From 3de0eecb2e5db13f14d9c14c58f110f6f62f8568 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 25 Nov 2024 00:40:43 +0000 Subject: [PATCH] generated content from 2024-11-25 --- mapping.csv | 16 ++++++++++++++ ...-0360abfb-2619-4e8b-b3de-de4b5550d071.json | 22 +++++++++++++++++++ ...-0d4ff7f3-7c5c-4e52-ad6f-8b188e99a0f7.json | 22 +++++++++++++++++++ ...-1ea81a0c-5d05-4f35-88ca-b455ec1022e7.json | 22 +++++++++++++++++++ ...-3d419a03-2a61-49e6-ae77-d17eba855d4e.json | 22 +++++++++++++++++++ ...-426d3445-d16d-4002-ad49-83836e265045.json | 22 +++++++++++++++++++ ...-5ba5b161-e0b0-4617-bb66-8852fb548356.json | 22 +++++++++++++++++++ ...-7fb02c6d-69f2-4174-90e2-7a0cfd6e8845.json | 22 +++++++++++++++++++ ...-93ff5411-f7e9-46f3-b768-9c082b3cc9b2.json | 22 +++++++++++++++++++ ...-b15a0f19-66fc-4049-849e-9ad815803495.json | 22 +++++++++++++++++++ ...-b1f09b60-fb0f-42bf-85c3-3279ee5c5847.json | 22 +++++++++++++++++++ ...-cbd1cdd8-fb56-4767-a3fc-0b0d1bf0afdc.json | 22 +++++++++++++++++++ ...-cce76075-d7d0-40d2-a439-268c7dcbb714.json | 22 +++++++++++++++++++ ...-e1f96cef-279a-4d8b-a906-2765f8ceacd5.json | 22 +++++++++++++++++++ ...-e73cebb1-5c9d-4a2d-888d-5bacb1b0f78c.json | 22 +++++++++++++++++++ ...-f784b659-0e66-4855-80d3-21c2c14c4e06.json | 22 +++++++++++++++++++ ...-f99494a7-970a-450a-8a86-581d353a756a.json | 22 +++++++++++++++++++ 17 files changed, 368 insertions(+) create mode 100644 objects/vulnerability/vulnerability--0360abfb-2619-4e8b-b3de-de4b5550d071.json create mode 100644 objects/vulnerability/vulnerability--0d4ff7f3-7c5c-4e52-ad6f-8b188e99a0f7.json create mode 100644 objects/vulnerability/vulnerability--1ea81a0c-5d05-4f35-88ca-b455ec1022e7.json create mode 100644 objects/vulnerability/vulnerability--3d419a03-2a61-49e6-ae77-d17eba855d4e.json create mode 100644 objects/vulnerability/vulnerability--426d3445-d16d-4002-ad49-83836e265045.json create mode 100644 objects/vulnerability/vulnerability--5ba5b161-e0b0-4617-bb66-8852fb548356.json create mode 100644 objects/vulnerability/vulnerability--7fb02c6d-69f2-4174-90e2-7a0cfd6e8845.json create mode 100644 objects/vulnerability/vulnerability--93ff5411-f7e9-46f3-b768-9c082b3cc9b2.json create mode 100644 objects/vulnerability/vulnerability--b15a0f19-66fc-4049-849e-9ad815803495.json create mode 100644 objects/vulnerability/vulnerability--b1f09b60-fb0f-42bf-85c3-3279ee5c5847.json create mode 100644 objects/vulnerability/vulnerability--cbd1cdd8-fb56-4767-a3fc-0b0d1bf0afdc.json create mode 100644 objects/vulnerability/vulnerability--cce76075-d7d0-40d2-a439-268c7dcbb714.json create mode 100644 objects/vulnerability/vulnerability--e1f96cef-279a-4d8b-a906-2765f8ceacd5.json create mode 100644 objects/vulnerability/vulnerability--e73cebb1-5c9d-4a2d-888d-5bacb1b0f78c.json create mode 100644 objects/vulnerability/vulnerability--f784b659-0e66-4855-80d3-21c2c14c4e06.json create mode 100644 objects/vulnerability/vulnerability--f99494a7-970a-450a-8a86-581d353a756a.json diff --git a/mapping.csv b/mapping.csv index d3149772a3e..4370a1262a0 100644 --- a/mapping.csv +++ b/mapping.csv @@ -257716,3 +257716,19 @@ vulnerability,CVE-2024-11632,vulnerability--a4f29bc9-7f42-46c2-a0f1-84e9a4a29b25 vulnerability,CVE-2024-41761,vulnerability--819a3330-40e8-4f4e-9112-4fa418e83745 vulnerability,CVE-2024-35160,vulnerability--f37566f6-d9c0-4164-a6a4-faef889c8e93 vulnerability,CVE-2023-7299,vulnerability--947a9b40-7aa6-4e67-8c69-739f4085d862 +vulnerability,CVE-2024-11646,vulnerability--0360abfb-2619-4e8b-b3de-de4b5550d071 +vulnerability,CVE-2024-11666,vulnerability--5ba5b161-e0b0-4617-bb66-8852fb548356 +vulnerability,CVE-2024-11233,vulnerability--e73cebb1-5c9d-4a2d-888d-5bacb1b0f78c +vulnerability,CVE-2024-11665,vulnerability--cce76075-d7d0-40d2-a439-268c7dcbb714 +vulnerability,CVE-2024-11234,vulnerability--b15a0f19-66fc-4049-849e-9ad815803495 +vulnerability,CVE-2024-11236,vulnerability--0d4ff7f3-7c5c-4e52-ad6f-8b188e99a0f7 +vulnerability,CVE-2024-53901,vulnerability--e1f96cef-279a-4d8b-a906-2765f8ceacd5 +vulnerability,CVE-2024-53910,vulnerability--426d3445-d16d-4002-ad49-83836e265045 +vulnerability,CVE-2024-53912,vulnerability--93ff5411-f7e9-46f3-b768-9c082b3cc9b2 +vulnerability,CVE-2024-53909,vulnerability--1ea81a0c-5d05-4f35-88ca-b455ec1022e7 +vulnerability,CVE-2024-53916,vulnerability--f99494a7-970a-450a-8a86-581d353a756a +vulnerability,CVE-2024-53913,vulnerability--b1f09b60-fb0f-42bf-85c3-3279ee5c5847 +vulnerability,CVE-2024-53914,vulnerability--3d419a03-2a61-49e6-ae77-d17eba855d4e +vulnerability,CVE-2024-53911,vulnerability--f784b659-0e66-4855-80d3-21c2c14c4e06 +vulnerability,CVE-2024-53915,vulnerability--cbd1cdd8-fb56-4767-a3fc-0b0d1bf0afdc +vulnerability,CVE-2024-53899,vulnerability--7fb02c6d-69f2-4174-90e2-7a0cfd6e8845 diff --git a/objects/vulnerability/vulnerability--0360abfb-2619-4e8b-b3de-de4b5550d071.json b/objects/vulnerability/vulnerability--0360abfb-2619-4e8b-b3de-de4b5550d071.json new file mode 100644 index 00000000000..27e058a53ff --- /dev/null +++ b/objects/vulnerability/vulnerability--0360abfb-2619-4e8b-b3de-de4b5550d071.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--1d69ba97-b4f4-4be3-ad3b-48cee69cc95d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--0360abfb-2619-4e8b-b3de-de4b5550d071", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-25T00:40:14.546099Z", + "modified": "2024-11-25T00:40:14.546099Z", + "name": "CVE-2024-11646", + "description": "A vulnerability classified as critical was found in 1000 Projects Beauty Parlour Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/edit-services.php. The manipulation of the argument sername leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11646" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--0d4ff7f3-7c5c-4e52-ad6f-8b188e99a0f7.json b/objects/vulnerability/vulnerability--0d4ff7f3-7c5c-4e52-ad6f-8b188e99a0f7.json new file mode 100644 index 00000000000..d701ccf3a61 --- /dev/null +++ b/objects/vulnerability/vulnerability--0d4ff7f3-7c5c-4e52-ad6f-8b188e99a0f7.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d050fca5-b3f1-454a-939e-0da974942227", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--0d4ff7f3-7c5c-4e52-ad6f-8b188e99a0f7", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-25T00:40:14.579453Z", + "modified": "2024-11-25T00:40:14.579453Z", + "name": "CVE-2024-11236", + "description": "In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape() function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11236" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--1ea81a0c-5d05-4f35-88ca-b455ec1022e7.json b/objects/vulnerability/vulnerability--1ea81a0c-5d05-4f35-88ca-b455ec1022e7.json new file mode 100644 index 00000000000..24af3b04339 --- /dev/null +++ b/objects/vulnerability/vulnerability--1ea81a0c-5d05-4f35-88ca-b455ec1022e7.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--2379be87-a772-4054-9a15-568c7e358938", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--1ea81a0c-5d05-4f35-88ca-b455ec1022e7", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-25T00:40:14.844175Z", + "modified": "2024-11-25T00:40:14.844175Z", + "name": "CVE-2024-53909", + "description": "An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24334. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53909" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--3d419a03-2a61-49e6-ae77-d17eba855d4e.json b/objects/vulnerability/vulnerability--3d419a03-2a61-49e6-ae77-d17eba855d4e.json new file mode 100644 index 00000000000..418f5b8da63 --- /dev/null +++ b/objects/vulnerability/vulnerability--3d419a03-2a61-49e6-ae77-d17eba855d4e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--4a290ac2-f2a2-4033-bcaa-6acd977ea601", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--3d419a03-2a61-49e6-ae77-d17eba855d4e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-25T00:40:14.861772Z", + "modified": "2024-11-25T00:40:14.861772Z", + "name": "CVE-2024-53914", + "description": "An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24344. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53914" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--426d3445-d16d-4002-ad49-83836e265045.json b/objects/vulnerability/vulnerability--426d3445-d16d-4002-ad49-83836e265045.json new file mode 100644 index 00000000000..d8c44152d41 --- /dev/null +++ b/objects/vulnerability/vulnerability--426d3445-d16d-4002-ad49-83836e265045.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--2cbb4905-531a-4f14-bc1d-998d4b3fddd7", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--426d3445-d16d-4002-ad49-83836e265045", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-25T00:40:14.832775Z", + "modified": "2024-11-25T00:40:14.832775Z", + "name": "CVE-2024-53910", + "description": "An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24336. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53910" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--5ba5b161-e0b0-4617-bb66-8852fb548356.json b/objects/vulnerability/vulnerability--5ba5b161-e0b0-4617-bb66-8852fb548356.json new file mode 100644 index 00000000000..fe63b26bfba --- /dev/null +++ b/objects/vulnerability/vulnerability--5ba5b161-e0b0-4617-bb66-8852fb548356.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--24294d8f-65a0-4b4b-a905-fa55c5f640fc", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--5ba5b161-e0b0-4617-bb66-8852fb548356", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-25T00:40:14.554854Z", + "modified": "2024-11-25T00:40:14.554854Z", + "name": "CVE-2024-11666", + "description": "Affected devices beacon to eCharge cloud infrastructure asking if there are any command they should run. This communication is established over an insecure channel since peer verification is disabled everywhere. Therefore, remote unauthenticated users  suitably positioned on the network between an EV charger controller and eCharge infrastructure can execute arbitrary commands with elevated privileges on affected devices.\n\nThis issue affects cph2_echarge_firmware: through 2.0.4.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11666" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--7fb02c6d-69f2-4174-90e2-7a0cfd6e8845.json b/objects/vulnerability/vulnerability--7fb02c6d-69f2-4174-90e2-7a0cfd6e8845.json new file mode 100644 index 00000000000..44319fbe3d2 --- /dev/null +++ b/objects/vulnerability/vulnerability--7fb02c6d-69f2-4174-90e2-7a0cfd6e8845.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--fc372283-21a9-49c5-8c0c-d4e497e5c0d6", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--7fb02c6d-69f2-4174-90e2-7a0cfd6e8845", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-25T00:40:14.866122Z", + "modified": "2024-11-25T00:40:14.866122Z", + "name": "CVE-2024-53899", + "description": "virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. Magic template strings are not quoted correctly when replacing. NOTE: this is not the same as CVE-2024-9287.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53899" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--93ff5411-f7e9-46f3-b768-9c082b3cc9b2.json b/objects/vulnerability/vulnerability--93ff5411-f7e9-46f3-b768-9c082b3cc9b2.json new file mode 100644 index 00000000000..4731b0c13e5 --- /dev/null +++ b/objects/vulnerability/vulnerability--93ff5411-f7e9-46f3-b768-9c082b3cc9b2.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c059c113-b066-4935-ad7c-f6f3d8a66631", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--93ff5411-f7e9-46f3-b768-9c082b3cc9b2", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-25T00:40:14.834436Z", + "modified": "2024-11-25T00:40:14.834436Z", + "name": "CVE-2024-53912", + "description": "An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24341. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53912" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--b15a0f19-66fc-4049-849e-9ad815803495.json b/objects/vulnerability/vulnerability--b15a0f19-66fc-4049-849e-9ad815803495.json new file mode 100644 index 00000000000..78af62f67fe --- /dev/null +++ b/objects/vulnerability/vulnerability--b15a0f19-66fc-4049-849e-9ad815803495.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--6a4bc187-8c9e-4376-812f-5afceb05c96c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--b15a0f19-66fc-4049-849e-9ad815803495", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-25T00:40:14.577748Z", + "modified": "2024-11-25T00:40:14.577748Z", + "name": "CVE-2024-11234", + "description": "In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, when using streams with configured proxy and \"request_fulluri\" option, the URI is not properly sanitized which can lead to HTTP request smuggling and allow the attacker to use the proxy to perform arbitrary HTTP requests originating from the server, thus potentially gaining access to resources not normally available to the external user.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11234" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--b1f09b60-fb0f-42bf-85c3-3279ee5c5847.json b/objects/vulnerability/vulnerability--b1f09b60-fb0f-42bf-85c3-3279ee5c5847.json new file mode 100644 index 00000000000..ff4ebed6a54 --- /dev/null +++ b/objects/vulnerability/vulnerability--b1f09b60-fb0f-42bf-85c3-3279ee5c5847.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f99b33e9-20e0-4536-ad89-fbab1add2cc9", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--b1f09b60-fb0f-42bf-85c3-3279ee5c5847", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-25T00:40:14.858357Z", + "modified": "2024-11-25T00:40:14.858357Z", + "name": "CVE-2024-53913", + "description": "An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24343. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53913" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--cbd1cdd8-fb56-4767-a3fc-0b0d1bf0afdc.json b/objects/vulnerability/vulnerability--cbd1cdd8-fb56-4767-a3fc-0b0d1bf0afdc.json new file mode 100644 index 00000000000..a5391fc09a1 --- /dev/null +++ b/objects/vulnerability/vulnerability--cbd1cdd8-fb56-4767-a3fc-0b0d1bf0afdc.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--7e604231-70fc-4cc6-af10-2dc7e6eb0518", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--cbd1cdd8-fb56-4767-a3fc-0b0d1bf0afdc", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-25T00:40:14.864857Z", + "modified": "2024-11-25T00:40:14.864857Z", + "name": "CVE-2024-53915", + "description": "An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24405. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53915" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--cce76075-d7d0-40d2-a439-268c7dcbb714.json b/objects/vulnerability/vulnerability--cce76075-d7d0-40d2-a439-268c7dcbb714.json new file mode 100644 index 00000000000..6ce25d594bf --- /dev/null +++ b/objects/vulnerability/vulnerability--cce76075-d7d0-40d2-a439-268c7dcbb714.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--64952ba8-cbcc-46d4-bfb9-5977dad5e1bd", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--cce76075-d7d0-40d2-a439-268c7dcbb714", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-25T00:40:14.56976Z", + "modified": "2024-11-25T00:40:14.56976Z", + "name": "CVE-2024-11665", + "description": "Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in hardy-barth cph2_echarge_firmware allows OS Command Injection.This issue affects cph2_echarge_firmware: through 2.0.4.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11665" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e1f96cef-279a-4d8b-a906-2765f8ceacd5.json b/objects/vulnerability/vulnerability--e1f96cef-279a-4d8b-a906-2765f8ceacd5.json new file mode 100644 index 00000000000..b15d9bf6e0c --- /dev/null +++ b/objects/vulnerability/vulnerability--e1f96cef-279a-4d8b-a906-2765f8ceacd5.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--838513e5-ca1e-4b5b-8f15-be4241b86412", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e1f96cef-279a-4d8b-a906-2765f8ceacd5", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-25T00:40:14.831355Z", + "modified": "2024-11-25T00:40:14.831355Z", + "name": "CVE-2024-53901", + "description": "The Imager package before 1.025 for Perl has a heap-based buffer overflow leading to denial of service, or possibly unspecified other impact, when the trim() method is called on a crafted input image.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53901" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e73cebb1-5c9d-4a2d-888d-5bacb1b0f78c.json b/objects/vulnerability/vulnerability--e73cebb1-5c9d-4a2d-888d-5bacb1b0f78c.json new file mode 100644 index 00000000000..029e65b7f2c --- /dev/null +++ b/objects/vulnerability/vulnerability--e73cebb1-5c9d-4a2d-888d-5bacb1b0f78c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--17316f15-cb23-406a-87e3-ac9eb6e0a669", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e73cebb1-5c9d-4a2d-888d-5bacb1b0f78c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-25T00:40:14.56061Z", + "modified": "2024-11-25T00:40:14.56061Z", + "name": "CVE-2024-11233", + "description": "In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead to crashes or disclose content of other memory areas.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11233" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f784b659-0e66-4855-80d3-21c2c14c4e06.json b/objects/vulnerability/vulnerability--f784b659-0e66-4855-80d3-21c2c14c4e06.json new file mode 100644 index 00000000000..16e7d0c8f95 --- /dev/null +++ b/objects/vulnerability/vulnerability--f784b659-0e66-4855-80d3-21c2c14c4e06.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--e8d070c8-4ff0-4e1d-a873-7f60033bcabd", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f784b659-0e66-4855-80d3-21c2c14c4e06", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-25T00:40:14.863114Z", + "modified": "2024-11-25T00:40:14.863114Z", + "name": "CVE-2024-53911", + "description": "An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24339. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53911" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f99494a7-970a-450a-8a86-581d353a756a.json b/objects/vulnerability/vulnerability--f99494a7-970a-450a-8a86-581d353a756a.json new file mode 100644 index 00000000000..235bab55e50 --- /dev/null +++ b/objects/vulnerability/vulnerability--f99494a7-970a-450a-8a86-581d353a756a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--6354cf9e-2c67-4e3e-af58-0c35d3a15b4d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f99494a7-970a-450a-8a86-581d353a756a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-25T00:40:14.850755Z", + "modified": "2024-11-25T00:40:14.850755Z", + "name": "CVE-2024-53916", + "description": "In OpenStack Neutron through 25.0.0, neutron/extensions/tagging.py can use an incorrect ID during policy enforcement. NOTE: 935883 has the \"Work in Progress\" status as of 2024-11-24.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53916" + } + ] + } + ] +} \ No newline at end of file