diff --git a/mapping.csv b/mapping.csv index 7e16df8f3eb..2b06715d675 100644 --- a/mapping.csv +++ b/mapping.csv @@ -260926,3 +260926,31 @@ vulnerability,CVE-2024-56313,vulnerability--f638b2a1-a738-4695-addf-3d9184457c55 vulnerability,CVE-2024-56311,vulnerability--ca2773fb-7832-4dbd-a4ae-5ca23ab19cce vulnerability,CVE-2024-56378,vulnerability--304cc589-e312-4adf-960b-e122cf4bca04 vulnerability,CVE-2024-56375,vulnerability--d95922d4-4e89-425c-86f8-ea6f8515151c +vulnerability,CVE-2024-52321,vulnerability--09049a5e-2cb8-4b5f-a1a7-53bd9d0dc553 +vulnerability,CVE-2024-45387,vulnerability--feeb8dc3-5924-4838-9f0b-ebd362730702 +vulnerability,CVE-2024-45721,vulnerability--b6aca571-f7a7-4df7-8b03-e0bbd17fc014 +vulnerability,CVE-2024-12898,vulnerability--03e10ef3-9b3c-4c70-ad1a-cfd1a84609aa +vulnerability,CVE-2024-12900,vulnerability--b621b70d-8cdb-435e-be9c-685bf3028be8 +vulnerability,CVE-2024-12899,vulnerability--6aab1982-9132-4608-93f1-a82d01692473 +vulnerability,CVE-2024-12903,vulnerability--a2ea7001-0b25-4bfa-9e95-3cac34466690 +vulnerability,CVE-2024-12901,vulnerability--5dd4825c-3b87-478d-9e56-e827cc0d2c9b +vulnerability,CVE-2024-12902,vulnerability--8c8d6b20-61b8-4dcd-b954-987074a454d5 +vulnerability,CVE-2024-47864,vulnerability--2b6e8576-58e8-4297-b099-3b71179fd7a1 +vulnerability,CVE-2024-11230,vulnerability--1fa8099e-7f57-44ce-9b6d-7f3d97318d63 +vulnerability,CVE-2024-53961,vulnerability--17a14fc9-53e4-4b47-a7bc-8aa592ad695d +vulnerability,CVE-2024-53276,vulnerability--a4538cc2-53ea-44be-936c-050b5ea2b956 +vulnerability,CVE-2024-53256,vulnerability--4f896d85-1447-4465-bd0f-958375f61f8e +vulnerability,CVE-2024-53275,vulnerability--a6227b4c-6520-45e7-b810-0c0c2c3db4e9 +vulnerability,CVE-2024-40896,vulnerability--982221d7-1ea0-4ecf-815b-0bda3a400c02 +vulnerability,CVE-2024-54082,vulnerability--559f1c4d-23d0-4d70-a70e-de47e5aa4a58 +vulnerability,CVE-2024-54148,vulnerability--8b4af162-f996-47fe-afa0-d0a971920bf6 +vulnerability,CVE-2024-55539,vulnerability--5df6c9ae-3635-4582-8e75-5b24e1ff6faf +vulnerability,CVE-2024-55947,vulnerability--1e6483a2-3e7c-4e17-9f5f-081ae4758ee8 +vulnerability,CVE-2024-23945,vulnerability--4670009f-67fe-4498-aa24-9608b7ebaccf +vulnerability,CVE-2024-56326,vulnerability--5bed671b-3e09-401e-b06c-fe87b1fcdb7d +vulnerability,CVE-2024-56362,vulnerability--5236a9f0-6203-403c-8ad3-20519cb04bb7 +vulnerability,CVE-2024-56364,vulnerability--bddf2341-4a79-480f-9951-532fed62d905 +vulnerability,CVE-2024-56363,vulnerability--79c9e86d-1104-40a1-8afd-35df6868f58d +vulnerability,CVE-2024-56201,vulnerability--e4229411-5e1b-4a32-9dc2-9d35b92993d0 +vulnerability,CVE-2024-46873,vulnerability--4f4cf7ce-c6c5-4ada-9572-57cd9b6840af +vulnerability,CVE-2018-25106,vulnerability--d3404f8d-fe10-4797-99ef-f1c2748c62fd diff --git a/objects/vulnerability/vulnerability--03e10ef3-9b3c-4c70-ad1a-cfd1a84609aa.json b/objects/vulnerability/vulnerability--03e10ef3-9b3c-4c70-ad1a-cfd1a84609aa.json new file mode 100644 index 00000000000..e2036891b30 --- /dev/null +++ b/objects/vulnerability/vulnerability--03e10ef3-9b3c-4c70-ad1a-cfd1a84609aa.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--05d73ca6-0850-4bc0-9fd7-854aec654c4d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--03e10ef3-9b3c-4c70-ad1a-cfd1a84609aa", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-24T00:20:56.728514Z", + "modified": "2024-12-24T00:20:56.728514Z", + "name": "CVE-2024-12898", + "description": "A vulnerability was found in 1000 Projects Attendance Tracking Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/faculty_action.php. The manipulation of the argument faculty_course_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-12898" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--09049a5e-2cb8-4b5f-a1a7-53bd9d0dc553.json b/objects/vulnerability/vulnerability--09049a5e-2cb8-4b5f-a1a7-53bd9d0dc553.json new file mode 100644 index 00000000000..dd605ca0bb2 --- /dev/null +++ b/objects/vulnerability/vulnerability--09049a5e-2cb8-4b5f-a1a7-53bd9d0dc553.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--99aee4b7-561f-444a-b1e0-7d475c74f6b7", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--09049a5e-2cb8-4b5f-a1a7-53bd9d0dc553", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-24T00:20:56.629254Z", + "modified": "2024-12-24T00:20:56.629254Z", + "name": "CVE-2024-52321", + "description": "Multiple SHARP routers contain an improper authentication vulnerability in the configuration backup function. The product's backup files containing sensitive information may be retrieved by a remote unauthenticated attacker.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-52321" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--17a14fc9-53e4-4b47-a7bc-8aa592ad695d.json b/objects/vulnerability/vulnerability--17a14fc9-53e4-4b47-a7bc-8aa592ad695d.json new file mode 100644 index 00000000000..710048323eb --- /dev/null +++ b/objects/vulnerability/vulnerability--17a14fc9-53e4-4b47-a7bc-8aa592ad695d.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--4bb6cc41-c973-4e46-80b9-b6b54cb4e4a7", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--17a14fc9-53e4-4b47-a7bc-8aa592ad695d", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-24T00:20:57.512796Z", + "modified": "2024-12-24T00:20:57.512796Z", + "name": "CVE-2024-53961", + "description": "ColdFusion versions 2023.11, 2021.17 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access files or directories that are outside of the restricted directory set by the application. This could lead to the disclosure of sensitive information or the manipulation of system data.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53961" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--1e6483a2-3e7c-4e17-9f5f-081ae4758ee8.json b/objects/vulnerability/vulnerability--1e6483a2-3e7c-4e17-9f5f-081ae4758ee8.json new file mode 100644 index 00000000000..f33fa4416f0 --- /dev/null +++ b/objects/vulnerability/vulnerability--1e6483a2-3e7c-4e17-9f5f-081ae4758ee8.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--413add19-bfe9-4993-8d76-8ba40474f3e0", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--1e6483a2-3e7c-4e17-9f5f-081ae4758ee8", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-24T00:20:58.237428Z", + "modified": "2024-12-24T00:20:58.237428Z", + "name": "CVE-2024-55947", + "description": "Gogs is an open source self-hosted Git service. A malicious user is able to write a file to an arbitrary path on the server to gain SSH access to the server. The vulnerability is fixed in 0.13.1.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-55947" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--1fa8099e-7f57-44ce-9b6d-7f3d97318d63.json b/objects/vulnerability/vulnerability--1fa8099e-7f57-44ce-9b6d-7f3d97318d63.json new file mode 100644 index 00000000000..2401609f6e3 --- /dev/null +++ b/objects/vulnerability/vulnerability--1fa8099e-7f57-44ce-9b6d-7f3d97318d63.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--e6fba7df-b805-48cb-899c-cefaaaa107f1", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--1fa8099e-7f57-44ce-9b6d-7f3d97318d63", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-24T00:20:57.250915Z", + "modified": "2024-12-24T00:20:57.250915Z", + "name": "CVE-2024-11230", + "description": "The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘size’ parameter in all versions up to, and including, 1.6.46 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11230" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--2b6e8576-58e8-4297-b099-3b71179fd7a1.json b/objects/vulnerability/vulnerability--2b6e8576-58e8-4297-b099-3b71179fd7a1.json new file mode 100644 index 00000000000..be06882b378 --- /dev/null +++ b/objects/vulnerability/vulnerability--2b6e8576-58e8-4297-b099-3b71179fd7a1.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--5f2d06e0-9fcb-41fd-8809-ef897855bd99", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--2b6e8576-58e8-4297-b099-3b71179fd7a1", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-24T00:20:56.981994Z", + "modified": "2024-12-24T00:20:56.981994Z", + "name": "CVE-2024-47864", + "description": "home 5G HR02, Wi-Fi STATION SH-52B, and Wi-Fi STATION SH-54C contain a buffer overflow vulnerability in the hidden debug function. A remote unauthenticated attacker may get the web console of the product down.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-47864" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--4670009f-67fe-4498-aa24-9608b7ebaccf.json b/objects/vulnerability/vulnerability--4670009f-67fe-4498-aa24-9608b7ebaccf.json new file mode 100644 index 00000000000..38aa12ed8c1 --- /dev/null +++ b/objects/vulnerability/vulnerability--4670009f-67fe-4498-aa24-9608b7ebaccf.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f015a5fe-4c7f-4bdd-a59a-ad02a1cbfc27", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--4670009f-67fe-4498-aa24-9608b7ebaccf", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-24T00:20:58.322653Z", + "modified": "2024-12-24T00:20:58.322653Z", + "name": "CVE-2024-23945", + "description": "Signing cookies is an application security feature that adds a digital signature to cookie data to verify its authenticity and integrity. The signature helps prevent malicious actors from modifying the cookie value, which can lead to security vulnerabilities and exploitation. Apache Hive’s service component accidentally exposes the signed cookie to the end user when there is a mismatch in signature between the current and expected cookie. Exposing the correct cookie signature can lead to further exploitation.\n\nThe vulnerable CookieSigner logic was introduced in Apache Hive by HIVE-9710 (1.2.0) and in Apache Spark by SPARK-14987 (2.0.0). The affected components are the following:\n* org.apache.hive:hive-service\n* org.apache.spark:spark-hive-thriftserver_2.11\n* org.apache.spark:spark-hive-thriftserver_2.12", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-23945" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--4f4cf7ce-c6c5-4ada-9572-57cd9b6840af.json b/objects/vulnerability/vulnerability--4f4cf7ce-c6c5-4ada-9572-57cd9b6840af.json new file mode 100644 index 00000000000..6da09b23986 --- /dev/null +++ b/objects/vulnerability/vulnerability--4f4cf7ce-c6c5-4ada-9572-57cd9b6840af.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b2efecdd-5234-4122-9ea3-ff9ba058e2c1", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--4f4cf7ce-c6c5-4ada-9572-57cd9b6840af", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-24T00:20:58.607768Z", + "modified": "2024-12-24T00:20:58.607768Z", + "name": "CVE-2024-46873", + "description": "Multiple SHARP routers leave the hidden debug function enabled. An arbitrary OS command may be executed with the root privilege by a remote unauthenticated attacker.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-46873" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--4f896d85-1447-4465-bd0f-958375f61f8e.json b/objects/vulnerability/vulnerability--4f896d85-1447-4465-bd0f-958375f61f8e.json new file mode 100644 index 00000000000..91f80d84a79 --- /dev/null +++ b/objects/vulnerability/vulnerability--4f896d85-1447-4465-bd0f-958375f61f8e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b5519e25-45ee-453a-ad37-3c2aabace8c1", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--4f896d85-1447-4465-bd0f-958375f61f8e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-24T00:20:57.536198Z", + "modified": "2024-12-24T00:20:57.536198Z", + "name": "CVE-2024-53256", + "description": "Rizin is a UNIX-like reverse engineering framework and command-line toolset. `rizin.c` still had an old snippet of code which suffered a command injection due the usage of `rz_core_cmdf` to invoke the command `m` which was removed in v0.1.x. A malicious binary defining `bclass` (part of RzBinInfo) is executed if `rclass` (part of RzBinInfo) is set to `fs`; the vulnerability can be exploited by any bin format where `bclass` and `rclass` are user defined. This vulnerability is fixed in 0.7.4.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53256" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--5236a9f0-6203-403c-8ad3-20519cb04bb7.json b/objects/vulnerability/vulnerability--5236a9f0-6203-403c-8ad3-20519cb04bb7.json new file mode 100644 index 00000000000..7399b54212e --- /dev/null +++ b/objects/vulnerability/vulnerability--5236a9f0-6203-403c-8ad3-20519cb04bb7.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b3342f47-8424-435a-9d67-0cb6a88d5fe0", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--5236a9f0-6203-403c-8ad3-20519cb04bb7", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-24T00:20:58.362126Z", + "modified": "2024-12-24T00:20:58.362126Z", + "name": "CVE-2024-56362", + "description": "Navidrome is an open source web-based music collection server and streamer. Navidrome stores the JWT secret in plaintext in the navidrome.db database file under the property table. This practice introduces a security risk because anyone with access to the database file can retrieve the secret. This vulnerability is fixed in 0.54.1.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-56362" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--559f1c4d-23d0-4d70-a70e-de47e5aa4a58.json b/objects/vulnerability/vulnerability--559f1c4d-23d0-4d70-a70e-de47e5aa4a58.json new file mode 100644 index 00000000000..0bdb85cb0e4 --- /dev/null +++ b/objects/vulnerability/vulnerability--559f1c4d-23d0-4d70-a70e-de47e5aa4a58.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f8d3f79e-ed25-4bd1-85fa-bccdeef69b03", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--559f1c4d-23d0-4d70-a70e-de47e5aa4a58", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-24T00:20:58.158432Z", + "modified": "2024-12-24T00:20:58.158432Z", + "name": "CVE-2024-54082", + "description": "home 5G HR02 and Wi-Fi STATION SH-54C contain an OS command injection vulnerability in the configuration restore function. An arbitrary OS command may be executed with the root privilege by an administrative user.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-54082" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--5bed671b-3e09-401e-b06c-fe87b1fcdb7d.json b/objects/vulnerability/vulnerability--5bed671b-3e09-401e-b06c-fe87b1fcdb7d.json new file mode 100644 index 00000000000..2577fdb95d1 --- /dev/null +++ b/objects/vulnerability/vulnerability--5bed671b-3e09-401e-b06c-fe87b1fcdb7d.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--de034797-f099-44f3-b999-d725e9d63c45", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--5bed671b-3e09-401e-b06c-fe87b1fcdb7d", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-24T00:20:58.357904Z", + "modified": "2024-12-24T00:20:58.357904Z", + "name": "CVE-2024-56326", + "description": "Jinja is an extensible templating engine. Prior to 3.1.5, An oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates. Jinja's sandbox does catch calls to str.format and ensures they don't escape the sandbox. However, it's possible to store a reference to a malicious string's format method, then pass that to a filter that calls it. No such filters are built-in to Jinja, but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox. This vulnerability is fixed in 3.1.5.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-56326" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--5dd4825c-3b87-478d-9e56-e827cc0d2c9b.json b/objects/vulnerability/vulnerability--5dd4825c-3b87-478d-9e56-e827cc0d2c9b.json new file mode 100644 index 00000000000..efb2425d954 --- /dev/null +++ b/objects/vulnerability/vulnerability--5dd4825c-3b87-478d-9e56-e827cc0d2c9b.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b9005233-a726-4691-aef8-9300e74694ba", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--5dd4825c-3b87-478d-9e56-e827cc0d2c9b", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-24T00:20:56.762275Z", + "modified": "2024-12-24T00:20:56.762275Z", + "name": "CVE-2024-12901", + "description": "A vulnerability classified as critical was found in FoxCMS up to 1.2. Affected by this vulnerability is an unknown functionality of the file /app/api/controller/Site.php of the component API Endpoint. The manipulation of the argument password leads to improper authorization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-12901" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--5df6c9ae-3635-4582-8e75-5b24e1ff6faf.json b/objects/vulnerability/vulnerability--5df6c9ae-3635-4582-8e75-5b24e1ff6faf.json new file mode 100644 index 00000000000..957a18b37b5 --- /dev/null +++ b/objects/vulnerability/vulnerability--5df6c9ae-3635-4582-8e75-5b24e1ff6faf.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--207ba622-b8be-46fc-affc-da95d6681d90", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--5df6c9ae-3635-4582-8e75-5b24e1ff6faf", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-24T00:20:58.23412Z", + "modified": "2024-12-24T00:20:58.23412Z", + "name": "CVE-2024-55539", + "description": "Weak algorithm used to sign RPM package. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux) before build 39185.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-55539" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--6aab1982-9132-4608-93f1-a82d01692473.json b/objects/vulnerability/vulnerability--6aab1982-9132-4608-93f1-a82d01692473.json new file mode 100644 index 00000000000..f5bb68f79c6 --- /dev/null +++ b/objects/vulnerability/vulnerability--6aab1982-9132-4608-93f1-a82d01692473.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b6fcd6cb-ac43-4934-b398-7af86fb20b07", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--6aab1982-9132-4608-93f1-a82d01692473", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-24T00:20:56.756867Z", + "modified": "2024-12-24T00:20:56.756867Z", + "name": "CVE-2024-12899", + "description": "A vulnerability was found in 1000 Projects Attendance Tracking Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/course_action.php. The manipulation of the argument course_code leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-12899" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--79c9e86d-1104-40a1-8afd-35df6868f58d.json b/objects/vulnerability/vulnerability--79c9e86d-1104-40a1-8afd-35df6868f58d.json new file mode 100644 index 00000000000..b0b49babcea --- /dev/null +++ b/objects/vulnerability/vulnerability--79c9e86d-1104-40a1-8afd-35df6868f58d.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--652b124c-d4d8-4680-9b1c-d41a6a1a3047", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--79c9e86d-1104-40a1-8afd-35df6868f58d", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-24T00:20:58.370392Z", + "modified": "2024-12-24T00:20:58.370392Z", + "name": "CVE-2024-56363", + "description": "APTRS (Automated Penetration Testing Reporting System) is a Python and Django-based automated reporting tool designed for penetration testers and security organizations. In 1.0, there is a vulnerability in the web application's handling of user-supplied input that is incorporated into a Jinja2 template. Specifically, when user input is improperly sanitized or validated, an attacker can inject Jinja2 syntax into the template, causing the server to execute arbitrary code. For example, an attacker might be able to inject expressions like {{ config }}, {{ self.class.mro[1].subclasses() }}, or more dangerous payloads that trigger execution of arbitrary Python code. The vulnerability can be reproduced by submitting crafted input to all the template fields handled by ckeditor, that are passed directly to a Jinja2 template. If the input is rendered without sufficient sanitization, it results in the execution of malicious Jinja2 code on the server.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-56363" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8b4af162-f996-47fe-afa0-d0a971920bf6.json b/objects/vulnerability/vulnerability--8b4af162-f996-47fe-afa0-d0a971920bf6.json new file mode 100644 index 00000000000..0ef0cf9ea78 --- /dev/null +++ b/objects/vulnerability/vulnerability--8b4af162-f996-47fe-afa0-d0a971920bf6.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--af42918b-bbfa-446d-9123-62ad95a4757f", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8b4af162-f996-47fe-afa0-d0a971920bf6", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-24T00:20:58.184991Z", + "modified": "2024-12-24T00:20:58.184991Z", + "name": "CVE-2024-54148", + "description": "Gogs is an open source self-hosted Git service. A malicious user is able to commit and edit a crafted symlink file to a repository to gain SSH access to the server. The vulnerability is fixed in 0.13.1.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-54148" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8c8d6b20-61b8-4dcd-b954-987074a454d5.json b/objects/vulnerability/vulnerability--8c8d6b20-61b8-4dcd-b954-987074a454d5.json new file mode 100644 index 00000000000..db0dbc139cd --- /dev/null +++ b/objects/vulnerability/vulnerability--8c8d6b20-61b8-4dcd-b954-987074a454d5.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--89212d3d-03f5-4ce8-822b-34a838152e6d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8c8d6b20-61b8-4dcd-b954-987074a454d5", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-24T00:20:56.766913Z", + "modified": "2024-12-24T00:20:56.766913Z", + "name": "CVE-2024-12902", + "description": "ANCHOR from Global Wisdom Software is an integrated product running on a Windows virtual machine. The underlying Windows OS of the product contains high-privilege service accounts. If these accounts use default passwords, attackers could remotely log in to the virtual machine using the default credentials.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-12902" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--982221d7-1ea0-4ecf-815b-0bda3a400c02.json b/objects/vulnerability/vulnerability--982221d7-1ea0-4ecf-815b-0bda3a400c02.json new file mode 100644 index 00000000000..3f0ba93633c --- /dev/null +++ b/objects/vulnerability/vulnerability--982221d7-1ea0-4ecf-815b-0bda3a400c02.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--65f8ed48-e64f-4837-9900-a62057b45020", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--982221d7-1ea0-4ecf-815b-0bda3a400c02", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-24T00:20:57.78885Z", + "modified": "2024-12-24T00:20:57.78885Z", + "name": "CVE-2024-40896", + "description": "In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting \"checked\"). This makes classic XXE attacks possible.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-40896" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--a2ea7001-0b25-4bfa-9e95-3cac34466690.json b/objects/vulnerability/vulnerability--a2ea7001-0b25-4bfa-9e95-3cac34466690.json new file mode 100644 index 00000000000..5e00b51111c --- /dev/null +++ b/objects/vulnerability/vulnerability--a2ea7001-0b25-4bfa-9e95-3cac34466690.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--73f89964-8767-487d-8e54-b50eede484fa", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--a2ea7001-0b25-4bfa-9e95-3cac34466690", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-24T00:20:56.760946Z", + "modified": "2024-12-24T00:20:56.760946Z", + "name": "CVE-2024-12903", + "description": "Incorrect default permissions vulnerability in Evoko Home, affecting version 2.4.2 to 2.7.4. A non-admin user could exploit weak file and folder permissions to escalate privileges, execute arbitrary code and maintain persistence on the compromised machine. It has been identified that full control permissions exist on the ‘Everyone’ group (i.e. any user who has local access to the operating system regardless of their privileges).", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-12903" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--a4538cc2-53ea-44be-936c-050b5ea2b956.json b/objects/vulnerability/vulnerability--a4538cc2-53ea-44be-936c-050b5ea2b956.json new file mode 100644 index 00000000000..eee3979c480 --- /dev/null +++ b/objects/vulnerability/vulnerability--a4538cc2-53ea-44be-936c-050b5ea2b956.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--91ea25f3-e4b8-4fcd-a051-ebaa83ddf78f", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--a4538cc2-53ea-44be-936c-050b5ea2b956", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-24T00:20:57.530437Z", + "modified": "2024-12-24T00:20:57.530437Z", + "name": "CVE-2024-53276", + "description": "Home-Gallery.org is a self-hosted open-source web gallery to browse personal photos and videos. In 1.15.0 and earlier, an open CORS policy in app.js may allow an attacker to view the images of home-gallery when it is using the default settings. The following express middleware allows any website to make a cross site request to home-gallery, thus allowing them to read any endpoint on home-gallery. Home-gallery is mostly safe from cross-site requests due to most of its pages requiring JavaScript, and cross-site requests such as fetch() do not render javascript. If an attacker is able to get the path of the preview images which are randomized, an attacker will be able to view such a photo. If any static files or endpoints are introduced in the future that contain sensitive information, they will be accessible to an attacker website.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53276" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--a6227b4c-6520-45e7-b810-0c0c2c3db4e9.json b/objects/vulnerability/vulnerability--a6227b4c-6520-45e7-b810-0c0c2c3db4e9.json new file mode 100644 index 00000000000..78a3aead7f9 --- /dev/null +++ b/objects/vulnerability/vulnerability--a6227b4c-6520-45e7-b810-0c0c2c3db4e9.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--8eb56070-0bb1-4338-8467-6bc2161105b9", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--a6227b4c-6520-45e7-b810-0c0c2c3db4e9", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-24T00:20:57.560104Z", + "modified": "2024-12-24T00:20:57.560104Z", + "name": "CVE-2024-53275", + "description": "Home-Gallery.org is a self-hosted open-source web gallery to browse personal photos and videos. In 1.15.0 and earlier, the default setup of home-gallery is vulnerable to DNS rebinding. Home-gallery is set up without TLS and user authentication by default, leaving it vulnerable to DNS rebinding. In this attack, an attacker will ask a user to visit their website. The attacker website will then change the DNS records of their domain from their IP address to the internal IP address of the home-gallery instance. To tell which IP addresses are valid, we can rebind a subdomain to each IP address we want to check, and see if there is a response. Once potential candidates have been found, the attacker can launch the attack by reading the response of the web server after the IP address has changed. When the attacker domain is fetched, the response will be from the home-gallery instance, not the attacker website, because the IP address has been changed. Due to a lack of authentication, home-gallery photos can then be extracted by the attacker website.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53275" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--b621b70d-8cdb-435e-be9c-685bf3028be8.json b/objects/vulnerability/vulnerability--b621b70d-8cdb-435e-be9c-685bf3028be8.json new file mode 100644 index 00000000000..1d202338c7c --- /dev/null +++ b/objects/vulnerability/vulnerability--b621b70d-8cdb-435e-be9c-685bf3028be8.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c32f6413-c8b6-43db-a111-e049a79dcfe6", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--b621b70d-8cdb-435e-be9c-685bf3028be8", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-24T00:20:56.7364Z", + "modified": "2024-12-24T00:20:56.7364Z", + "name": "CVE-2024-12900", + "description": "A vulnerability classified as critical has been found in FoxCMS up to 1.2. Affected is an unknown function of the file /install/installdb.php of the component Configuration File Handler. The manipulation of the argument database password leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-12900" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--b6aca571-f7a7-4df7-8b03-e0bbd17fc014.json b/objects/vulnerability/vulnerability--b6aca571-f7a7-4df7-8b03-e0bbd17fc014.json new file mode 100644 index 00000000000..5aee52ef8e4 --- /dev/null +++ b/objects/vulnerability/vulnerability--b6aca571-f7a7-4df7-8b03-e0bbd17fc014.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ceb09186-aacc-44c7-ad68-254eb61e72a3", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--b6aca571-f7a7-4df7-8b03-e0bbd17fc014", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-24T00:20:56.720Z", + "modified": "2024-12-24T00:20:56.720Z", + "name": "CVE-2024-45721", + "description": "home 5G HR02, Wi-Fi STATION SH-52B, and Wi-Fi STATION SH-54C contain an OS command injection vulnerability in the HOST name configuration screen. An arbitrary OS command may be executed with the root privilege by an administrative user.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-45721" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--bddf2341-4a79-480f-9951-532fed62d905.json b/objects/vulnerability/vulnerability--bddf2341-4a79-480f-9951-532fed62d905.json new file mode 100644 index 00000000000..a30b30c0051 --- /dev/null +++ b/objects/vulnerability/vulnerability--bddf2341-4a79-480f-9951-532fed62d905.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--255469ef-58ad-488a-b25a-597d9957bff0", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--bddf2341-4a79-480f-9951-532fed62d905", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-24T00:20:58.365201Z", + "modified": "2024-12-24T00:20:58.365201Z", + "name": "CVE-2024-56364", + "description": "SimpleXLSX is software for parsing and retrieving data from Excel XLSx files. Starting in 1.0.12 and ending in 1.1.13, when calling the extended toHTMLEx method, it is possible to execute arbitrary JavaScript code. This vulnerability is fixed in 1.1.13.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-56364" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d3404f8d-fe10-4797-99ef-f1c2748c62fd.json b/objects/vulnerability/vulnerability--d3404f8d-fe10-4797-99ef-f1c2748c62fd.json new file mode 100644 index 00000000000..c2a12fdc992 --- /dev/null +++ b/objects/vulnerability/vulnerability--d3404f8d-fe10-4797-99ef-f1c2748c62fd.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--3ae3f7cd-fd01-4b64-a5a7-83aed4190bbd", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d3404f8d-fe10-4797-99ef-f1c2748c62fd", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-24T00:21:10.417786Z", + "modified": "2024-12-24T00:21:10.417786Z", + "name": "CVE-2018-25106", + "description": "A vulnerability, which was classified as critical, has been found in webuidesigning NebulaX Theme up to 5.0 on WordPress. This issue affects the function nebula_send_to_hubspot of the file libs/Legacy/Legacy.php. The manipulation leads to sql injection. The attack may be initiated remotely. The patch is named 41230a81db0f671c570c2644bc2f80565ca83c5a. It is recommended to apply a patch to fix this issue.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2018-25106" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e4229411-5e1b-4a32-9dc2-9d35b92993d0.json b/objects/vulnerability/vulnerability--e4229411-5e1b-4a32-9dc2-9d35b92993d0.json new file mode 100644 index 00000000000..3ed8978cb66 --- /dev/null +++ b/objects/vulnerability/vulnerability--e4229411-5e1b-4a32-9dc2-9d35b92993d0.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--8a90ba4a-d19f-4fdb-82a4-2a6ab59960d1", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e4229411-5e1b-4a32-9dc2-9d35b92993d0", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-24T00:20:58.371816Z", + "modified": "2024-12-24T00:20:58.371816Z", + "name": "CVE-2024-56201", + "description": "Jinja is an extensible templating engine. Prior to 3.1.5, a bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of if Jinja's sandbox is used. To exploit the vulnerability, an attacker needs to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates where the template author can also choose the template filename. This vulnerability is fixed in 3.1.5.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-56201" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--feeb8dc3-5924-4838-9f0b-ebd362730702.json b/objects/vulnerability/vulnerability--feeb8dc3-5924-4838-9f0b-ebd362730702.json new file mode 100644 index 00000000000..12057f63cee --- /dev/null +++ b/objects/vulnerability/vulnerability--feeb8dc3-5924-4838-9f0b-ebd362730702.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--652ae3e0-91d0-4136-8060-1f3e5881ed67", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--feeb8dc3-5924-4838-9f0b-ebd362730702", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-24T00:20:56.709462Z", + "modified": "2024-12-24T00:20:56.709462Z", + "name": "CVE-2024-45387", + "description": "An SQL injection vulnerability in Traffic Ops in Apache Traffic Control <= 8.0.1, >= 8.0.0 allows a privileged user with role \"admin\", \"federation\", \"operations\", \"portal\", or \"steering\" to execute arbitrary SQL against the database by sending a specially-crafted PUT request.\n\nUsers are recommended to upgrade to version Apache Traffic Control 8.0.2 if you run an affected version of Traffic Ops.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-45387" + } + ] + } + ] +} \ No newline at end of file