generated content from 2024-11-25

mapping.csv

@@ -257716,3 +257716,19 @@ vulnerability,CVE-2024-11632,vulnerability--b6488871-884d-45bf-85ad-6bc82c244449
 vulnerability,CVE-2024-41761,vulnerability--622b7f15-930f-48ab-939a-c8c2c9c429ee
 vulnerability,CVE-2024-35160,vulnerability--647b2dbf-0720-497d-bfab-097ae6abaffc
 vulnerability,CVE-2023-7299,vulnerability--24bd3d51-5c62-450d-84ed-ce298c1f2e84
+vulnerability,CVE-2024-11646,vulnerability--4791e489-a2dc-4aba-b548-dbdce46e3df3
+vulnerability,CVE-2024-11666,vulnerability--9f50918e-9c58-4c26-a809-66a705e1fb63
+vulnerability,CVE-2024-11233,vulnerability--8c07b78b-ae3e-421f-9949-ba1bb5c145f5
+vulnerability,CVE-2024-11665,vulnerability--0091e9bc-ca6f-4664-ac61-42b8736c4117
+vulnerability,CVE-2024-11234,vulnerability--e8e3c7cf-6c17-4d80-9c99-abc652e98ea9
+vulnerability,CVE-2024-11236,vulnerability--7f5734aa-26c0-4479-98d9-3ce11a11a161
+vulnerability,CVE-2024-53901,vulnerability--27d5b14a-2ad9-4acc-bf4c-b15122607a5c
+vulnerability,CVE-2024-53910,vulnerability--d07c7adf-d61f-4fa4-a977-8a5128f8edcf
+vulnerability,CVE-2024-53912,vulnerability--7a03f6c5-fa8a-4a24-9549-e751b968795b
+vulnerability,CVE-2024-53909,vulnerability--7a526400-1ad7-4391-9e62-99e2bf697b64
+vulnerability,CVE-2024-53916,vulnerability--55aae21f-b270-4826-9886-b6e9f95ac9c9
+vulnerability,CVE-2024-53913,vulnerability--a71edf13-88bb-4969-92fc-8a65b9113d21
+vulnerability,CVE-2024-53914,vulnerability--194a23bd-a96a-4dbe-a529-f86eb59f0e65
+vulnerability,CVE-2024-53911,vulnerability--a6388eeb-cafa-4457-bcdd-6048d12691fe
+vulnerability,CVE-2024-53915,vulnerability--6c5ea399-bbe7-46d7-839c-49da552c067d
+vulnerability,CVE-2024-53899,vulnerability--80ffad9c-8c85-40ee-a525-acfc49eceacd

objects/vulnerability/vulnerability--0091e9bc-ca6f-4664-ac61-42b8736c4117.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--e894988b-74eb-4e03-989c-355d77e037f3",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--0091e9bc-ca6f-4664-ac61-42b8736c4117",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-11-25T00:22:41.195839Z",
+            "modified": "2024-11-25T00:22:41.195839Z",
+            "name": "CVE-2024-11665",
+            "description": "Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in hardy-barth cph2_echarge_firmware allows OS Command Injection.This issue affects cph2_echarge_firmware: through 2.0.4.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-11665"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--194a23bd-a96a-4dbe-a529-f86eb59f0e65.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--21ef07c0-3dc6-4945-a635-eab705baa56c",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--194a23bd-a96a-4dbe-a529-f86eb59f0e65",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-11-25T00:22:41.478749Z",
+            "modified": "2024-11-25T00:22:41.478749Z",
+            "name": "CVE-2024-53914",
+            "description": "An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24344. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-53914"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--27d5b14a-2ad9-4acc-bf4c-b15122607a5c.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--5a46ecd1-bc86-4a72-a879-3d3f184aad90",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--27d5b14a-2ad9-4acc-bf4c-b15122607a5c",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-11-25T00:22:41.449448Z",
+            "modified": "2024-11-25T00:22:41.449448Z",
+            "name": "CVE-2024-53901",
+            "description": "The Imager package before 1.025 for Perl has a heap-based buffer overflow leading to denial of service, or possibly unspecified other impact, when the trim() method is called on a crafted input image.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-53901"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--4791e489-a2dc-4aba-b548-dbdce46e3df3.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--9ebc4e6a-4aed-4267-8ccc-24f2f1205547",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--4791e489-a2dc-4aba-b548-dbdce46e3df3",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-11-25T00:22:41.171674Z",
+            "modified": "2024-11-25T00:22:41.171674Z",
+            "name": "CVE-2024-11646",
+            "description": "A vulnerability classified as critical was found in 1000 Projects Beauty Parlour Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/edit-services.php. The manipulation of the argument sername leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-11646"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--55aae21f-b270-4826-9886-b6e9f95ac9c9.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--90bbeff6-0360-41d1-91ab-55d4e67d7f5d",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--55aae21f-b270-4826-9886-b6e9f95ac9c9",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-11-25T00:22:41.468167Z",
+            "modified": "2024-11-25T00:22:41.468167Z",
+            "name": "CVE-2024-53916",
+            "description": "In OpenStack Neutron through 25.0.0, neutron/extensions/tagging.py can use an incorrect ID during policy enforcement. NOTE: 935883 has the \"Work in Progress\" status as of 2024-11-24.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-53916"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--6c5ea399-bbe7-46d7-839c-49da552c067d.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--b186f3df-b639-4530-aaa0-04e031e150a2",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--6c5ea399-bbe7-46d7-839c-49da552c067d",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-11-25T00:22:41.481645Z",
+            "modified": "2024-11-25T00:22:41.481645Z",
+            "name": "CVE-2024-53915",
+            "description": "An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24405. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-53915"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--7a03f6c5-fa8a-4a24-9549-e751b968795b.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--278998c5-cda9-4197-a33a-9199896dc0f9",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--7a03f6c5-fa8a-4a24-9549-e751b968795b",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-11-25T00:22:41.452371Z",
+            "modified": "2024-11-25T00:22:41.452371Z",
+            "name": "CVE-2024-53912",
+            "description": "An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24341. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-53912"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--7a526400-1ad7-4391-9e62-99e2bf697b64.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--b72acc45-636c-4a07-b198-1b44654a9bfd",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--7a526400-1ad7-4391-9e62-99e2bf697b64",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-11-25T00:22:41.461777Z",
+            "modified": "2024-11-25T00:22:41.461777Z",
+            "name": "CVE-2024-53909",
+            "description": "An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24334. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-53909"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--7f5734aa-26c0-4479-98d9-3ce11a11a161.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--08013391-db22-4bc4-94bb-2c2ac6f8660a",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--7f5734aa-26c0-4479-98d9-3ce11a11a161",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-11-25T00:22:41.205237Z",
+            "modified": "2024-11-25T00:22:41.205237Z",
+            "name": "CVE-2024-11236",
+            "description": "In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape() function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-11236"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--80ffad9c-8c85-40ee-a525-acfc49eceacd.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--c9184a80-3109-42b8-9ce6-068d2863ddd7",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--80ffad9c-8c85-40ee-a525-acfc49eceacd",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-11-25T00:22:41.482856Z",
+            "modified": "2024-11-25T00:22:41.482856Z",
+            "name": "CVE-2024-53899",
+            "description": "virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. Magic template strings are not quoted correctly when replacing. NOTE: this is not the same as CVE-2024-9287.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-53899"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--8c07b78b-ae3e-421f-9949-ba1bb5c145f5.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--86fda007-1c39-4112-a6a8-85719972c5bb",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--8c07b78b-ae3e-421f-9949-ba1bb5c145f5",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-11-25T00:22:41.186704Z",
+            "modified": "2024-11-25T00:22:41.186704Z",
+            "name": "CVE-2024-11233",
+            "description": "In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead to crashes or disclose content of other memory areas.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-11233"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--9f50918e-9c58-4c26-a809-66a705e1fb63.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--8eef6fb8-a84f-4bb9-880c-78e01ab79fdf",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--9f50918e-9c58-4c26-a809-66a705e1fb63",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-11-25T00:22:41.180886Z",
+            "modified": "2024-11-25T00:22:41.180886Z",
+            "name": "CVE-2024-11666",
+            "description": "Affected devices beacon to eCharge cloud infrastructure asking if there are any command they should run. This communication is established over an insecure channel since peer verification is disabled everywhere. Therefore, remote unauthenticated users  suitably positioned on the network between an EV charger controller and eCharge infrastructure can execute arbitrary commands with elevated privileges on affected devices.\n\nThis issue affects cph2_echarge_firmware: through 2.0.4.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-11666"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--a6388eeb-cafa-4457-bcdd-6048d12691fe.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--f3b3a9e1-135e-4984-8b51-155471d125d1",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--a6388eeb-cafa-4457-bcdd-6048d12691fe",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-11-25T00:22:41.479973Z",
+            "modified": "2024-11-25T00:22:41.479973Z",
+            "name": "CVE-2024-53911",
+            "description": "An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24339. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-53911"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--a71edf13-88bb-4969-92fc-8a65b9113d21.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--fd68288f-537f-4335-b6c7-036eb3186665",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--a71edf13-88bb-4969-92fc-8a65b9113d21",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-11-25T00:22:41.475423Z",
+            "modified": "2024-11-25T00:22:41.475423Z",
+            "name": "CVE-2024-53913",
+            "description": "An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24343. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-53913"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--d07c7adf-d61f-4fa4-a977-8a5128f8edcf.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--f5109c5c-3f54-44ad-b01c-2f1d3421aa49",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--d07c7adf-d61f-4fa4-a977-8a5128f8edcf",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-11-25T00:22:41.450825Z",
+            "modified": "2024-11-25T00:22:41.450825Z",
+            "name": "CVE-2024-53910",
+            "description": "An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24336. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-53910"
+                }
+            ]
+        }
+    ]
+}