8154c2b6c0c.json | 22 ++ ...-1a18418e-5677-4e41-a85f-a43a6e375361.json | 22 ++ ...-1a60532f-6efb-41e6-9475-32b5ec416686.json | 22 ++ ...-1a8b8fde-f2f5-4ba6-a9bd-5f3b1915cf3f.json | 22 ++ ...-1d041c1f-4897-4f0e-95dd-eb4630a6225e.json | 22 ++ ...-1e6d8744-daf8-4013-90a1-22f34adf6af9.json | 22 ++ ...-1f63ed17-0b2b-4dad-ba42-7fa57bd94ea0.json | 22 ++ ...-1fa57fb8-6bc2-4609-a7df-7e317ab54a2e.json | 22 ++ ...-207a9406-5334-4f48-893c-18a9b1714717.json | 22 ++ ...-20ac4ef7-90f3-46bb-b2be-a1e21fec63fc.json | 22 ++ ...-235922d7-753e-4205-9b8d-a3ff93b1547e.json | 22 ++ ...-23945c25-7e56-4674-b311-c7deca84bed5.json | 22 ++ ...-2501ed03-49b7-429f-8b2c-ef0a5cbd0368.json | 22 ++ ...-26137d02-07c9-4123-991d-8ad2a96451f7.json | 22 ++ ...-26a35973-8a00-4477-a596-dbfaef62aed0.json | 22 ++ ...-27ee92ed-8441-47ca-b14f-c30277f0ceaf.json | 22 ++ ...-289a0223-c012-4472-84f3-4a5f947da56c.json | 22 ++ ...-29533a7b-34f6-4d04-a051-87a8cdb51283.json | 22 ++ ...-295bb082-0b71-4835-94c5-6fb9d1602b4e.json | 22 ++ ...-2a085116-610d-4c54-a57f-93c5f297fd44.json | 22 ++ ...-2a486c64-de3c-427d-8875-e247a372ddab.json | 22 ++ ...-2b0b78b9-a32e-4abd-8c5b-9b8c7387eba4.json | 22 ++ ...-2c4cbdca-8967-4565-bd93-cdb160b6d706.json | 22 ++ ...-2cdde34c-2f61-4b15-b494-496d4fc2637c.json | 22 ++ ...-2f316b5d-1e63-4498-b3aa-967290c2db4f.json | 22 ++ ...-2f3ed4fb-6552-49ad-aef0-a8d7b07b1da0.json | 22 ++ ...-3034547c-6a8d-4264-9767-8ccaeb499d07.json | 22 ++ ...-3127e24c-0afa-4cf4-abb3-109a9a54aa3f.json | 22 ++ ...-326b5862-248d-4ef1-98fa-813eaebbb8ec.json | 22 ++ ...-336dd420-9295-4883-ac6a-d548e1beca32.json | 22 ++ ...-3381dd1d-0726-4cea-beaa-5689a49da198.json | 22 ++ ...-342c2296-41cb-4324-836f-bd6ab0eeb08e.json | 22 ++ ...-35e24cb3-90bb-46cf-ad4a-a5831bf344b2.json | 22 ++ ...-36c08f9d-2193-4341-8da9-bac1a400a773.json | 22 ++ ...-37df4c73-60a8-469f-853a-da72cc87b472.json | 22 ++ ...-39ea0f89-a171-4039-8184-fbc3ea93cdf1.json | 22 ++ ...-3ba6830e-4fc4-4159-ae3e-69a2868d6845.json | 22 ++ ...-3d3b0d79-0240-4401-bb2b-65b3904863a6.json | 22 ++ ...-3e27d33e-bb93-4377-a59d-6dcffda4aca0.json | 22 ++ ...-3f1d06fc-9d52-4cd7-a739-a320d54fb545.json | 22 ++ ...-3f8636aa-8e7f-4e48-9a61-ae2304e13329.json | 22 ++ ...-3f8a06dc-c0a3-47ad-9e27-c3e615e8cc5a.json | 22 ++ ...-3f8e0e99-5fb8-4b59-b46f-9a90b95d42e3.json | 22 ++ ...-3fbec81e-48d3-4373-956a-eb5748292bac.json | 22 ++ ...-401d1abc-df6b-4d86-832f-e0f4c9ea335e.json | 22 ++ ...-44367617-fc49-4ded-b6c9-50cee49a02cd.json | 22 ++ ...-44f37249-9034-439d-9e13-aba3a939bb52.json | 22 ++ ...-456b4457-9ee3-4a0c-9194-2c4dbbcded67.json | 22 ++ ...-45932554-2d96-4f59-b495-015e25a142e8.json | 22 ++ ...-45a4fd53-85d3-4234-88b8-b302c46ccdd7.json | 22 ++ ...-46569c98-ed6b-4d48-b94c-407543eb76ea.json | 22 ++ ...-4b28274d-83d7-45ad-9b6c-3a0f94ef769c.json | 22 ++ ...-4c53b64e-749f-4da4-a924-3f8c21a1d377.json | 22 ++ ...-4d59cc45-9a53-4d06-a768-39b139881111.json | 22 ++ ...-4e6a0902-5679-4645-8f54-e2c3e1b8626e.json | 22 ++ ...-4e9f9c47-b4a2-4371-8ca3-e567d1d17d9a.json | 22 ++ ...-4ecf446b-0439-44db-86ff-a73e425c71a5.json | 22 ++ ...-4f4fab9b-40eb-4068-a6a5-a65dc86e4fcb.json | 22 ++ ...-4fcf7f6f-6d6e-4ddf-b03e-07662f0da040.json | 22 ++ ...-52bbdcb4-00f8-4802-ad68-dd268ff9a500.json | 22 ++ ...-5489efa7-ff3a-4cef-a730-1f15c9601d78.json | 22 ++ ...-550fabb2-4b46-45ce-8756-8e9d786dd439.json | 22 ++ ...-56755983-0b17-448e-9342-b63f923f1b4c.json | 22 ++ ...-56ad765c-681e-42a0-886e-b02aab08bbd6.json | 22 ++ ...-5a2a0645-e822-46b1-bfb1-2993bc8274bc.json | 22 ++ ...-5b336042-f991-4056-8dc4-5cfa035399d7.json | 22 ++ ...-5d414727-ed36-4704-af6e-415571f3d0bd.json | 22 ++ ...-5dc354f2-ac0c-40e3-b4c9-7e89118623fd.json | 22 ++ ...-5fb06d83-8cd7-4ab4-a59e-44fd5b66d318.json | 22 ++ ...-5fc800e7-66f5-47dd-a565-72a73b07a1aa.json | 22 ++ ...-604a1934-f772-44d4-ae34-b649d5622315.json | 22 ++ ...-60dcfdaa-8c56-4daa-b06c-e87dc0f32ebe.json | 22 ++ ...-6147e8d9-9cfd-4755-931c-20964b400e6d.json | 22 ++ ...-622896f0-bcc9-4079-9740-b59b5bd91f9b.json | 22 ++ ...-66fad288-beb7-424d-920d-205e998781bd.json | 22 ++ ...-68af5bdd-5835-40e1-81ad-194a64087150.json | 22 ++ ...-68bde61a-3e37-4224-8973-4c6060f8776a.json | 22 ++ ...-6f71b579-b743-40a4-b064-439d8b6100a6.json | 22 ++ ...-704080f1-14c2-4a8a-b1fb-05752ff804c6.json | 22 ++ ...-706f5935-0a86-4249-beb7-551b17fbf5c3.json | 22 ++ ...-7120bc93-bd5c-440f-bf43-6182a771e870.json | 22 ++ ...-716f7744-156c-4113-b521-9d5f3d26e39a.json | 22 ++ ...-71edd42a-7b2b-4ba8-aae1-eb6b36939b91.json | 22 ++ ...-72535cef-5f6f-4754-839a-cfd98af5f99c.json | 22 ++ ...-72c82b74-0be8-4f10-be50-aaee1c058969.json | 22 ++ ...-7368c425-808a-4c32-8df5-3bcb37c9cf34.json | 22 ++ ...-73d2a23c-0ac6-470b-912e-0df7acdcbe95.json | 22 ++ ...-73f0bcf1-6bed-4920-aed6-6aa0164b265b.json | 22 ++ ...-7430c7dc-57c0-43f1-9fbf-d03264df64f8.json | 22 ++ ...-743256d6-56e6-48b3-8580-836aa5f51fc6.json | 22 ++ ...-74a55d0a-d974-49d4-8ef3-eb95db69b6f9.json | 22 ++ ...-75cf2fb4-9335-48fc-bbb4-d5e69eca3b8a.json | 22 ++ ...-76d4b87f-8fe9-4386-bd75-c9a62f4b41ed.json | 22 ++ ...-76ed15c8-d761-4287-a515-29a5bd4eff80.json | 22 ++ ...-78b330d9-0f6b-4950-867c-a267eeb802f3.json | 22 ++ ...-7acae19f-c41b-4ef0-949c-ffdece206e5d.json | 22 ++ ...-7b5e5645-c2ba-4c65-b74d-006c3c6fae64.json | 22 ++ ...-7c70c92e-147f-4bcf-b243-c7da561dc07e.json | 22 ++ ...-7ca92e82-41bc-4ec0-824b-e665cea76405.json | 22 ++ ...-7cdafa3f-95b1-44c1-955a-51d5660599a3.json | 22 ++ ...-7d42c6d8-4490-4ef8-aea6-9ba33770f1af.json | 22 ++ ...-7e04ee5a-5942-4a59-a03e-d267cb72cc12.json | 22 ++ ...-7e1c8cca-e13f-4fc2-befe-5c8653cc9a42.json | 22 ++ ...-7e992b28-27a3-4a9f-93ec-470275384f1e.json | 22 ++ ...-8008fb08-77f0-468f-be1f-bada05343644.json | 22 ++ ...-8485d9de-2db4-4d05-bccb-94dbb7a8cc66.json | 22 ++ ...-85c51e47-5449-48c3-9835-282d3ec6f38e.json | 22 ++ ...-85e8c4ce-f4ea-4bbd-87c0-59e73caf1e61.json | 22 ++ ...-879f0eef-2452-4147-86d8-9a578f257dfd.json | 22 ++ ...-880f6562-efe9-4aea-93c0-0eaaf50c1cb9.json | 22 ++ ...-88153f89-c147-44ae-9f75-bef2f3778a26.json | 22 ++ ...-89069cea-57e5-4bbf-a344-c39b87ded914.json | 22 ++ ...-89205fe1-16dc-417f-8b50-82d1534e4e85.json | 22 ++ ...-8aceb4fe-a271-4d71-b51f-a35369031d36.json | 22 ++ ...-8b768b9d-e6d3-45ed-99b3-e3548a262cf6.json | 22 ++ ...-8bcbae9c-22ee-4bf2-be54-2cee680ff1d4.json | 22 ++ ...-8cfa9d50-6654-4b7c-957e-2bbc3fe8d5d8.json | 22 ++ ...-8ec2afa3-47f0-40a8-82ab-cb5727e9a909.json | 22 ++ ...-8fcd4b22-8e00-40f6-b370-c878aa35a048.json | 22 ++ ...-90d848f6-face-488d-bc81-68a7decad9e9.json | 22 ++ ...-92cafe38-07f3-4021-8486-c9f1e8572f79.json | 22 ++ ...-92eb9cc3-3e74-4757-9472-2563436364ce.json | 22 ++ ...-9374c519-f41a-45ad-be90-605341fd2102.json | 22 ++ ...-94f95bfa-679b-4462-8654-dd9d3bacb4f7.json | 22 ++ ...-951b8f83-7329-4304-bd37-d75eb274680c.json | 22 ++ ...-9724278c-f04b-4cf9-8906-5eabc79d5c1f.json | 22 ++ ...-97d15a9f-13ca-4d61-83b8-a3aa87fb6554.json | 22 ++ ...-99e38a24-670f-4511-a3fe-d040a1ee2c31.json | 22 ++ ...-9a34e469-c337-41ae-9ed3-0fbc94fff262.json | 22 ++ ...-9bf1c4a0-8b99-4025-a116-dfc8a81c3eea.json | 22 ++ ...-9c1af239-c984-4834-8e5a-4dee105dbfeb.json | 22 ++ ...-9c273dbb-3f5e-46f3-80a9-e20a9a724258.json | 22 ++ ...-9cec0a6f-bbff-454c-8835-27b78bff1f0a.json | 22 ++ ...-9e29b87b-076a-4f0f-9134-181692c345dc.json | 22 ++ ...-9e2c1a2c-e2d0-49b7-a968-1199f722c521.json | 22 ++ ...-9fe001dd-3441-4d78-814f-3a143f9a9a90.json | 22 ++ ...-a03eb8b2-837f-448c-a0a7-c5a6540054c0.json | 22 ++ ...-a08a7b0f-6d2f-4d39-bfed-8e9b3d12602f.json | 22 ++ ...-a0c280f5-82e6-4ed5-aeb0-64fc452af5b8.json | 22 ++ ...-a11ddb11-1139-466d-8a4c-cf7f53515489.json | 22 ++ ...-a18d8775-5e61-4691-ad8f-fa1d3d844cc7.json | 22 ++ ...-a1ad537f-89cd-47ea-bee9-a9cdd2880553.json | 22 ++ ...-a3fe2b41-c90f-4ef4-b71c-f7c6a7cc2e5f.json | 22 ++ ...-a42fd75c-4141-43a7-bd86-f957d74fc94f.json | 22 ++ ...-a5b3e77e-a975-46ab-9371-9997260caa0a.json | 22 ++ ...-a8967fd0-a280-4606-9a49-303e30e3ed62.json | 22 ++ ...-a92fcb96-ec4f-4186-af12-743ecb5b1d70.json | 22 ++ ...-ab9eb43f-db2e-44bc-805e-5607af799f97.json | 22 ++ ...-ae00948b-97cd-41a9-80b5-c664b0a8c5ce.json | 22 ++ ...-ae1dac68-f691-4b80-ba06-876f154af88c.json | 22 ++ ...-aec430f9-26f7-4491-a9ef-bb596508ddf8.json | 22 ++ ...-af65ab6c-c7f3-4353-adea-81edde282f43.json | 22 ++ ...-b27eca93-e051-40ae-a11d-912a47a64c83.json | 22 ++ ...-b2a47399-543e-4ccf-8def-3d2b54e9bd4b.json | 22 ++ ...-b390aef9-93e2-4670-8861-29edf43a64cc.json | 22 ++ ...-b3f8633a-cea8-4333-a0ad-aaa2874d6442.json | 22 ++ ...-b586a970-3d36-4347-9b02-e9f1f1ac0b4c.json | 22 ++ ...-b75bf0e6-0d0b-4994-a939-6e6c582f6552.json | 22 ++ ...-b826d036-3250-4a74-9f09-a8d1269bed5a.json | 22 ++ ...-ba564d10-217f-483c-90f5-5a31c99d410b.json | 22 ++ ...-bb0af3c4-079e-4685-9e87-1694f5e33f4c.json | 22 ++ ...-bc7eee49-b5e8-4d0f-95fc-f40e4f46853c.json | 22 ++ ...-be091921-c90e-4fd1-bfe7-1779e353c258.json | 22 ++ ...-be70d0e4-5485-4fb2-9369-cb141bf436bf.json | 22 ++ ...-bf940d46-25aa-472d-8e64-4c78fbb18eb0.json | 22 ++ ...-c1bf9dee-93de-418c-9cc7-ea71bdba8d19.json | 22 ++ ...-c26170c7-8c77-46a2-9180-23fbf21875e3.json | 22 ++ ...-c4bce789-c93f-4afb-9855-9e720588ab8d.json | 22 ++ ...-c912723c-d32a-4ce0-9a87-fd7301fd9d34.json | 22 ++ ...-c931030c-b8a8-4b25-86e5-87cbdfd98394.json | 22 ++ ...-c93ad58a-bdef-4a63-9a31-3916a1e5af0f.json | 22 ++ ...-c9618552-6d3f-465b-a2db-ae6353be5565.json | 22 ++ ...-c9d57966-2b0d-4932-96c9-b7f2841bd0ce.json | 22 ++ ...-c9ee17b4-9a6b-4fca-908a-09563427332d.json | 22 ++ ...-ca4d612c-16a3-4668-bd97-8430787cde87.json | 22 ++ ...-d03230b1-b26e-4d27-bef3-e37b7765209a.json | 22 ++ ...-d0e4a486-1934-4a2a-8591-b8df8696e7b7.json | 22 ++ ...-d35532fa-11e9-4a6d-905f-df69c5ec1ba2.json | 22 ++ ...-d4699128-3f49-4603-acf9-7ea330c4cc13.json | 22 ++ ...-d4b5b7bf-b3cb-44c5-a280-a2285efdf322.json | 22 ++ ...-d60fadec-5e09-4eee-82e3-8d477bd9af54.json | 22 ++ ...-d61296ba-5e0d-40ba-b83d-4866a30f3c8c.json | 22 ++ ...-d8031121-e117-4deb-990f-1bfc20913f0d.json | 22 ++ ...-d857c5b5-c304-4bd2-85b9-a4f95228683e.json | 22 ++ ...-da86fde0-1a69-4678-a88f-16952b139889.json | 22 ++ ...-e037f54d-2f02-47dd-9565-4ce304c244a5.json | 22 ++ ...-e046245c-36ab-46c3-abfd-3de2484c0575.json | 22 ++ ...-e0cd5aac-19fd-4dd8-821f-2ab513f3b6c2.json | 22 ++ ...-e760c717-2923-44f0-aa8f-edb14402bb36.json | 22 ++ ...-e8125adf-8b9d-43c4-a383-f5406d680480.json | 22 ++ ...-e86320ef-4c2f-4202-abda-4656d0234c12.json | 22 ++ ...-ea43ce48-6f3d-4fc9-ad6b-737567b720e2.json | 22 ++ ...-ea50c934-34f6-4290-8869-3d1b7e540c59.json | 22 ++ ...-ea56c892-913d-417b-bb26-560ad4be5393.json | 22 ++ ...-eb10fe1c-84c6-4ace-bf13-fd63980a2d1b.json | 22 ++ ...-edfeca22-7f59-4ff6-ad73-eb398ae80d49.json | 22 ++ ...-f1abb537-f9af-40a4-a020-6e236fe7ea23.json | 22 ++ ...-f224c003-bc40-47a7-bf62-a0005d30cff9.json | 22 ++ ...-f249694a-7227-4303-a602-aeeaf74038b8.json | 22 ++ ...-f284abca-090d-47bd-840e-91b38182ec8c.json | 22 ++ ...-f4005c6c-2cdd-4bf7-8c0e-48ca42dc1ea6.json | 22 ++ ...-f4eb0488-1c92-45ff-8ff8-0734245295d3.json | 22 ++ ...-f6e996ab-c00b-4aa9-8603-8194ca736be3.json | 22 ++ ...-f74ac2d5-969b-4046-9d56-c30f79dbc198.json | 22 ++ ...-f7620e0b-0710-4782-845d-8bfc08e46c67.json | 22 ++ ...-f9ae6c89-0b48-41bb-b9a8-d926570759bd.json | 22 ++ ...-fa508b99-15c1-47d6-85af-226c94489c83.json | 22 ++ ...-fab2a02a-d93b-4a2d-be6c-083040afa435.json | 22 ++ ...-fae57b3d-5df3-483a-858d-ea21b7279554.json | 22 ++ ...-fbb25155-a9c4-4a41-9b32-a7901d7976dc.json | 22 ++ ...-fe3e3a75-b803-445f-af0b-ca215d092c15.json | 22 ++ 233 files changed, 5336 insertions(+) create mode 100644 objects/vulnerability/vulnerability--00fd3e2e-9675-4eb9-af39-2440047b8264.json create mode 100644 objects/vulnerability/vulnerability--016f4cfa-00c7-48e6-9bfc-0adf32e3b189.json create mode 100644 objects/vulnerability/vulnerability--01e09050-c6e1-47a7-98a9-f0a9b6ce303b.json create mode 100644 objects/vulnerability/vulnerability--04746481-2d83-47dd-bbbb-b11089e1bd6b.json create mode 100644 objects/vulnerability/vulnerability--04b36a0a-2e98-4464-a495-40e50bf34728.json create mode 100644 objects/vulnerability/vulnerability--0530b3e9-eb4a-42df-9d0e-8e45d385901c.json create mode 100644 objects/vulnerability/vulnerability--0658444c-2ee6-4e56-ac97-9836c46884be.json create mode 100644 objects/vulnerability/vulnerability--0719aac7-563c-4ea9-ab61-7d4afdff9c19.json create mode 100644 objects/vulnerability/vulnerability--07bac0b0-869b-4a0f-8a05-fc88580eba6f.json create mode 100644 objects/vulnerability/vulnerability--0987bdf9-fc8a-44d9-bffe-e9319c68b46e.json create mode 100644 objects/vulnerability/vulnerability--0aaa56e6-1f30-44a1-86d0-71fe3e824d5b.json create mode 100644 objects/vulnerability/vulnerability--0c233897-db41-4456-9d19-3bfe57a36957.json create mode 100644 objects/vulnerability/vulnerability--0d45415f-a00b-4db9-af86-36aa4b25b9d6.json create mode 100644 objects/vulnerability/vulnerability--0d4e5dc5-fc46-4600-a17c-30751ba35760.json create mode 100644 objects/vulnerability/vulnerability--13549501-5dbe-47f7-9a64-598a58ba5693.json create mode 100644 objects/vulnerability/vulnerability--135d74fa-2bdd-4818-ad9a-6261486fc253.json create mode 100644 objects/vulnerability/vulnerability--1552bf39-8a7d-49e0-9edb-89216f506ec9.json create mode 100644 objects/vulnerability/vulnerability--15fddb59-abf7-4819-a62a-49f8bcab3e05.json create mode 100644 objects/vulnerability/vulnerability--16b52ea4-e089-489a-8e37-a93e0fb46b1a.json create mode 100644 objects/vulnerability/vulnerability--16d59d74-ec0a-41f6-b744-3651c7ed9162.json create mode 100644 objects/vulnerability/vulnerability--1702cb30-a604-41ab-8225-7fef51f4dcb8.json create mode 100644 objects/vulnerability/vulnerability--177ff812-8480-444e-8973-d8154c2b6c0c.json create mode 100644 objects/vulnerability/vulnerability--1a18418e-5677-4e41-a85f-a43a6e375361.json create mode 100644 objects/vulnerability/vulnerability--1a60532f-6efb-41e6-9475-32b5ec416686.json create mode 100644 objects/vulnerability/vulnerability--1a8b8fde-f2f5-4ba6-a9bd-5f3b1915cf3f.json create mode 100644 objects/vulnerability/vulnerability--1d041c1f-4897-4f0e-95dd-eb4630a6225e.json create mode 100644 objects/vulnerability/vulnerability--1e6d8744-daf8-4013-90a1-22f34adf6af9.json create mode 100644 objects/vulnerability/vulnerability--1f63ed17-0b2b-4dad-ba42-7fa57bd94ea0.json create mode 100644 objects/vulnerability/vulnerability--1fa57fb8-6bc2-4609-a7df-7e317ab54a2e.json create mode 100644 objects/vulnerability/vulnerability--207a9406-5334-4f48-893c-18a9b1714717.json create mode 100644 objects/vulnerability/vulnerability--20ac4ef7-90f3-46bb-b2be-a1e21fec63fc.json create mode 100644 objects/vulnerability/vulnerability--235922d7-753e-4205-9b8d-a3ff93b1547e.json create mode 100644 objects/vulnerability/vulnerability--23945c25-7e56-4674-b311-c7deca84bed5.json create mode 100644 objects/vulnerability/vulnerability--2501ed03-49b7-429f-8b2c-ef0a5cbd0368.json create mode 100644 objects/vulnerability/vulnerability--26137d02-07c9-4123-991d-8ad2a96451f7.json create mode 100644 objects/vulnerability/vulnerability--26a35973-8a00-4477-a596-dbfaef62aed0.json create mode 100644 objects/vulnerability/vulnerability--27ee92ed-8441-47ca-b14f-c30277f0ceaf.json create mode 100644 objects/vulnerability/vulnerability--289a0223-c012-4472-84f3-4a5f947da56c.json create mode 100644 objects/vulnerability/vulnerability--29533a7b-34f6-4d04-a051-87a8cdb51283.json create mode 100644 objects/vulnerability/vulnerability--295bb082-0b71-4835-94c5-6fb9d1602b4e.json create mode 100644 objects/vulnerability/vulnerability--2a085116-610d-4c54-a57f-93c5f297fd44.json create mode 100644 objects/vulnerability/vulnerability--2a486c64-de3c-427d-8875-e247a372ddab.json create mode 100644 objects/vulnerability/vulnerability--2b0b78b9-a32e-4abd-8c5b-9b8c7387eba4.json create mode 100644 objects/vulnerability/vulnerability--2c4cbdca-8967-4565-bd93-cdb160b6d706.json create mode 100644 objects/vulnerability/vulnerability--2cdde34c-2f61-4b15-b494-496d4fc2637c.json create mode 100644 objects/vulnerability/vulnerability--2f316b5d-1e63-4498-b3aa-967290c2db4f.json create mode 100644 objects/vulnerability/vulnerability--2f3ed4fb-6552-49ad-aef0-a8d7b07b1da0.json create mode 100644 objects/vulnerability/vulnerability--3034547c-6a8d-4264-9767-8ccaeb499d07.json create mode 100644 objects/vulnerability/vulnerability--3127e24c-0afa-4cf4-abb3-109a9a54aa3f.json create mode 100644 objects/vulnerability/vulnerability--326b5862-248d-4ef1-98fa-813eaebbb8ec.json create mode 100644 objects/vulnerability/vulnerability--336dd420-9295-4883-ac6a-d548e1beca32.json create mode 100644 objects/vulnerability/vulnerability--3381dd1d-0726-4cea-beaa-5689a49da198.json create mode 100644 objects/vulnerability/vulnerability--342c2296-41cb-4324-836f-bd6ab0eeb08e.json create mode 100644 objects/vulnerability/vulnerability--35e24cb3-90bb-46cf-ad4a-a5831bf344b2.json create mode 100644 objects/vulnerability/vulnerability--36c08f9d-2193-4341-8da9-bac1a400a773.json create mode 100644 objects/vulnerability/vulnerability--37df4c73-60a8-469f-853a-da72cc87b472.json create mode 100644 objects/vulnerability/vulnerability--39ea0f89-a171-4039-8184-fbc3ea93cdf1.json create mode 100644 objects/vulnerability/vulnerability--3ba6830e-4fc4-4159-ae3e-69a2868d6845.json create mode 100644 objects/vulnerability/vulnerability--3d3b0d79-0240-4401-bb2b-65b3904863a6.json create mode 100644 objects/vulnerability/vulnerability--3e27d33e-bb93-4377-a59d-6dcffda4aca0.json create mode 100644 objects/vulnerability/vulnerability--3f1d06fc-9d52-4cd7-a739-a320d54fb545.json create mode 100644 objects/vulnerability/vulnerability--3f8636aa-8e7f-4e48-9a61-ae2304e13329.json create mode 100644 objects/vulnerability/vulnerability--3f8a06dc-c0a3-47ad-9e27-c3e615e8cc5a.json create mode 100644 objects/vulnerability/vulnerability--3f8e0e99-5fb8-4b59-b46f-9a90b95d42e3.json create mode 100644 objects/vulnerability/vulnerability--3fbec81e-48d3-4373-956a-eb5748292bac.json create mode 100644 objects/vulnerability/vulnerability--401d1abc-df6b-4d86-832f-e0f4c9ea335e.json create mode 100644 objects/vulnerability/vulnerability--44367617-fc49-4ded-b6c9-50cee49a02cd.json create mode 100644 objects/vulnerability/vulnerability--44f37249-9034-439d-9e13-aba3a939bb52.json create mode 100644 objects/vulnerability/vulnerability--456b4457-9ee3-4a0c-9194-2c4dbbcded67.json create mode 100644 objects/vulnerability/vulnerability--45932554-2d96-4f59-b495-015e25a142e8.json create mode 100644 objects/vulnerability/vulnerability--45a4fd53-85d3-4234-88b8-b302c46ccdd7.json create mode 100644 objects/vulnerability/vulnerability--46569c98-ed6b-4d48-b94c-407543eb76ea.json create mode 100644 objects/vulnerability/vulnerability--4b28274d-83d7-45ad-9b6c-3a0f94ef769c.json create mode 100644 objects/vulnerability/vulnerability--4c53b64e-749f-4da4-a924-3f8c21a1d377.json create mode 100644 objects/vulnerability/vulnerability--4d59cc45-9a53-4d06-a768-39b139881111.json create mode 100644 objects/vulnerability/vulnerability--4e6a0902-5679-4645-8f54-e2c3e1b8626e.json create mode 100644 objects/vulnerability/vulnerability--4e9f9c47-b4a2-4371-8ca3-e567d1d17d9a.json create mode 100644 objects/vulnerability/vulnerability--4ecf446b-0439-44db-86ff-a73e425c71a5.json create mode 100644 objects/vulnerability/vulnerability--4f4fab9b-40eb-4068-a6a5-a65dc86e4fcb.json create mode 100644 objects/vulnerability/vulnerability--4fcf7f6f-6d6e-4ddf-b03e-07662f0da040.json create mode 100644 objects/vulnerability/vulnerability--52bbdcb4-00f8-4802-ad68-dd268ff9a500.json create mode 100644 objects/vulnerability/vulnerability--5489efa7-ff3a-4cef-a730-1f15c9601d78.json create mode 100644 objects/vulnerability/vulnerability--550fabb2-4b46-45ce-8756-8e9d786dd439.json create mode 100644 objects/vulnerability/vulnerability--56755983-0b17-448e-9342-b63f923f1b4c.json create mode 100644 objects/vulnerability/vulnerability--56ad765c-681e-42a0-886e-b02aab08bbd6.json create mode 100644 objects/vulnerability/vulnerability--5a2a0645-e822-46b1-bfb1-2993bc8274bc.json create mode 100644 objects/vulnerability/vulnerability--5b336042-f991-4056-8dc4-5cfa035399d7.json create mode 100644 objects/vulnerability/vulnerability--5d414727-ed36-4704-af6e-415571f3d0bd.json create mode 100644 objects/vulnerability/vulnerability--5dc354f2-ac0c-40e3-b4c9-7e89118623fd.json create mode 100644 objects/vulnerability/vulnerability--5fb06d83-8cd7-4ab4-a59e-44fd5b66d318.json create mode 100644 objects/vulnerability/vulnerability--5fc800e7-66f5-47dd-a565-72a73b07a1aa.json create mode 100644 objects/vulnerability/vulnerability--604a1934-f772-44d4-ae34-b649d5622315.json create mode 100644 objects/vulnerability/vulnerability--60dcfdaa-8c56-4daa-b06c-e87dc0f32ebe.json create mode 100644 objects/vulnerability/vulnerability--6147e8d9-9cfd-4755-931c-20964b400e6d.json create mode 100644 objects/vulnerability/vulnerability--622896f0-bcc9-4079-9740-b59b5bd91f9b.json create mode 100644 objects/vulnerability/vulnerability--66fad288-beb7-424d-920d-205e998781bd.json create mode 100644 objects/vulnerability/vulnerability--68af5bdd-5835-40e1-81ad-194a64087150.json create mode 100644 objects/vulnerability/vulnerability--68bde61a-3e37-4224-8973-4c6060f8776a.json create mode 100644 objects/vulnerability/vulnerability--6f71b579-b743-40a4-b064-439d8b6100a6.json create mode 100644 objects/vulnerability/vulnerability--704080f1-14c2-4a8a-b1fb-05752ff804c6.json create mode 100644 objects/vulnerability/vulnerability--706f5935-0a86-4249-beb7-551b17fbf5c3.json create mode 100644 objects/vulnerability/vulnerability--7120bc93-bd5c-440f-bf43-6182a771e870.json create mode 100644 objects/vulnerability/vulnerability--716f7744-156c-4113-b521-9d5f3d26e39a.json create mode 100644 objects/vulnerability/vulnerability--71edd42a-7b2b-4ba8-aae1-eb6b36939b91.json create mode 100644 objects/vulnerability/vulnerability--72535cef-5f6f-4754-839a-cfd98af5f99c.json create mode 100644 objects/vulnerability/vulnerability--72c82b74-0be8-4f10-be50-aaee1c058969.json create mode 100644 objects/vulnerability/vulnerability--7368c425-808a-4c32-8df5-3bcb37c9cf34.json create mode 100644 objects/vulnerability/vulnerability--73d2a23c-0ac6-470b-912e-0df7acdcbe95.json create mode 100644 objects/vulnerability/vulnerability--73f0bcf1-6bed-4920-aed6-6aa0164b265b.json create mode 100644 objects/vulnerability/vulnerability--7430c7dc-57c0-43f1-9fbf-d03264df64f8.json create mode 100644 objects/vulnerability/vulnerability--743256d6-56e6-48b3-8580-836aa5f51fc6.json create mode 100644 objects/vulnerability/vulnerability--74a55d0a-d974-49d4-8ef3-eb95db69b6f9.json create mode 100644 objects/vulnerability/vulnerability--75cf2fb4-9335-48fc-bbb4-d5e69eca3b8a.json create mode 100644 objects/vulnerability/vulnerability--76d4b87f-8fe9-4386-bd75-c9a62f4b41ed.json create mode 100644 objects/vulnerability/vulnerability--76ed15c8-d761-4287-a515-29a5bd4eff80.json create mode 100644 objects/vulnerability/vulnerability--78b330d9-0f6b-4950-867c-a267eeb802f3.json create mode 100644 objects/vulnerability/vulnerability--7acae19f-c41b-4ef0-949c-ffdece206e5d.json create mode 100644 objects/vulnerability/vulnerability--7b5e5645-c2ba-4c65-b74d-006c3c6fae64.json create mode 100644 objects/vulnerability/vulnerability--7c70c92e-147f-4bcf-b243-c7da561dc07e.json create mode 100644 objects/vulnerability/vulnerability--7ca92e82-41bc-4ec0-824b-e665cea76405.json create mode 100644 objects/vulnerability/vulnerability--7cdafa3f-95b1-44c1-955a-51d5660599a3.json create mode 100644 objects/vulnerability/vulnerability--7d42c6d8-4490-4ef8-aea6-9ba33770f1af.json create mode 100644 objects/vulnerability/vulnerability--7e04ee5a-5942-4a59-a03e-d267cb72cc12.json create mode 100644 objects/vulnerability/vulnerability--7e1c8cca-e13f-4fc2-befe-5c8653cc9a42.json create mode 100644 objects/vulnerability/vulnerability--7e992b28-27a3-4a9f-93ec-470275384f1e.json create mode 100644 objects/vulnerability/vulnerability--8008fb08-77f0-468f-be1f-bada05343644.json create mode 100644 objects/vulnerability/vulnerability--8485d9de-2db4-4d05-bccb-94dbb7a8cc66.json create mode 100644 objects/vulnerability/vulnerability--85c51e47-5449-48c3-9835-282d3ec6f38e.json create mode 100644 objects/vulnerability/vulnerability--85e8c4ce-f4ea-4bbd-87c0-59e73caf1e61.json create mode 100644 objects/vulnerability/vulnerability--879f0eef-2452-4147-86d8-9a578f257dfd.json create mode 100644 objects/vulnerability/vulnerability--880f6562-efe9-4aea-93c0-0eaaf50c1cb9.json create mode 100644 objects/vulnerability/vulnerability--88153f89-c147-44ae-9f75-bef2f3778a26.json create mode 100644 objects/vulnerability/vulnerability--89069cea-57e5-4bbf-a344-c39b87ded914.json create mode 100644 objects/vulnerability/vulnerability--89205fe1-16dc-417f-8b50-82d1534e4e85.json create mode 100644 objects/vulnerability/vulnerability--8aceb4fe-a271-4d71-b51f-a35369031d36.json create mode 100644 objects/vulnerability/vulnerability--8b768b9d-e6d3-45ed-99b3-e3548a262cf6.json create mode 100644 objects/vulnerability/vulnerability--8bcbae9c-22ee-4bf2-be54-2cee680ff1d4.json create mode 100644 objects/vulnerability/vulnerability--8cfa9d50-6654-4b7c-957e-2bbc3fe8d5d8.json create mode 100644 objects/vulnerability/vulnerability--8ec2afa3-47f0-40a8-82ab-cb5727e9a909.json create mode 100644 objects/vulnerability/vulnerability--8fcd4b22-8e00-40f6-b370-c878aa35a048.json create mode 100644 objects/vulnerability/vulnerability--90d848f6-face-488d-bc81-68a7decad9e9.json create mode 100644 objects/vulnerability/vulnerability--92cafe38-07f3-4021-8486-c9f1e8572f79.json create mode 100644 objects/vulnerability/vulnerability--92eb9cc3-3e74-4757-9472-2563436364ce.json create mode 100644 objects/vulnerability/vulnerability--9374c519-f41a-45ad-be90-605341fd2102.json create mode 100644 objects/vulnerability/vulnerability--94f95bfa-679b-4462-8654-dd9d3bacb4f7.json create mode 100644 objects/vulnerability/vulnerability--951b8f83-7329-4304-bd37-d75eb274680c.json create mode 100644 objects/vulnerability/vulnerability--9724278c-f04b-4cf9-8906-5eabc79d5c1f.json create mode 100644 objects/vulnerability/vulnerability--97d15a9f-13ca-4d61-83b8-a3aa87fb6554.json create mode 100644 objects/vulnerability/vulnerability--99e38a24-670f-4511-a3fe-d040a1ee2c31.json create mode 100644 objects/vulnerability/vulnerability--9a34e469-c337-41ae-9ed3-0fbc94fff262.json create mode 100644 objects/vulnerability/vulnerability--9bf1c4a0-8b99-4025-a116-dfc8a81c3eea.json create mode 100644 objects/vulnerability/vulnerability--9c1af239-c984-4834-8e5a-4dee105dbfeb.json create mode 100644 objects/vulnerability/vulnerability--9c273dbb-3f5e-46f3-80a9-e20a9a724258.json create mode 100644 objects/vulnerability/vulnerability--9cec0a6f-bbff-454c-8835-27b78bff1f0a.json create mode 100644 objects/vulnerability/vulnerability--9e29b87b-076a-4f0f-9134-181692c345dc.json create mode 100644 objects/vulnerability/vulnerability--9e2c1a2c-e2d0-49b7-a968-1199f722c521.json create mode 100644 objects/vulnerability/vulnerability--9fe001dd-3441-4d78-814f-3a143f9a9a90.json create mode 100644 objects/vulnerability/vulnerability--a03eb8b2-837f-448c-a0a7-c5a6540054c0.json create mode 100644 objects/vulnerability/vulnerability--a08a7b0f-6d2f-4d39-bfed-8e9b3d12602f.json create mode 100644 objects/vulnerability/vulnerability--a0c280f5-82e6-4ed5-aeb0-64fc452af5b8.json create mode 100644 objects/vulnerability/vulnerability--a11ddb11-1139-466d-8a4c-cf7f53515489.json create mode 100644 objects/vulnerability/vulnerability--a18d8775-5e61-4691-ad8f-fa1d3d844cc7.json create mode 100644 objects/vulnerability/vulnerability--a1ad537f-89cd-47ea-bee9-a9cdd2880553.json create mode 100644 objects/vulnerability/vulnerability--a3fe2b41-c90f-4ef4-b71c-f7c6a7cc2e5f.json create mode 100644 objects/vulnerability/vulnerability--a42fd75c-4141-43a7-bd86-f957d74fc94f.json create mode 100644 objects/vulnerability/vulnerability--a5b3e77e-a975-46ab-9371-9997260caa0a.json create mode 100644 objects/vulnerability/vulnerability--a8967fd0-a280-4606-9a49-303e30e3ed62.json create mode 100644 objects/vulnerability/vulnerability--a92fcb96-ec4f-4186-af12-743ecb5b1d70.json create mode 100644 objects/vulnerability/vulnerability--ab9eb43f-db2e-44bc-805e-5607af799f97.json create mode 100644 objects/vulnerability/vulnerability--ae00948b-97cd-41a9-80b5-c664b0a8c5ce.json create mode 100644 objects/vulnerability/vulnerability--ae1dac68-f691-4b80-ba06-876f154af88c.json create mode 100644 objects/vulnerability/vulnerability--aec430f9-26f7-4491-a9ef-bb596508ddf8.json create mode 100644 objects/vulnerability/vulnerability--af65ab6c-c7f3-4353-adea-81edde282f43.json create mode 100644 objects/vulnerability/vulnerability--b27eca93-e051-40ae-a11d-912a47a64c83.json create mode 100644 objects/vulnerability/vulnerability--b2a47399-543e-4ccf-8def-3d2b54e9bd4b.json create mode 100644 objects/vulnerability/vulnerability--b390aef9-93e2-4670-8861-29edf43a64cc.json create mode 100644 objects/vulnerability/vulnerability--b3f8633a-cea8-4333-a0ad-aaa2874d6442.json create mode 100644 objects/vulnerability/vulnerability--b586a970-3d36-4347-9b02-e9f1f1ac0b4c.json create mode 100644 objects/vulnerability/vulnerability--b75bf0e6-0d0b-4994-a939-6e6c582f6552.json create mode 100644 objects/vulnerability/vulnerability--b826d036-3250-4a74-9f09-a8d1269bed5a.json create mode 100644 objects/vulnerability/vulnerability--ba564d10-217f-483c-90f5-5a31c99d410b.json create mode 100644 objects/vulnerability/vulnerability--bb0af3c4-079e-4685-9e87-1694f5e33f4c.json create mode 100644 objects/vulnerability/vulnerability--bc7eee49-b5e8-4d0f-95fc-f40e4f46853c.json create mode 100644 objects/vulnerability/vulnerability--be091921-c90e-4fd1-bfe7-1779e353c258.json create mode 100644 objects/vulnerability/vulnerability--be70d0e4-5485-4fb2-9369-cb141bf436bf.json create mode 100644 objects/vulnerability/vulnerability--bf940d46-25aa-472d-8e64-4c78fbb18eb0.json create mode 100644 objects/vulnerability/vulnerability--c1bf9dee-93de-418c-9cc7-ea71bdba8d19.json create mode 100644 objects/vulnerability/vulnerability--c26170c7-8c77-46a2-9180-23fbf21875e3.json create mode 100644 objects/vulnerability/vulnerability--c4bce789-c93f-4afb-9855-9e720588ab8d.json create mode 100644 objects/vulnerability/vulnerability--c912723c-d32a-4ce0-9a87-fd7301fd9d34.json create mode 100644 objects/vulnerability/vulnerability--c931030c-b8a8-4b25-86e5-87cbdfd98394.json create mode 100644 objects/vulnerability/vulnerability--c93ad58a-bdef-4a63-9a31-3916a1e5af0f.json create mode 100644 objects/vulnerability/vulnerability--c9618552-6d3f-465b-a2db-ae6353be5565.json create mode 100644 objects/vulnerability/vulnerability--c9d57966-2b0d-4932-96c9-b7f2841bd0ce.json create mode 100644 objects/vulnerability/vulnerability--c9ee17b4-9a6b-4fca-908a-09563427332d.json create mode 100644 objects/vulnerability/vulnerability--ca4d612c-16a3-4668-bd97-8430787cde87.json create mode 100644 objects/vulnerability/vulnerability--d03230b1-b26e-4d27-bef3-e37b7765209a.json create mode 100644 objects/vulnerability/vulnerability--d0e4a486-1934-4a2a-8591-b8df8696e7b7.json create mode 100644 objects/vulnerability/vulnerability--d35532fa-11e9-4a6d-905f-df69c5ec1ba2.json create mode 100644 objects/vulnerability/vulnerability--d4699128-3f49-4603-acf9-7ea330c4cc13.json create mode 100644 objects/vulnerability/vulnerability--d4b5b7bf-b3cb-44c5-a280-a2285efdf322.json create mode 100644 objects/vulnerability/vulnerability--d60fadec-5e09-4eee-82e3-8d477bd9af54.json create mode 100644 objects/vulnerability/vulnerability--d61296ba-5e0d-40ba-b83d-4866a30f3c8c.json create mode 100644 objects/vulnerability/vulnerability--d8031121-e117-4deb-990f-1bfc20913f0d.json create mode 100644 objects/vulnerability/vulnerability--d857c5b5-c304-4bd2-85b9-a4f95228683e.json create mode 100644 objects/vulnerability/vulnerability--da86fde0-1a69-4678-a88f-16952b139889.json create mode 100644 objects/vulnerability/vulnerability--e037f54d-2f02-47dd-9565-4ce304c244a5.json create mode 100644 objects/vulnerability/vulnerability--e046245c-36ab-46c3-abfd-3de2484c0575.json create mode 100644 objects/vulnerability/vulnerability--e0cd5aac-19fd-4dd8-821f-2ab513f3b6c2.json create mode 100644 objects/vulnerability/vulnerability--e760c717-2923-44f0-aa8f-edb14402bb36.json create mode 100644 objects/vulnerability/vulnerability--e8125adf-8b9d-43c4-a383-f5406d680480.json create mode 100644 objects/vulnerability/vulnerability--e86320ef-4c2f-4202-abda-4656d0234c12.json create mode 100644 objects/vulnerability/vulnerability--ea43ce48-6f3d-4fc9-ad6b-737567b720e2.json create mode 100644 objects/vulnerability/vulnerability--ea50c934-34f6-4290-8869-3d1b7e540c59.json create mode 100644 objects/vulnerability/vulnerability--ea56c892-913d-417b-bb26-560ad4be5393.json create mode 100644 objects/vulnerability/vulnerability--eb10fe1c-84c6-4ace-bf13-fd63980a2d1b.json create mode 100644 objects/vulnerability/vulnerability--edfeca22-7f59-4ff6-ad73-eb398ae80d49.json create mode 100644 objects/vulnerability/vulnerability--f1abb537-f9af-40a4-a020-6e236fe7ea23.json create mode 100644 objects/vulnerability/vulnerability--f224c003-bc40-47a7-bf62-a0005d30cff9.json create mode 100644 objects/vulnerability/vulnerability--f249694a-7227-4303-a602-aeeaf74038b8.json create mode 100644 objects/vulnerability/vulnerability--f284abca-090d-47bd-840e-91b38182ec8c.json create mode 100644 objects/vulnerability/vulnerability--f4005c6c-2cdd-4bf7-8c0e-48ca42dc1ea6.json create mode 100644 objects/vulnerability/vulnerability--f4eb0488-1c92-45ff-8ff8-0734245295d3.json create mode 100644 objects/vulnerability/vulnerability--f6e996ab-c00b-4aa9-8603-8194ca736be3.json create mode 100644 objects/vulnerability/vulnerability--f74ac2d5-969b-4046-9d56-c30f79dbc198.json create mode 100644 objects/vulnerability/vulnerability--f7620e0b-0710-4782-845d-8bfc08e46c67.json create mode 100644 objects/vulnerability/vulnerability--f9ae6c89-0b48-41bb-b9a8-d926570759bd.json create mode 100644 objects/vulnerability/vulnerability--fa508b99-15c1-47d6-85af-226c94489c83.json create mode 100644 objects/vulnerability/vulnerability--fab2a02a-d93b-4a2d-be6c-083040afa435.json create mode 100644 objects/vulnerability/vulnerability--fae57b3d-5df3-483a-858d-ea21b7279554.json create mode 100644 objects/vulnerability/vulnerability--fbb25155-a9c4-4a41-9b32-a7901d7976dc.json create mode 100644 objects/vulnerability/vulnerability--fe3e3a75-b803-445f-af0b-ca215d092c15.json diff --git a/mapping.csv b/mapping.csv index 116cdfa1476..19926a008dc 100644 --- a/mapping.csv +++ b/mapping.csv @@ -255829,3 +255829,235 @@ vulnerability,CVE-2023-47543,vulnerability--ae4fc22c-9b49-4ed2-ba55-1a0700625e6f vulnerability,CVE-2023-50176,vulnerability--bab8acd7-f159-480d-a49a-48d7d7ba9a67 vulnerability,CVE-2023-44255,vulnerability--3901419e-cf22-4c11-84cc-1bf3bbc1413f vulnerability,CVE-2023-32736,vulnerability--11ecff62-4c33-4ca3-88ed-ef18dcfc8206 +vulnerability,CVE-2024-24985,vulnerability--0658444c-2ee6-4e56-ac97-9836c46884be +vulnerability,CVE-2024-24984,vulnerability--d4b5b7bf-b3cb-44c5-a280-a2285efdf322 +vulnerability,CVE-2024-51027,vulnerability--5d414727-ed36-4704-af6e-415571f3d0bd +vulnerability,CVE-2024-51996,vulnerability--fae57b3d-5df3-483a-858d-ea21b7279554 +vulnerability,CVE-2024-48900,vulnerability--016f4cfa-00c7-48e6-9bfc-0adf32e3b189 +vulnerability,CVE-2024-48989,vulnerability--336dd420-9295-4883-ac6a-d548e1beca32 +vulnerability,CVE-2024-48510,vulnerability--d35532fa-11e9-4a6d-905f-df69c5ec1ba2 +vulnerability,CVE-2024-52300,vulnerability--fa508b99-15c1-47d6-85af-226c94489c83 +vulnerability,CVE-2024-52550,vulnerability--8bcbae9c-22ee-4bf2-be54-2cee680ff1d4 +vulnerability,CVE-2024-52551,vulnerability--7ca92e82-41bc-4ec0-824b-e665cea76405 +vulnerability,CVE-2024-52298,vulnerability--f74ac2d5-969b-4046-9d56-c30f79dbc198 +vulnerability,CVE-2024-52553,vulnerability--29533a7b-34f6-4d04-a051-87a8cdb51283 +vulnerability,CVE-2024-52299,vulnerability--f1abb537-f9af-40a4-a020-6e236fe7ea23 +vulnerability,CVE-2024-52305,vulnerability--7b5e5645-c2ba-4c65-b74d-006c3c6fae64 +vulnerability,CVE-2024-52293,vulnerability--d8031121-e117-4deb-990f-1bfc20913f0d +vulnerability,CVE-2024-52291,vulnerability--716f7744-156c-4113-b521-9d5f3d26e39a +vulnerability,CVE-2024-52292,vulnerability--71edd42a-7b2b-4ba8-aae1-eb6b36939b91 +vulnerability,CVE-2024-52554,vulnerability--fe3e3a75-b803-445f-af0b-ca215d092c15 +vulnerability,CVE-2024-52295,vulnerability--85e8c4ce-f4ea-4bbd-87c0-59e73caf1e61 +vulnerability,CVE-2024-52549,vulnerability--88153f89-c147-44ae-9f75-bef2f3778a26 +vulnerability,CVE-2024-52306,vulnerability--8485d9de-2db4-4d05-bccb-94dbb7a8cc66 +vulnerability,CVE-2024-52552,vulnerability--e8125adf-8b9d-43c4-a383-f5406d680480 +vulnerability,CVE-2024-52268,vulnerability--bc7eee49-b5e8-4d0f-95fc-f40e4f46853c +vulnerability,CVE-2024-45594,vulnerability--c1bf9dee-93de-418c-9cc7-ea71bdba8d19 +vulnerability,CVE-2024-45877,vulnerability--9724278c-f04b-4cf9-8906-5eabc79d5c1f +vulnerability,CVE-2024-45878,vulnerability--951b8f83-7329-4304-bd37-d75eb274680c +vulnerability,CVE-2024-45879,vulnerability--9cec0a6f-bbff-454c-8835-27b78bff1f0a +vulnerability,CVE-2024-45875,vulnerability--7cdafa3f-95b1-44c1-955a-51d5660599a3 +vulnerability,CVE-2024-45876,vulnerability--4d59cc45-9a53-4d06-a768-39b139881111 +vulnerability,CVE-2024-10802,vulnerability--1e6d8744-daf8-4013-90a1-22f34adf6af9 +vulnerability,CVE-2024-10038,vulnerability--56755983-0b17-448e-9342-b63f923f1b4c +vulnerability,CVE-2024-10686,vulnerability--3034547c-6a8d-4264-9767-8ccaeb499d07 +vulnerability,CVE-2024-10778,vulnerability--76d4b87f-8fe9-4386-bd75-c9a62f4b41ed +vulnerability,CVE-2024-10717,vulnerability--27ee92ed-8441-47ca-b14f-c30277f0ceaf +vulnerability,CVE-2024-10794,vulnerability--1a8b8fde-f2f5-4ba6-a9bd-5f3b1915cf3f +vulnerability,CVE-2024-10800,vulnerability--15fddb59-abf7-4819-a62a-49f8bcab3e05 +vulnerability,CVE-2024-10850,vulnerability--a03eb8b2-837f-448c-a0a7-c5a6540054c0 +vulnerability,CVE-2024-10529,vulnerability--9c273dbb-3f5e-46f3-80a9-e20a9a724258 +vulnerability,CVE-2024-10887,vulnerability--880f6562-efe9-4aea-93c0-0eaaf50c1cb9 +vulnerability,CVE-2024-10828,vulnerability--20ac4ef7-90f3-46bb-b2be-a1e21fec63fc +vulnerability,CVE-2024-10012,vulnerability--1fa57fb8-6bc2-4609-a7df-7e317ab54a2e +vulnerability,CVE-2024-10629,vulnerability--f249694a-7227-4303-a602-aeeaf74038b8 +vulnerability,CVE-2024-10684,vulnerability--66fad288-beb7-424d-920d-205e998781bd +vulnerability,CVE-2024-10877,vulnerability--89205fe1-16dc-417f-8b50-82d1534e4e85 +vulnerability,CVE-2024-10575,vulnerability--704080f1-14c2-4a8a-b1fb-05752ff804c6 +vulnerability,CVE-2024-10816,vulnerability--a18d8775-5e61-4691-ad8f-fa1d3d844cc7 +vulnerability,CVE-2024-10577,vulnerability--7120bc93-bd5c-440f-bf43-6182a771e870 +vulnerability,CVE-2024-10530,vulnerability--b3f8633a-cea8-4333-a0ad-aaa2874d6442 +vulnerability,CVE-2024-10531,vulnerability--7c70c92e-147f-4bcf-b243-c7da561dc07e +vulnerability,CVE-2024-10882,vulnerability--e86320ef-4c2f-4202-abda-4656d0234c12 +vulnerability,CVE-2024-10820,vulnerability--c9ee17b4-9a6b-4fca-908a-09563427332d +vulnerability,CVE-2024-10852,vulnerability--3fbec81e-48d3-4373-956a-eb5748292bac +vulnerability,CVE-2024-10851,vulnerability--5b336042-f991-4056-8dc4-5cfa035399d7 +vulnerability,CVE-2024-10013,vulnerability--342c2296-41cb-4324-836f-bd6ab0eeb08e +vulnerability,CVE-2024-10174,vulnerability--4b28274d-83d7-45ad-9b6c-3a0f94ef769c +vulnerability,CVE-2024-10593,vulnerability--68bde61a-3e37-4224-8973-4c6060f8776a +vulnerability,CVE-2024-10853,vulnerability--99e38a24-670f-4511-a3fe-d040a1ee2c31 +vulnerability,CVE-2024-10854,vulnerability--d4699128-3f49-4603-acf9-7ea330c4cc13 +vulnerability,CVE-2024-9682,vulnerability--1d041c1f-4897-4f0e-95dd-eb4630a6225e +vulnerability,CVE-2024-9426,vulnerability--45a4fd53-85d3-4234-88b8-b302c46ccdd7 +vulnerability,CVE-2024-9614,vulnerability--13549501-5dbe-47f7-9a64-598a58ba5693 +vulnerability,CVE-2024-9578,vulnerability--0aaa56e6-1f30-44a1-86d0-71fe3e824d5b +vulnerability,CVE-2024-9409,vulnerability--3381dd1d-0726-4cea-beaa-5689a49da198 +vulnerability,CVE-2024-9668,vulnerability--456b4457-9ee3-4a0c-9194-2c4dbbcded67 +vulnerability,CVE-2024-9476,vulnerability--ca4d612c-16a3-4668-bd97-8430787cde87 +vulnerability,CVE-2024-9413,vulnerability--b27eca93-e051-40ae-a11d-912a47a64c83 +vulnerability,CVE-2024-9477,vulnerability--04b36a0a-2e98-4464-a495-40e50bf34728 +vulnerability,CVE-2024-9059,vulnerability--90d848f6-face-488d-bc81-68a7decad9e9 +vulnerability,CVE-2024-39766,vulnerability--60dcfdaa-8c56-4daa-b06c-e87dc0f32ebe +vulnerability,CVE-2024-39811,vulnerability--78b330d9-0f6b-4950-867c-a267eeb802f3 +vulnerability,CVE-2024-39609,vulnerability--edfeca22-7f59-4ff6-ad73-eb398ae80d49 +vulnerability,CVE-2024-39712,vulnerability--56ad765c-681e-42a0-886e-b02aab08bbd6 +vulnerability,CVE-2024-39711,vulnerability--2f316b5d-1e63-4498-b3aa-967290c2db4f +vulnerability,CVE-2024-39368,vulnerability--f4005c6c-2cdd-4bf7-8c0e-48ca42dc1ea6 +vulnerability,CVE-2024-39709,vulnerability--35e24cb3-90bb-46cf-ad4a-a5831bf344b2 +vulnerability,CVE-2024-39285,vulnerability--ea56c892-913d-417b-bb26-560ad4be5393 +vulnerability,CVE-2024-39710,vulnerability--ea50c934-34f6-4290-8869-3d1b7e540c59 +vulnerability,CVE-2024-47574,vulnerability--e0cd5aac-19fd-4dd8-821f-2ab513f3b6c2 +vulnerability,CVE-2024-50852,vulnerability--f7620e0b-0710-4782-845d-8bfc08e46c67 +vulnerability,CVE-2024-50956,vulnerability--4c53b64e-749f-4da4-a924-3f8c21a1d377 +vulnerability,CVE-2024-50972,vulnerability--4f4fab9b-40eb-4068-a6a5-a65dc86e4fcb +vulnerability,CVE-2024-50970,vulnerability--00fd3e2e-9675-4eb9-af39-2440047b8264 +vulnerability,CVE-2024-50854,vulnerability--e046245c-36ab-46c3-abfd-3de2484c0575 +vulnerability,CVE-2024-50971,vulnerability--b826d036-3250-4a74-9f09-a8d1269bed5a +vulnerability,CVE-2024-50969,vulnerability--fab2a02a-d93b-4a2d-be6c-083040afa435 +vulnerability,CVE-2024-50955,vulnerability--f9ae6c89-0b48-41bb-b9a8-d926570759bd +vulnerability,CVE-2024-50853,vulnerability--d03230b1-b26e-4d27-bef3-e37b7765209a +vulnerability,CVE-2024-26017,vulnerability--3f8636aa-8e7f-4e48-9a61-ae2304e13329 +vulnerability,CVE-2024-7295,vulnerability--0c233897-db41-4456-9d19-3bfe57a36957 +vulnerability,CVE-2024-25563,vulnerability--9bf1c4a0-8b99-4025-a116-dfc8a81c3eea +vulnerability,CVE-2024-25647,vulnerability--7e992b28-27a3-4a9f-93ec-470275384f1e +vulnerability,CVE-2024-25565,vulnerability--ba564d10-217f-483c-90f5-5a31c99d410b +vulnerability,CVE-2024-11165,vulnerability--d0e4a486-1934-4a2a-8591-b8df8696e7b7 +vulnerability,CVE-2024-11159,vulnerability--6f71b579-b743-40a4-b064-439d8b6100a6 +vulnerability,CVE-2024-11193,vulnerability--2a486c64-de3c-427d-8875-e247a372ddab +vulnerability,CVE-2024-11150,vulnerability--289a0223-c012-4472-84f3-4a5f947da56c +vulnerability,CVE-2024-11143,vulnerability--326b5862-248d-4ef1-98fa-813eaebbb8ec +vulnerability,CVE-2024-11028,vulnerability--2c4cbdca-8967-4565-bd93-cdb160b6d706 +vulnerability,CVE-2024-11175,vulnerability--d60fadec-5e09-4eee-82e3-8d477bd9af54 +vulnerability,CVE-2024-34023,vulnerability--01e09050-c6e1-47a7-98a9-f0a9b6ce303b +vulnerability,CVE-2024-34784,vulnerability--7e04ee5a-5942-4a59-a03e-d267cb72cc12 +vulnerability,CVE-2024-34729,vulnerability--c931030c-b8a8-4b25-86e5-87cbdfd98394 +vulnerability,CVE-2024-34028,vulnerability--5dc354f2-ac0c-40e3-b4c9-7e89118623fd +vulnerability,CVE-2024-34780,vulnerability--9374c519-f41a-45ad-be90-605341fd2102 +vulnerability,CVE-2024-34781,vulnerability--2cdde34c-2f61-4b15-b494-496d4fc2637c +vulnerability,CVE-2024-34787,vulnerability--45932554-2d96-4f59-b495-015e25a142e8 +vulnerability,CVE-2024-34165,vulnerability--4fcf7f6f-6d6e-4ddf-b03e-07662f0da040 +vulnerability,CVE-2024-34747,vulnerability--39ea0f89-a171-4039-8184-fbc3ea93cdf1 +vulnerability,CVE-2024-34164,vulnerability--04746481-2d83-47dd-bbbb-b11089e1bd6b +vulnerability,CVE-2024-34776,vulnerability--85c51e47-5449-48c3-9835-282d3ec6f38e +vulnerability,CVE-2024-34170,vulnerability--26137d02-07c9-4123-991d-8ad2a96451f7 +vulnerability,CVE-2024-34719,vulnerability--94f95bfa-679b-4462-8654-dd9d3bacb4f7 +vulnerability,CVE-2024-34022,vulnerability--bb0af3c4-079e-4685-9e87-1694f5e33f4c +vulnerability,CVE-2024-34782,vulnerability--0719aac7-563c-4ea9-ab61-7d4afdff9c19 +vulnerability,CVE-2024-34167,vulnerability--5489efa7-ff3a-4cef-a730-1f15c9601d78 +vulnerability,CVE-2024-33611,vulnerability--3f1d06fc-9d52-4cd7-a739-a320d54fb545 +vulnerability,CVE-2024-33617,vulnerability--72c82b74-0be8-4f10-be50-aaee1c058969 +vulnerability,CVE-2024-33624,vulnerability--3f8a06dc-c0a3-47ad-9e27-c3e615e8cc5a +vulnerability,CVE-2024-8938,vulnerability--7d42c6d8-4490-4ef8-aea6-9ba33770f1af +vulnerability,CVE-2024-8937,vulnerability--0d4e5dc5-fc46-4600-a17c-30751ba35760 +vulnerability,CVE-2024-8001,vulnerability--9e29b87b-076a-4f0f-9134-181692c345dc +vulnerability,CVE-2024-8935,vulnerability--92eb9cc3-3e74-4757-9472-2563436364ce +vulnerability,CVE-2024-8049,vulnerability--eb10fe1c-84c6-4ace-bf13-fd63980a2d1b +vulnerability,CVE-2024-8985,vulnerability--23945c25-7e56-4674-b311-c7deca84bed5 +vulnerability,CVE-2024-8936,vulnerability--2b0b78b9-a32e-4abd-8c5b-9b8c7387eba4 +vulnerability,CVE-2024-8933,vulnerability--aec430f9-26f7-4491-a9ef-bb596508ddf8 +vulnerability,CVE-2024-8874,vulnerability--1f63ed17-0b2b-4dad-ba42-7fa57bd94ea0 +vulnerability,CVE-2024-38660,vulnerability--2a085116-610d-4c54-a57f-93c5f297fd44 +vulnerability,CVE-2024-38649,vulnerability--743256d6-56e6-48b3-8580-836aa5f51fc6 +vulnerability,CVE-2024-38656,vulnerability--550fabb2-4b46-45ce-8756-8e9d786dd439 +vulnerability,CVE-2024-38668,vulnerability--b2a47399-543e-4ccf-8def-3d2b54e9bd4b +vulnerability,CVE-2024-38655,vulnerability--b390aef9-93e2-4670-8861-29edf43a64cc +vulnerability,CVE-2024-38387,vulnerability--b586a970-3d36-4347-9b02-e9f1f1ac0b4c +vulnerability,CVE-2024-38383,vulnerability--c26170c7-8c77-46a2-9180-23fbf21875e3 +vulnerability,CVE-2024-38665,vulnerability--7acae19f-c41b-4ef0-949c-ffdece206e5d +vulnerability,CVE-2024-38654,vulnerability--73f0bcf1-6bed-4920-aed6-6aa0164b265b +vulnerability,CVE-2024-22185,vulnerability--2f3ed4fb-6552-49ad-aef0-a8d7b07b1da0 +vulnerability,CVE-2024-40885,vulnerability--74a55d0a-d974-49d4-8ef3-eb95db69b6f9 +vulnerability,CVE-2024-40404,vulnerability--8aceb4fe-a271-4d71-b51f-a35369031d36 +vulnerability,CVE-2024-40661,vulnerability--76ed15c8-d761-4287-a515-29a5bd4eff80 +vulnerability,CVE-2024-40405,vulnerability--8fcd4b22-8e00-40f6-b370-c878aa35a048 +vulnerability,CVE-2024-40407,vulnerability--97d15a9f-13ca-4d61-83b8-a3aa87fb6554 +vulnerability,CVE-2024-40410,vulnerability--c4bce789-c93f-4afb-9855-9e720588ab8d +vulnerability,CVE-2024-40443,vulnerability--604a1934-f772-44d4-ae34-b649d5622315 +vulnerability,CVE-2024-40671,vulnerability--bf940d46-25aa-472d-8e64-4c78fbb18eb0 +vulnerability,CVE-2024-40408,vulnerability--92cafe38-07f3-4021-8486-c9f1e8572f79 +vulnerability,CVE-2024-40660,vulnerability--a08a7b0f-6d2f-4d39-bfed-8e9b3d12602f +vulnerability,CVE-2024-31407,vulnerability--5a2a0645-e822-46b1-bfb1-2993bc8274bc +vulnerability,CVE-2024-31337,vulnerability--46569c98-ed6b-4d48-b94c-407543eb76ea +vulnerability,CVE-2024-31154,vulnerability--8cfa9d50-6654-4b7c-957e-2bbc3fe8d5d8 +vulnerability,CVE-2024-31158,vulnerability--7430c7dc-57c0-43f1-9fbf-d03264df64f8 +vulnerability,CVE-2024-31074,vulnerability--44367617-fc49-4ded-b6c9-50cee49a02cd +vulnerability,CVE-2024-41167,vulnerability--a11ddb11-1139-466d-8a4c-cf7f53515489 +vulnerability,CVE-2024-21541,vulnerability--c9d57966-2b0d-4932-96c9-b7f2841bd0ce +vulnerability,CVE-2024-21540,vulnerability--8008fb08-77f0-468f-be1f-bada05343644 +vulnerability,CVE-2024-21853,vulnerability--5fb06d83-8cd7-4ab4-a59e-44fd5b66d318 +vulnerability,CVE-2024-21850,vulnerability--fbb25155-a9c4-4a41-9b32-a7901d7976dc +vulnerability,CVE-2024-21808,vulnerability--295bb082-0b71-4835-94c5-6fb9d1602b4e +vulnerability,CVE-2024-21783,vulnerability--4e6a0902-5679-4645-8f54-e2c3e1b8626e +vulnerability,CVE-2024-21820,vulnerability--1a18418e-5677-4e41-a85f-a43a6e375361 +vulnerability,CVE-2024-21799,vulnerability--622896f0-bcc9-4079-9740-b59b5bd91f9b +vulnerability,CVE-2024-37024,vulnerability--6147e8d9-9cfd-4755-931c-20964b400e6d +vulnerability,CVE-2024-37027,vulnerability--0530b3e9-eb4a-42df-9d0e-8e45d385901c +vulnerability,CVE-2024-37376,vulnerability--68af5bdd-5835-40e1-81ad-194a64087150 +vulnerability,CVE-2024-37400,vulnerability--8b768b9d-e6d3-45ed-99b3-e3548a262cf6 +vulnerability,CVE-2024-37025,vulnerability--16b52ea4-e089-489a-8e37-a93e0fb46b1a +vulnerability,CVE-2024-37398,vulnerability--a8967fd0-a280-4606-9a49-303e30e3ed62 +vulnerability,CVE-2024-35245,vulnerability--be091921-c90e-4fd1-bfe7-1779e353c258 +vulnerability,CVE-2024-35201,vulnerability--e037f54d-2f02-47dd-9565-4ce304c244a5 +vulnerability,CVE-2024-49504,vulnerability--4ecf446b-0439-44db-86ff-a73e425c71a5 +vulnerability,CVE-2024-49379,vulnerability--5fc800e7-66f5-47dd-a565-72a73b07a1aa +vulnerability,CVE-2024-49506,vulnerability--8ec2afa3-47f0-40a8-82ab-cb5727e9a909 +vulnerability,CVE-2024-49505,vulnerability--f4eb0488-1c92-45ff-8ff8-0734245295d3 +vulnerability,CVE-2024-23198,vulnerability--a1ad537f-89cd-47ea-bee9-a9cdd2880553 +vulnerability,CVE-2024-23919,vulnerability--706f5935-0a86-4249-beb7-551b17fbf5c3 +vulnerability,CVE-2024-23918,vulnerability--a42fd75c-4141-43a7-bd86-f957d74fc94f +vulnerability,CVE-2024-23312,vulnerability--1552bf39-8a7d-49e0-9edb-89216f506ec9 +vulnerability,CVE-2024-23715,vulnerability--3ba6830e-4fc4-4159-ae3e-69a2868d6845 +vulnerability,CVE-2024-36276,vulnerability--4e9f9c47-b4a2-4371-8ca3-e567d1d17d9a +vulnerability,CVE-2024-36284,vulnerability--3f8e0e99-5fb8-4b59-b46f-9a90b95d42e3 +vulnerability,CVE-2024-36294,vulnerability--9fe001dd-3441-4d78-814f-3a143f9a9a90 +vulnerability,CVE-2024-36482,vulnerability--72535cef-5f6f-4754-839a-cfd98af5f99c +vulnerability,CVE-2024-36253,vulnerability--3e27d33e-bb93-4377-a59d-6dcffda4aca0 +vulnerability,CVE-2024-36488,vulnerability--e760c717-2923-44f0-aa8f-edb14402bb36 +vulnerability,CVE-2024-36242,vulnerability--177ff812-8480-444e-8973-d8154c2b6c0c +vulnerability,CVE-2024-36282,vulnerability--3d3b0d79-0240-4401-bb2b-65b3904863a6 +vulnerability,CVE-2024-36245,vulnerability--7e1c8cca-e13f-4fc2-befe-5c8653cc9a42 +vulnerability,CVE-2024-36275,vulnerability--44f37249-9034-439d-9e13-aba3a939bb52 +vulnerability,CVE-2024-42834,vulnerability--0987bdf9-fc8a-44d9-bffe-e9319c68b46e +vulnerability,CVE-2024-32839,vulnerability--be70d0e4-5485-4fb2-9369-cb141bf436bf +vulnerability,CVE-2024-32483,vulnerability--f284abca-090d-47bd-840e-91b38182ec8c +vulnerability,CVE-2024-32847,vulnerability--a92fcb96-ec4f-4186-af12-743ecb5b1d70 +vulnerability,CVE-2024-32485,vulnerability--07bac0b0-869b-4a0f-8a05-fc88580eba6f +vulnerability,CVE-2024-32044,vulnerability--9c1af239-c984-4834-8e5a-4dee105dbfeb +vulnerability,CVE-2024-32048,vulnerability--ea43ce48-6f3d-4fc9-ad6b-737567b720e2 +vulnerability,CVE-2024-32841,vulnerability--d61296ba-5e0d-40ba-b83d-4866a30f3c8c +vulnerability,CVE-2024-32667,vulnerability--ae1dac68-f691-4b80-ba06-876f154af88c +vulnerability,CVE-2024-32844,vulnerability--52bbdcb4-00f8-4802-ad68-dd268ff9a500 +vulnerability,CVE-2024-28049,vulnerability--f224c003-bc40-47a7-bf62-a0005d30cff9 +vulnerability,CVE-2024-28952,vulnerability--2501ed03-49b7-429f-8b2c-ef0a5cbd0368 +vulnerability,CVE-2024-28030,vulnerability--9e2c1a2c-e2d0-49b7-a968-1199f722c521 +vulnerability,CVE-2024-28169,vulnerability--ab9eb43f-db2e-44bc-805e-5607af799f97 +vulnerability,CVE-2024-28950,vulnerability--d857c5b5-c304-4bd2-85b9-a4f95228683e +vulnerability,CVE-2024-28051,vulnerability--89069cea-57e5-4bbf-a344-c39b87ded914 +vulnerability,CVE-2024-28885,vulnerability--7368c425-808a-4c32-8df5-3bcb37c9cf34 +vulnerability,CVE-2024-28028,vulnerability--207a9406-5334-4f48-893c-18a9b1714717 +vulnerability,CVE-2024-28881,vulnerability--3127e24c-0afa-4cf4-abb3-109a9a54aa3f +vulnerability,CVE-2024-4741,vulnerability--1a60532f-6efb-41e6-9475-32b5ec416686 +vulnerability,CVE-2024-29085,vulnerability--da86fde0-1a69-4678-a88f-16952b139889 +vulnerability,CVE-2024-29076,vulnerability--75cf2fb4-9335-48fc-bbb4-d5e69eca3b8a +vulnerability,CVE-2024-29211,vulnerability--a0c280f5-82e6-4ed5-aeb0-64fc452af5b8 +vulnerability,CVE-2024-29079,vulnerability--36c08f9d-2193-4341-8da9-bac1a400a773 +vulnerability,CVE-2024-29077,vulnerability--c93ad58a-bdef-4a63-9a31-3916a1e5af0f +vulnerability,CVE-2024-29083,vulnerability--401d1abc-df6b-4d86-832f-e0f4c9ea335e +vulnerability,CVE-2024-27200,vulnerability--9a34e469-c337-41ae-9ed3-0fbc94fff262 +vulnerability,CVE-2024-43082,vulnerability--1702cb30-a604-41ab-8225-7fef51f4dcb8 +vulnerability,CVE-2024-43083,vulnerability--0d45415f-a00b-4db9-af86-36aa4b25b9d6 +vulnerability,CVE-2024-43086,vulnerability--879f0eef-2452-4147-86d8-9a578f257dfd +vulnerability,CVE-2024-43080,vulnerability--b75bf0e6-0d0b-4994-a939-6e6c582f6552 +vulnerability,CVE-2024-43091,vulnerability--c9618552-6d3f-465b-a2db-ae6353be5565 +vulnerability,CVE-2024-43084,vulnerability--a3fe2b41-c90f-4ef4-b71c-f7c6a7cc2e5f +vulnerability,CVE-2024-43087,vulnerability--235922d7-753e-4205-9b8d-a3ff93b1547e +vulnerability,CVE-2024-43090,vulnerability--f6e996ab-c00b-4aa9-8603-8194ca736be3 +vulnerability,CVE-2024-43085,vulnerability--37df4c73-60a8-469f-853a-da72cc87b472 +vulnerability,CVE-2024-43093,vulnerability--ae00948b-97cd-41a9-80b5-c664b0a8c5ce +vulnerability,CVE-2024-43081,vulnerability--26a35973-8a00-4477-a596-dbfaef62aed0 +vulnerability,CVE-2024-43088,vulnerability--16d59d74-ec0a-41f6-b744-3651c7ed9162 +vulnerability,CVE-2024-43089,vulnerability--af65ab6c-c7f3-4353-adea-81edde282f43 +vulnerability,CVE-2022-45157,vulnerability--135d74fa-2bdd-4818-ad9a-6261486fc253 +vulnerability,CVE-2023-38920,vulnerability--a5b3e77e-a975-46ab-9371-9997260caa0a +vulnerability,CVE-2023-35686,vulnerability--c912723c-d32a-4ce0-9a87-fd7301fd9d34 +vulnerability,CVE-2023-35659,vulnerability--73d2a23c-0ac6-470b-912e-0df7acdcbe95 diff --git a/objects/vulnerability/vulnerability--00fd3e2e-9675-4eb9-af39-2440047b8264.json b/objects/vulnerability/vulnerability--00fd3e2e-9675-4eb9-af39-2440047b8264.json new file mode 100644 index 00000000000..863252eb889 --- /dev/null +++ b/objects/vulnerability/vulnerability--00fd3e2e-9675-4eb9-af39-2440047b8264.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--4807e4f8-8769-4b11-9e93-ee8584ad58e7", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--00fd3e2e-9675-4eb9-af39-2440047b8264", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.646491Z", + "modified": "2024-11-14T00:20:35.646491Z", + "name": "CVE-2024-50970", + "description": "A SQL injection vulnerability in orderview1.php of Itsourcecode Online Furniture Shopping Project 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-50970" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--016f4cfa-00c7-48e6-9bfc-0adf32e3b189.json b/objects/vulnerability/vulnerability--016f4cfa-00c7-48e6-9bfc-0adf32e3b189.json new file mode 100644 index 00000000000..e7bfba1287b --- /dev/null +++ b/objects/vulnerability/vulnerability--016f4cfa-00c7-48e6-9bfc-0adf32e3b189.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--9409c514-b8a9-4b4d-8af6-37b6a9927a93", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--016f4cfa-00c7-48e6-9bfc-0adf32e3b189", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.104804Z", + "modified": "2024-11-14T00:20:35.104804Z", + "name": "CVE-2024-48900", + "description": "A vulnerability was found in Moodle. Additional checks are required to ensure users with permission to view badge recipients can only access lists of those they are intended to have access to.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-48900" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--01e09050-c6e1-47a7-98a9-f0a9b6ce303b.json b/objects/vulnerability/vulnerability--01e09050-c6e1-47a7-98a9-f0a9b6ce303b.json new file mode 100644 index 00000000000..d62d035e701 --- /dev/null +++ b/objects/vulnerability/vulnerability--01e09050-c6e1-47a7-98a9-f0a9b6ce303b.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d876a926-f6cf-44a2-89d4-c9476957e367", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--01e09050-c6e1-47a7-98a9-f0a9b6ce303b", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.8841Z", + "modified": "2024-11-14T00:20:35.8841Z", + "name": "CVE-2024-34023", + "description": "Untrusted pointer dereference in some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-34023" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--04746481-2d83-47dd-bbbb-b11089e1bd6b.json b/objects/vulnerability/vulnerability--04746481-2d83-47dd-bbbb-b11089e1bd6b.json new file mode 100644 index 00000000000..07244ac6ada --- /dev/null +++ b/objects/vulnerability/vulnerability--04746481-2d83-47dd-bbbb-b11089e1bd6b.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--0673b760-a6aa-449b-895d-b642433436a9", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--04746481-2d83-47dd-bbbb-b11089e1bd6b", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.916089Z", + "modified": "2024-11-14T00:20:35.916089Z", + "name": "CVE-2024-34164", + "description": "Uncontrolled search path element in some Intel(R) MAS software before version 2.5 may allow an authenticated user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-34164" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--04b36a0a-2e98-4464-a495-40e50bf34728.json b/objects/vulnerability/vulnerability--04b36a0a-2e98-4464-a495-40e50bf34728.json new file mode 100644 index 00000000000..a0c2e6af0e3 --- /dev/null +++ b/objects/vulnerability/vulnerability--04b36a0a-2e98-4464-a495-40e50bf34728.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d1258930-869c-4a9b-8f2c-ed3904154dba", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--04b36a0a-2e98-4464-a495-40e50bf34728", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.48485Z", + "modified": "2024-11-14T00:20:35.48485Z", + "name": "CVE-2024-9477", + "description": "** UNSUPPPORTED WHEN ASSIGNED ** Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AirTies Air4443 Firmware allows Cross-Site Scripting (XSS).This issue affects Air4443 Firmware: through 14102024.\n\n\nNOTE: The vendor was contacted and it was learned that the product classified as End-of-Life and End-of-Support.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-9477" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--0530b3e9-eb4a-42df-9d0e-8e45d385901c.json b/objects/vulnerability/vulnerability--0530b3e9-eb4a-42df-9d0e-8e45d385901c.json new file mode 100644 index 00000000000..64a6ef88a30 --- /dev/null +++ b/objects/vulnerability/vulnerability--0530b3e9-eb4a-42df-9d0e-8e45d385901c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--cc17c94f-2d1a-4be9-86e7-699eee19185c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--0530b3e9-eb4a-42df-9d0e-8e45d385901c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.642813Z", + "modified": "2024-11-14T00:20:36.642813Z", + "name": "CVE-2024-37027", + "description": "Improper Input validation in some Intel(R) VTune(TM) Profiler software before version 2024.2.0 may allow an authenticated user to potentially enable denial of service via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-37027" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--0658444c-2ee6-4e56-ac97-9836c46884be.json b/objects/vulnerability/vulnerability--0658444c-2ee6-4e56-ac97-9836c46884be.json new file mode 100644 index 00000000000..85818bb125b --- /dev/null +++ b/objects/vulnerability/vulnerability--0658444c-2ee6-4e56-ac97-9836c46884be.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--61ca8d49-43f8-4096-86a2-0c8685aa518a", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--0658444c-2ee6-4e56-ac97-9836c46884be", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:34.986687Z", + "modified": "2024-11-14T00:20:34.986687Z", + "name": "CVE-2024-24985", + "description": "Exposure of resource to wrong sphere in some Intel(R) processors with Intel(R) ACTM may allow a privileged user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-24985" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--0719aac7-563c-4ea9-ab61-7d4afdff9c19.json b/objects/vulnerability/vulnerability--0719aac7-563c-4ea9-ab61-7d4afdff9c19.json new file mode 100644 index 00000000000..6c8fed7254c --- /dev/null +++ b/objects/vulnerability/vulnerability--0719aac7-563c-4ea9-ab61-7d4afdff9c19.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--edc53224-f8ba-4fb1-afd8-f103b7b1277b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--0719aac7-563c-4ea9-ab61-7d4afdff9c19", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.935541Z", + "modified": "2024-11-14T00:20:35.935541Z", + "name": "CVE-2024-34782", + "description": "SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-34782" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--07bac0b0-869b-4a0f-8a05-fc88580eba6f.json b/objects/vulnerability/vulnerability--07bac0b0-869b-4a0f-8a05-fc88580eba6f.json new file mode 100644 index 00000000000..7f0b4c6bc7e --- /dev/null +++ b/objects/vulnerability/vulnerability--07bac0b0-869b-4a0f-8a05-fc88580eba6f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--92cbe329-c934-4d48-9dc9-94673717c39c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--07bac0b0-869b-4a0f-8a05-fc88580eba6f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.208773Z", + "modified": "2024-11-14T00:20:37.208773Z", + "name": "CVE-2024-32485", + "description": "Improper Input Validation in some Intel(R) VROC software before version 8.6.0.2003 may allow an authenticated user to potentially enable denial of service via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-32485" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--0987bdf9-fc8a-44d9-bffe-e9319c68b46e.json b/objects/vulnerability/vulnerability--0987bdf9-fc8a-44d9-bffe-e9319c68b46e.json new file mode 100644 index 00000000000..ace4bac9f18 --- /dev/null +++ b/objects/vulnerability/vulnerability--0987bdf9-fc8a-44d9-bffe-e9319c68b46e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--e73569cc-1dbf-4041-a4fa-623db8ddaadb", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--0987bdf9-fc8a-44d9-bffe-e9319c68b46e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.166142Z", + "modified": "2024-11-14T00:20:37.166142Z", + "name": "CVE-2024-42834", + "description": "A stored cross-site scripting (XSS) vulnerability in the Create Customer API in Incognito Service Activation Center (SAC) UI v14.11 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the lastName parameter.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-42834" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--0aaa56e6-1f30-44a1-86d0-71fe3e824d5b.json b/objects/vulnerability/vulnerability--0aaa56e6-1f30-44a1-86d0-71fe3e824d5b.json new file mode 100644 index 00000000000..479fa7f8396 --- /dev/null +++ b/objects/vulnerability/vulnerability--0aaa56e6-1f30-44a1-86d0-71fe3e824d5b.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--397c3e13-ecfb-4c4b-91e2-43e1598650c3", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--0aaa56e6-1f30-44a1-86d0-71fe3e824d5b", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.45198Z", + "modified": "2024-11-14T00:20:35.45198Z", + "name": "CVE-2024-9578", + "description": "The Hide Links plugin for WordPress is vulnerable to unauthorized shortcode execution due to do_shortcode being hooked through the comment_text filter in all versions up to and including 1.4.2. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes available on the target site.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-9578" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--0c233897-db41-4456-9d19-3bfe57a36957.json b/objects/vulnerability/vulnerability--0c233897-db41-4456-9d19-3bfe57a36957.json new file mode 100644 index 00000000000..bc16fc57b68 --- /dev/null +++ b/objects/vulnerability/vulnerability--0c233897-db41-4456-9d19-3bfe57a36957.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a4e584c0-d8f8-494f-a4bd-c2ac072aa2ba", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--0c233897-db41-4456-9d19-3bfe57a36957", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.747179Z", + "modified": "2024-11-14T00:20:35.747179Z", + "name": "CVE-2024-7295", + "description": "In Progress® Telerik® Report Server versions prior to 2024 Q4 (10.3.24.1112), the encryption of local asset data used an older algorithm which may allow a sophisticated actor to decrypt this information.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-7295" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--0d45415f-a00b-4db9-af86-36aa4b25b9d6.json b/objects/vulnerability/vulnerability--0d45415f-a00b-4db9-af86-36aa4b25b9d6.json new file mode 100644 index 00000000000..dd9ee6a8aee --- /dev/null +++ b/objects/vulnerability/vulnerability--0d45415f-a00b-4db9-af86-36aa4b25b9d6.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--507f1c2b-c8ea-45dc-9c9d-ad9a73e5f05b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--0d45415f-a00b-4db9-af86-36aa4b25b9d6", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.674726Z", + "modified": "2024-11-14T00:20:37.674726Z", + "name": "CVE-2024-43083", + "description": "In validate of WifiConfigurationUtil.java , there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-43083" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--0d4e5dc5-fc46-4600-a17c-30751ba35760.json b/objects/vulnerability/vulnerability--0d4e5dc5-fc46-4600-a17c-30751ba35760.json new file mode 100644 index 00000000000..6de75a7b288 --- /dev/null +++ b/objects/vulnerability/vulnerability--0d4e5dc5-fc46-4600-a17c-30751ba35760.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--351a4ba4-8ab8-46d9-a1b4-f82ad86758f3", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--0d4e5dc5-fc46-4600-a17c-30751ba35760", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.131191Z", + "modified": "2024-11-14T00:20:36.131191Z", + "name": "CVE-2024-8937", + "description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could\ncause a potential arbitrary code execution after a successful Man-In-The Middle attack followed by sending a\ncrafted Modbus function call to tamper with memory area involved in the authentication process.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-8937" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--13549501-5dbe-47f7-9a64-598a58ba5693.json b/objects/vulnerability/vulnerability--13549501-5dbe-47f7-9a64-598a58ba5693.json new file mode 100644 index 00000000000..0e7e46ff3cb --- /dev/null +++ b/objects/vulnerability/vulnerability--13549501-5dbe-47f7-9a64-598a58ba5693.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--090c94a6-b3bd-425d-af29-27c39d2ea6eb", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--13549501-5dbe-47f7-9a64-598a58ba5693", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.43808Z", + "modified": "2024-11-14T00:20:35.43808Z", + "name": "CVE-2024-9614", + "description": "The Constant Contact Forms by MailMunch plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.1.2. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-9614" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--135d74fa-2bdd-4818-ad9a-6261486fc253.json b/objects/vulnerability/vulnerability--135d74fa-2bdd-4818-ad9a-6261486fc253.json new file mode 100644 index 00000000000..46b80feedc4 --- /dev/null +++ b/objects/vulnerability/vulnerability--135d74fa-2bdd-4818-ad9a-6261486fc253.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--2f80e019-6dbd-44f6-bfed-758b4a898179", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--135d74fa-2bdd-4818-ad9a-6261486fc253", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:41.240761Z", + "modified": "2024-11-14T00:20:41.240761Z", + "name": "CVE-2022-45157", + "description": "A vulnerability has been identified in the way that Rancher stores vSphere's CPI (Cloud Provider Interface) and CSI (Container Storage Interface) credentials used to deploy clusters through the vSphere cloud provider. This issue leads to the vSphere CPI and CSI passwords being stored in a plaintext object inside Rancher. This vulnerability is only applicable to users that deploy clusters in vSphere environments.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-45157" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--1552bf39-8a7d-49e0-9edb-89216f506ec9.json b/objects/vulnerability/vulnerability--1552bf39-8a7d-49e0-9edb-89216f506ec9.json new file mode 100644 index 00000000000..aca7ae3b659 --- /dev/null +++ b/objects/vulnerability/vulnerability--1552bf39-8a7d-49e0-9edb-89216f506ec9.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c8c15adb-56a4-44ce-b149-f61d8e99fcce", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--1552bf39-8a7d-49e0-9edb-89216f506ec9", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.851799Z", + "modified": "2024-11-14T00:20:36.851799Z", + "name": "CVE-2024-23312", + "description": "Uncontrolled search path for some Intel(R) Binary Configuration Tool software for Windows before version 3.4.5 may allow an authenticated user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-23312" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--15fddb59-abf7-4819-a62a-49f8bcab3e05.json b/objects/vulnerability/vulnerability--15fddb59-abf7-4819-a62a-49f8bcab3e05.json new file mode 100644 index 00000000000..36d123be695 --- /dev/null +++ b/objects/vulnerability/vulnerability--15fddb59-abf7-4819-a62a-49f8bcab3e05.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--67200a84-5fbd-48cd-9c12-cd76b6e95d85", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--15fddb59-abf7-4819-a62a-49f8bcab3e05", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.36044Z", + "modified": "2024-11-14T00:20:35.36044Z", + "name": "CVE-2024-10800", + "description": "The WordPress User Extra Fields plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the ajax_save_fields() function in all versions up to, and including, 16.6. This makes it possible for authenticated attackers, with subscriber-level access and above, to add custom fields that can be updated and then use the check_and_overwrite_wp_or_woocommerce_fields function to update the wp_capabilities field to have administrator privileges.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-10800" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--16b52ea4-e089-489a-8e37-a93e0fb46b1a.json b/objects/vulnerability/vulnerability--16b52ea4-e089-489a-8e37-a93e0fb46b1a.json new file mode 100644 index 00000000000..7be7f83a4b6 --- /dev/null +++ b/objects/vulnerability/vulnerability--16b52ea4-e089-489a-8e37-a93e0fb46b1a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--497ffdb3-b3b7-4fe3-9809-275c76ad9186", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--16b52ea4-e089-489a-8e37-a93e0fb46b1a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.66058Z", + "modified": "2024-11-14T00:20:36.66058Z", + "name": "CVE-2024-37025", + "description": "Incorrect execution-assigned permissions in some Intel(R) Advanced Link Analyzer Standard Edition software installer before version 23.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-37025" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--16d59d74-ec0a-41f6-b744-3651c7ed9162.json b/objects/vulnerability/vulnerability--16d59d74-ec0a-41f6-b744-3651c7ed9162.json new file mode 100644 index 00000000000..31c9fd284e1 --- /dev/null +++ b/objects/vulnerability/vulnerability--16d59d74-ec0a-41f6-b744-3651c7ed9162.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--59820fef-ba58-49a0-9e2c-fa6dd29f0a34", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--16d59d74-ec0a-41f6-b744-3651c7ed9162", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.717987Z", + "modified": "2024-11-14T00:20:37.717987Z", + "name": "CVE-2024-43088", + "description": "In multiple functions in AppInfoBase.java, there is a possible way to manipulate app permission settings belonging to another user on the device due to a missing permission check. This could lead to local escalation of privilege across user boundaries with no additional execution privileges needed. User interaction is not needed for exploitation.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-43088" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--1702cb30-a604-41ab-8225-7fef51f4dcb8.json b/objects/vulnerability/vulnerability--1702cb30-a604-41ab-8225-7fef51f4dcb8.json new file mode 100644 index 00000000000..8eda814627d --- /dev/null +++ b/objects/vulnerability/vulnerability--1702cb30-a604-41ab-8225-7fef51f4dcb8.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f8d7349b-94d9-4e69-8457-55a8e6b1895c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--1702cb30-a604-41ab-8225-7fef51f4dcb8", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.658587Z", + "modified": "2024-11-14T00:20:37.658587Z", + "name": "CVE-2024-43082", + "description": "In onActivityResult of EditUserPhotoController.java, there is a possible cross-user media read due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-43082" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--177ff812-8480-444e-8973-d8154c2b6c0c.json b/objects/vulnerability/vulnerability--177ff812-8480-444e-8973-d8154c2b6c0c.json new file mode 100644 index 00000000000..932ae24af45 --- /dev/null +++ b/objects/vulnerability/vulnerability--177ff812-8480-444e-8973-d8154c2b6c0c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--38f31ad2-855b-4924-8fd9-e0f5e5471b5b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--177ff812-8480-444e-8973-d8154c2b6c0c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.041176Z", + "modified": "2024-11-14T00:20:37.041176Z", + "name": "CVE-2024-36242", + "description": "Protection mechanism failure in the SPP for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-36242" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--1a18418e-5677-4e41-a85f-a43a6e375361.json b/objects/vulnerability/vulnerability--1a18418e-5677-4e41-a85f-a43a6e375361.json new file mode 100644 index 00000000000..e42a6cf4847 --- /dev/null +++ b/objects/vulnerability/vulnerability--1a18418e-5677-4e41-a85f-a43a6e375361.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--4ac44205-74f4-47f5-936c-553244fcfd3c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--1a18418e-5677-4e41-a85f-a43a6e375361", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.540769Z", + "modified": "2024-11-14T00:20:36.540769Z", + "name": "CVE-2024-21820", + "description": "Incorrect default permissions in some Intel(R) Xeon(R) processor memory controller configurations when using Intel(R) SGX may allow a privileged user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-21820" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--1a60532f-6efb-41e6-9475-32b5ec416686.json b/objects/vulnerability/vulnerability--1a60532f-6efb-41e6-9475-32b5ec416686.json new file mode 100644 index 00000000000..6cebb072d9e --- /dev/null +++ b/objects/vulnerability/vulnerability--1a60532f-6efb-41e6-9475-32b5ec416686.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c6a12b26-c2e6-42f1-bc61-e453389eb0d8", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--1a60532f-6efb-41e6-9475-32b5ec416686", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.454207Z", + "modified": "2024-11-14T00:20:37.454207Z", + "name": "CVE-2024-4741", + "description": "Issue summary: Calling the OpenSSL API function SSL_free_buffers may cause\nmemory to be accessed that was previously freed in some situations\n\nImpact summary: A use after free can have a range of potential consequences such\nas the corruption of valid data, crashes or execution of arbitrary code.\nHowever, only applications that directly call the SSL_free_buffers function are\naffected by this issue. Applications that do not call this function are not\nvulnerable. Our investigations indicate that this function is rarely used by\napplications.\n\nThe SSL_free_buffers function is used to free the internal OpenSSL buffer used\nwhen processing an incoming record from the network. The call is only expected\nto succeed if the buffer is not currently in use. However, two scenarios have\nbeen identified where the buffer is freed even when still in use.\n\nThe first scenario occurs where a record header has been received from the\nnetwork and processed by OpenSSL, but the full record body has not yet arrived.\nIn this case calling SSL_free_buffers will succeed even though a record has only\nbeen partially processed and the buffer is still in use.\n\nThe second scenario occurs where a full record containing application data has\nbeen received and processed by OpenSSL but the application has only read part of\nthis data. Again a call to SSL_free_buffers will succeed even though the buffer\nis still in use.\n\nWhile these scenarios could occur accidentally during normal operation a\nmalicious attacker could attempt to engineer a stituation where this occurs.\nWe are not aware of this issue being actively exploited.\n\nThe FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-4741" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--1a8b8fde-f2f5-4ba6-a9bd-5f3b1915cf3f.json b/objects/vulnerability/vulnerability--1a8b8fde-f2f5-4ba6-a9bd-5f3b1915cf3f.json new file mode 100644 index 00000000000..33a8645b8d8 --- /dev/null +++ b/objects/vulnerability/vulnerability--1a8b8fde-f2f5-4ba6-a9bd-5f3b1915cf3f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--591835af-b8a3-4f23-934d-a16af5ec996b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--1a8b8fde-f2f5-4ba6-a9bd-5f3b1915cf3f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.357524Z", + "modified": "2024-11-14T00:20:35.357524Z", + "name": "CVE-2024-10794", + "description": "The Boostify Header Footer Builder for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.3.6 via the 'bhf' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private or draft posts created via Elementor that they should not have access to.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-10794" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--1d041c1f-4897-4f0e-95dd-eb4630a6225e.json b/objects/vulnerability/vulnerability--1d041c1f-4897-4f0e-95dd-eb4630a6225e.json new file mode 100644 index 00000000000..ea58a3ac0d1 --- /dev/null +++ b/objects/vulnerability/vulnerability--1d041c1f-4897-4f0e-95dd-eb4630a6225e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--7dca8fa7-a745-4a5a-8706-91119a60c0b0", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--1d041c1f-4897-4f0e-95dd-eb4630a6225e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.428512Z", + "modified": "2024-11-14T00:20:35.428512Z", + "name": "CVE-2024-9682", + "description": "The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Form Builder widget in all versions up to, and including, 1.7.1001 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-9682" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--1e6d8744-daf8-4013-90a1-22f34adf6af9.json b/objects/vulnerability/vulnerability--1e6d8744-daf8-4013-90a1-22f34adf6af9.json new file mode 100644 index 00000000000..9df2b8c1c39 --- /dev/null +++ b/objects/vulnerability/vulnerability--1e6d8744-daf8-4013-90a1-22f34adf6af9.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ceb2861f-3cb0-43a9-9acc-555c494812a1", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--1e6d8744-daf8-4013-90a1-22f34adf6af9", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.339746Z", + "modified": "2024-11-14T00:20:35.339746Z", + "name": "CVE-2024-10802", + "description": "The Hash Elements plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the hash_elements_get_posts_title_by_id() function in all versions up to, and including, 1.4.7. This makes it possible for unauthenticated attackers to retrieve draft post titles that should not be accessible to unauthenticated users.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-10802" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--1f63ed17-0b2b-4dad-ba42-7fa57bd94ea0.json b/objects/vulnerability/vulnerability--1f63ed17-0b2b-4dad-ba42-7fa57bd94ea0.json new file mode 100644 index 00000000000..3291ad5e3b7 --- /dev/null +++ b/objects/vulnerability/vulnerability--1f63ed17-0b2b-4dad-ba42-7fa57bd94ea0.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c95aaaad-4764-4c3f-bf15-5a215c68f738", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--1f63ed17-0b2b-4dad-ba42-7fa57bd94ea0", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.173616Z", + "modified": "2024-11-14T00:20:36.173616Z", + "name": "CVE-2024-8874", + "description": "The AJAX Login and Registration modal popup + inline form plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.24. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-8874" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--1fa57fb8-6bc2-4609-a7df-7e317ab54a2e.json b/objects/vulnerability/vulnerability--1fa57fb8-6bc2-4609-a7df-7e317ab54a2e.json new file mode 100644 index 00000000000..084ff6592a3 --- /dev/null +++ b/objects/vulnerability/vulnerability--1fa57fb8-6bc2-4609-a7df-7e317ab54a2e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--6d10d133-ae76-4d4a-a81b-250e96e7608c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--1fa57fb8-6bc2-4609-a7df-7e317ab54a2e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.374104Z", + "modified": "2024-11-14T00:20:35.374104Z", + "name": "CVE-2024-10012", + "description": "In Progress Telerik UI for WPF versions prior to 2024 Q4 (2024.4.1111), a code execution attack is possible through an insecure deserialization vulnerability.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-10012" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--207a9406-5334-4f48-893c-18a9b1714717.json b/objects/vulnerability/vulnerability--207a9406-5334-4f48-893c-18a9b1714717.json new file mode 100644 index 00000000000..7194f655b7d --- /dev/null +++ b/objects/vulnerability/vulnerability--207a9406-5334-4f48-893c-18a9b1714717.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--547482dd-20db-45c3-9afa-c6d8a97009ad", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--207a9406-5334-4f48-893c-18a9b1714717", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.394927Z", + "modified": "2024-11-14T00:20:37.394927Z", + "name": "CVE-2024-28028", + "description": "Improper input validation in some Intel(R) Neural Compressor software before version v3.0 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-28028" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--20ac4ef7-90f3-46bb-b2be-a1e21fec63fc.json b/objects/vulnerability/vulnerability--20ac4ef7-90f3-46bb-b2be-a1e21fec63fc.json new file mode 100644 index 00000000000..11e0c65acd5 --- /dev/null +++ b/objects/vulnerability/vulnerability--20ac4ef7-90f3-46bb-b2be-a1e21fec63fc.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b2ed5fe5-d7de-4d62-a9f4-9cf7a98b4df0", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--20ac4ef7-90f3-46bb-b2be-a1e21fec63fc", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.37218Z", + "modified": "2024-11-14T00:20:35.37218Z", + "name": "CVE-2024-10828", + "description": "The Advanced Order Export For WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.5.5 via deserialization of untrusted input during Order export when the \"Try to convert serialized values\" option is enabled. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain allows attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-10828" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--235922d7-753e-4205-9b8d-a3ff93b1547e.json b/objects/vulnerability/vulnerability--235922d7-753e-4205-9b8d-a3ff93b1547e.json new file mode 100644 index 00000000000..443db10291c --- /dev/null +++ b/objects/vulnerability/vulnerability--235922d7-753e-4205-9b8d-a3ff93b1547e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--9efb2425-8ae7-4c81-94f1-3ec9b33029d8", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--235922d7-753e-4205-9b8d-a3ff93b1547e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.700568Z", + "modified": "2024-11-14T00:20:37.700568Z", + "name": "CVE-2024-43087", + "description": "In getInstalledAccessibilityPreferences of AccessibilitySettings.java, there is a possible way to hide an enabled accessibility service in the accessibility service settings due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-43087" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--23945c25-7e56-4674-b311-c7deca84bed5.json b/objects/vulnerability/vulnerability--23945c25-7e56-4674-b311-c7deca84bed5.json new file mode 100644 index 00000000000..080c5c490aa --- /dev/null +++ b/objects/vulnerability/vulnerability--23945c25-7e56-4674-b311-c7deca84bed5.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a06fae5f-2a61-4b04-8080-969dd0d64e69", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--23945c25-7e56-4674-b311-c7deca84bed5", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.151141Z", + "modified": "2024-11-14T00:20:36.151141Z", + "name": "CVE-2024-8985", + "description": "The Social Proof (Testimonial) Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's spslider-block shortcode in all versions up to, and including, 2.2.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-8985" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--2501ed03-49b7-429f-8b2c-ef0a5cbd0368.json b/objects/vulnerability/vulnerability--2501ed03-49b7-429f-8b2c-ef0a5cbd0368.json new file mode 100644 index 00000000000..bfc55e8d0d0 --- /dev/null +++ b/objects/vulnerability/vulnerability--2501ed03-49b7-429f-8b2c-ef0a5cbd0368.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--135a3a2c-c34b-43fa-9a07-4912b6e0a09f", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--2501ed03-49b7-429f-8b2c-ef0a5cbd0368", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.364925Z", + "modified": "2024-11-14T00:20:37.364925Z", + "name": "CVE-2024-28952", + "description": "Uncontrolled search path for some Intel(R) IPP software for Windows before version 2021.12.0 may allow an authenticated user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-28952" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--26137d02-07c9-4123-991d-8ad2a96451f7.json b/objects/vulnerability/vulnerability--26137d02-07c9-4123-991d-8ad2a96451f7.json new file mode 100644 index 00000000000..eeca5f5af5f --- /dev/null +++ b/objects/vulnerability/vulnerability--26137d02-07c9-4123-991d-8ad2a96451f7.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--dfc89ac7-330a-418f-875e-3bbe90ed8e6d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--26137d02-07c9-4123-991d-8ad2a96451f7", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.926547Z", + "modified": "2024-11-14T00:20:35.926547Z", + "name": "CVE-2024-34170", + "description": "Improper buffer restrictions in some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable denial of service via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-34170" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--26a35973-8a00-4477-a596-dbfaef62aed0.json b/objects/vulnerability/vulnerability--26a35973-8a00-4477-a596-dbfaef62aed0.json new file mode 100644 index 00000000000..4c8b931c310 --- /dev/null +++ b/objects/vulnerability/vulnerability--26a35973-8a00-4477-a596-dbfaef62aed0.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--2eb6c9d4-9f49-460c-8fc3-e567facc4fdb", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--26a35973-8a00-4477-a596-dbfaef62aed0", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.716251Z", + "modified": "2024-11-14T00:20:37.716251Z", + "name": "CVE-2024-43081", + "description": "In installExistingPackageAsUser of InstallPackageHelper.java, there is a possible carrier restriction bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-43081" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--27ee92ed-8441-47ca-b14f-c30277f0ceaf.json b/objects/vulnerability/vulnerability--27ee92ed-8441-47ca-b14f-c30277f0ceaf.json new file mode 100644 index 00000000000..5e4ba9fdc95 --- /dev/null +++ b/objects/vulnerability/vulnerability--27ee92ed-8441-47ca-b14f-c30277f0ceaf.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b8b3535f-84e0-49e0-ba39-e9b20a9a2fad", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--27ee92ed-8441-47ca-b14f-c30277f0ceaf", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.355726Z", + "modified": "2024-11-14T00:20:35.355726Z", + "name": "CVE-2024-10717", + "description": "The Styler for Ninja Forms plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the deactivate_license function in all versions up to, and including, 3.3.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary option values on the WordPress site. This can be leveraged to delete an option that would create an error on the site and deny service to legitimate users. Note: This issue can also be used to add arbitrary options with an empty value.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-10717" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--289a0223-c012-4472-84f3-4a5f947da56c.json b/objects/vulnerability/vulnerability--289a0223-c012-4472-84f3-4a5f947da56c.json new file mode 100644 index 00000000000..283a0e6119d --- /dev/null +++ b/objects/vulnerability/vulnerability--289a0223-c012-4472-84f3-4a5f947da56c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f7219ed4-6e46-43c9-b10d-5420546bee24", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--289a0223-c012-4472-84f3-4a5f947da56c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.866735Z", + "modified": "2024-11-14T00:20:35.866735Z", + "name": "CVE-2024-11150", + "description": "The WordPress User Extra Fields plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_tmp_uploaded_file() function in all versions up to, and including, 16.6. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11150" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--29533a7b-34f6-4d04-a051-87a8cdb51283.json b/objects/vulnerability/vulnerability--29533a7b-34f6-4d04-a051-87a8cdb51283.json new file mode 100644 index 00000000000..ce5fd48a8aa --- /dev/null +++ b/objects/vulnerability/vulnerability--29533a7b-34f6-4d04-a051-87a8cdb51283.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--95b6b4dc-f713-4ed3-a714-24cd070b9291", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--29533a7b-34f6-4d04-a051-87a8cdb51283", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.242989Z", + "modified": "2024-11-14T00:20:35.242989Z", + "name": "CVE-2024-52553", + "description": "Jenkins OpenId Connect Authentication Plugin 4.418.vccc7061f5b_6d and earlier does not invalidate the previous session on login.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-52553" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--295bb082-0b71-4835-94c5-6fb9d1602b4e.json b/objects/vulnerability/vulnerability--295bb082-0b71-4835-94c5-6fb9d1602b4e.json new file mode 100644 index 00000000000..e18356017b9 --- /dev/null +++ b/objects/vulnerability/vulnerability--295bb082-0b71-4835-94c5-6fb9d1602b4e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--5fd56edc-b34d-4f4d-8dfa-776729d4bb48", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--295bb082-0b71-4835-94c5-6fb9d1602b4e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.530724Z", + "modified": "2024-11-14T00:20:36.530724Z", + "name": "CVE-2024-21808", + "description": "Improper buffer restrictions in some Intel(R) VPL software before version 24.1.4 may allow an authenticated user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-21808" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--2a085116-610d-4c54-a57f-93c5f297fd44.json b/objects/vulnerability/vulnerability--2a085116-610d-4c54-a57f-93c5f297fd44.json new file mode 100644 index 00000000000..9fcd3d882ec --- /dev/null +++ b/objects/vulnerability/vulnerability--2a085116-610d-4c54-a57f-93c5f297fd44.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--bc5b5dc6-a6f9-44e2-a5b0-038b26350d4d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--2a085116-610d-4c54-a57f-93c5f297fd44", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.186674Z", + "modified": "2024-11-14T00:20:36.186674Z", + "name": "CVE-2024-38660", + "description": "Protection mechanism failure in the SPP for some Intel(R) Xeon(R) processor family (E-Core) may allow an authenticated user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-38660" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--2a486c64-de3c-427d-8875-e247a372ddab.json b/objects/vulnerability/vulnerability--2a486c64-de3c-427d-8875-e247a372ddab.json new file mode 100644 index 00000000000..67b46868e2f --- /dev/null +++ b/objects/vulnerability/vulnerability--2a486c64-de3c-427d-8875-e247a372ddab.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--66d8c6f8-697c-4aed-91f6-ba448389b604", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--2a486c64-de3c-427d-8875-e247a372ddab", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.865726Z", + "modified": "2024-11-14T00:20:35.865726Z", + "name": "CVE-2024-11193", + "description": "An information disclosure vulnerability exists in Yugabyte Anywhere, where the LDAP bind password is logged in plaintext within application logs. This flaw results in the unintentional exposure of sensitive information in Yugabyte Anywhere logs, potentially allowing unauthorized users with access to these logs to view the LDAP bind password. An attacker with log access could exploit this vulnerability to gain unauthorized access to the LDAP server, leading to potential exposure or compromise of LDAP-managed resources\nThis issue affects YugabyteDB Anywhere: from 2.20.0.0 before 2.20.7.0, from 2.23.0.0 before 2.23.1.0, from 2024.1.0.0 before 2024.1.3.0.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11193" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--2b0b78b9-a32e-4abd-8c5b-9b8c7387eba4.json b/objects/vulnerability/vulnerability--2b0b78b9-a32e-4abd-8c5b-9b8c7387eba4.json new file mode 100644 index 00000000000..9d214aad7a1 --- /dev/null +++ b/objects/vulnerability/vulnerability--2b0b78b9-a32e-4abd-8c5b-9b8c7387eba4.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--71931bf7-5634-4011-acaf-d61d9020cf1c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--2b0b78b9-a32e-4abd-8c5b-9b8c7387eba4", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.163858Z", + "modified": "2024-11-14T00:20:36.163858Z", + "name": "CVE-2024-8936", + "description": "CWE-20: Improper Input Validation vulnerability exists that could lead to loss of confidentiality of controller memory\nafter a successful Man-In-The-Middle attack followed by sending a crafted Modbus function call used to tamper\nwith memory.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-8936" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--2c4cbdca-8967-4565-bd93-cdb160b6d706.json b/objects/vulnerability/vulnerability--2c4cbdca-8967-4565-bd93-cdb160b6d706.json new file mode 100644 index 00000000000..d2be1e2c8f4 --- /dev/null +++ b/objects/vulnerability/vulnerability--2c4cbdca-8967-4565-bd93-cdb160b6d706.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c9134f99-d3ed-4d08-9570-6c505fd347c9", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--2c4cbdca-8967-4565-bd93-cdb160b6d706", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.87126Z", + "modified": "2024-11-14T00:20:35.87126Z", + "name": "CVE-2024-11028", + "description": "The MultiManager WP – Manage All Your WordPress Sites Easily plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.5. This is due to the user impersonation feature inappropriately determining the current user via user-supplied input. This makes it possible for unauthenticated attackers to generate an impersonation link that will allow them to log in as any existing user, such as an administrator. NOTE: The user impersonation feature was disabled in version 1.1.0 and re-enabled with a patch in version 1.1.2.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11028" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--2cdde34c-2f61-4b15-b494-496d4fc2637c.json b/objects/vulnerability/vulnerability--2cdde34c-2f61-4b15-b494-496d4fc2637c.json new file mode 100644 index 00000000000..d145f563b08 --- /dev/null +++ b/objects/vulnerability/vulnerability--2cdde34c-2f61-4b15-b494-496d4fc2637c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--3167b795-f7b7-4e32-960d-19a5ae11826c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--2cdde34c-2f61-4b15-b494-496d4fc2637c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.907556Z", + "modified": "2024-11-14T00:20:35.907556Z", + "name": "CVE-2024-34781", + "description": "SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-34781" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--2f316b5d-1e63-4498-b3aa-967290c2db4f.json b/objects/vulnerability/vulnerability--2f316b5d-1e63-4498-b3aa-967290c2db4f.json new file mode 100644 index 00000000000..7000e2cceb2 --- /dev/null +++ b/objects/vulnerability/vulnerability--2f316b5d-1e63-4498-b3aa-967290c2db4f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a973d378-ab50-405e-902c-171dce18bda8", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--2f316b5d-1e63-4498-b3aa-967290c2db4f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.52687Z", + "modified": "2024-11-14T00:20:35.52687Z", + "name": "CVE-2024-39711", + "description": "Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-39711" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--2f3ed4fb-6552-49ad-aef0-a8d7b07b1da0.json b/objects/vulnerability/vulnerability--2f3ed4fb-6552-49ad-aef0-a8d7b07b1da0.json new file mode 100644 index 00000000000..dccded82d27 --- /dev/null +++ b/objects/vulnerability/vulnerability--2f3ed4fb-6552-49ad-aef0-a8d7b07b1da0.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--965363bf-37e8-4ac1-acbb-0d13826d431d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--2f3ed4fb-6552-49ad-aef0-a8d7b07b1da0", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.274393Z", + "modified": "2024-11-14T00:20:36.274393Z", + "name": "CVE-2024-22185", + "description": "Time-of-check Time-of-use Race Condition in some Intel(R) processors with Intel(R) ACTM may allow a privileged user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-22185" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--3034547c-6a8d-4264-9767-8ccaeb499d07.json b/objects/vulnerability/vulnerability--3034547c-6a8d-4264-9767-8ccaeb499d07.json new file mode 100644 index 00000000000..7215838798d --- /dev/null +++ b/objects/vulnerability/vulnerability--3034547c-6a8d-4264-9767-8ccaeb499d07.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--aae3d359-cef0-4159-9f03-36ce4b4ef4d9", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--3034547c-6a8d-4264-9767-8ccaeb499d07", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.347086Z", + "modified": "2024-11-14T00:20:35.347086Z", + "name": "CVE-2024-10686", + "description": "The Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'style_scheme' parameter in all versions up to, and including, 1.6.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-10686" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--3127e24c-0afa-4cf4-abb3-109a9a54aa3f.json b/objects/vulnerability/vulnerability--3127e24c-0afa-4cf4-abb3-109a9a54aa3f.json new file mode 100644 index 00000000000..8c8f877d1e4 --- /dev/null +++ b/objects/vulnerability/vulnerability--3127e24c-0afa-4cf4-abb3-109a9a54aa3f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--abb4d7a2-b01d-421a-b7b2-8f72b140aa20", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--3127e24c-0afa-4cf4-abb3-109a9a54aa3f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.410549Z", + "modified": "2024-11-14T00:20:37.410549Z", + "name": "CVE-2024-28881", + "description": "Uncontrolled search path for some Intel(R) Fortran Compiler Classic software before version 2021.13 may allow an authenticated user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-28881" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--326b5862-248d-4ef1-98fa-813eaebbb8ec.json b/objects/vulnerability/vulnerability--326b5862-248d-4ef1-98fa-813eaebbb8ec.json new file mode 100644 index 00000000000..42b9a2e3fcd --- /dev/null +++ b/objects/vulnerability/vulnerability--326b5862-248d-4ef1-98fa-813eaebbb8ec.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--3217eb0d-e6d8-427d-bd74-34ca2a2fb82e", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--326b5862-248d-4ef1-98fa-813eaebbb8ec", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.869757Z", + "modified": "2024-11-14T00:20:35.869757Z", + "name": "CVE-2024-11143", + "description": "The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.8. This is due to missing or incorrect nonce validation on the update_assistant, add_new_assistant, and delete_assistant functions. This makes it possible for unauthenticated attackers to modify assistants via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11143" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--336dd420-9295-4883-ac6a-d548e1beca32.json b/objects/vulnerability/vulnerability--336dd420-9295-4883-ac6a-d548e1beca32.json new file mode 100644 index 00000000000..e912d286b9c --- /dev/null +++ b/objects/vulnerability/vulnerability--336dd420-9295-4883-ac6a-d548e1beca32.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--2f6028bc-0f8c-4690-b90b-17548ab972a0", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--336dd420-9295-4883-ac6a-d548e1beca32", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.126556Z", + "modified": "2024-11-14T00:20:35.126556Z", + "name": "CVE-2024-48989", + "description": "A vulnerability in the PROFINET stack implementation of the IndraDrive (all versions) of Bosch Rexroth allows an attacker to cause a denial of service, rendering the device unresponsive by sending arbitrary UDP messages.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-48989" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--3381dd1d-0726-4cea-beaa-5689a49da198.json b/objects/vulnerability/vulnerability--3381dd1d-0726-4cea-beaa-5689a49da198.json new file mode 100644 index 00000000000..d811ffe989b --- /dev/null +++ b/objects/vulnerability/vulnerability--3381dd1d-0726-4cea-beaa-5689a49da198.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b17188a7-7cbc-4de5-b16f-e53aa1e11628", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--3381dd1d-0726-4cea-beaa-5689a49da198", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.458333Z", + "modified": "2024-11-14T00:20:35.458333Z", + "name": "CVE-2024-9409", + "description": "CWE-400: An Uncontrolled Resource Consumption vulnerability exists that could cause the device to become\nunresponsive resulting in communication loss when a large amount of IGMP packets is present in the network.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-9409" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--342c2296-41cb-4324-836f-bd6ab0eeb08e.json b/objects/vulnerability/vulnerability--342c2296-41cb-4324-836f-bd6ab0eeb08e.json new file mode 100644 index 00000000000..cd253d3ae04 --- /dev/null +++ b/objects/vulnerability/vulnerability--342c2296-41cb-4324-836f-bd6ab0eeb08e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--25ea6631-1e5c-4888-97a9-cb9311f707e6", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--342c2296-41cb-4324-836f-bd6ab0eeb08e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.410331Z", + "modified": "2024-11-14T00:20:35.410331Z", + "name": "CVE-2024-10013", + "description": "In Progress Telerik UI for WinForms versions prior to 2024 Q4 (2024.4.1113), a code execution attack is possible through an insecure deserialization vulnerability.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-10013" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--35e24cb3-90bb-46cf-ad4a-a5831bf344b2.json b/objects/vulnerability/vulnerability--35e24cb3-90bb-46cf-ad4a-a5831bf344b2.json new file mode 100644 index 00000000000..18da28d27c3 --- /dev/null +++ b/objects/vulnerability/vulnerability--35e24cb3-90bb-46cf-ad4a-a5831bf344b2.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--7d25fcf1-87bc-425e-83da-63dd63d04ee8", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--35e24cb3-90bb-46cf-ad4a-a5831bf344b2", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.535052Z", + "modified": "2024-11-14T00:20:35.535052Z", + "name": "CVE-2024-39709", + "description": "Incorrect file permissions in Ivanti Connect Secure before version 22.6R2 and Ivanti Policy Secure before version 22.6R1 allow a local authenticated attacker to escalate their privileges.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-39709" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--36c08f9d-2193-4341-8da9-bac1a400a773.json b/objects/vulnerability/vulnerability--36c08f9d-2193-4341-8da9-bac1a400a773.json new file mode 100644 index 00000000000..5c38ef4b7b0 --- /dev/null +++ b/objects/vulnerability/vulnerability--36c08f9d-2193-4341-8da9-bac1a400a773.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--83df532a-619f-4d22-9637-37de2c042593", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--36c08f9d-2193-4341-8da9-bac1a400a773", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.586645Z", + "modified": "2024-11-14T00:20:37.586645Z", + "name": "CVE-2024-29079", + "description": "Insufficient control flow management in some Intel(R) VROC software before version 8.6.0.3001 may allow an authenticated user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-29079" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--37df4c73-60a8-469f-853a-da72cc87b472.json b/objects/vulnerability/vulnerability--37df4c73-60a8-469f-853a-da72cc87b472.json new file mode 100644 index 00000000000..f48fc99cdc0 --- /dev/null +++ b/objects/vulnerability/vulnerability--37df4c73-60a8-469f-853a-da72cc87b472.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--6766084a-f567-46d2-93dc-7b467f4fe28d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--37df4c73-60a8-469f-853a-da72cc87b472", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.711461Z", + "modified": "2024-11-14T00:20:37.711461Z", + "name": "CVE-2024-43085", + "description": "In handleMessage of UsbDeviceManager.java, there is a possible method to access device contents over USB without unlocking the device due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-43085" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--39ea0f89-a171-4039-8184-fbc3ea93cdf1.json b/objects/vulnerability/vulnerability--39ea0f89-a171-4039-8184-fbc3ea93cdf1.json new file mode 100644 index 00000000000..b6e2996f1d2 --- /dev/null +++ b/objects/vulnerability/vulnerability--39ea0f89-a171-4039-8184-fbc3ea93cdf1.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b68214c8-5447-4ba0-8d64-76c39d9d15dc", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--39ea0f89-a171-4039-8184-fbc3ea93cdf1", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.9135Z", + "modified": "2024-11-14T00:20:35.9135Z", + "name": "CVE-2024-34747", + "description": "In DevmemXIntMapPages of devicemem_server.c, there is a possible use-after-free due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-34747" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--3ba6830e-4fc4-4159-ae3e-69a2868d6845.json b/objects/vulnerability/vulnerability--3ba6830e-4fc4-4159-ae3e-69a2868d6845.json new file mode 100644 index 00000000000..60977eb4f3e --- /dev/null +++ b/objects/vulnerability/vulnerability--3ba6830e-4fc4-4159-ae3e-69a2868d6845.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--3d7b2942-1cee-4406-ba3e-329e9db6573f", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--3ba6830e-4fc4-4159-ae3e-69a2868d6845", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.854021Z", + "modified": "2024-11-14T00:20:36.854021Z", + "name": "CVE-2024-23715", + "description": "In PMRWritePMPageList of pmr.c, there is a possible out of bounds write due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-23715" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--3d3b0d79-0240-4401-bb2b-65b3904863a6.json b/objects/vulnerability/vulnerability--3d3b0d79-0240-4401-bb2b-65b3904863a6.json new file mode 100644 index 00000000000..66b9a5c6eec --- /dev/null +++ b/objects/vulnerability/vulnerability--3d3b0d79-0240-4401-bb2b-65b3904863a6.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--00710e48-b002-42e3-86c3-e8bb1753814e", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--3d3b0d79-0240-4401-bb2b-65b3904863a6", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.049799Z", + "modified": "2024-11-14T00:20:37.049799Z", + "name": "CVE-2024-36282", + "description": "Improper input validation in the Intel(R) Server Board S2600ST Family BIOS and Firmware Update software all versions may allow a privileged user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-36282" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--3e27d33e-bb93-4377-a59d-6dcffda4aca0.json b/objects/vulnerability/vulnerability--3e27d33e-bb93-4377-a59d-6dcffda4aca0.json new file mode 100644 index 00000000000..278ec2b14b1 --- /dev/null +++ b/objects/vulnerability/vulnerability--3e27d33e-bb93-4377-a59d-6dcffda4aca0.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a33a9f3f-9577-4166-98e5-3dfef4c7fbe4", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--3e27d33e-bb93-4377-a59d-6dcffda4aca0", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.033493Z", + "modified": "2024-11-14T00:20:37.033493Z", + "name": "CVE-2024-36253", + "description": "Uncontrolled search path in the Intel(R) SDP Tool for Windows software all version may allow an authenticated user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-36253" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--3f1d06fc-9d52-4cd7-a739-a320d54fb545.json b/objects/vulnerability/vulnerability--3f1d06fc-9d52-4cd7-a739-a320d54fb545.json new file mode 100644 index 00000000000..c0e65c89110 --- /dev/null +++ b/objects/vulnerability/vulnerability--3f1d06fc-9d52-4cd7-a739-a320d54fb545.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c69a6e07-d051-4911-95ff-d4361f133bc4", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--3f1d06fc-9d52-4cd7-a739-a320d54fb545", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.062343Z", + "modified": "2024-11-14T00:20:36.062343Z", + "name": "CVE-2024-33611", + "description": "Improper input validation for some Intel(R) PROSet/Wireless WiFi software for Windows before version 23.60 may allow a privileged user to potentially enable denial of service via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-33611" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--3f8636aa-8e7f-4e48-9a61-ae2304e13329.json b/objects/vulnerability/vulnerability--3f8636aa-8e7f-4e48-9a61-ae2304e13329.json new file mode 100644 index 00000000000..1e76d24d4e4 --- /dev/null +++ b/objects/vulnerability/vulnerability--3f8636aa-8e7f-4e48-9a61-ae2304e13329.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c8f99e95-b6e9-4647-bf52-fe6d7b16ffb8", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--3f8636aa-8e7f-4e48-9a61-ae2304e13329", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.681157Z", + "modified": "2024-11-14T00:20:35.681157Z", + "name": "CVE-2024-26017", + "description": "Uncontrolled search path in some Intel(R) Rendering Toolkit software before version 2024.1.0 may allow an authenticated user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-26017" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--3f8a06dc-c0a3-47ad-9e27-c3e615e8cc5a.json b/objects/vulnerability/vulnerability--3f8a06dc-c0a3-47ad-9e27-c3e615e8cc5a.json new file mode 100644 index 00000000000..909424ede50 --- /dev/null +++ b/objects/vulnerability/vulnerability--3f8a06dc-c0a3-47ad-9e27-c3e615e8cc5a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--08e2d8ba-2f9e-4ff9-946f-3903529c609d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--3f8a06dc-c0a3-47ad-9e27-c3e615e8cc5a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.111819Z", + "modified": "2024-11-14T00:20:36.111819Z", + "name": "CVE-2024-33624", + "description": "Improper input validation for some Intel(R) PROSet/Wireless WiFi software for Windows before version 23.60 may allow an unauthenticated user to potentially enable denial of service via network access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-33624" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--3f8e0e99-5fb8-4b59-b46f-9a90b95d42e3.json b/objects/vulnerability/vulnerability--3f8e0e99-5fb8-4b59-b46f-9a90b95d42e3.json new file mode 100644 index 00000000000..cf82ca0a3e9 --- /dev/null +++ b/objects/vulnerability/vulnerability--3f8e0e99-5fb8-4b59-b46f-9a90b95d42e3.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f6dfdb20-1777-4be2-9ad6-bded3b3529db", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--3f8e0e99-5fb8-4b59-b46f-9a90b95d42e3", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.026316Z", + "modified": "2024-11-14T00:20:37.026316Z", + "name": "CVE-2024-36284", + "description": "Improper input validation in some Intel(R) Neural Compressor software before version v3.0 may allow an authenticated user to potentially enable escalation of privilege via adjacent access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-36284" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--3fbec81e-48d3-4373-956a-eb5748292bac.json b/objects/vulnerability/vulnerability--3fbec81e-48d3-4373-956a-eb5748292bac.json new file mode 100644 index 00000000000..75e662b2698 --- /dev/null +++ b/objects/vulnerability/vulnerability--3fbec81e-48d3-4373-956a-eb5748292bac.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--76f96395-52b0-4827-8db2-8604e6ff23ef", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--3fbec81e-48d3-4373-956a-eb5748292bac", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.406616Z", + "modified": "2024-11-14T00:20:35.406616Z", + "name": "CVE-2024-10852", + "description": "The Buy one click WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the buy_one_click_export_options AJAX action in all versions up to, and including, 2.2.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to export plugin settings.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-10852" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--401d1abc-df6b-4d86-832f-e0f4c9ea335e.json b/objects/vulnerability/vulnerability--401d1abc-df6b-4d86-832f-e0f4c9ea335e.json new file mode 100644 index 00000000000..fff629ab1f2 --- /dev/null +++ b/objects/vulnerability/vulnerability--401d1abc-df6b-4d86-832f-e0f4c9ea335e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--5ad596f8-a4f4-4c9a-b3ef-e01d2d4a4915", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--401d1abc-df6b-4d86-832f-e0f4c9ea335e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.598561Z", + "modified": "2024-11-14T00:20:37.598561Z", + "name": "CVE-2024-29083", + "description": "Incorrect default permissions in some Intel(R) Distribution for Python software before version 2024.2 may allow an authenticated user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-29083" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--44367617-fc49-4ded-b6c9-50cee49a02cd.json b/objects/vulnerability/vulnerability--44367617-fc49-4ded-b6c9-50cee49a02cd.json new file mode 100644 index 00000000000..70981f7956f --- /dev/null +++ b/objects/vulnerability/vulnerability--44367617-fc49-4ded-b6c9-50cee49a02cd.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ad9d11b6-8fbe-4f20-8f39-1d5e407fcd47", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--44367617-fc49-4ded-b6c9-50cee49a02cd", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.426975Z", + "modified": "2024-11-14T00:20:36.426975Z", + "name": "CVE-2024-31074", + "description": "Observable timing discrepancy in some Intel(R) QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-31074" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--44f37249-9034-439d-9e13-aba3a939bb52.json b/objects/vulnerability/vulnerability--44f37249-9034-439d-9e13-aba3a939bb52.json new file mode 100644 index 00000000000..36ba20209ce --- /dev/null +++ b/objects/vulnerability/vulnerability--44f37249-9034-439d-9e13-aba3a939bb52.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--cf33b2ef-6228-4812-8641-c706bb7adb8e", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--44f37249-9034-439d-9e13-aba3a939bb52", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.062755Z", + "modified": "2024-11-14T00:20:37.062755Z", + "name": "CVE-2024-36275", + "description": "NULL pointer dereference in some Intel(R) Optane(TM) PMem Management software versions before CR_MGMT_02.00.00.4040, CR_MGMT_03.00.00.0499 may allow a authenticated user to potentially enable denial of service via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-36275" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--456b4457-9ee3-4a0c-9194-2c4dbbcded67.json b/objects/vulnerability/vulnerability--456b4457-9ee3-4a0c-9194-2c4dbbcded67.json new file mode 100644 index 00000000000..e691a1a9dff --- /dev/null +++ b/objects/vulnerability/vulnerability--456b4457-9ee3-4a0c-9194-2c4dbbcded67.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--446c66f6-e1e9-4bf9-aec6-416042f9bf09", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--456b4457-9ee3-4a0c-9194-2c4dbbcded67", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.465264Z", + "modified": "2024-11-14T00:20:35.465264Z", + "name": "CVE-2024-9668", + "description": "The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown widget in all versions up to, and including, 1.7.1001 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-9668" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--45932554-2d96-4f59-b495-015e25a142e8.json b/objects/vulnerability/vulnerability--45932554-2d96-4f59-b495-015e25a142e8.json new file mode 100644 index 00000000000..44e3a06bb18 --- /dev/null +++ b/objects/vulnerability/vulnerability--45932554-2d96-4f59-b495-015e25a142e8.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--4f4a1a4b-05d4-4edd-b208-3aced99cf062", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--45932554-2d96-4f59-b495-015e25a142e8", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.909252Z", + "modified": "2024-11-14T00:20:35.909252Z", + "name": "CVE-2024-34787", + "description": "Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a local unauthenticated attacker to achieve code execution. User interaction is required.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-34787" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--45a4fd53-85d3-4234-88b8-b302c46ccdd7.json b/objects/vulnerability/vulnerability--45a4fd53-85d3-4234-88b8-b302c46ccdd7.json new file mode 100644 index 00000000000..3c60eb99957 --- /dev/null +++ b/objects/vulnerability/vulnerability--45a4fd53-85d3-4234-88b8-b302c46ccdd7.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--23b38397-6d51-4aa7-ad66-0d4f029ec2e9", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--45a4fd53-85d3-4234-88b8-b302c46ccdd7", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.433054Z", + "modified": "2024-11-14T00:20:35.433054Z", + "name": "CVE-2024-9426", + "description": "The Aqua SVG Sprite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 3.0.14 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-9426" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--46569c98-ed6b-4d48-b94c-407543eb76ea.json b/objects/vulnerability/vulnerability--46569c98-ed6b-4d48-b94c-407543eb76ea.json new file mode 100644 index 00000000000..ccf993b4fe7 --- /dev/null +++ b/objects/vulnerability/vulnerability--46569c98-ed6b-4d48-b94c-407543eb76ea.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--2327d3fc-77b6-4ff8-a77a-d76e1bcc69ed", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--46569c98-ed6b-4d48-b94c-407543eb76ea", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.380881Z", + "modified": "2024-11-14T00:20:36.380881Z", + "name": "CVE-2024-31337", + "description": "In PVRSRVRGXKickTA3DKM of rgxta3d.c, there is a possible arbitrary code execution due to improper input validation. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-31337" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--4b28274d-83d7-45ad-9b6c-3a0f94ef769c.json b/objects/vulnerability/vulnerability--4b28274d-83d7-45ad-9b6c-3a0f94ef769c.json new file mode 100644 index 00000000000..8162d5925c8 --- /dev/null +++ b/objects/vulnerability/vulnerability--4b28274d-83d7-45ad-9b6c-3a0f94ef769c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a72f5e2b-a222-49e8-9999-3ec7e6c6b6b4", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--4b28274d-83d7-45ad-9b6c-3a0f94ef769c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.413032Z", + "modified": "2024-11-14T00:20:35.413032Z", + "name": "CVE-2024-10174", + "description": "The WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.6.13 via the 'Abstract_Permission' class due to missing validation on the 'user_id' user controlled key. This makes it possible for unauthenticated attackers to spoof their identity to that of an administrator and access all of the plugins REST routes.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-10174" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--4c53b64e-749f-4da4-a924-3f8c21a1d377.json b/objects/vulnerability/vulnerability--4c53b64e-749f-4da4-a924-3f8c21a1d377.json new file mode 100644 index 00000000000..de1d299dafb --- /dev/null +++ b/objects/vulnerability/vulnerability--4c53b64e-749f-4da4-a924-3f8c21a1d377.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a62e96d5-07c8-42de-81aa-203bd3ba59c9", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--4c53b64e-749f-4da4-a924-3f8c21a1d377", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.634162Z", + "modified": "2024-11-14T00:20:35.634162Z", + "name": "CVE-2024-50956", + "description": "A buffer overflow in the RecvSocketData function of Inovance HCPLC_AM401-CPU1608TPTN 21.38.0.0, HCPLC_AM402-CPU1608TPTN 41.38.0.0, and HCPLC_AM403-CPU1608TN 81.38.0.0 allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted Modbus message.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-50956" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--4d59cc45-9a53-4d06-a768-39b139881111.json b/objects/vulnerability/vulnerability--4d59cc45-9a53-4d06-a768-39b139881111.json new file mode 100644 index 00000000000..4165a6ab095 --- /dev/null +++ b/objects/vulnerability/vulnerability--4d59cc45-9a53-4d06-a768-39b139881111.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a2f2865b-2bdb-419f-bee1-a21c33425d26", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--4d59cc45-9a53-4d06-a768-39b139881111", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.33056Z", + "modified": "2024-11-14T00:20:35.33056Z", + "name": "CVE-2024-45876", + "description": "The login form of baltic-it TOPqw Webportal v1.35.283.2 (fixed in version 1.35.283.4) at /Apps/TOPqw/Login.aspx is vulnerable to SQL injection. The vulnerability exists in the POST parameter txtUsername, which allows for manipulation of SQL queries.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-45876" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--4e6a0902-5679-4645-8f54-e2c3e1b8626e.json b/objects/vulnerability/vulnerability--4e6a0902-5679-4645-8f54-e2c3e1b8626e.json new file mode 100644 index 00000000000..78eec557110 --- /dev/null +++ b/objects/vulnerability/vulnerability--4e6a0902-5679-4645-8f54-e2c3e1b8626e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--5cbc2392-981c-460e-b21b-e892a1e1af14", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--4e6a0902-5679-4645-8f54-e2c3e1b8626e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.532335Z", + "modified": "2024-11-14T00:20:36.532335Z", + "name": "CVE-2024-21783", + "description": "Integer overflow for some Intel(R) VPL software before version 24.1.4 may allow an authenticated user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-21783" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--4e9f9c47-b4a2-4371-8ca3-e567d1d17d9a.json b/objects/vulnerability/vulnerability--4e9f9c47-b4a2-4371-8ca3-e567d1d17d9a.json new file mode 100644 index 00000000000..338997a2e3a --- /dev/null +++ b/objects/vulnerability/vulnerability--4e9f9c47-b4a2-4371-8ca3-e567d1d17d9a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d34a9e6b-d220-4b77-930b-2acc9a16b281", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--4e9f9c47-b4a2-4371-8ca3-e567d1d17d9a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.995611Z", + "modified": "2024-11-14T00:20:36.995611Z", + "name": "CVE-2024-36276", + "description": "Insecure inherited permissions for some Intel(R) CIP software before version 2.4.10852 may allow an authenticated user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-36276" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--4ecf446b-0439-44db-86ff-a73e425c71a5.json b/objects/vulnerability/vulnerability--4ecf446b-0439-44db-86ff-a73e425c71a5.json new file mode 100644 index 00000000000..bbae4111f6d --- /dev/null +++ b/objects/vulnerability/vulnerability--4ecf446b-0439-44db-86ff-a73e425c71a5.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--839f5142-e36d-4ca0-8107-2c7e4874c288", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--4ecf446b-0439-44db-86ff-a73e425c71a5", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.754843Z", + "modified": "2024-11-14T00:20:36.754843Z", + "name": "CVE-2024-49504", + "description": "grub2 allowed attackers with access to the grub shell to access files on the encrypted disks.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-49504" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--4f4fab9b-40eb-4068-a6a5-a65dc86e4fcb.json b/objects/vulnerability/vulnerability--4f4fab9b-40eb-4068-a6a5-a65dc86e4fcb.json new file mode 100644 index 00000000000..3ac1d239f17 --- /dev/null +++ b/objects/vulnerability/vulnerability--4f4fab9b-40eb-4068-a6a5-a65dc86e4fcb.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a7b319c2-ba68-4e49-ad90-bf6e413a2a60", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--4f4fab9b-40eb-4068-a6a5-a65dc86e4fcb", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.641522Z", + "modified": "2024-11-14T00:20:35.641522Z", + "name": "CVE-2024-50972", + "description": "A SQL injection vulnerability in printtool.php of Itsourcecode Construction Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the borrow_id parameter.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-50972" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--4fcf7f6f-6d6e-4ddf-b03e-07662f0da040.json b/objects/vulnerability/vulnerability--4fcf7f6f-6d6e-4ddf-b03e-07662f0da040.json new file mode 100644 index 00000000000..5206b0c6026 --- /dev/null +++ b/objects/vulnerability/vulnerability--4fcf7f6f-6d6e-4ddf-b03e-07662f0da040.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--0548587e-bbc2-4d12-b3b8-9e8c7f72c985", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--4fcf7f6f-6d6e-4ddf-b03e-07662f0da040", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.912151Z", + "modified": "2024-11-14T00:20:35.912151Z", + "name": "CVE-2024-34165", + "description": "Uncontrolled search path in some Intel(R) oneAPI DPC++/C++ Compiler before version 2024.2 may allow an authenticated user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-34165" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--52bbdcb4-00f8-4802-ad68-dd268ff9a500.json b/objects/vulnerability/vulnerability--52bbdcb4-00f8-4802-ad68-dd268ff9a500.json new file mode 100644 index 00000000000..cb4e5bc459d --- /dev/null +++ b/objects/vulnerability/vulnerability--52bbdcb4-00f8-4802-ad68-dd268ff9a500.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--435168c0-014b-4bd5-a7e9-1527fd6efea0", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--52bbdcb4-00f8-4802-ad68-dd268ff9a500", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.233506Z", + "modified": "2024-11-14T00:20:37.233506Z", + "name": "CVE-2024-32844", + "description": "SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-32844" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--5489efa7-ff3a-4cef-a730-1f15c9601d78.json b/objects/vulnerability/vulnerability--5489efa7-ff3a-4cef-a730-1f15c9601d78.json new file mode 100644 index 00000000000..ed945d30b9c --- /dev/null +++ b/objects/vulnerability/vulnerability--5489efa7-ff3a-4cef-a730-1f15c9601d78.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ed3ff6c7-3991-4048-9044-345be6ace266", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--5489efa7-ff3a-4cef-a730-1f15c9601d78", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.94681Z", + "modified": "2024-11-14T00:20:35.94681Z", + "name": "CVE-2024-34167", + "description": "Uncontrolled search path for the Intel(R) Server Board S2600ST Family BIOS and Firmware Update software all versions may allow an authenticated user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-34167" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--550fabb2-4b46-45ce-8756-8e9d786dd439.json b/objects/vulnerability/vulnerability--550fabb2-4b46-45ce-8756-8e9d786dd439.json new file mode 100644 index 00000000000..fc55aa38fec --- /dev/null +++ b/objects/vulnerability/vulnerability--550fabb2-4b46-45ce-8756-8e9d786dd439.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b516e24c-fcac-4c00-bd5d-7dc6c9167820", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--550fabb2-4b46-45ce-8756-8e9d786dd439", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.214513Z", + "modified": "2024-11-14T00:20:36.214513Z", + "name": "CVE-2024-38656", + "description": "Argument injection in Ivanti Connect Secure before version 22.7R2.2 and 9.1R18.9 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to achieve remote code execution.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-38656" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--56755983-0b17-448e-9342-b63f923f1b4c.json b/objects/vulnerability/vulnerability--56755983-0b17-448e-9342-b63f923f1b4c.json new file mode 100644 index 00000000000..7f9f3ef9886 --- /dev/null +++ b/objects/vulnerability/vulnerability--56755983-0b17-448e-9342-b63f923f1b4c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c6ffd180-dd16-4f8e-b432-5c918026d898", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--56755983-0b17-448e-9342-b63f923f1b4c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.342526Z", + "modified": "2024-11-14T00:20:35.342526Z", + "name": "CVE-2024-10038", + "description": "The WP-Strava plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.12.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-10038" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--56ad765c-681e-42a0-886e-b02aab08bbd6.json b/objects/vulnerability/vulnerability--56ad765c-681e-42a0-886e-b02aab08bbd6.json new file mode 100644 index 00000000000..01a876e6387 --- /dev/null +++ b/objects/vulnerability/vulnerability--56ad765c-681e-42a0-886e-b02aab08bbd6.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--0ef5e570-d650-4e34-8aea-6e386a1e23d2", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--56ad765c-681e-42a0-886e-b02aab08bbd6", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.517818Z", + "modified": "2024-11-14T00:20:35.517818Z", + "name": "CVE-2024-39712", + "description": "Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-39712" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--5a2a0645-e822-46b1-bfb1-2993bc8274bc.json b/objects/vulnerability/vulnerability--5a2a0645-e822-46b1-bfb1-2993bc8274bc.json new file mode 100644 index 00000000000..e2b8bcb0b68 --- /dev/null +++ b/objects/vulnerability/vulnerability--5a2a0645-e822-46b1-bfb1-2993bc8274bc.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--dcc6df4a-1b09-4379-ae6f-3f425885ab91", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--5a2a0645-e822-46b1-bfb1-2993bc8274bc", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.375363Z", + "modified": "2024-11-14T00:20:36.375363Z", + "name": "CVE-2024-31407", + "description": "Uncontrolled search path in some Intel(R) High Level Synthesis Compiler software for Intel(R) Quartus(R) Prime Pro Edition Software before version 24.1 may allow an authenticated user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-31407" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--5b336042-f991-4056-8dc4-5cfa035399d7.json b/objects/vulnerability/vulnerability--5b336042-f991-4056-8dc4-5cfa035399d7.json new file mode 100644 index 00000000000..9af5c3be012 --- /dev/null +++ b/objects/vulnerability/vulnerability--5b336042-f991-4056-8dc4-5cfa035399d7.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c6757357-fe10-4529-8ebd-49bbca0820d3", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--5b336042-f991-4056-8dc4-5cfa035399d7", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.408859Z", + "modified": "2024-11-14T00:20:35.408859Z", + "name": "CVE-2024-10851", + "description": "The Razorpay Payment Button Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.4.6. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-10851" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--5d414727-ed36-4704-af6e-415571f3d0bd.json b/objects/vulnerability/vulnerability--5d414727-ed36-4704-af6e-415571f3d0bd.json new file mode 100644 index 00000000000..2b6e0fdc321 --- /dev/null +++ b/objects/vulnerability/vulnerability--5d414727-ed36-4704-af6e-415571f3d0bd.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--db0c4c43-d18c-456e-b237-3c6b9ab7404d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--5d414727-ed36-4704-af6e-415571f3d0bd", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.054315Z", + "modified": "2024-11-14T00:20:35.054315Z", + "name": "CVE-2024-51027", + "description": "Ruijie NBR800G gateway NBR_RGOS_11.1(6)B4P9 is vulnerable to command execution in /itbox_pi/networksafe.php via the province parameter.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-51027" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--5dc354f2-ac0c-40e3-b4c9-7e89118623fd.json b/objects/vulnerability/vulnerability--5dc354f2-ac0c-40e3-b4c9-7e89118623fd.json new file mode 100644 index 00000000000..39ceaeca2d1 --- /dev/null +++ b/objects/vulnerability/vulnerability--5dc354f2-ac0c-40e3-b4c9-7e89118623fd.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--8fbcde3d-4efd-4272-8fce-4e9018ef7409", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--5dc354f2-ac0c-40e3-b4c9-7e89118623fd", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.898074Z", + "modified": "2024-11-14T00:20:35.898074Z", + "name": "CVE-2024-34028", + "description": "Uncontrolled search path in some Intel(R) Graphics Offline Compiler for OpenCL(TM) Code software for Windows before version 2024.1.0.142, graphics driver 31.0.101.5445 may allow an authenticated user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-34028" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--5fb06d83-8cd7-4ab4-a59e-44fd5b66d318.json b/objects/vulnerability/vulnerability--5fb06d83-8cd7-4ab4-a59e-44fd5b66d318.json new file mode 100644 index 00000000000..54c8cd87b3c --- /dev/null +++ b/objects/vulnerability/vulnerability--5fb06d83-8cd7-4ab4-a59e-44fd5b66d318.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--2007934d-cb4b-496c-9bec-cc4f8d744ef9", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--5fb06d83-8cd7-4ab4-a59e-44fd5b66d318", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.521419Z", + "modified": "2024-11-14T00:20:36.521419Z", + "name": "CVE-2024-21853", + "description": "Improper finite state machines (FSMs) in the hardware logic in some 4th and 5th Generation Intel(R) Xeon(R) Processors may allow an authorized user to potentially enable denial of service via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-21853" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--5fc800e7-66f5-47dd-a565-72a73b07a1aa.json b/objects/vulnerability/vulnerability--5fc800e7-66f5-47dd-a565-72a73b07a1aa.json new file mode 100644 index 00000000000..bcf8a946b7d --- /dev/null +++ b/objects/vulnerability/vulnerability--5fc800e7-66f5-47dd-a565-72a73b07a1aa.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--df0edb7f-279f-47a4-afd7-734fba3684fc", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--5fc800e7-66f5-47dd-a565-72a73b07a1aa", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.761601Z", + "modified": "2024-11-14T00:20:36.761601Z", + "name": "CVE-2024-49379", + "description": "Umbrel is a home server OS for self-hosting. The login functionality of Umbrel before version 1.2.2 contains a reflected cross-site scripting (XSS) vulnerability in use-auth.tsx. An attacker can specify a malicious redirect query parameter to trigger the vulnerability. If a JavaScript URL is passed to the redirect parameter the attacker provided JavaScript will be executed after the user entered their password and clicked on login. This vulnerability is fixed in 1.2.2.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-49379" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--604a1934-f772-44d4-ae34-b649d5622315.json b/objects/vulnerability/vulnerability--604a1934-f772-44d4-ae34-b649d5622315.json new file mode 100644 index 00000000000..87b77a13edb --- /dev/null +++ b/objects/vulnerability/vulnerability--604a1934-f772-44d4-ae34-b649d5622315.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ea524b09-3c03-40b2-b1ae-a923602b37a9", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--604a1934-f772-44d4-ae34-b649d5622315", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.344486Z", + "modified": "2024-11-14T00:20:36.344486Z", + "name": "CVE-2024-40443", + "description": "SQL Injection vulnerability in Simple Laboratory Management System using PHP and MySQL v.1.0 allows a remote attacker to cause a denial of service via the delete_users function in the Useres.php", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-40443" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--60dcfdaa-8c56-4daa-b06c-e87dc0f32ebe.json b/objects/vulnerability/vulnerability--60dcfdaa-8c56-4daa-b06c-e87dc0f32ebe.json new file mode 100644 index 00000000000..67c58dac724 --- /dev/null +++ b/objects/vulnerability/vulnerability--60dcfdaa-8c56-4daa-b06c-e87dc0f32ebe.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d73b8aba-fabd-450a-9671-67df4a6d8193", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--60dcfdaa-8c56-4daa-b06c-e87dc0f32ebe", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.497679Z", + "modified": "2024-11-14T00:20:35.497679Z", + "name": "CVE-2024-39766", + "description": "Improper neutralization of special elements used in SQL command in some Intel(R) Neural Compressor software before version v3.0 may allow an authenticated user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-39766" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--6147e8d9-9cfd-4755-931c-20964b400e6d.json b/objects/vulnerability/vulnerability--6147e8d9-9cfd-4755-931c-20964b400e6d.json new file mode 100644 index 00000000000..a3644aa55cd --- /dev/null +++ b/objects/vulnerability/vulnerability--6147e8d9-9cfd-4755-931c-20964b400e6d.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--10cc402d-0297-4daf-8c0f-1081c26cfca9", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--6147e8d9-9cfd-4755-931c-20964b400e6d", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.6314Z", + "modified": "2024-11-14T00:20:36.6314Z", + "name": "CVE-2024-37024", + "description": "Uncontrolled search path for some ACAT software maintained by Intel(R) for Windows before version 3.11.0 may allow an authenticated user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-37024" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--622896f0-bcc9-4079-9740-b59b5bd91f9b.json b/objects/vulnerability/vulnerability--622896f0-bcc9-4079-9740-b59b5bd91f9b.json new file mode 100644 index 00000000000..7c1075aa3ae --- /dev/null +++ b/objects/vulnerability/vulnerability--622896f0-bcc9-4079-9740-b59b5bd91f9b.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--4c152db3-47d1-4568-96b2-54ad830edf6f", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--622896f0-bcc9-4079-9740-b59b5bd91f9b", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.544484Z", + "modified": "2024-11-14T00:20:36.544484Z", + "name": "CVE-2024-21799", + "description": "Path traversal for some Intel(R) Extension for Transformers software before version 1.5 may allow an authenticated user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-21799" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--66fad288-beb7-424d-920d-205e998781bd.json b/objects/vulnerability/vulnerability--66fad288-beb7-424d-920d-205e998781bd.json new file mode 100644 index 00000000000..511e1216afa --- /dev/null +++ b/objects/vulnerability/vulnerability--66fad288-beb7-424d-920d-205e998781bd.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--8bd8b6d3-b1b2-4e2c-bdfd-de79d3f847d7", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--66fad288-beb7-424d-920d-205e998781bd", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.380802Z", + "modified": "2024-11-14T00:20:35.380802Z", + "name": "CVE-2024-10684", + "description": "The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'dir' parameter in all versions up to, and including, 2.1.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-10684" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--68af5bdd-5835-40e1-81ad-194a64087150.json b/objects/vulnerability/vulnerability--68af5bdd-5835-40e1-81ad-194a64087150.json new file mode 100644 index 00000000000..9e04da75556 --- /dev/null +++ b/objects/vulnerability/vulnerability--68af5bdd-5835-40e1-81ad-194a64087150.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--3fdb7d16-9943-49f1-bd8e-4c10276a25a2", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--68af5bdd-5835-40e1-81ad-194a64087150", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.64425Z", + "modified": "2024-11-14T00:20:36.64425Z", + "name": "CVE-2024-37376", + "description": "SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-37376" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--68bde61a-3e37-4224-8973-4c6060f8776a.json b/objects/vulnerability/vulnerability--68bde61a-3e37-4224-8973-4c6060f8776a.json new file mode 100644 index 00000000000..2af653ebcfa --- /dev/null +++ b/objects/vulnerability/vulnerability--68bde61a-3e37-4224-8973-4c6060f8776a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--43a2b4d3-cf26-4c16-956d-84f849a4454d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--68bde61a-3e37-4224-8973-4c6060f8776a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.41499Z", + "modified": "2024-11-14T00:20:35.41499Z", + "name": "CVE-2024-10593", + "description": "The WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.9.1.6. This is due to missing or incorrect nonce validation on the process_admin_ui function. This makes it possible for unauthenticated attackers to delete WPForm logs via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-10593" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--6f71b579-b743-40a4-b064-439d8b6100a6.json b/objects/vulnerability/vulnerability--6f71b579-b743-40a4-b064-439d8b6100a6.json new file mode 100644 index 00000000000..817d39ede17 --- /dev/null +++ b/objects/vulnerability/vulnerability--6f71b579-b743-40a4-b064-439d8b6100a6.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--5ba89e69-21b8-4dd3-9ba5-fd64248cfbeb", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--6f71b579-b743-40a4-b064-439d8b6100a6", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.86439Z", + "modified": "2024-11-14T00:20:35.86439Z", + "name": "CVE-2024-11159", + "description": "Using remote content in OpenPGP encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird < 128.4.3 and Thunderbird < 132.0.1.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11159" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--704080f1-14c2-4a8a-b1fb-05752ff804c6.json b/objects/vulnerability/vulnerability--704080f1-14c2-4a8a-b1fb-05752ff804c6.json new file mode 100644 index 00000000000..793e4755c1a --- /dev/null +++ b/objects/vulnerability/vulnerability--704080f1-14c2-4a8a-b1fb-05752ff804c6.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--7a35b9a1-7805-48ed-bdde-4b469b9ad9c1", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--704080f1-14c2-4a8a-b1fb-05752ff804c6", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.384735Z", + "modified": "2024-11-14T00:20:35.384735Z", + "name": "CVE-2024-10575", + "description": "CWE-862: Missing Authorization vulnerability exists that could cause unauthorized access when enabled on\nthe network and potentially impacting connected devices.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-10575" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--706f5935-0a86-4249-beb7-551b17fbf5c3.json b/objects/vulnerability/vulnerability--706f5935-0a86-4249-beb7-551b17fbf5c3.json new file mode 100644 index 00000000000..8fa1adb31dd --- /dev/null +++ b/objects/vulnerability/vulnerability--706f5935-0a86-4249-beb7-551b17fbf5c3.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--63ed4872-8e31-4a47-98cc-4c5548d64e0c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--706f5935-0a86-4249-beb7-551b17fbf5c3", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.817276Z", + "modified": "2024-11-14T00:20:36.817276Z", + "name": "CVE-2024-23919", + "description": "Improper buffer restrictions in some Intel(R) Graphics software may allow an authenticated user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-23919" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--7120bc93-bd5c-440f-bf43-6182a771e870.json b/objects/vulnerability/vulnerability--7120bc93-bd5c-440f-bf43-6182a771e870.json new file mode 100644 index 00000000000..15636d3141a --- /dev/null +++ b/objects/vulnerability/vulnerability--7120bc93-bd5c-440f-bf43-6182a771e870.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--839ec99b-07d6-471b-a170-82ca1f84a1c6", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--7120bc93-bd5c-440f-bf43-6182a771e870", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.394583Z", + "modified": "2024-11-14T00:20:35.394583Z", + "name": "CVE-2024-10577", + "description": "The 胖鼠采集(Fat Rat Collect) 微信知乎简书腾讯新闻列表分页采集, 还有自动采集、自动发布、自动标签、等多项功能。开源插件 plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to missing escaping on a URL in all versions up to, and including, 2.7.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-10577" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--716f7744-156c-4113-b521-9d5f3d26e39a.json b/objects/vulnerability/vulnerability--716f7744-156c-4113-b521-9d5f3d26e39a.json new file mode 100644 index 00000000000..2c0cb8b464a --- /dev/null +++ b/objects/vulnerability/vulnerability--716f7744-156c-4113-b521-9d5f3d26e39a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--997560b0-765a-4a89-87d1-42b3dafcd7eb", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--716f7744-156c-4113-b521-9d5f3d26e39a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.257701Z", + "modified": "2024-11-14T00:20:35.257701Z", + "name": "CVE-2024-52291", + "description": "Craft is a content management system (CMS). A vulnerability in CraftCMS allows an attacker to bypass local file system validation by utilizing a double file:// scheme (e.g., file://file:////). This enables the attacker to specify sensitive folders as the file system, leading to potential file overwriting through malicious uploads, unauthorized access to sensitive files, and, under certain conditions, remote code execution (RCE) via Server-Side Template Injection (SSTI) payloads. Note that this will only work if you have an authenticated administrator account with allowAdminChanges enabled. This is fixed in 5.4.6 and 4.12.5.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-52291" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--71edd42a-7b2b-4ba8-aae1-eb6b36939b91.json b/objects/vulnerability/vulnerability--71edd42a-7b2b-4ba8-aae1-eb6b36939b91.json new file mode 100644 index 00000000000..9ab2450975a --- /dev/null +++ b/objects/vulnerability/vulnerability--71edd42a-7b2b-4ba8-aae1-eb6b36939b91.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f566a6a1-ceb9-4559-a798-1953b884c955", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--71edd42a-7b2b-4ba8-aae1-eb6b36939b91", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.260493Z", + "modified": "2024-11-14T00:20:35.260493Z", + "name": "CVE-2024-52292", + "description": "Craft is a content management system (CMS). The dataUrl function can be exploited if an attacker has write permissions on system notification templates. This function accepts an absolute file path, reads the file's content, and converts it into a Base64-encoded string. By embedding this function within a system notification template, the attacker can exfiltrate the Base64-encoded file content through a triggered system email notification. Once the email is received, the Base64 payload can be decoded, allowing the attacker to read arbitrary files on the server. This is fixed in 5.4.9 and 4.12.8.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-52292" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--72535cef-5f6f-4754-839a-cfd98af5f99c.json b/objects/vulnerability/vulnerability--72535cef-5f6f-4754-839a-cfd98af5f99c.json new file mode 100644 index 00000000000..2f92079dffe --- /dev/null +++ b/objects/vulnerability/vulnerability--72535cef-5f6f-4754-839a-cfd98af5f99c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--1bc6a368-192e-48e1-96a5-a47321f9a829", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--72535cef-5f6f-4754-839a-cfd98af5f99c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.030161Z", + "modified": "2024-11-14T00:20:37.030161Z", + "name": "CVE-2024-36482", + "description": "Improper input validation in some Intel(R) CIP software before version 2.4.10852 may allow a privileged user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-36482" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--72c82b74-0be8-4f10-be50-aaee1c058969.json b/objects/vulnerability/vulnerability--72c82b74-0be8-4f10-be50-aaee1c058969.json new file mode 100644 index 00000000000..6ba2a9b11b0 --- /dev/null +++ b/objects/vulnerability/vulnerability--72c82b74-0be8-4f10-be50-aaee1c058969.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--52a46cb4-444f-4fc7-9f61-7187a38d2b57", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--72c82b74-0be8-4f10-be50-aaee1c058969", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.068396Z", + "modified": "2024-11-14T00:20:36.068396Z", + "name": "CVE-2024-33617", + "description": "Insufficient control flow management in some Intel(R) QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-33617" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--7368c425-808a-4c32-8df5-3bcb37c9cf34.json b/objects/vulnerability/vulnerability--7368c425-808a-4c32-8df5-3bcb37c9cf34.json new file mode 100644 index 00000000000..4e59201bd92 --- /dev/null +++ b/objects/vulnerability/vulnerability--7368c425-808a-4c32-8df5-3bcb37c9cf34.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c706a897-12f7-4504-a7ee-01adaacf9d1e", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--7368c425-808a-4c32-8df5-3bcb37c9cf34", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.388311Z", + "modified": "2024-11-14T00:20:37.388311Z", + "name": "CVE-2024-28885", + "description": "Observable discrepancy in some Intel(R) QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-28885" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--73d2a23c-0ac6-470b-912e-0df7acdcbe95.json b/objects/vulnerability/vulnerability--73d2a23c-0ac6-470b-912e-0df7acdcbe95.json new file mode 100644 index 00000000000..7bbeb0d4926 --- /dev/null +++ b/objects/vulnerability/vulnerability--73d2a23c-0ac6-470b-912e-0df7acdcbe95.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d024835f-2e0a-44e2-b2dc-8550af49def4", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--73d2a23c-0ac6-470b-912e-0df7acdcbe95", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:45.991894Z", + "modified": "2024-11-14T00:20:45.991894Z", + "name": "CVE-2023-35659", + "description": "In DevmemIntChangeSparse of devicemem_server.c, there is a possible arbitrary code execution due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-35659" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--73f0bcf1-6bed-4920-aed6-6aa0164b265b.json b/objects/vulnerability/vulnerability--73f0bcf1-6bed-4920-aed6-6aa0164b265b.json new file mode 100644 index 00000000000..4f6b54da852 --- /dev/null +++ b/objects/vulnerability/vulnerability--73f0bcf1-6bed-4920-aed6-6aa0164b265b.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--78d0876e-5de9-4a7b-8c87-340ec532f9fe", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--73f0bcf1-6bed-4920-aed6-6aa0164b265b", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.252095Z", + "modified": "2024-11-14T00:20:36.252095Z", + "name": "CVE-2024-38654", + "description": "Improper bounds checking in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker with admin privileges to cause a denial of service.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-38654" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--7430c7dc-57c0-43f1-9fbf-d03264df64f8.json b/objects/vulnerability/vulnerability--7430c7dc-57c0-43f1-9fbf-d03264df64f8.json new file mode 100644 index 00000000000..0d162d007d0 --- /dev/null +++ b/objects/vulnerability/vulnerability--7430c7dc-57c0-43f1-9fbf-d03264df64f8.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--4b29b0ef-1404-4cab-becf-519232344457", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--7430c7dc-57c0-43f1-9fbf-d03264df64f8", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.403258Z", + "modified": "2024-11-14T00:20:36.403258Z", + "name": "CVE-2024-31158", + "description": "Improper input validation in UEFI firmware in some Intel(R) Server Board S2600BP Family may allow a privileged user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-31158" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--743256d6-56e6-48b3-8580-836aa5f51fc6.json b/objects/vulnerability/vulnerability--743256d6-56e6-48b3-8580-836aa5f51fc6.json new file mode 100644 index 00000000000..f2b02f3e3c7 --- /dev/null +++ b/objects/vulnerability/vulnerability--743256d6-56e6-48b3-8580-836aa5f51fc6.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--8b5b0d4d-1f26-4994-bfb3-a555520841fa", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--743256d6-56e6-48b3-8580-836aa5f51fc6", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.204569Z", + "modified": "2024-11-14T00:20:36.204569Z", + "name": "CVE-2024-38649", + "description": "An out-of-bounds write in IPsec of Ivanti Connect Secure before version 22.7R2.1 allows a remote unauthenticated attacker to cause a denial of service.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-38649" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--74a55d0a-d974-49d4-8ef3-eb95db69b6f9.json b/objects/vulnerability/vulnerability--74a55d0a-d974-49d4-8ef3-eb95db69b6f9.json new file mode 100644 index 00000000000..e35f288d822 --- /dev/null +++ b/objects/vulnerability/vulnerability--74a55d0a-d974-49d4-8ef3-eb95db69b6f9.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--4e2da2fa-f317-4a28-b554-d1d04c5f3cdb", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--74a55d0a-d974-49d4-8ef3-eb95db69b6f9", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.316618Z", + "modified": "2024-11-14T00:20:36.316618Z", + "name": "CVE-2024-40885", + "description": "Use after free in the UEFI firmware of some Intel(R) Server M20NTP BIOS may allow a privileged user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-40885" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--75cf2fb4-9335-48fc-bbb4-d5e69eca3b8a.json b/objects/vulnerability/vulnerability--75cf2fb4-9335-48fc-bbb4-d5e69eca3b8a.json new file mode 100644 index 00000000000..1f6c681cade --- /dev/null +++ b/objects/vulnerability/vulnerability--75cf2fb4-9335-48fc-bbb4-d5e69eca3b8a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--1a11dc8a-b66e-4f05-b12d-512fa88728fc", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--75cf2fb4-9335-48fc-bbb4-d5e69eca3b8a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.568034Z", + "modified": "2024-11-14T00:20:37.568034Z", + "name": "CVE-2024-29076", + "description": "Uncaught exception for some Intel(R) CST software before version 8.7.10803 may allow an authenticated user to potentially enable denial of service via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-29076" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--76d4b87f-8fe9-4386-bd75-c9a62f4b41ed.json b/objects/vulnerability/vulnerability--76d4b87f-8fe9-4386-bd75-c9a62f4b41ed.json new file mode 100644 index 00000000000..fa371ae1a15 --- /dev/null +++ b/objects/vulnerability/vulnerability--76d4b87f-8fe9-4386-bd75-c9a62f4b41ed.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c2a57f66-d397-4eec-a546-63132b1aaa0d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--76d4b87f-8fe9-4386-bd75-c9a62f4b41ed", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.351483Z", + "modified": "2024-11-14T00:20:35.351483Z", + "name": "CVE-2024-10778", + "description": "The BuddyPress Builder for Elementor – BuddyBuilder plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.7.4 via the 'elementor-template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private or draft posts crated by Elementor that they should not have access to.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-10778" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--76ed15c8-d761-4287-a515-29a5bd4eff80.json b/objects/vulnerability/vulnerability--76ed15c8-d761-4287-a515-29a5bd4eff80.json new file mode 100644 index 00000000000..41514b4f465 --- /dev/null +++ b/objects/vulnerability/vulnerability--76ed15c8-d761-4287-a515-29a5bd4eff80.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--bd727aab-fd5d-45de-809c-4f3ecc44886f", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--76ed15c8-d761-4287-a515-29a5bd4eff80", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.326992Z", + "modified": "2024-11-14T00:20:36.326992Z", + "name": "CVE-2024-40661", + "description": "In mayAdminGrantPermission of AdminRestrictedPermissionsUtils.java, there is a possible way to access the microphone due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-40661" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--78b330d9-0f6b-4950-867c-a267eeb802f3.json b/objects/vulnerability/vulnerability--78b330d9-0f6b-4950-867c-a267eeb802f3.json new file mode 100644 index 00000000000..af25adbee04 --- /dev/null +++ b/objects/vulnerability/vulnerability--78b330d9-0f6b-4950-867c-a267eeb802f3.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--48c5ba9b-5025-4618-855f-22408a41137c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--78b330d9-0f6b-4950-867c-a267eeb802f3", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.506948Z", + "modified": "2024-11-14T00:20:35.506948Z", + "name": "CVE-2024-39811", + "description": "Improper input validation in firmware for some Intel(R) Server M20NTP Family UEFI may allow a privileged user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-39811" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--7acae19f-c41b-4ef0-949c-ffdece206e5d.json b/objects/vulnerability/vulnerability--7acae19f-c41b-4ef0-949c-ffdece206e5d.json new file mode 100644 index 00000000000..fd906b85cae --- /dev/null +++ b/objects/vulnerability/vulnerability--7acae19f-c41b-4ef0-949c-ffdece206e5d.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--76d9e84e-af01-4f21-a00f-1babd39e8b30", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--7acae19f-c41b-4ef0-949c-ffdece206e5d", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.239064Z", + "modified": "2024-11-14T00:20:36.239064Z", + "name": "CVE-2024-38665", + "description": "Out-of-bounds write in some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-38665" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--7b5e5645-c2ba-4c65-b74d-006c3c6fae64.json b/objects/vulnerability/vulnerability--7b5e5645-c2ba-4c65-b74d-006c3c6fae64.json new file mode 100644 index 00000000000..b379e7c534a --- /dev/null +++ b/objects/vulnerability/vulnerability--7b5e5645-c2ba-4c65-b74d-006c3c6fae64.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--42e3d302-74f2-4c01-9145-3f54c98d9a12", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--7b5e5645-c2ba-4c65-b74d-006c3c6fae64", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.248129Z", + "modified": "2024-11-14T00:20:35.248129Z", + "name": "CVE-2024-52305", + "description": "UnoPim is an open-source Product Information Management (PIM) system built on the Laravel framework. A vulnerability exists in the Create User process, allowing the creation of a new admin account with an option to upload a profile image. An attacker can upload a malicious SVG file containing an embedded script. When the profile image is accessed, the embedded script executes, leading to the potential theft of session cookies. This vulnerability is fixed in 0.1.5.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-52305" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--7c70c92e-147f-4bcf-b243-c7da561dc07e.json b/objects/vulnerability/vulnerability--7c70c92e-147f-4bcf-b243-c7da561dc07e.json new file mode 100644 index 00000000000..c35ecfcf876 --- /dev/null +++ b/objects/vulnerability/vulnerability--7c70c92e-147f-4bcf-b243-c7da561dc07e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--0adf914e-d090-4303-9c41-927e59e5dc1c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--7c70c92e-147f-4bcf-b243-c7da561dc07e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.401566Z", + "modified": "2024-11-14T00:20:35.401566Z", + "name": "CVE-2024-10531", + "description": "The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_assistant() function in all versions up to, and including, 2.1.7. This makes it possible for authenticated attackers, with subscriber-level access and above, to update GTP assistants.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-10531" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--7ca92e82-41bc-4ec0-824b-e665cea76405.json b/objects/vulnerability/vulnerability--7ca92e82-41bc-4ec0-824b-e665cea76405.json new file mode 100644 index 00000000000..dc97e823108 --- /dev/null +++ b/objects/vulnerability/vulnerability--7ca92e82-41bc-4ec0-824b-e665cea76405.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--2bbd31ed-a9a4-4b56-9151-9e2616c09847", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--7ca92e82-41bc-4ec0-824b-e665cea76405", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.240043Z", + "modified": "2024-11-14T00:20:35.240043Z", + "name": "CVE-2024-52551", + "description": "Jenkins Pipeline: Declarative Plugin 2.2214.vb_b_34b_2ea_9b_83 and earlier does not check whether the main (Jenkinsfile) script used to restart a build from a specific stage is approved, allowing attackers with Item/Build permission to restart a previous build whose (Jenkinsfile) script is no longer approved.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-52551" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--7cdafa3f-95b1-44c1-955a-51d5660599a3.json b/objects/vulnerability/vulnerability--7cdafa3f-95b1-44c1-955a-51d5660599a3.json new file mode 100644 index 00000000000..45a44392f78 --- /dev/null +++ b/objects/vulnerability/vulnerability--7cdafa3f-95b1-44c1-955a-51d5660599a3.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--bfd92387-95ff-48e0-897f-60cf2ff24d17", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--7cdafa3f-95b1-44c1-955a-51d5660599a3", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.319814Z", + "modified": "2024-11-14T00:20:35.319814Z", + "name": "CVE-2024-45875", + "description": "The create user function in baltic-it TOPqw Webportal 1.35.287.1 (fixed in version1.35.291), in /Apps/TOPqw/BenutzerManagement.aspx/SaveNewUser, is vulnerable to SQL injection. The JSON object username allows the manipulation of SQL queries.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-45875" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--7d42c6d8-4490-4ef8-aea6-9ba33770f1af.json b/objects/vulnerability/vulnerability--7d42c6d8-4490-4ef8-aea6-9ba33770f1af.json new file mode 100644 index 00000000000..0c072f90abc --- /dev/null +++ b/objects/vulnerability/vulnerability--7d42c6d8-4490-4ef8-aea6-9ba33770f1af.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b22a3f2a-6297-4e59-b2d7-f702dbc4a4f8", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--7d42c6d8-4490-4ef8-aea6-9ba33770f1af", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.129478Z", + "modified": "2024-11-14T00:20:36.129478Z", + "name": "CVE-2024-8938", + "description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could\ncause a potential arbitrary code execution after a successful Man-In-The-Middle attack followed by sending a\ncrafted Modbus function call to tamper with memory area involved in memory size computation.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-8938" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--7e04ee5a-5942-4a59-a03e-d267cb72cc12.json b/objects/vulnerability/vulnerability--7e04ee5a-5942-4a59-a03e-d267cb72cc12.json new file mode 100644 index 00000000000..e9204312b78 --- /dev/null +++ b/objects/vulnerability/vulnerability--7e04ee5a-5942-4a59-a03e-d267cb72cc12.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--3ece380f-371a-4bea-afb0-8cbe067c8c55", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--7e04ee5a-5942-4a59-a03e-d267cb72cc12", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.885192Z", + "modified": "2024-11-14T00:20:35.885192Z", + "name": "CVE-2024-34784", + "description": "SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-34784" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--7e1c8cca-e13f-4fc2-befe-5c8653cc9a42.json b/objects/vulnerability/vulnerability--7e1c8cca-e13f-4fc2-befe-5c8653cc9a42.json new file mode 100644 index 00000000000..3ed0213e7f0 --- /dev/null +++ b/objects/vulnerability/vulnerability--7e1c8cca-e13f-4fc2-befe-5c8653cc9a42.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d73a9cda-031b-457e-9fc5-954760105be0", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--7e1c8cca-e13f-4fc2-befe-5c8653cc9a42", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.056701Z", + "modified": "2024-11-14T00:20:37.056701Z", + "name": "CVE-2024-36245", + "description": "Uncontrolled search path element in some Intel(R) VTune(TM) Profiler software before version 2024.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-36245" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--7e992b28-27a3-4a9f-93ec-470275384f1e.json b/objects/vulnerability/vulnerability--7e992b28-27a3-4a9f-93ec-470275384f1e.json new file mode 100644 index 00000000000..7c454eb842a --- /dev/null +++ b/objects/vulnerability/vulnerability--7e992b28-27a3-4a9f-93ec-470275384f1e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f88dcd2f-0213-4bd1-9039-2fa53dc0839e", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--7e992b28-27a3-4a9f-93ec-470275384f1e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.839069Z", + "modified": "2024-11-14T00:20:35.839069Z", + "name": "CVE-2024-25647", + "description": "Incorrect default permissions for some Intel(R) Binary Configuration Tool software for Windows before version 3.4.5 may allow an authenticated user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-25647" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8008fb08-77f0-468f-be1f-bada05343644.json b/objects/vulnerability/vulnerability--8008fb08-77f0-468f-be1f-bada05343644.json new file mode 100644 index 00000000000..63e76c624c8 --- /dev/null +++ b/objects/vulnerability/vulnerability--8008fb08-77f0-468f-be1f-bada05343644.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d3242130-6830-424c-a24f-37b945a3df47", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8008fb08-77f0-468f-be1f-bada05343644", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.510255Z", + "modified": "2024-11-14T00:20:36.510255Z", + "name": "CVE-2024-21540", + "description": "All versions of the package source-map-support are vulnerable to Directory Traversal in the retrieveSourceMap function.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-21540" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8485d9de-2db4-4d05-bccb-94dbb7a8cc66.json b/objects/vulnerability/vulnerability--8485d9de-2db4-4d05-bccb-94dbb7a8cc66.json new file mode 100644 index 00000000000..20aa789b1ce --- /dev/null +++ b/objects/vulnerability/vulnerability--8485d9de-2db4-4d05-bccb-94dbb7a8cc66.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--8d2c7a4c-5ae5-4e5a-b980-ef073dce095e", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8485d9de-2db4-4d05-bccb-94dbb7a8cc66", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.271506Z", + "modified": "2024-11-14T00:20:35.271506Z", + "name": "CVE-2024-52306", + "description": "FileManager provides a Backpack admin interface for files and folder. Prior to 3.0.9, deserialization of untrusted data from the mimes parameter could lead to remote code execution. This vulnerability is fixed in 3.0.9.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-52306" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--85c51e47-5449-48c3-9835-282d3ec6f38e.json b/objects/vulnerability/vulnerability--85c51e47-5449-48c3-9835-282d3ec6f38e.json new file mode 100644 index 00000000000..070e91d75bc --- /dev/null +++ b/objects/vulnerability/vulnerability--85c51e47-5449-48c3-9835-282d3ec6f38e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--8ccc8b5b-a4e8-48b7-9b24-a9601f043a5b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--85c51e47-5449-48c3-9835-282d3ec6f38e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.922131Z", + "modified": "2024-11-14T00:20:35.922131Z", + "name": "CVE-2024-34776", + "description": "Out-of-bounds write in some Intel(R) SGX SDK software may allow an authenticated user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-34776" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--85e8c4ce-f4ea-4bbd-87c0-59e73caf1e61.json b/objects/vulnerability/vulnerability--85e8c4ce-f4ea-4bbd-87c0-59e73caf1e61.json new file mode 100644 index 00000000000..135556a38b0 --- /dev/null +++ b/objects/vulnerability/vulnerability--85e8c4ce-f4ea-4bbd-87c0-59e73caf1e61.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--42177868-d308-4e89-84b4-81ce5a0af47f", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--85e8c4ce-f4ea-4bbd-87c0-59e73caf1e61", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.265538Z", + "modified": "2024-11-14T00:20:35.265538Z", + "name": "CVE-2024-52295", + "description": "DataEase is an open source data visualization analysis tool. Prior to 2.10.2, DataEase allows attackers to forge jwt and take over services. The JWT secret is hardcoded in the code, and the UID and OID are hardcoded. The vulnerability has been fixed in v2.10.2.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-52295" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--879f0eef-2452-4147-86d8-9a578f257dfd.json b/objects/vulnerability/vulnerability--879f0eef-2452-4147-86d8-9a578f257dfd.json new file mode 100644 index 00000000000..ec51245e8d0 --- /dev/null +++ b/objects/vulnerability/vulnerability--879f0eef-2452-4147-86d8-9a578f257dfd.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--321f2332-282b-4ed8-8b55-84f8151846d2", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--879f0eef-2452-4147-86d8-9a578f257dfd", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.677854Z", + "modified": "2024-11-14T00:20:37.677854Z", + "name": "CVE-2024-43086", + "description": "In validateAccountsInternal of AccountManagerService.java, there is a possible way to leak account credentials to a third party app due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-43086" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--880f6562-efe9-4aea-93c0-0eaaf50c1cb9.json b/objects/vulnerability/vulnerability--880f6562-efe9-4aea-93c0-0eaaf50c1cb9.json new file mode 100644 index 00000000000..12c7155e8d5 --- /dev/null +++ b/objects/vulnerability/vulnerability--880f6562-efe9-4aea-93c0-0eaaf50c1cb9.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ba2b7c89-ae7c-409a-afdd-511598c66aa1", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--880f6562-efe9-4aea-93c0-0eaaf50c1cb9", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.369245Z", + "modified": "2024-11-14T00:20:35.369245Z", + "name": "CVE-2024-10887", + "description": "The NiceJob plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several of the plugin's shortcodes (nicejob-lead, nicejob-review, nicejob-engage, nicejob-badge, nicejob-stories) in all versions up to, and including, 3.6.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-10887" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--88153f89-c147-44ae-9f75-bef2f3778a26.json b/objects/vulnerability/vulnerability--88153f89-c147-44ae-9f75-bef2f3778a26.json new file mode 100644 index 00000000000..5c3e1de55f3 --- /dev/null +++ b/objects/vulnerability/vulnerability--88153f89-c147-44ae-9f75-bef2f3778a26.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b6bcf5a9-3a2f-48eb-b585-f39bcb05f359", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--88153f89-c147-44ae-9f75-bef2f3778a26", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.267754Z", + "modified": "2024-11-14T00:20:35.267754Z", + "name": "CVE-2024-52549", + "description": "Jenkins Script Security Plugin 1367.vdf2fc45f229c and earlier, except 1365.1367.va_3b_b_89f8a_95b_ and 1362.1364.v4cf2dc5d8776, does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of files on the controller file system.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-52549" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--89069cea-57e5-4bbf-a344-c39b87ded914.json b/objects/vulnerability/vulnerability--89069cea-57e5-4bbf-a344-c39b87ded914.json new file mode 100644 index 00000000000..7da80ed7b97 --- /dev/null +++ b/objects/vulnerability/vulnerability--89069cea-57e5-4bbf-a344-c39b87ded914.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d874202f-4317-41c8-8e61-e5bf05a8825c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--89069cea-57e5-4bbf-a344-c39b87ded914", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.377488Z", + "modified": "2024-11-14T00:20:37.377488Z", + "name": "CVE-2024-28051", + "description": "Out-of-bounds read in some Intel(R) VPL software before version 24.1.4 may allow an authenticated user to potentially enable information disclosure via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-28051" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--89205fe1-16dc-417f-8b50-82d1534e4e85.json b/objects/vulnerability/vulnerability--89205fe1-16dc-417f-8b50-82d1534e4e85.json new file mode 100644 index 00000000000..fd29cd64ae2 --- /dev/null +++ b/objects/vulnerability/vulnerability--89205fe1-16dc-417f-8b50-82d1534e4e85.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--04522adb-a1d6-4c76-b24c-7b94e4d36079", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--89205fe1-16dc-417f-8b50-82d1534e4e85", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.382128Z", + "modified": "2024-11-14T00:20:35.382128Z", + "name": "CVE-2024-10877", + "description": "The AFI – The Easiest Integration Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.92.0. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-10877" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8aceb4fe-a271-4d71-b51f-a35369031d36.json b/objects/vulnerability/vulnerability--8aceb4fe-a271-4d71-b51f-a35369031d36.json new file mode 100644 index 00000000000..4d54fd72911 --- /dev/null +++ b/objects/vulnerability/vulnerability--8aceb4fe-a271-4d71-b51f-a35369031d36.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--5378df38-1d21-48bf-84d9-7d3e6ae27078", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8aceb4fe-a271-4d71-b51f-a35369031d36", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.321236Z", + "modified": "2024-11-14T00:20:36.321236Z", + "name": "CVE-2024-40404", + "description": "Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain an access control issue in the API endpoint where Web Sockets connections are established.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-40404" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8b768b9d-e6d3-45ed-99b3-e3548a262cf6.json b/objects/vulnerability/vulnerability--8b768b9d-e6d3-45ed-99b3-e3548a262cf6.json new file mode 100644 index 00000000000..73dd11bdefb --- /dev/null +++ b/objects/vulnerability/vulnerability--8b768b9d-e6d3-45ed-99b3-e3548a262cf6.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--17d6db63-e5af-475b-a810-1789c3bb9934", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8b768b9d-e6d3-45ed-99b3-e3548a262cf6", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.655464Z", + "modified": "2024-11-14T00:20:36.655464Z", + "name": "CVE-2024-37400", + "description": "An out of bounds read in Ivanti Connect Secure before version 22.7R2.3 allows a remote unauthenticated attacker to trigger an infinite loop, causing a denial of service.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-37400" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8bcbae9c-22ee-4bf2-be54-2cee680ff1d4.json b/objects/vulnerability/vulnerability--8bcbae9c-22ee-4bf2-be54-2cee680ff1d4.json new file mode 100644 index 00000000000..6d9a132a93a --- /dev/null +++ b/objects/vulnerability/vulnerability--8bcbae9c-22ee-4bf2-be54-2cee680ff1d4.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--53bd8288-a49c-4750-96a7-c8a5816c9b79", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8bcbae9c-22ee-4bf2-be54-2cee680ff1d4", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.23753Z", + "modified": "2024-11-14T00:20:35.23753Z", + "name": "CVE-2024-52550", + "description": "Jenkins Pipeline: Groovy Plugin 3990.vd281dd77a_388 and earlier, except 3975.3977.v478dd9e956c3 does not check whether the main (Jenkinsfile) script for a rebuilt build is approved, allowing attackers with Item/Build permission to rebuild a previous build whose (Jenkinsfile) script is no longer approved.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-52550" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8cfa9d50-6654-4b7c-957e-2bbc3fe8d5d8.json b/objects/vulnerability/vulnerability--8cfa9d50-6654-4b7c-957e-2bbc3fe8d5d8.json new file mode 100644 index 00000000000..f8c3c803704 --- /dev/null +++ b/objects/vulnerability/vulnerability--8cfa9d50-6654-4b7c-957e-2bbc3fe8d5d8.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--52051d75-50dd-4c28-9de2-b57f8857a94b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8cfa9d50-6654-4b7c-957e-2bbc3fe8d5d8", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.392603Z", + "modified": "2024-11-14T00:20:36.392603Z", + "name": "CVE-2024-31154", + "description": "Improper input validation in UEFI firmware for some Intel(R) Server S2600BPBR may allow a privileged user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-31154" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8ec2afa3-47f0-40a8-82ab-cb5727e9a909.json b/objects/vulnerability/vulnerability--8ec2afa3-47f0-40a8-82ab-cb5727e9a909.json new file mode 100644 index 00000000000..d7b22878283 --- /dev/null +++ b/objects/vulnerability/vulnerability--8ec2afa3-47f0-40a8-82ab-cb5727e9a909.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--3dcb79c2-f3f9-4f49-8137-ce039caca7ae", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8ec2afa3-47f0-40a8-82ab-cb5727e9a909", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.78393Z", + "modified": "2024-11-14T00:20:36.78393Z", + "name": "CVE-2024-49506", + "description": "Insecure creation of temporary files allows local users on systems with non-default configurations to cause denial of service or set the encryption key for a filesystem", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-49506" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8fcd4b22-8e00-40f6-b370-c878aa35a048.json b/objects/vulnerability/vulnerability--8fcd4b22-8e00-40f6-b370-c878aa35a048.json new file mode 100644 index 00000000000..80f1bbb2c6d --- /dev/null +++ b/objects/vulnerability/vulnerability--8fcd4b22-8e00-40f6-b370-c878aa35a048.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--369eca18-74f9-4e12-935b-206c4836ffa8", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8fcd4b22-8e00-40f6-b370-c878aa35a048", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.336479Z", + "modified": "2024-11-14T00:20:36.336479Z", + "name": "CVE-2024-40405", + "description": "Incorrect access control in Cybele Software Thinfinity Workspace before v7.0.3.109 allows attackers to gain access to a secondary broker via a crafted request.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-40405" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--90d848f6-face-488d-bc81-68a7decad9e9.json b/objects/vulnerability/vulnerability--90d848f6-face-488d-bc81-68a7decad9e9.json new file mode 100644 index 00000000000..dc621fd9624 --- /dev/null +++ b/objects/vulnerability/vulnerability--90d848f6-face-488d-bc81-68a7decad9e9.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f6da0fe9-ee0d-4669-ae88-06bab1a75d6b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--90d848f6-face-488d-bc81-68a7decad9e9", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.486713Z", + "modified": "2024-11-14T00:20:35.486713Z", + "name": "CVE-2024-9059", + "description": "The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Google Maps widget in all versions up to, and including, 1.7.1001 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-9059" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--92cafe38-07f3-4021-8486-c9f1e8572f79.json b/objects/vulnerability/vulnerability--92cafe38-07f3-4021-8486-c9f1e8572f79.json new file mode 100644 index 00000000000..43145c2bb0f --- /dev/null +++ b/objects/vulnerability/vulnerability--92cafe38-07f3-4021-8486-c9f1e8572f79.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--8828fa3a-e6aa-40f0-9221-5d438c55b190", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--92cafe38-07f3-4021-8486-c9f1e8572f79", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.361113Z", + "modified": "2024-11-14T00:20:36.361113Z", + "name": "CVE-2024-40408", + "description": "Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain an access control issue in the Create Profile section. This vulnerability allows attackers to create arbitrary user profiles with elevated privileges.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-40408" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--92eb9cc3-3e74-4757-9472-2563436364ce.json b/objects/vulnerability/vulnerability--92eb9cc3-3e74-4757-9472-2563436364ce.json new file mode 100644 index 00000000000..9cd92308541 --- /dev/null +++ b/objects/vulnerability/vulnerability--92eb9cc3-3e74-4757-9472-2563436364ce.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--22bab950-117b-49b3-a0fb-d66342e2c2ae", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--92eb9cc3-3e74-4757-9472-2563436364ce", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.148449Z", + "modified": "2024-11-14T00:20:36.148449Z", + "name": "CVE-2024-8935", + "description": "CWE-290: Authentication Bypass by Spoofing vulnerability exists that could cause a denial of service and loss\nof confidentiality and integrity of controllers when conducting a Man-In-The-Middle attack between the\ncontroller and the engineering workstation while a valid user is establishing a communication session. This\nvulnerability is inherent to Diffie Hellman algorithm which does not protect against Man-In-The-Middle attacks.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-8935" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--9374c519-f41a-45ad-be90-605341fd2102.json b/objects/vulnerability/vulnerability--9374c519-f41a-45ad-be90-605341fd2102.json new file mode 100644 index 00000000000..7c0a752a29a --- /dev/null +++ b/objects/vulnerability/vulnerability--9374c519-f41a-45ad-be90-605341fd2102.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b40484c8-5f29-4603-8c60-abeafee26d24", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--9374c519-f41a-45ad-be90-605341fd2102", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.90319Z", + "modified": "2024-11-14T00:20:35.90319Z", + "name": "CVE-2024-34780", + "description": "SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-34780" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--94f95bfa-679b-4462-8654-dd9d3bacb4f7.json b/objects/vulnerability/vulnerability--94f95bfa-679b-4462-8654-dd9d3bacb4f7.json new file mode 100644 index 00000000000..9b8af5fa78c --- /dev/null +++ b/objects/vulnerability/vulnerability--94f95bfa-679b-4462-8654-dd9d3bacb4f7.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--170d952b-e9c7-48d4-a824-64a468161786", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--94f95bfa-679b-4462-8654-dd9d3bacb4f7", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.930211Z", + "modified": "2024-11-14T00:20:35.930211Z", + "name": "CVE-2024-34719", + "description": "In multiple locations, there is a possible permissions bypass due to a missing null check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-34719" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--951b8f83-7329-4304-bd37-d75eb274680c.json b/objects/vulnerability/vulnerability--951b8f83-7329-4304-bd37-d75eb274680c.json new file mode 100644 index 00000000000..0db75ffb694 --- /dev/null +++ b/objects/vulnerability/vulnerability--951b8f83-7329-4304-bd37-d75eb274680c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--28de8df7-13f2-4581-ac1c-1e4531eab8a1", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--951b8f83-7329-4304-bd37-d75eb274680c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.311843Z", + "modified": "2024-11-14T00:20:35.311843Z", + "name": "CVE-2024-45878", + "description": "The \"Stammdaten\" menu of baltic-it TOPqw Webportal v1.35.283.2 (fixed in version 1.35.291), in /Apps/TOPqw/qwStammdaten.aspx, is vulnerable to persistent Cross-Site Scripting (XSS).", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-45878" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--9724278c-f04b-4cf9-8906-5eabc79d5c1f.json b/objects/vulnerability/vulnerability--9724278c-f04b-4cf9-8906-5eabc79d5c1f.json new file mode 100644 index 00000000000..7610a73ad46 --- /dev/null +++ b/objects/vulnerability/vulnerability--9724278c-f04b-4cf9-8906-5eabc79d5c1f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--679e4b07-750b-4381-839b-0aae7e2505f6", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--9724278c-f04b-4cf9-8906-5eabc79d5c1f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.302246Z", + "modified": "2024-11-14T00:20:35.302246Z", + "name": "CVE-2024-45877", + "description": "baltic-it TOPqw Webportal v1.35.283.2 is vulnerable to Incorrect Access Control in the User Management function in /Apps/TOPqw/BenutzerManagement.aspx. This allows a low privileged user to access all modules in the web portal, view and manipulate information and permissions of other users, lock other user or unlock the own account, change the password of other users, create new users or delete existing users and view, manipulate and delete reference data.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-45877" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--97d15a9f-13ca-4d61-83b8-a3aa87fb6554.json b/objects/vulnerability/vulnerability--97d15a9f-13ca-4d61-83b8-a3aa87fb6554.json new file mode 100644 index 00000000000..68cf3cfdb14 --- /dev/null +++ b/objects/vulnerability/vulnerability--97d15a9f-13ca-4d61-83b8-a3aa87fb6554.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--1f5f16c3-a1ed-4754-891a-5859bda1c3f9", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--97d15a9f-13ca-4d61-83b8-a3aa87fb6554", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.338301Z", + "modified": "2024-11-14T00:20:36.338301Z", + "name": "CVE-2024-40407", + "description": "A full path disclosure in Cybele Software Thinfinity Workspace before v7.0.2.113 allows attackers to obtain the root path of the application via unspecified vectors.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-40407" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--99e38a24-670f-4511-a3fe-d040a1ee2c31.json b/objects/vulnerability/vulnerability--99e38a24-670f-4511-a3fe-d040a1ee2c31.json new file mode 100644 index 00000000000..3659b66a6fa --- /dev/null +++ b/objects/vulnerability/vulnerability--99e38a24-670f-4511-a3fe-d040a1ee2c31.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b042b025-b646-46ed-a778-50093ccf376f", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--99e38a24-670f-4511-a3fe-d040a1ee2c31", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.417812Z", + "modified": "2024-11-14T00:20:35.417812Z", + "name": "CVE-2024-10853", + "description": "The Buy one click WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the removeorder AJAX action in all versions up to, and including, 2.2.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete Buy one click WooCommerce orders.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-10853" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--9a34e469-c337-41ae-9ed3-0fbc94fff262.json b/objects/vulnerability/vulnerability--9a34e469-c337-41ae-9ed3-0fbc94fff262.json new file mode 100644 index 00000000000..e0b2251cdb3 --- /dev/null +++ b/objects/vulnerability/vulnerability--9a34e469-c337-41ae-9ed3-0fbc94fff262.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--de371ed9-54ab-4392-b1ac-04ce9888db34", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--9a34e469-c337-41ae-9ed3-0fbc94fff262", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.653812Z", + "modified": "2024-11-14T00:20:37.653812Z", + "name": "CVE-2024-27200", + "description": "Improper access control in some Intel(R) Granulate(TM) software before version 4.30.1 may allow a authenticated user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-27200" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--9bf1c4a0-8b99-4025-a116-dfc8a81c3eea.json b/objects/vulnerability/vulnerability--9bf1c4a0-8b99-4025-a116-dfc8a81c3eea.json new file mode 100644 index 00000000000..467489bf2e3 --- /dev/null +++ b/objects/vulnerability/vulnerability--9bf1c4a0-8b99-4025-a116-dfc8a81c3eea.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--65eeaedb-cbfa-4783-ba24-c3a4c4a92601", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--9bf1c4a0-8b99-4025-a116-dfc8a81c3eea", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.817441Z", + "modified": "2024-11-14T00:20:35.817441Z", + "name": "CVE-2024-25563", + "description": "Improper initialization in firmware for some Intel(R) PROSet/Wireless Software and Intel(R) Killer(TM) Wi-Fi before version 23.40 may allow a privileged user to potentially enable information disclosure via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-25563" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--9c1af239-c984-4834-8e5a-4dee105dbfeb.json b/objects/vulnerability/vulnerability--9c1af239-c984-4834-8e5a-4dee105dbfeb.json new file mode 100644 index 00000000000..5204cffb812 --- /dev/null +++ b/objects/vulnerability/vulnerability--9c1af239-c984-4834-8e5a-4dee105dbfeb.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a93cd909-d790-48e5-8af8-f1ed0a937cfc", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--9c1af239-c984-4834-8e5a-4dee105dbfeb", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.213665Z", + "modified": "2024-11-14T00:20:37.213665Z", + "name": "CVE-2024-32044", + "description": "Improper access control for some Intel(R) Arc(TM) Pro Graphics for Windows drivers before version 31.0.101.5319 may allow an authenticated user to potentially enable escalation of privilege via adjacent access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-32044" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--9c273dbb-3f5e-46f3-80a9-e20a9a724258.json b/objects/vulnerability/vulnerability--9c273dbb-3f5e-46f3-80a9-e20a9a724258.json new file mode 100644 index 00000000000..15cd231a9f1 --- /dev/null +++ b/objects/vulnerability/vulnerability--9c273dbb-3f5e-46f3-80a9-e20a9a724258.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--62e047d8-d417-4d08-b17f-82cb978971a8", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--9c273dbb-3f5e-46f3-80a9-e20a9a724258", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.366654Z", + "modified": "2024-11-14T00:20:35.366654Z", + "name": "CVE-2024-10529", + "description": "The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the delete_assistant() function in all versions up to, and including, 2.1.7. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete GTP assistants.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-10529" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--9cec0a6f-bbff-454c-8835-27b78bff1f0a.json b/objects/vulnerability/vulnerability--9cec0a6f-bbff-454c-8835-27b78bff1f0a.json new file mode 100644 index 00000000000..7bf7e577c9f --- /dev/null +++ b/objects/vulnerability/vulnerability--9cec0a6f-bbff-454c-8835-27b78bff1f0a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--7349c9fa-ff16-42a1-b7d7-98899e1ad0fc", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--9cec0a6f-bbff-454c-8835-27b78bff1f0a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.314089Z", + "modified": "2024-11-14T00:20:35.314089Z", + "name": "CVE-2024-45879", + "description": "The file upload function in the \"QWKalkulation\" tool of baltic-it TOPqw Webportal v1.35.287.1 (fixed in version 1.35.291), in /Apps/TOPqw/QWKalkulation/QWKalkulation.aspx, is vulnerable to Cross-Site Scripting (XSS). To exploit the persistent XSS vulnerability, an attacker has to be authenticated to the application that uses the \"TOPqw Webportal\" as a software. When authenticated, the attacker can persistently place the malicious JavaScript code in the \"QWKalkulation\" menu.'", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-45879" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--9e29b87b-076a-4f0f-9134-181692c345dc.json b/objects/vulnerability/vulnerability--9e29b87b-076a-4f0f-9134-181692c345dc.json new file mode 100644 index 00000000000..a9724c0d81c --- /dev/null +++ b/objects/vulnerability/vulnerability--9e29b87b-076a-4f0f-9134-181692c345dc.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--78c35531-6e74-4c7d-872b-7ca69206cc57", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--9e29b87b-076a-4f0f-9134-181692c345dc", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.146104Z", + "modified": "2024-11-14T00:20:36.146104Z", + "name": "CVE-2024-8001", + "description": "A vulnerability was found in VIWIS LMS 9.11. It has been classified as critical. Affected is an unknown function of the component Print Handler. The manipulation leads to missing authorization. It is possible to launch the attack remotely. A user with the role learner can use the administrative print function with an active session before and after an exam slot to access the entire exam including solutions in the web application. It is recommended to apply a patch to fix this issue.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-8001" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--9e2c1a2c-e2d0-49b7-a968-1199f722c521.json b/objects/vulnerability/vulnerability--9e2c1a2c-e2d0-49b7-a968-1199f722c521.json new file mode 100644 index 00000000000..f80f6dfa684 --- /dev/null +++ b/objects/vulnerability/vulnerability--9e2c1a2c-e2d0-49b7-a968-1199f722c521.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--995c008f-ec31-4983-8f69-deb81eec659e", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--9e2c1a2c-e2d0-49b7-a968-1199f722c521", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.368561Z", + "modified": "2024-11-14T00:20:37.368561Z", + "name": "CVE-2024-28030", + "description": "NULL pointer dereference in some Intel(R) VPL software before version 24.1.4 may allow an authenticated user to potentially enable denial of service via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-28030" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--9fe001dd-3441-4d78-814f-3a143f9a9a90.json b/objects/vulnerability/vulnerability--9fe001dd-3441-4d78-814f-3a143f9a9a90.json new file mode 100644 index 00000000000..337cbaa3925 --- /dev/null +++ b/objects/vulnerability/vulnerability--9fe001dd-3441-4d78-814f-3a143f9a9a90.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ada99207-489a-487a-a741-2b595e7a4e87", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--9fe001dd-3441-4d78-814f-3a143f9a9a90", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.027638Z", + "modified": "2024-11-14T00:20:37.027638Z", + "name": "CVE-2024-36294", + "description": "Insecure inherited permissions for some Intel(R) DSA software before version 24.3.26.8 may allow an authenticated user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-36294" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--a03eb8b2-837f-448c-a0a7-c5a6540054c0.json b/objects/vulnerability/vulnerability--a03eb8b2-837f-448c-a0a7-c5a6540054c0.json new file mode 100644 index 00000000000..c497bea3f64 --- /dev/null +++ b/objects/vulnerability/vulnerability--a03eb8b2-837f-448c-a0a7-c5a6540054c0.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--cb684d2d-3eaa-4b22-a530-3f1e3dd8e161", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--a03eb8b2-837f-448c-a0a7-c5a6540054c0", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.365098Z", + "modified": "2024-11-14T00:20:35.365098Z", + "name": "CVE-2024-10850", + "description": "The Razorpay Payment Button Elementor Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-10850" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--a08a7b0f-6d2f-4d39-bfed-8e9b3d12602f.json b/objects/vulnerability/vulnerability--a08a7b0f-6d2f-4d39-bfed-8e9b3d12602f.json new file mode 100644 index 00000000000..abba18e42e6 --- /dev/null +++ b/objects/vulnerability/vulnerability--a08a7b0f-6d2f-4d39-bfed-8e9b3d12602f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c7bce63e-2e68-442c-a353-b81bfc22814e", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--a08a7b0f-6d2f-4d39-bfed-8e9b3d12602f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.362431Z", + "modified": "2024-11-14T00:20:36.362431Z", + "name": "CVE-2024-40660", + "description": "In setTransactionState of SurfaceFlinger.cpp, there is a possible way to change protected display attributes due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-40660" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--a0c280f5-82e6-4ed5-aeb0-64fc452af5b8.json b/objects/vulnerability/vulnerability--a0c280f5-82e6-4ed5-aeb0-64fc452af5b8.json new file mode 100644 index 00000000000..174fb2976dc --- /dev/null +++ b/objects/vulnerability/vulnerability--a0c280f5-82e6-4ed5-aeb0-64fc452af5b8.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a2dd6db2-a696-4a21-bb9a-791b3774b6fd", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--a0c280f5-82e6-4ed5-aeb0-64fc452af5b8", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.569505Z", + "modified": "2024-11-14T00:20:37.569505Z", + "name": "CVE-2024-29211", + "description": "A race condition in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to modify sensitive configuration files.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-29211" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--a11ddb11-1139-466d-8a4c-cf7f53515489.json b/objects/vulnerability/vulnerability--a11ddb11-1139-466d-8a4c-cf7f53515489.json new file mode 100644 index 00000000000..dfc1ecadee1 --- /dev/null +++ b/objects/vulnerability/vulnerability--a11ddb11-1139-466d-8a4c-cf7f53515489.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--90b88b02-adc7-4c6a-b048-155927ca0c44", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--a11ddb11-1139-466d-8a4c-cf7f53515489", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.451969Z", + "modified": "2024-11-14T00:20:36.451969Z", + "name": "CVE-2024-41167", + "description": "Improper input validation in UEFI firmware in some Intel(R) Server Board M10JNP2SB Family may allow a privileged user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-41167" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--a18d8775-5e61-4691-ad8f-fa1d3d844cc7.json b/objects/vulnerability/vulnerability--a18d8775-5e61-4691-ad8f-fa1d3d844cc7.json new file mode 100644 index 00000000000..18b1fb34a9d --- /dev/null +++ b/objects/vulnerability/vulnerability--a18d8775-5e61-4691-ad8f-fa1d3d844cc7.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a00fa700-797c-4380-bc23-64eea50f9811", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--a18d8775-5e61-4691-ad8f-fa1d3d844cc7", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.389905Z", + "modified": "2024-11-14T00:20:35.389905Z", + "name": "CVE-2024-10816", + "description": "The LUNA RADIO PLAYER plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 6.24.01.24 via the js/fallback.php file. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-10816" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--a1ad537f-89cd-47ea-bee9-a9cdd2880553.json b/objects/vulnerability/vulnerability--a1ad537f-89cd-47ea-bee9-a9cdd2880553.json new file mode 100644 index 00000000000..2f3a48be24e --- /dev/null +++ b/objects/vulnerability/vulnerability--a1ad537f-89cd-47ea-bee9-a9cdd2880553.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--e8c5e6ad-ac45-4ddd-9506-160b4d22259d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--a1ad537f-89cd-47ea-bee9-a9cdd2880553", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.812352Z", + "modified": "2024-11-14T00:20:36.812352Z", + "name": "CVE-2024-23198", + "description": "Improper input validation in firmware for some Intel(R) PROSet/Wireless Software and Intel(R) Killer(TM) Wi-Fi products before version 23.40 may allow an unauthenticated user to enable denial of service via adjacent access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-23198" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--a3fe2b41-c90f-4ef4-b71c-f7c6a7cc2e5f.json b/objects/vulnerability/vulnerability--a3fe2b41-c90f-4ef4-b71c-f7c6a7cc2e5f.json new file mode 100644 index 00000000000..f199b439382 --- /dev/null +++ b/objects/vulnerability/vulnerability--a3fe2b41-c90f-4ef4-b71c-f7c6a7cc2e5f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--24f45e24-f104-4344-b45d-b2044800c5b3", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--a3fe2b41-c90f-4ef4-b71c-f7c6a7cc2e5f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.698651Z", + "modified": "2024-11-14T00:20:37.698651Z", + "name": "CVE-2024-43084", + "description": "In visitUris of multiple files, there is a possible information disclosure due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-43084" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--a42fd75c-4141-43a7-bd86-f957d74fc94f.json b/objects/vulnerability/vulnerability--a42fd75c-4141-43a7-bd86-f957d74fc94f.json new file mode 100644 index 00000000000..ff48b0a1f20 --- /dev/null +++ b/objects/vulnerability/vulnerability--a42fd75c-4141-43a7-bd86-f957d74fc94f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--8099ac87-5c61-4f77-a55c-effdd259d2bb", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--a42fd75c-4141-43a7-bd86-f957d74fc94f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.837784Z", + "modified": "2024-11-14T00:20:36.837784Z", + "name": "CVE-2024-23918", + "description": "Improper conditions check in some Intel(R) Xeon(R) processor memory controller configurations when using Intel(R) SGX may allow a privileged user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-23918" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--a5b3e77e-a975-46ab-9371-9997260caa0a.json b/objects/vulnerability/vulnerability--a5b3e77e-a975-46ab-9371-9997260caa0a.json new file mode 100644 index 00000000000..0381c14e6cd --- /dev/null +++ b/objects/vulnerability/vulnerability--a5b3e77e-a975-46ab-9371-9997260caa0a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d846a653-ea4e-4da5-9fd2-a5368346bd99", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--a5b3e77e-a975-46ab-9371-9997260caa0a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:45.507813Z", + "modified": "2024-11-14T00:20:45.507813Z", + "name": "CVE-2023-38920", + "description": "Cross Site Scripting vulnerability in Cyber Cafe Management System v.1.0 allows a local attacker to execute arbitrary code via a crafted script to the adminname parameter.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-38920" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--a8967fd0-a280-4606-9a49-303e30e3ed62.json b/objects/vulnerability/vulnerability--a8967fd0-a280-4606-9a49-303e30e3ed62.json new file mode 100644 index 00000000000..dda065ae941 --- /dev/null +++ b/objects/vulnerability/vulnerability--a8967fd0-a280-4606-9a49-303e30e3ed62.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f0d42d8d-4e6d-495a-9293-bff73cf9697a", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--a8967fd0-a280-4606-9a49-303e30e3ed62", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.66269Z", + "modified": "2024-11-14T00:20:36.66269Z", + "name": "CVE-2024-37398", + "description": "Insufficient validation in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-37398" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--a92fcb96-ec4f-4186-af12-743ecb5b1d70.json b/objects/vulnerability/vulnerability--a92fcb96-ec4f-4186-af12-743ecb5b1d70.json new file mode 100644 index 00000000000..7b9cbf7344c --- /dev/null +++ b/objects/vulnerability/vulnerability--a92fcb96-ec4f-4186-af12-743ecb5b1d70.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--9410a47a-29f7-4c91-9407-c956025c181b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--a92fcb96-ec4f-4186-af12-743ecb5b1d70", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.199043Z", + "modified": "2024-11-14T00:20:37.199043Z", + "name": "CVE-2024-32847", + "description": "SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-32847" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--ab9eb43f-db2e-44bc-805e-5607af799f97.json b/objects/vulnerability/vulnerability--ab9eb43f-db2e-44bc-805e-5607af799f97.json new file mode 100644 index 00000000000..62e2b696142 --- /dev/null +++ b/objects/vulnerability/vulnerability--ab9eb43f-db2e-44bc-805e-5607af799f97.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--4a5471b4-d63a-40b3-93d7-07b5c6d90400", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--ab9eb43f-db2e-44bc-805e-5607af799f97", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.369748Z", + "modified": "2024-11-14T00:20:37.369748Z", + "name": "CVE-2024-28169", + "description": "Cleartext transmission of sensitive information for some BigDL software maintained by Intel(R) before version 2.5.0 may allow an authenticated user to potentially enable denial of service via adjacent access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-28169" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--ae00948b-97cd-41a9-80b5-c664b0a8c5ce.json b/objects/vulnerability/vulnerability--ae00948b-97cd-41a9-80b5-c664b0a8c5ce.json new file mode 100644 index 00000000000..38fc38b3e87 --- /dev/null +++ b/objects/vulnerability/vulnerability--ae00948b-97cd-41a9-80b5-c664b0a8c5ce.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--e5ad2353-bdeb-4e83-90da-904279c217e3", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--ae00948b-97cd-41a9-80b5-c664b0a8c5ce", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.715122Z", + "modified": "2024-11-14T00:20:37.715122Z", + "name": "CVE-2024-43093", + "description": "In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to incorrect unicode normalization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-43093" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--ae1dac68-f691-4b80-ba06-876f154af88c.json b/objects/vulnerability/vulnerability--ae1dac68-f691-4b80-ba06-876f154af88c.json new file mode 100644 index 00000000000..b1456bd3700 --- /dev/null +++ b/objects/vulnerability/vulnerability--ae1dac68-f691-4b80-ba06-876f154af88c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--113d83ac-ebde-42a3-a227-8a73f2e904ec", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--ae1dac68-f691-4b80-ba06-876f154af88c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.231687Z", + "modified": "2024-11-14T00:20:37.231687Z", + "name": "CVE-2024-32667", + "description": "Out-of-bounds read for some OpenCL(TM) software may allow an authenticated user to potentially enable denial of service via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-32667" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--aec430f9-26f7-4491-a9ef-bb596508ddf8.json b/objects/vulnerability/vulnerability--aec430f9-26f7-4491-a9ef-bb596508ddf8.json new file mode 100644 index 00000000000..87cea848c0a --- /dev/null +++ b/objects/vulnerability/vulnerability--aec430f9-26f7-4491-a9ef-bb596508ddf8.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--253a5679-b7b3-435b-940c-e7383a05d917", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--aec430f9-26f7-4491-a9ef-bb596508ddf8", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.17206Z", + "modified": "2024-11-14T00:20:36.17206Z", + "name": "CVE-2024-8933", + "description": "CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel\nvulnerability exists that could cause retrieval of password hash that could lead to denial of service and loss of\nconfidentiality and integrity of controllers. To be successful, the attacker needs to inject themself inside the\nlogical network while a valid user uploads or downloads a project file into the controller.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-8933" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--af65ab6c-c7f3-4353-adea-81edde282f43.json b/objects/vulnerability/vulnerability--af65ab6c-c7f3-4353-adea-81edde282f43.json new file mode 100644 index 00000000000..1de0ef20009 --- /dev/null +++ b/objects/vulnerability/vulnerability--af65ab6c-c7f3-4353-adea-81edde282f43.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--4ccaf54b-531a-4221-9f17-ae0f7eadf502", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--af65ab6c-c7f3-4353-adea-81edde282f43", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.725955Z", + "modified": "2024-11-14T00:20:37.725955Z", + "name": "CVE-2024-43089", + "description": "In updateInternal of MediaProvider.java , there is a possible access of another app's files due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-43089" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--b27eca93-e051-40ae-a11d-912a47a64c83.json b/objects/vulnerability/vulnerability--b27eca93-e051-40ae-a11d-912a47a64c83.json new file mode 100644 index 00000000000..4c52a858212 --- /dev/null +++ b/objects/vulnerability/vulnerability--b27eca93-e051-40ae-a11d-912a47a64c83.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ac7714da-615b-4f22-83a7-c5ccce66b1fb", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--b27eca93-e051-40ae-a11d-912a47a64c83", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.482139Z", + "modified": "2024-11-14T00:20:35.482139Z", + "name": "CVE-2024-9413", + "description": "The transport_message_handler function in SCP-Firmware release versions 2.11.0-2.15.0 does not properly handle errors, potentially allowing an Application Processor (AP) to cause a buffer overflow in System Control Processor (SCP) firmware.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-9413" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--b2a47399-543e-4ccf-8def-3d2b54e9bd4b.json b/objects/vulnerability/vulnerability--b2a47399-543e-4ccf-8def-3d2b54e9bd4b.json new file mode 100644 index 00000000000..d765439d7f7 --- /dev/null +++ b/objects/vulnerability/vulnerability--b2a47399-543e-4ccf-8def-3d2b54e9bd4b.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--dbc14dcd-e781-44ac-a63f-dd1045089359", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--b2a47399-543e-4ccf-8def-3d2b54e9bd4b", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.216696Z", + "modified": "2024-11-14T00:20:36.216696Z", + "name": "CVE-2024-38668", + "description": "Uncontrolled search path for some Intel(R) Quartus(R) Prime Standard Edition software for Windows before version 23.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-38668" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--b390aef9-93e2-4670-8861-29edf43a64cc.json b/objects/vulnerability/vulnerability--b390aef9-93e2-4670-8861-29edf43a64cc.json new file mode 100644 index 00000000000..396724cbe98 --- /dev/null +++ b/objects/vulnerability/vulnerability--b390aef9-93e2-4670-8861-29edf43a64cc.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ea88b159-c112-4192-be2e-cd5a08c7c333", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--b390aef9-93e2-4670-8861-29edf43a64cc", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.219604Z", + "modified": "2024-11-14T00:20:36.219604Z", + "name": "CVE-2024-38655", + "description": "Argument injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-38655" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--b3f8633a-cea8-4333-a0ad-aaa2874d6442.json b/objects/vulnerability/vulnerability--b3f8633a-cea8-4333-a0ad-aaa2874d6442.json new file mode 100644 index 00000000000..07cae63bf7d --- /dev/null +++ b/objects/vulnerability/vulnerability--b3f8633a-cea8-4333-a0ad-aaa2874d6442.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--5890e659-c050-4aca-be22-dd66dc7816b8", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--b3f8633a-cea8-4333-a0ad-aaa2874d6442", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.397422Z", + "modified": "2024-11-14T00:20:35.397422Z", + "name": "CVE-2024-10530", + "description": "The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the add_new_assistant() function in all versions up to, and including, 2.1.7. This makes it possible for authenticated attackers, with subscriber-level access and above, to create new GTP assistants.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-10530" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--b586a970-3d36-4347-9b02-e9f1f1ac0b4c.json b/objects/vulnerability/vulnerability--b586a970-3d36-4347-9b02-e9f1f1ac0b4c.json new file mode 100644 index 00000000000..a2608934dc9 --- /dev/null +++ b/objects/vulnerability/vulnerability--b586a970-3d36-4347-9b02-e9f1f1ac0b4c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c1e340b7-accc-4717-910a-74e1360ea392", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--b586a970-3d36-4347-9b02-e9f1f1ac0b4c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.221856Z", + "modified": "2024-11-14T00:20:36.221856Z", + "name": "CVE-2024-38387", + "description": "Uncontrolled search path in the Intel(R) Graphics Driver installers for versions 15.40 and 15.45 may allow an authenticated user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-38387" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--b75bf0e6-0d0b-4994-a939-6e6c582f6552.json b/objects/vulnerability/vulnerability--b75bf0e6-0d0b-4994-a939-6e6c582f6552.json new file mode 100644 index 00000000000..4aed9208970 --- /dev/null +++ b/objects/vulnerability/vulnerability--b75bf0e6-0d0b-4994-a939-6e6c582f6552.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--42651539-2fb4-4644-b2cb-789360f2d4e7", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--b75bf0e6-0d0b-4994-a939-6e6c582f6552", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.685051Z", + "modified": "2024-11-14T00:20:37.685051Z", + "name": "CVE-2024-43080", + "description": "In onReceive of AppRestrictionsFragment.java, there is a possible escalation of privilege due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-43080" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--b826d036-3250-4a74-9f09-a8d1269bed5a.json b/objects/vulnerability/vulnerability--b826d036-3250-4a74-9f09-a8d1269bed5a.json new file mode 100644 index 00000000000..d576c8530c4 --- /dev/null +++ b/objects/vulnerability/vulnerability--b826d036-3250-4a74-9f09-a8d1269bed5a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a4a600a8-aab8-4e72-aaf7-b13063d77b60", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--b826d036-3250-4a74-9f09-a8d1269bed5a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.662366Z", + "modified": "2024-11-14T00:20:35.662366Z", + "name": "CVE-2024-50971", + "description": "A SQL injection vulnerability in print.php of Itsourcecode Construction Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the map_id parameter.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-50971" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--ba564d10-217f-483c-90f5-5a31c99d410b.json b/objects/vulnerability/vulnerability--ba564d10-217f-483c-90f5-5a31c99d410b.json new file mode 100644 index 00000000000..59f31992826 --- /dev/null +++ b/objects/vulnerability/vulnerability--ba564d10-217f-483c-90f5-5a31c99d410b.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--60e5cede-c946-4a67-82df-6ffa09533e24", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--ba564d10-217f-483c-90f5-5a31c99d410b", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.853489Z", + "modified": "2024-11-14T00:20:35.853489Z", + "name": "CVE-2024-25565", + "description": "Insufficient control flow management in UEFI firmware for some Intel(R) Xeon(R) Processors may allow an authenticated user to enable denial of service via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-25565" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--bb0af3c4-079e-4685-9e87-1694f5e33f4c.json b/objects/vulnerability/vulnerability--bb0af3c4-079e-4685-9e87-1694f5e33f4c.json new file mode 100644 index 00000000000..af86a2abf7c --- /dev/null +++ b/objects/vulnerability/vulnerability--bb0af3c4-079e-4685-9e87-1694f5e33f4c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--53e10d15-7995-41e2-8aa0-765ee4c2681b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--bb0af3c4-079e-4685-9e87-1694f5e33f4c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.933434Z", + "modified": "2024-11-14T00:20:35.933434Z", + "name": "CVE-2024-34022", + "description": "Improper Access Control in some Thunderbolt(TM) Share software before version 1.0.49.9 may allow an authenticated user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-34022" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--bc7eee49-b5e8-4d0f-95fc-f40e4f46853c.json b/objects/vulnerability/vulnerability--bc7eee49-b5e8-4d0f-95fc-f40e4f46853c.json new file mode 100644 index 00000000000..1d46f12b872 --- /dev/null +++ b/objects/vulnerability/vulnerability--bc7eee49-b5e8-4d0f-95fc-f40e4f46853c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--bd3c1d4f-e131-4443-aa71-45d203d8bd36", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--bc7eee49-b5e8-4d0f-95fc-f40e4f46853c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.274428Z", + "modified": "2024-11-14T00:20:35.274428Z", + "name": "CVE-2024-52268", + "description": "Cross-site scripting vulnerability exists in VK All in One Expansion Unit versions prior to 9.100.1.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is accessing the web site using the product.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-52268" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--be091921-c90e-4fd1-bfe7-1779e353c258.json b/objects/vulnerability/vulnerability--be091921-c90e-4fd1-bfe7-1779e353c258.json new file mode 100644 index 00000000000..dc9f63f1f3f --- /dev/null +++ b/objects/vulnerability/vulnerability--be091921-c90e-4fd1-bfe7-1779e353c258.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--658ff74f-dcf7-4051-a2ef-23984d7e28fa", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--be091921-c90e-4fd1-bfe7-1779e353c258", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.73122Z", + "modified": "2024-11-14T00:20:36.73122Z", + "name": "CVE-2024-35245", + "description": "Uncontrolled search path element in some Intel(R) PROSet/Wireless WiFi software for Windows before version 23.60 may allow an authenticated user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-35245" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--be70d0e4-5485-4fb2-9369-cb141bf436bf.json b/objects/vulnerability/vulnerability--be70d0e4-5485-4fb2-9369-cb141bf436bf.json new file mode 100644 index 00000000000..eff05ece961 --- /dev/null +++ b/objects/vulnerability/vulnerability--be70d0e4-5485-4fb2-9369-cb141bf436bf.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a0fbdf5d-8c9d-4a1c-b441-8e001fc91721", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--be70d0e4-5485-4fb2-9369-cb141bf436bf", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.180572Z", + "modified": "2024-11-14T00:20:37.180572Z", + "name": "CVE-2024-32839", + "description": "SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-32839" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--bf940d46-25aa-472d-8e64-4c78fbb18eb0.json b/objects/vulnerability/vulnerability--bf940d46-25aa-472d-8e64-4c78fbb18eb0.json new file mode 100644 index 00000000000..e12df191e28 --- /dev/null +++ b/objects/vulnerability/vulnerability--bf940d46-25aa-472d-8e64-4c78fbb18eb0.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--dfeeb594-17d9-4854-b351-41345634e8f3", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--bf940d46-25aa-472d-8e64-4c78fbb18eb0", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.358288Z", + "modified": "2024-11-14T00:20:36.358288Z", + "name": "CVE-2024-40671", + "description": "In DevmemIntChangeSparse2 of devicemem_server.c, there is a possible way to achieve arbitrary code execution due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-40671" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--c1bf9dee-93de-418c-9cc7-ea71bdba8d19.json b/objects/vulnerability/vulnerability--c1bf9dee-93de-418c-9cc7-ea71bdba8d19.json new file mode 100644 index 00000000000..9dce6c6b886 --- /dev/null +++ b/objects/vulnerability/vulnerability--c1bf9dee-93de-418c-9cc7-ea71bdba8d19.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--8bb11c50-9862-4641-8a11-ca0c0c985abd", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--c1bf9dee-93de-418c-9cc7-ea71bdba8d19", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.281927Z", + "modified": "2024-11-14T00:20:35.281927Z", + "name": "CVE-2024-45594", + "description": "Decidim is a participatory democracy framework. The meeting embeds feature used in the online or hybrid meetings is subject to potential XSS attack through a malformed URL. This vulnerability is fixed in 0.28.3 and 0.29.0.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-45594" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--c26170c7-8c77-46a2-9180-23fbf21875e3.json b/objects/vulnerability/vulnerability--c26170c7-8c77-46a2-9180-23fbf21875e3.json new file mode 100644 index 00000000000..5e886a407a0 --- /dev/null +++ b/objects/vulnerability/vulnerability--c26170c7-8c77-46a2-9180-23fbf21875e3.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f39a5fc6-97fd-48e9-9ad2-9ee52bd563b9", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--c26170c7-8c77-46a2-9180-23fbf21875e3", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.229631Z", + "modified": "2024-11-14T00:20:36.229631Z", + "name": "CVE-2024-38383", + "description": "Uncontrolled search path for some Intel(R) Quartus(R) Prime Pro Edition software for Windows before version 24.2 may allow an authenticated user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-38383" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--c4bce789-c93f-4afb-9855-9e720588ab8d.json b/objects/vulnerability/vulnerability--c4bce789-c93f-4afb-9855-9e720588ab8d.json new file mode 100644 index 00000000000..ef27d60d0a4 --- /dev/null +++ b/objects/vulnerability/vulnerability--c4bce789-c93f-4afb-9855-9e720588ab8d.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--9243ac91-d26d-4222-8129-34c3dd96505e", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--c4bce789-c93f-4afb-9855-9e720588ab8d", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.340928Z", + "modified": "2024-11-14T00:20:36.340928Z", + "name": "CVE-2024-40410", + "description": "Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain a hardcoded cryptographic key used for encryption.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-40410" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--c912723c-d32a-4ce0-9a87-fd7301fd9d34.json b/objects/vulnerability/vulnerability--c912723c-d32a-4ce0-9a87-fd7301fd9d34.json new file mode 100644 index 00000000000..06d6861f58d --- /dev/null +++ b/objects/vulnerability/vulnerability--c912723c-d32a-4ce0-9a87-fd7301fd9d34.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b531d1b3-8d7d-4a50-8316-6340596e5bd7", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--c912723c-d32a-4ce0-9a87-fd7301fd9d34", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:45.963717Z", + "modified": "2024-11-14T00:20:45.963717Z", + "name": "CVE-2023-35686", + "description": "In PVRSRVRGXKickTA3DKM of rgxta3d.c, there is a possible arbitrary code execution due to improper input validation. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-35686" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--c931030c-b8a8-4b25-86e5-87cbdfd98394.json b/objects/vulnerability/vulnerability--c931030c-b8a8-4b25-86e5-87cbdfd98394.json new file mode 100644 index 00000000000..1f9a8a76bec --- /dev/null +++ b/objects/vulnerability/vulnerability--c931030c-b8a8-4b25-86e5-87cbdfd98394.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ab5a2ce7-99c1-4054-8827-026a10212957", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--c931030c-b8a8-4b25-86e5-87cbdfd98394", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.891854Z", + "modified": "2024-11-14T00:20:35.891854Z", + "name": "CVE-2024-34729", + "description": "In multiple locations, there is a possible arbitrary code execution due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-34729" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--c93ad58a-bdef-4a63-9a31-3916a1e5af0f.json b/objects/vulnerability/vulnerability--c93ad58a-bdef-4a63-9a31-3916a1e5af0f.json new file mode 100644 index 00000000000..62e136ac277 --- /dev/null +++ b/objects/vulnerability/vulnerability--c93ad58a-bdef-4a63-9a31-3916a1e5af0f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a83bcf27-11b8-4d74-ae00-82f41cef568c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--c93ad58a-bdef-4a63-9a31-3916a1e5af0f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.58972Z", + "modified": "2024-11-14T00:20:37.58972Z", + "name": "CVE-2024-29077", + "description": "Improper access control in some JAM STAPL Player software before version 2.6.1 may allow an authenticated user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-29077" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--c9618552-6d3f-465b-a2db-ae6353be5565.json b/objects/vulnerability/vulnerability--c9618552-6d3f-465b-a2db-ae6353be5565.json new file mode 100644 index 00000000000..58b7aa0a39f --- /dev/null +++ b/objects/vulnerability/vulnerability--c9618552-6d3f-465b-a2db-ae6353be5565.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--291a54b5-9126-4cb4-bb1d-bcad8db1d1b2", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--c9618552-6d3f-465b-a2db-ae6353be5565", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.689114Z", + "modified": "2024-11-14T00:20:37.689114Z", + "name": "CVE-2024-43091", + "description": "In filterMask of SkEmbossMaskFilter.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-43091" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--c9d57966-2b0d-4932-96c9-b7f2841bd0ce.json b/objects/vulnerability/vulnerability--c9d57966-2b0d-4932-96c9-b7f2841bd0ce.json new file mode 100644 index 00000000000..21b40e66cfa --- /dev/null +++ b/objects/vulnerability/vulnerability--c9d57966-2b0d-4932-96c9-b7f2841bd0ce.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--7bb43987-68f7-4d5f-bd62-0a316a4ba2f8", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--c9d57966-2b0d-4932-96c9-b7f2841bd0ce", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.493178Z", + "modified": "2024-11-14T00:20:36.493178Z", + "name": "CVE-2024-21541", + "description": "All versions of the package dom-iterator are vulnerable to Arbitrary Code Execution due to use of the Function constructor without complete input sanitization. Function generates a new function body and thus care must be given to ensure that the inputs to Function are not attacker-controlled. The risks involved are similar to that of allowing attacker-controlled input to reach eval.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-21541" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--c9ee17b4-9a6b-4fca-908a-09563427332d.json b/objects/vulnerability/vulnerability--c9ee17b4-9a6b-4fca-908a-09563427332d.json new file mode 100644 index 00000000000..4c184898e87 --- /dev/null +++ b/objects/vulnerability/vulnerability--c9ee17b4-9a6b-4fca-908a-09563427332d.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ff65bef2-6c1a-47ce-a6e4-d5def66c9395", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--c9ee17b4-9a6b-4fca-908a-09563427332d", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.405509Z", + "modified": "2024-11-14T00:20:35.405509Z", + "name": "CVE-2024-10820", + "description": "The WooCommerce Upload Files plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the upload_files() function in all versions up to, and including, 84.3. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-10820" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--ca4d612c-16a3-4668-bd97-8430787cde87.json b/objects/vulnerability/vulnerability--ca4d612c-16a3-4668-bd97-8430787cde87.json new file mode 100644 index 00000000000..3e50a1c58a3 --- /dev/null +++ b/objects/vulnerability/vulnerability--ca4d612c-16a3-4668-bd97-8430787cde87.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--6ec25429-0fd3-4e42-bdc4-7db27ef70e13", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--ca4d612c-16a3-4668-bd97-8430787cde87", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.480086Z", + "modified": "2024-11-14T00:20:35.480086Z", + "name": "CVE-2024-9476", + "description": "A vulnerability in Grafana Labs Grafana OSS and Enterprise allows Privilege Escalation allows users to gain access to resources from other organizations within the same Grafana instance via the Grafana Cloud Migration Assistant.This vulnerability will only affect users who utilize the Organizations feature to isolate resources on their Grafana instance.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-9476" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d03230b1-b26e-4d27-bef3-e37b7765209a.json b/objects/vulnerability/vulnerability--d03230b1-b26e-4d27-bef3-e37b7765209a.json new file mode 100644 index 00000000000..560afe58e41 --- /dev/null +++ b/objects/vulnerability/vulnerability--d03230b1-b26e-4d27-bef3-e37b7765209a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f43d68b1-01eb-4890-b826-7158605b6c55", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d03230b1-b26e-4d27-bef3-e37b7765209a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.67049Z", + "modified": "2024-11-14T00:20:35.67049Z", + "name": "CVE-2024-50853", + "description": "Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injection vulnerability via the formSetDebugCfg function.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-50853" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d0e4a486-1934-4a2a-8591-b8df8696e7b7.json b/objects/vulnerability/vulnerability--d0e4a486-1934-4a2a-8591-b8df8696e7b7.json new file mode 100644 index 00000000000..ca82f03224a --- /dev/null +++ b/objects/vulnerability/vulnerability--d0e4a486-1934-4a2a-8591-b8df8696e7b7.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--79774479-4c43-4dab-81b9-393c1c3c7361", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d0e4a486-1934-4a2a-8591-b8df8696e7b7", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.861786Z", + "modified": "2024-11-14T00:20:35.861786Z", + "name": "CVE-2024-11165", + "description": "An information disclosure vulnerability exists in the backup configuration process where the SAS token is not masked in the configuration response. This oversight results in sensitive information leakage within the yb_backup log files, exposing the SAS token in plaintext. The leakage occurs during the backup procedure, leading to potential unauthorized access to resources associated with the SAS token. This issue affects YugabyteDB Anywhere: from 2.20.0.0 before 2.20.7.0, from 2.23.0.0 before 2.23.1.0, from 2024.1.0.0 before 2024.1.3.0.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11165" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d35532fa-11e9-4a6d-905f-df69c5ec1ba2.json b/objects/vulnerability/vulnerability--d35532fa-11e9-4a6d-905f-df69c5ec1ba2.json new file mode 100644 index 00000000000..afea44f258e --- /dev/null +++ b/objects/vulnerability/vulnerability--d35532fa-11e9-4a6d-905f-df69c5ec1ba2.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c77c80a6-9b14-4752-9255-75b98adc85e1", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d35532fa-11e9-4a6d-905f-df69c5ec1ba2", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.132924Z", + "modified": "2024-11-14T00:20:35.132924Z", + "name": "CVE-2024-48510", + "description": "** UNSUPPORTED WHEN ASSIGNED ** Directory Traversal vulnerability in DotNetZip v.1.16.0 and before allows a remote attacker to execute arbitrary code via the src/Zip.Shared/ZipEntry.Extract.cs component NOTE: This vulnerability only affects products that are no longer supported by the maintainer.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-48510" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d4699128-3f49-4603-acf9-7ea330c4cc13.json b/objects/vulnerability/vulnerability--d4699128-3f49-4603-acf9-7ea330c4cc13.json new file mode 100644 index 00000000000..7d04027e69c --- /dev/null +++ b/objects/vulnerability/vulnerability--d4699128-3f49-4603-acf9-7ea330c4cc13.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--074e0a3e-ebf6-4450-af95-fd7139728bbf", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d4699128-3f49-4603-acf9-7ea330c4cc13", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.419035Z", + "modified": "2024-11-14T00:20:35.419035Z", + "name": "CVE-2024-10854", + "description": "The Buy one click WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the buy_one_click_import_options AJAX action in all versions up to, and including, 2.2.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to import plugin settings.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-10854" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d4b5b7bf-b3cb-44c5-a280-a2285efdf322.json b/objects/vulnerability/vulnerability--d4b5b7bf-b3cb-44c5-a280-a2285efdf322.json new file mode 100644 index 00000000000..b407525015e --- /dev/null +++ b/objects/vulnerability/vulnerability--d4b5b7bf-b3cb-44c5-a280-a2285efdf322.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--e509a6d8-2e55-4b21-9093-9f7f32f8ba41", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d4b5b7bf-b3cb-44c5-a280-a2285efdf322", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.032572Z", + "modified": "2024-11-14T00:20:35.032572Z", + "name": "CVE-2024-24984", + "description": "Improper input validation for some Intel(R) Wireless Bluetooth(R) products for Windows before version 23.40 may allow an unauthenticated user to potentially enable denial of service via adjacent access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-24984" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d60fadec-5e09-4eee-82e3-8d477bd9af54.json b/objects/vulnerability/vulnerability--d60fadec-5e09-4eee-82e3-8d477bd9af54.json new file mode 100644 index 00000000000..6401b05909f --- /dev/null +++ b/objects/vulnerability/vulnerability--d60fadec-5e09-4eee-82e3-8d477bd9af54.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--83a9d680-5a31-4c81-b7e4-ed3c89057acc", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d60fadec-5e09-4eee-82e3-8d477bd9af54", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.87483Z", + "modified": "2024-11-14T00:20:35.87483Z", + "name": "CVE-2024-11175", + "description": "A vulnerability was found in Public CMS 5.202406.d and classified as problematic. This issue affects some unknown processing of the file /admin/cmsVote/save of the component Voting Management. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The patch is named b9530b9cc1f5cfdad4b637874f59029a6283a65c. It is recommended to apply a patch to fix this issue.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11175" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d61296ba-5e0d-40ba-b83d-4866a30f3c8c.json b/objects/vulnerability/vulnerability--d61296ba-5e0d-40ba-b83d-4866a30f3c8c.json new file mode 100644 index 00000000000..f6d82f4d810 --- /dev/null +++ b/objects/vulnerability/vulnerability--d61296ba-5e0d-40ba-b83d-4866a30f3c8c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--964c2e89-cdf5-4dda-9360-008795218aab", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d61296ba-5e0d-40ba-b83d-4866a30f3c8c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.226361Z", + "modified": "2024-11-14T00:20:37.226361Z", + "name": "CVE-2024-32841", + "description": "SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-32841" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d8031121-e117-4deb-990f-1bfc20913f0d.json b/objects/vulnerability/vulnerability--d8031121-e117-4deb-990f-1bfc20913f0d.json new file mode 100644 index 00000000000..1ae0bacbe25 --- /dev/null +++ b/objects/vulnerability/vulnerability--d8031121-e117-4deb-990f-1bfc20913f0d.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--502609eb-4ccc-4317-a7ff-93d0b50e6fa2", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d8031121-e117-4deb-990f-1bfc20913f0d", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.251069Z", + "modified": "2024-11-14T00:20:35.251069Z", + "name": "CVE-2024-52293", + "description": "Craft is a content management system (CMS). Prior to 4.12.2 and 5.4.3, Craft is missing normalizePath in the function FileHelper::absolutePath could lead to Remote Code Execution on the server via twig SSTI. This is a sequel to CVE-2023-40035. This vulnerability is fixed in 4.12.2 and 5.4.3.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-52293" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d857c5b5-c304-4bd2-85b9-a4f95228683e.json b/objects/vulnerability/vulnerability--d857c5b5-c304-4bd2-85b9-a4f95228683e.json new file mode 100644 index 00000000000..bf02b5ad94f --- /dev/null +++ b/objects/vulnerability/vulnerability--d857c5b5-c304-4bd2-85b9-a4f95228683e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a27fc69f-3bd6-483b-b290-0a5673865666", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d857c5b5-c304-4bd2-85b9-a4f95228683e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.372135Z", + "modified": "2024-11-14T00:20:37.372135Z", + "name": "CVE-2024-28950", + "description": "Uncontrolled search path for some Intel(R) oneAPI Math Kernel Library software for Windows before version 2024.2 may allow an authenticated user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-28950" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--da86fde0-1a69-4678-a88f-16952b139889.json b/objects/vulnerability/vulnerability--da86fde0-1a69-4678-a88f-16952b139889.json new file mode 100644 index 00000000000..2b9b8d40fd6 --- /dev/null +++ b/objects/vulnerability/vulnerability--da86fde0-1a69-4678-a88f-16952b139889.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--1d0f1adc-2305-44a0-a944-6863336a530a", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--da86fde0-1a69-4678-a88f-16952b139889", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.559322Z", + "modified": "2024-11-14T00:20:37.559322Z", + "name": "CVE-2024-29085", + "description": "Improper access control for some BigDL software maintained by Intel(R) before version 2.5.0 may allow an authenticated user to potentially enable escalation of privilege via adjacent access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-29085" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e037f54d-2f02-47dd-9565-4ce304c244a5.json b/objects/vulnerability/vulnerability--e037f54d-2f02-47dd-9565-4ce304c244a5.json new file mode 100644 index 00000000000..ffb1922e8a5 --- /dev/null +++ b/objects/vulnerability/vulnerability--e037f54d-2f02-47dd-9565-4ce304c244a5.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--4ddbf088-3033-480e-a33d-1b6658f6e3a3", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e037f54d-2f02-47dd-9565-4ce304c244a5", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.737132Z", + "modified": "2024-11-14T00:20:36.737132Z", + "name": "CVE-2024-35201", + "description": "Incorrect default permissions in the Intel(R) SDP Tool for Windows software all versions may allow an authenticated user to enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-35201" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e046245c-36ab-46c3-abfd-3de2484c0575.json b/objects/vulnerability/vulnerability--e046245c-36ab-46c3-abfd-3de2484c0575.json new file mode 100644 index 00000000000..b5ce1d6f7ec --- /dev/null +++ b/objects/vulnerability/vulnerability--e046245c-36ab-46c3-abfd-3de2484c0575.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f01504a4-9ea5-4790-be25-36a76ecc7792", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e046245c-36ab-46c3-abfd-3de2484c0575", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.658129Z", + "modified": "2024-11-14T00:20:35.658129Z", + "name": "CVE-2024-50854", + "description": "Tenda G3 v3.0 v15.11.0.20 was discovered to contain a stack overflow via the formSetPortMapping function.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-50854" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e0cd5aac-19fd-4dd8-821f-2ab513f3b6c2.json b/objects/vulnerability/vulnerability--e0cd5aac-19fd-4dd8-821f-2ab513f3b6c2.json new file mode 100644 index 00000000000..7a80734ba27 --- /dev/null +++ b/objects/vulnerability/vulnerability--e0cd5aac-19fd-4dd8-821f-2ab513f3b6c2.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--9ccc6ace-7804-4524-a009-42c657043f6b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e0cd5aac-19fd-4dd8-821f-2ab513f3b6c2", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.609947Z", + "modified": "2024-11-14T00:20:35.609947Z", + "name": "CVE-2024-47574", + "description": "A authentication bypass using an alternate path or channel in Fortinet FortiClientWindows version 7.4.0, versions 7.2.4 through 7.2.0, versions 7.0.12 through 7.0.0, and 6.4.10 through 6.4.0 allows low privilege attacker to execute arbitrary code with high privilege via spoofed named pipe messages.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-47574" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e760c717-2923-44f0-aa8f-edb14402bb36.json b/objects/vulnerability/vulnerability--e760c717-2923-44f0-aa8f-edb14402bb36.json new file mode 100644 index 00000000000..70f62b33002 --- /dev/null +++ b/objects/vulnerability/vulnerability--e760c717-2923-44f0-aa8f-edb14402bb36.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ca5320f7-1414-4071-bfb1-03d9c2190b40", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e760c717-2923-44f0-aa8f-edb14402bb36", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.039529Z", + "modified": "2024-11-14T00:20:37.039529Z", + "name": "CVE-2024-36488", + "description": "Improper Access Control in some Intel(R) DSA before version 24.3.26.8 may allow an authenticated user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-36488" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e8125adf-8b9d-43c4-a383-f5406d680480.json b/objects/vulnerability/vulnerability--e8125adf-8b9d-43c4-a383-f5406d680480.json new file mode 100644 index 00000000000..8af7ade09d5 --- /dev/null +++ b/objects/vulnerability/vulnerability--e8125adf-8b9d-43c4-a383-f5406d680480.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--13899314-90fb-4de8-b4b9-bc7304dbedd9", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e8125adf-8b9d-43c4-a383-f5406d680480", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.272801Z", + "modified": "2024-11-14T00:20:35.272801Z", + "name": "CVE-2024-52552", + "description": "Jenkins Authorize Project Plugin 1.7.2 and earlier evaluates a string containing the job name with JavaScript on the Authorization view, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-52552" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e86320ef-4c2f-4202-abda-4656d0234c12.json b/objects/vulnerability/vulnerability--e86320ef-4c2f-4202-abda-4656d0234c12.json new file mode 100644 index 00000000000..5b9dd6d2618 --- /dev/null +++ b/objects/vulnerability/vulnerability--e86320ef-4c2f-4202-abda-4656d0234c12.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--8856e4ff-aed1-485d-b6a7-d450a793fd54", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e86320ef-4c2f-4202-abda-4656d0234c12", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.402631Z", + "modified": "2024-11-14T00:20:35.402631Z", + "name": "CVE-2024-10882", + "description": "The Product Delivery Date for WooCommerce – Lite plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.8.0. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-10882" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--ea43ce48-6f3d-4fc9-ad6b-737567b720e2.json b/objects/vulnerability/vulnerability--ea43ce48-6f3d-4fc9-ad6b-737567b720e2.json new file mode 100644 index 00000000000..51b6acceef3 --- /dev/null +++ b/objects/vulnerability/vulnerability--ea43ce48-6f3d-4fc9-ad6b-737567b720e2.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--68190381-bc62-4301-88bd-d2e8cebd54a2", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--ea43ce48-6f3d-4fc9-ad6b-737567b720e2", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.221946Z", + "modified": "2024-11-14T00:20:37.221946Z", + "name": "CVE-2024-32048", + "description": "Improper input validation in the Intel(R) Distribution of OpenVINO(TM) Model Server software before version 2024.0 may allow an unauthenticated user to potentially enable denial of service via adjacent access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-32048" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--ea50c934-34f6-4290-8869-3d1b7e540c59.json b/objects/vulnerability/vulnerability--ea50c934-34f6-4290-8869-3d1b7e540c59.json new file mode 100644 index 00000000000..a996888ec2a --- /dev/null +++ b/objects/vulnerability/vulnerability--ea50c934-34f6-4290-8869-3d1b7e540c59.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--19daeb9f-64e9-4c23-b317-85eec4f956b1", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--ea50c934-34f6-4290-8869-3d1b7e540c59", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.54195Z", + "modified": "2024-11-14T00:20:35.54195Z", + "name": "CVE-2024-39710", + "description": "Argument injection in Ivanti Connect Secure before version 22.7R2 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-39710" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--ea56c892-913d-417b-bb26-560ad4be5393.json b/objects/vulnerability/vulnerability--ea56c892-913d-417b-bb26-560ad4be5393.json new file mode 100644 index 00000000000..6a26f7dcd0d --- /dev/null +++ b/objects/vulnerability/vulnerability--ea56c892-913d-417b-bb26-560ad4be5393.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--6f1fd225-7d21-4c93-ac15-f2964f6b5ea0", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--ea56c892-913d-417b-bb26-560ad4be5393", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.536343Z", + "modified": "2024-11-14T00:20:35.536343Z", + "name": "CVE-2024-39285", + "description": "Improper access control in UEFI firmware in some Intel(R) Server M20NTP Family may allow a privileged user to potentially enable information disclosure via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-39285" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--eb10fe1c-84c6-4ace-bf13-fd63980a2d1b.json b/objects/vulnerability/vulnerability--eb10fe1c-84c6-4ace-bf13-fd63980a2d1b.json new file mode 100644 index 00000000000..f335d38f41d --- /dev/null +++ b/objects/vulnerability/vulnerability--eb10fe1c-84c6-4ace-bf13-fd63980a2d1b.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--dae38dbf-474d-4526-8584-034705107627", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--eb10fe1c-84c6-4ace-bf13-fd63980a2d1b", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.149712Z", + "modified": "2024-11-14T00:20:36.149712Z", + "name": "CVE-2024-8049", + "description": "In Progress Telerik Document Processing Libraries, versions prior to 2024 Q4 (2024.4.1106), importing a document with unsupported features can lead to excessive processing, leading to excessive use of computing resources leaving the application process unavailable.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-8049" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--edfeca22-7f59-4ff6-ad73-eb398ae80d49.json b/objects/vulnerability/vulnerability--edfeca22-7f59-4ff6-ad73-eb398ae80d49.json new file mode 100644 index 00000000000..6e9180fedcb --- /dev/null +++ b/objects/vulnerability/vulnerability--edfeca22-7f59-4ff6-ad73-eb398ae80d49.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--3a5b1c71-83cf-4eff-b6a1-78be4a6ab61c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--edfeca22-7f59-4ff6-ad73-eb398ae80d49", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.514878Z", + "modified": "2024-11-14T00:20:35.514878Z", + "name": "CVE-2024-39609", + "description": "Improper Access Control in UEFI firmware for some Intel(R) Server Board M70KLP may allow a privileged user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-39609" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f1abb537-f9af-40a4-a020-6e236fe7ea23.json b/objects/vulnerability/vulnerability--f1abb537-f9af-40a4-a020-6e236fe7ea23.json new file mode 100644 index 00000000000..f850e90b897 --- /dev/null +++ b/objects/vulnerability/vulnerability--f1abb537-f9af-40a4-a020-6e236fe7ea23.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--0d25f1ca-e7cc-46fd-8484-3659327ffde6", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f1abb537-f9af-40a4-a020-6e236fe7ea23", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.24508Z", + "modified": "2024-11-14T00:20:35.24508Z", + "name": "CVE-2024-52299", + "description": "macro-pdfviewer is a PDF Viewer Macro for XWiki using Mozilla pdf.js. Any user with view right on XWiki.PDFViewerService can access any attachment stored in the wiki as the \"key\" that is passed to prevent this is computed incorrectly, calling skip on the digest stream doesn't update the digest. This is fixed in 2.5.6.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-52299" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f224c003-bc40-47a7-bf62-a0005d30cff9.json b/objects/vulnerability/vulnerability--f224c003-bc40-47a7-bf62-a0005d30cff9.json new file mode 100644 index 00000000000..4ea8ff24ba0 --- /dev/null +++ b/objects/vulnerability/vulnerability--f224c003-bc40-47a7-bf62-a0005d30cff9.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b17a0afd-e8f6-403a-a178-1b768bb7ed3e", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f224c003-bc40-47a7-bf62-a0005d30cff9", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.363504Z", + "modified": "2024-11-14T00:20:37.363504Z", + "name": "CVE-2024-28049", + "description": "Improper input validation in firmware for some Intel(R) PROSet/Wireless Software and Intel(R) Killer(TM) Wi-Fi wireless products before version 23.40 may allow an unauthenticated user to enable denial of service via adjacent access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-28049" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f249694a-7227-4303-a602-aeeaf74038b8.json b/objects/vulnerability/vulnerability--f249694a-7227-4303-a602-aeeaf74038b8.json new file mode 100644 index 00000000000..9b5c5b8134f --- /dev/null +++ b/objects/vulnerability/vulnerability--f249694a-7227-4303-a602-aeeaf74038b8.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--0316fa94-f79c-4e74-9f4d-bd8248e2dd1e", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f249694a-7227-4303-a602-aeeaf74038b8", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.379641Z", + "modified": "2024-11-14T00:20:35.379641Z", + "name": "CVE-2024-10629", + "description": "The GPX Viewer plugin for WordPress is vulnerable to arbitrary file creation due to a missing capability check and file type validation in the gpxv_file_upload() function in all versions up to, and including, 2.2.8. This makes it possible for authenticated attackers, with subscriber-level access and above, to create arbitrary files on the affected site's server which may make remote code execution possible.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-10629" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f284abca-090d-47bd-840e-91b38182ec8c.json b/objects/vulnerability/vulnerability--f284abca-090d-47bd-840e-91b38182ec8c.json new file mode 100644 index 00000000000..b5dfe58eec7 --- /dev/null +++ b/objects/vulnerability/vulnerability--f284abca-090d-47bd-840e-91b38182ec8c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c8ec61ac-f367-4146-93d4-ec6489aacc3a", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f284abca-090d-47bd-840e-91b38182ec8c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.197426Z", + "modified": "2024-11-14T00:20:37.197426Z", + "name": "CVE-2024-32483", + "description": "Improper access control for some Intel(R) EMA software before version 1.13.1.0 may allow an authenticated user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-32483" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f4005c6c-2cdd-4bf7-8c0e-48ca42dc1ea6.json b/objects/vulnerability/vulnerability--f4005c6c-2cdd-4bf7-8c0e-48ca42dc1ea6.json new file mode 100644 index 00000000000..61a4e2f5a35 --- /dev/null +++ b/objects/vulnerability/vulnerability--f4005c6c-2cdd-4bf7-8c0e-48ca42dc1ea6.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--9c3ce2a1-7e52-4218-9e4e-72d9fc6f77a6", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f4005c6c-2cdd-4bf7-8c0e-48ca42dc1ea6", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.530369Z", + "modified": "2024-11-14T00:20:35.530369Z", + "name": "CVE-2024-39368", + "description": "Improper neutralization of special elements used in an SQL command ('SQL Injection') in some Intel(R) Neural Compressor software before version v3.0 may allow an authenticated user to potentially enable escalation of privilege via adjacent access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-39368" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f4eb0488-1c92-45ff-8ff8-0734245295d3.json b/objects/vulnerability/vulnerability--f4eb0488-1c92-45ff-8ff8-0734245295d3.json new file mode 100644 index 00000000000..16949da7949 --- /dev/null +++ b/objects/vulnerability/vulnerability--f4eb0488-1c92-45ff-8ff8-0734245295d3.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--7e5ecdc2-6f2e-416f-8c7a-8594f91e4368", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f4eb0488-1c92-45ff-8ff8-0734245295d3", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.791855Z", + "modified": "2024-11-14T00:20:36.791855Z", + "name": "CVE-2024-49505", + "description": "A Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in openSUSE Tumbleweed MirrorCache allows the execution of arbitrary JS via reflected XSS in the  REGEX and P parameters.\nThis issue affects MirrorCache before 1.083.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-49505" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f6e996ab-c00b-4aa9-8603-8194ca736be3.json b/objects/vulnerability/vulnerability--f6e996ab-c00b-4aa9-8603-8194ca736be3.json new file mode 100644 index 00000000000..3154c890bf2 --- /dev/null +++ b/objects/vulnerability/vulnerability--f6e996ab-c00b-4aa9-8603-8194ca736be3.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b0fe293c-b57a-42a8-bb5a-926f8cf64154", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f6e996ab-c00b-4aa9-8603-8194ca736be3", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:37.705994Z", + "modified": "2024-11-14T00:20:37.705994Z", + "name": "CVE-2024-43090", + "description": "In multiple locations, there is a possible cross-user image read due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-43090" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f74ac2d5-969b-4046-9d56-c30f79dbc198.json b/objects/vulnerability/vulnerability--f74ac2d5-969b-4046-9d56-c30f79dbc198.json new file mode 100644 index 00000000000..9c5b9e1fa76 --- /dev/null +++ b/objects/vulnerability/vulnerability--f74ac2d5-969b-4046-9d56-c30f79dbc198.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--1f4dad7b-74d3-453f-a653-460ace3f5dce", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f74ac2d5-969b-4046-9d56-c30f79dbc198", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.241441Z", + "modified": "2024-11-14T00:20:35.241441Z", + "name": "CVE-2024-52298", + "description": "macro-pdfviewer is a PDF Viewer Macro for XWiki using Mozilla pdf.js. The PDF Viewer macro allows an attacker to view any attachment using the \"Delegate my view right\" feature as long as the attacker can view a page whose last author has access to the attachment. For this, the attacker only needs to provide the reference to a PDF file to the macro. To obtain the reference of the desired attachment, the attacker can access the Page Index, Attachments tab. Even if the UI shows N/A, the user can inspect the page and check the HTTP request that fetches the live data entries. The attachment URL is available in the returned JSON for all attachments, including protected ones and allows getting the necessary values. This vulnerability is fixed in version 2.5.6.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-52298" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f7620e0b-0710-4782-845d-8bfc08e46c67.json b/objects/vulnerability/vulnerability--f7620e0b-0710-4782-845d-8bfc08e46c67.json new file mode 100644 index 00000000000..85ff0dc5a3d --- /dev/null +++ b/objects/vulnerability/vulnerability--f7620e0b-0710-4782-845d-8bfc08e46c67.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a302a0bf-6028-4c61-a2be-e5fcec91cd2a", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f7620e0b-0710-4782-845d-8bfc08e46c67", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.632656Z", + "modified": "2024-11-14T00:20:35.632656Z", + "name": "CVE-2024-50852", + "description": "Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injection vulnerability via the formSetUSBPartitionUmount function.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-50852" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f9ae6c89-0b48-41bb-b9a8-d926570759bd.json b/objects/vulnerability/vulnerability--f9ae6c89-0b48-41bb-b9a8-d926570759bd.json new file mode 100644 index 00000000000..8d912421747 --- /dev/null +++ b/objects/vulnerability/vulnerability--f9ae6c89-0b48-41bb-b9a8-d926570759bd.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d6406941-8443-4120-acdc-53ad8fb33fde", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f9ae6c89-0b48-41bb-b9a8-d926570759bd", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.668966Z", + "modified": "2024-11-14T00:20:35.668966Z", + "name": "CVE-2024-50955", + "description": "An issue in how XINJE XD5E-24R and XL5E-16T v3.5.3b handles TCP protocol messages allows attackers to cause a Denial of Service (DoS) via a crafted TCP message.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-50955" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--fa508b99-15c1-47d6-85af-226c94489c83.json b/objects/vulnerability/vulnerability--fa508b99-15c1-47d6-85af-226c94489c83.json new file mode 100644 index 00000000000..d30390e177f --- /dev/null +++ b/objects/vulnerability/vulnerability--fa508b99-15c1-47d6-85af-226c94489c83.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--bd98018b-3072-4e54-befc-b5c9775892fe", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--fa508b99-15c1-47d6-85af-226c94489c83", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.206781Z", + "modified": "2024-11-14T00:20:35.206781Z", + "name": "CVE-2024-52300", + "description": "macro-pdfviewer is a PDF Viewer Macro for XWiki using Mozilla pdf.js. The width parameter of the PDF viewer macro isn't properly escaped, allowing XSS for any user who can edit a page. XSS can impact the confidentiality, integrity and availability of the whole XWiki installation when an admin visits the page with the malicious code. This is fixed in 2.5.6.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-52300" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--fab2a02a-d93b-4a2d-be6c-083040afa435.json b/objects/vulnerability/vulnerability--fab2a02a-d93b-4a2d-be6c-083040afa435.json new file mode 100644 index 00000000000..9c21f760f44 --- /dev/null +++ b/objects/vulnerability/vulnerability--fab2a02a-d93b-4a2d-be6c-083040afa435.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--486a4256-e5cf-49fe-b55f-c806c7922a8d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--fab2a02a-d93b-4a2d-be6c-083040afa435", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.665609Z", + "modified": "2024-11-14T00:20:35.665609Z", + "name": "CVE-2024-50969", + "description": "A Reflected cross-site scripting (XSS) vulnerability in browse.php of Code-projects Jonnys Liquor 1.0 allows remote attackers to inject arbitrary web scripts or HTML via the search parameter.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-50969" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--fae57b3d-5df3-483a-858d-ea21b7279554.json b/objects/vulnerability/vulnerability--fae57b3d-5df3-483a-858d-ea21b7279554.json new file mode 100644 index 00000000000..129e199a5d5 --- /dev/null +++ b/objects/vulnerability/vulnerability--fae57b3d-5df3-483a-858d-ea21b7279554.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--696aa988-2a5a-48f8-afde-c818fa3ce262", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--fae57b3d-5df3-483a-858d-ea21b7279554", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.058211Z", + "modified": "2024-11-14T00:20:35.058211Z", + "name": "CVE-2024-51996", + "description": "Symphony process is a module for the Symphony PHP framework which executes commands in sub-processes. When consuming a persisted remember-me cookie, Symfony does not check if the username persisted in the database matches the username attached with the cookie, leading to authentication bypass. This vulnerability is fixed in 5.4.47, 6.4.15, and 7.1.8.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-51996" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--fbb25155-a9c4-4a41-9b32-a7901d7976dc.json b/objects/vulnerability/vulnerability--fbb25155-a9c4-4a41-9b32-a7901d7976dc.json new file mode 100644 index 00000000000..202053e1ece --- /dev/null +++ b/objects/vulnerability/vulnerability--fbb25155-a9c4-4a41-9b32-a7901d7976dc.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--37e02238-e026-4927-9bf8-35f4224fde0e", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--fbb25155-a9c4-4a41-9b32-a7901d7976dc", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:36.522648Z", + "modified": "2024-11-14T00:20:36.522648Z", + "name": "CVE-2024-21850", + "description": "Sensitive information in resource not removed before reuse in some Intel(R) TDX Seamldr module software before version 1.5.02.00 may allow a privileged user to potentially enable escalation of privilege via local access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-21850" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--fe3e3a75-b803-445f-af0b-ca215d092c15.json b/objects/vulnerability/vulnerability--fe3e3a75-b803-445f-af0b-ca215d092c15.json new file mode 100644 index 00000000000..d18e0c75a2b --- /dev/null +++ b/objects/vulnerability/vulnerability--fe3e3a75-b803-445f-af0b-ca215d092c15.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--afd2cf2d-a3cf-4f3c-be62-c35c82b20292", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--fe3e3a75-b803-445f-af0b-ca215d092c15", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-14T00:20:35.26334Z", + "modified": "2024-11-14T00:20:35.26334Z", + "name": "CVE-2024-52554", + "description": "Jenkins Shared Library Version Override Plugin 17.v786074c9fce7 and earlier declares folder-scoped library overrides as trusted, so that they're not executed in the Script Security sandbox, allowing attackers with Item/Configure permission on a folder to configure a folder-scoped library override that runs without sandbox protection.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-52554" + } + ] + } + ] +} \ No newline at end of file