diff --git a/mapping.csv b/mapping.csv index 4370a1262a0..62799db2757 100644 --- a/mapping.csv +++ b/mapping.csv @@ -257732,3 +257732,76 @@ vulnerability,CVE-2024-53914,vulnerability--3d419a03-2a61-49e6-ae77-d17eba855d4e vulnerability,CVE-2024-53911,vulnerability--f784b659-0e66-4855-80d3-21c2c14c4e06 vulnerability,CVE-2024-53915,vulnerability--cbd1cdd8-fb56-4767-a3fc-0b0d1bf0afdc vulnerability,CVE-2024-53899,vulnerability--7fb02c6d-69f2-4174-90e2-7a0cfd6e8845 +vulnerability,CVE-2024-51723,vulnerability--aa598c6d-9adc-4db2-9da8-7f33d42b6e2d +vulnerability,CVE-2024-52529,vulnerability--f8440396-dcbb-4b91-aeb5-a3fe8e77ef45 +vulnerability,CVE-2024-52787,vulnerability--0d267e92-f88d-4528-bcec-8324b18b4a1a +vulnerability,CVE-2024-52811,vulnerability--96e8cf0b-3caf-4c10-b9fc-46e9ed1d9101 +vulnerability,CVE-2024-45755,vulnerability--24bf0792-6821-4d96-a6ea-c22a8866bc70 +vulnerability,CVE-2024-45756,vulnerability--69f57ec5-fe34-40ef-b4b4-7af1fef802de +vulnerability,CVE-2024-10270,vulnerability--2316d058-9794-42f4-81d1-c10fd0cdbd15 +vulnerability,CVE-2024-10710,vulnerability--d13d6d4c-d1a7-429d-a35f-4c66318f0198 +vulnerability,CVE-2024-10451,vulnerability--75d873ae-df25-43c2-bb23-a612bb026868 +vulnerability,CVE-2024-10492,vulnerability--85299bb3-8cda-403c-89b4-40c302d76410 +vulnerability,CVE-2024-10709,vulnerability--f62a8657-7cef-45c9-bff6-6f888b6b8bc7 +vulnerability,CVE-2024-9666,vulnerability--ae2dac61-64c4-47bc-a4cd-5bed7ecf667d +vulnerability,CVE-2024-50672,vulnerability--3012dcc9-dd5a-4816-8f4b-bce4ed953ff3 +vulnerability,CVE-2024-50671,vulnerability--6453e02f-9010-49d4-8ea8-a8473da2bc33 +vulnerability,CVE-2024-7915,vulnerability--f6df5a43-79d5-4b5d-bcc7-42eccb771de1 +vulnerability,CVE-2024-7056,vulnerability--a641d065-ef5f-419a-aeb4-49accf724779 +vulnerability,CVE-2024-11651,vulnerability--aa1d2f44-391e-46ed-97dd-e0ff9702d318 +vulnerability,CVE-2024-11498,vulnerability--94facfd9-67a3-460e-8cea-792e5b0ceb3f +vulnerability,CVE-2024-11657,vulnerability--6b341259-c806-4996-98e1-f0808136ebe3 +vulnerability,CVE-2024-11647,vulnerability--261081f9-da0f-45a6-97ca-741997d83460 +vulnerability,CVE-2024-11648,vulnerability--7240dec6-5f49-4a43-a2fc-d53b609a3df2 +vulnerability,CVE-2024-11660,vulnerability--f211c1f3-8e2c-4aef-9ab5-b84aa71046b0 +vulnerability,CVE-2024-11663,vulnerability--a928c22f-f6cb-4b3c-9ad7-09a6b365f6e5 +vulnerability,CVE-2024-11659,vulnerability--0dc99921-9cba-4e51-96bf-44a086c5314c +vulnerability,CVE-2024-11674,vulnerability--ad7dcc7e-b55f-476f-83cc-8cec346dfd9e +vulnerability,CVE-2024-11483,vulnerability--c3a0a868-a10e-4d18-82a3-ce6fc2e12c5d +vulnerability,CVE-2024-11658,vulnerability--16edb476-2469-4c82-8998-be4d158e9b59 +vulnerability,CVE-2024-11656,vulnerability--02fb64c6-a030-4712-b17f-dbf960c087ce +vulnerability,CVE-2024-11652,vulnerability--e50d80e6-6aae-4140-b28a-d67f62213592 +vulnerability,CVE-2024-11649,vulnerability--a64b67dd-9347-420c-ac3f-d041c485d6d7 +vulnerability,CVE-2024-11664,vulnerability--5686e4e1-33af-4faa-989d-aa895312e6f7 +vulnerability,CVE-2024-11655,vulnerability--f83a0107-d037-48e2-b5c7-a680749759d1 +vulnerability,CVE-2024-11671,vulnerability--e4cbb225-8bf7-4807-8bb7-210c20bf82da +vulnerability,CVE-2024-11403,vulnerability--83e04e8f-6262-4fb2-9f07-9b593f323abc +vulnerability,CVE-2024-11672,vulnerability--bb4e1983-288f-41bd-b434-14ad10b1611e +vulnerability,CVE-2024-11653,vulnerability--f123fdb4-fb72-4918-bd61-077f6cb9409a +vulnerability,CVE-2024-11650,vulnerability--80e67362-a90b-421f-8a49-33b015c0a675 +vulnerability,CVE-2024-11661,vulnerability--d154720b-297a-4bec-809b-5d3fd2d01b47 +vulnerability,CVE-2024-11662,vulnerability--2c9bae72-ccb3-44b2-b9fa-223d15e6574d +vulnerability,CVE-2024-11673,vulnerability--be483057-8fad-4121-8d91-f5d655ac4ca7 +vulnerability,CVE-2024-11654,vulnerability--815d5e4c-52ba-4c98-a3d2-c540b02b7956 +vulnerability,CVE-2024-11670,vulnerability--759153b5-3c95-452d-8298-5a8125886d04 +vulnerability,CVE-2024-53101,vulnerability--5a5d4d96-89bd-4e1f-9f1b-ba9cec28c95a +vulnerability,CVE-2024-53096,vulnerability--3e8d43ed-386e-426e-8746-bdf468742bea +vulnerability,CVE-2024-53102,vulnerability--ca7aa8ad-a2ac-4804-8785-1ef7634c70b6 +vulnerability,CVE-2024-53258,vulnerability--8d665a2e-7e98-4a8a-a48b-9667f18f9da6 +vulnerability,CVE-2024-53556,vulnerability--0288ca6b-035e-4c09-ad81-57a8a32a7809 +vulnerability,CVE-2024-53255,vulnerability--88d27a3b-f0ac-4139-ae8c-8a17bb4e88c5 +vulnerability,CVE-2024-53098,vulnerability--fc8a231f-bf21-4709-854d-86204e094cc3 +vulnerability,CVE-2024-53597,vulnerability--923be98c-463a-4850-bc83-606b258c9ccc +vulnerability,CVE-2024-53261,vulnerability--674602da-0f50-4e12-8f11-1977a57b86a2 +vulnerability,CVE-2024-53097,vulnerability--3d73d791-ed2f-4131-83a9-91bed2117820 +vulnerability,CVE-2024-53100,vulnerability--8e5e130e-1df4-44d7-aaf4-01f310c43638 +vulnerability,CVE-2024-53099,vulnerability--12a29398-3556-451b-8f45-39449d190cdb +vulnerability,CVE-2024-53843,vulnerability--ea5e23c2-e765-4262-b2c4-54687533d86c +vulnerability,CVE-2024-53262,vulnerability--57743b5c-00fd-459e-9336-bc398b413ce3 +vulnerability,CVE-2024-53930,vulnerability--fea1c417-214d-4de7-8641-c2d32cd9de9e +vulnerability,CVE-2024-53554,vulnerability--e710dcc8-523a-488e-bd3e-e3ec1e00384e +vulnerability,CVE-2024-53599,vulnerability--e9a39785-3ee8-41d6-9a96-c6313ae23851 +vulnerability,CVE-2024-53268,vulnerability--0512a308-4bf1-42e5-9df5-e3e2205921ef +vulnerability,CVE-2024-8272,vulnerability--e0381604-98f7-401d-9e49-d1b6fc0c1eb8 +vulnerability,CVE-2024-32468,vulnerability--f2c5fce6-c99f-4e4b-99cd-768043991366 +vulnerability,CVE-2024-27134,vulnerability--b1d8de43-6af5-419f-9dae-265507aa68c3 +vulnerability,CVE-2024-6538,vulnerability--7c23e8f3-0550-4efe-8c20-14e59b76d3f3 +vulnerability,CVE-2024-6393,vulnerability--f4b2a9a2-d9de-419f-a3c8-deb2e3526576 +vulnerability,CVE-2021-23282,vulnerability--f4b4cd43-b743-4e54-be4e-67de5897926e +vulnerability,CVE-2022-33861,vulnerability--cc934916-9ba1-4ae6-b54e-a23fbdf5fc42 +vulnerability,CVE-2022-33862,vulnerability--8af65061-8d5a-4532-b2aa-14bd8bd31356 +vulnerability,CVE-2023-45181,vulnerability--8cf04b58-0357-46df-8602-531e4cdc41d3 +vulnerability,CVE-2023-26280,vulnerability--5e6f1a57-9325-40c2-a7ae-8850ef2c09c0 +vulnerability,CVE-2020-12492,vulnerability--98ea4ef4-4705-4232-bf21-4f2fe8baa163 +vulnerability,CVE-2020-12491,vulnerability--46029916-8234-4625-a4ee-1b11b7bb3da8 +vulnerability,CVE-2020-11311,vulnerability--8c827b77-8d7a-42ef-8294-2374771f14a4 diff --git a/objects/vulnerability/vulnerability--0288ca6b-035e-4c09-ad81-57a8a32a7809.json b/objects/vulnerability/vulnerability--0288ca6b-035e-4c09-ad81-57a8a32a7809.json new file mode 100644 index 00000000000..dd8611a32e6 --- /dev/null +++ b/objects/vulnerability/vulnerability--0288ca6b-035e-4c09-ad81-57a8a32a7809.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--14ba53e9-14ec-4f27-873b-7dd9c91616c5", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--0288ca6b-035e-4c09-ad81-57a8a32a7809", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.422267Z", + "modified": "2024-11-26T00:38:59.422267Z", + "name": "CVE-2024-53556", + "description": "An Open Redirect vulnerability in Taiga v6.8.1 allows attackers to redirect users to arbitrary websites via appending a crafted link to /login?next= in the login page URL.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53556" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--02fb64c6-a030-4712-b17f-dbf960c087ce.json b/objects/vulnerability/vulnerability--02fb64c6-a030-4712-b17f-dbf960c087ce.json new file mode 100644 index 00000000000..ff1f158b5f0 --- /dev/null +++ b/objects/vulnerability/vulnerability--02fb64c6-a030-4712-b17f-dbf960c087ce.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--832b8d27-fb8a-4463-9ce8-649a1b78dfda", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--02fb64c6-a030-4712-b17f-dbf960c087ce", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.148448Z", + "modified": "2024-11-26T00:38:59.148448Z", + "name": "CVE-2024-11656", + "description": "A vulnerability, which was classified as critical, has been found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118. This issue affects some unknown processing of the file /admin/network/diag_ping6. The manipulation of the argument diag_ping6 leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11656" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--0512a308-4bf1-42e5-9df5-e3e2205921ef.json b/objects/vulnerability/vulnerability--0512a308-4bf1-42e5-9df5-e3e2205921ef.json new file mode 100644 index 00000000000..b58d4f187c2 --- /dev/null +++ b/objects/vulnerability/vulnerability--0512a308-4bf1-42e5-9df5-e3e2205921ef.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b61b3752-6e14-4543-ae64-ca316d407db0", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--0512a308-4bf1-42e5-9df5-e3e2205921ef", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.468256Z", + "modified": "2024-11-26T00:38:59.468256Z", + "name": "CVE-2024-53268", + "description": "Joplin is an open source, privacy-focused note taking app with sync capabilities for Windows, macOS, Linux, Android and iOS. In affected versions attackers are able to abuse the fact that openExternal is used without any filtering of URI schemes to obtain remote code execution in Windows environments. This issue has been addressed in version 3.0.3 and all users are advised to upgrade. There are no known workarounds for this vulnerability.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53268" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--0d267e92-f88d-4528-bcec-8324b18b4a1a.json b/objects/vulnerability/vulnerability--0d267e92-f88d-4528-bcec-8324b18b4a1a.json new file mode 100644 index 00000000000..bb3cdaf4cce --- /dev/null +++ b/objects/vulnerability/vulnerability--0d267e92-f88d-4528-bcec-8324b18b4a1a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--e853c0bf-c036-401f-b26a-a7c404a46da5", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--0d267e92-f88d-4528-bcec-8324b18b4a1a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:58.556187Z", + "modified": "2024-11-26T00:38:58.556187Z", + "name": "CVE-2024-52787", + "description": "An issue in the upload_documents method of libre-chat v0.0.6 allows attackers to execute a path traversal via supplying a crafted filename in an uploaded file.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-52787" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--0dc99921-9cba-4e51-96bf-44a086c5314c.json b/objects/vulnerability/vulnerability--0dc99921-9cba-4e51-96bf-44a086c5314c.json new file mode 100644 index 00000000000..169ef3c53f3 --- /dev/null +++ b/objects/vulnerability/vulnerability--0dc99921-9cba-4e51-96bf-44a086c5314c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--1cf4ef6c-cfb3-4dc4-908d-50131bcc9ee5", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--0dc99921-9cba-4e51-96bf-44a086c5314c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.139956Z", + "modified": "2024-11-26T00:38:59.139956Z", + "name": "CVE-2024-11659", + "description": "A vulnerability was found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/network/diag_iperf. The manipulation of the argument iperf leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11659" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--12a29398-3556-451b-8f45-39449d190cdb.json b/objects/vulnerability/vulnerability--12a29398-3556-451b-8f45-39449d190cdb.json new file mode 100644 index 00000000000..3aa722c21f1 --- /dev/null +++ b/objects/vulnerability/vulnerability--12a29398-3556-451b-8f45-39449d190cdb.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--0fd7101b-284e-4a58-a7ba-8447374ce165", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--12a29398-3556-451b-8f45-39449d190cdb", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.452634Z", + "modified": "2024-11-26T00:38:59.452634Z", + "name": "CVE-2024-53099", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Check validity of link->type in bpf_link_show_fdinfo()\n\nIf a newly-added link type doesn't invoke BPF_LINK_TYPE(), accessing\nbpf_link_type_strs[link->type] may result in an out-of-bounds access.\n\nTo spot such missed invocations early in the future, checking the\nvalidity of link->type in bpf_link_show_fdinfo() and emitting a warning\nwhen such invocations are missed.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53099" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--16edb476-2469-4c82-8998-be4d158e9b59.json b/objects/vulnerability/vulnerability--16edb476-2469-4c82-8998-be4d158e9b59.json new file mode 100644 index 00000000000..4ede2da1528 --- /dev/null +++ b/objects/vulnerability/vulnerability--16edb476-2469-4c82-8998-be4d158e9b59.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--afcfd569-eb36-41d6-8cf2-fb2d4df4bd3c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--16edb476-2469-4c82-8998-be4d158e9b59", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.14744Z", + "modified": "2024-11-26T00:38:59.14744Z", + "name": "CVE-2024-11658", + "description": "A vulnerability has been found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/network/ajax_getChannelList. The manipulation of the argument countryCode leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11658" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--2316d058-9794-42f4-81d1-c10fd0cdbd15.json b/objects/vulnerability/vulnerability--2316d058-9794-42f4-81d1-c10fd0cdbd15.json new file mode 100644 index 00000000000..576490f1356 --- /dev/null +++ b/objects/vulnerability/vulnerability--2316d058-9794-42f4-81d1-c10fd0cdbd15.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c5f1f114-4029-4a74-b4de-0f6c3d71b714", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--2316d058-9794-42f4-81d1-c10fd0cdbd15", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:58.668143Z", + "modified": "2024-11-26T00:38:58.668143Z", + "name": "CVE-2024-10270", + "description": "A vulnerability was found in the Keycloak-services package. If untrusted data is passed to the SearchQueryUtils method, it could lead to a denial of service (DoS) scenario by exhausting system resources due to a Regex complexity.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-10270" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--24bf0792-6821-4d96-a6ea-c22a8866bc70.json b/objects/vulnerability/vulnerability--24bf0792-6821-4d96-a6ea-c22a8866bc70.json new file mode 100644 index 00000000000..e7348702af1 --- /dev/null +++ b/objects/vulnerability/vulnerability--24bf0792-6821-4d96-a6ea-c22a8866bc70.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--9ed1a7e6-10ac-41cb-8520-43b04ef7b66c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--24bf0792-6821-4d96-a6ea-c22a8866bc70", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:58.641073Z", + "modified": "2024-11-26T00:38:58.641073Z", + "name": "CVE-2024-45755", + "description": "An issue was discovered in Centreon centreon-dsm-server 24.10.x before 24.10.0, 24.04.x before 24.04.3, 23.10.x before 23.10.1, 23.04.x before 23.04.3, and 22.10.x before 22.10.2. SQL injection can occur in the form to configure Centreon DSM slots. Exploitation is only accessible to authenticated users with high-privileged access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-45755" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--261081f9-da0f-45a6-97ca-741997d83460.json b/objects/vulnerability/vulnerability--261081f9-da0f-45a6-97ca-741997d83460.json new file mode 100644 index 00000000000..ab4e1b5ea2c --- /dev/null +++ b/objects/vulnerability/vulnerability--261081f9-da0f-45a6-97ca-741997d83460.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--57d0ae7b-f197-445a-81ed-54a470229d24", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--261081f9-da0f-45a6-97ca-741997d83460", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.129811Z", + "modified": "2024-11-26T00:38:59.129811Z", + "name": "CVE-2024-11647", + "description": "A vulnerability, which was classified as critical, has been found in 1000 Projects Beauty Parlour Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/view-appointment.php. The manipulation of the argument viewid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11647" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--2c9bae72-ccb3-44b2-b9fa-223d15e6574d.json b/objects/vulnerability/vulnerability--2c9bae72-ccb3-44b2-b9fa-223d15e6574d.json new file mode 100644 index 00000000000..1079bfc8e6d --- /dev/null +++ b/objects/vulnerability/vulnerability--2c9bae72-ccb3-44b2-b9fa-223d15e6574d.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--59091e30-771e-42b5-923a-91e0881f193f", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--2c9bae72-ccb3-44b2-b9fa-223d15e6574d", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.172475Z", + "modified": "2024-11-26T00:38:59.172475Z", + "name": "CVE-2024-11662", + "description": "A vulnerability was found in welliamcao OpsManage 3.0.1/3.0.2/3.0.3/3.0.4/3.0.5. It has been rated as critical. This issue affects the function deploy_host_vars of the file /apps/api/views/deploy_api.py of the component API Endpoint. The manipulation leads to deserialization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11662" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--3012dcc9-dd5a-4816-8f4b-bce4ed953ff3.json b/objects/vulnerability/vulnerability--3012dcc9-dd5a-4816-8f4b-bce4ed953ff3.json new file mode 100644 index 00000000000..bcc894780cd --- /dev/null +++ b/objects/vulnerability/vulnerability--3012dcc9-dd5a-4816-8f4b-bce4ed953ff3.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--34871d72-68d8-4f51-ae72-527ff2bc879b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--3012dcc9-dd5a-4816-8f4b-bce4ed953ff3", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:58.931612Z", + "modified": "2024-11-26T00:38:58.931612Z", + "name": "CVE-2024-50672", + "description": "A NoSQL injection vulnerability in Adapt Learning Adapt Authoring Tool <= 0.11.3 allows unauthenticated attackers to reset user and administrator account passwords via the \"Reset password\" feature. The vulnerability occurs due to insufficient validation of user input, which is used as a query in Mongoose's find() function. This makes it possible for attackers to perform a full takeover of the administrator account. Attackers can then use the newly gained administrative privileges to upload a custom plugin to perform remote code execution (RCE) on the server hosting the web application.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-50672" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--3d73d791-ed2f-4131-83a9-91bed2117820.json b/objects/vulnerability/vulnerability--3d73d791-ed2f-4131-83a9-91bed2117820.json new file mode 100644 index 00000000000..31f14763594 --- /dev/null +++ b/objects/vulnerability/vulnerability--3d73d791-ed2f-4131-83a9-91bed2117820.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--6278c427-b7b2-470a-ba3b-1a718623c8dc", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--3d73d791-ed2f-4131-83a9-91bed2117820", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.447534Z", + "modified": "2024-11-26T00:38:59.447534Z", + "name": "CVE-2024-53097", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: krealloc: Fix MTE false alarm in __do_krealloc\n\nThis patch addresses an issue introduced by commit 1a83a716ec233 (\"mm:\nkrealloc: consider spare memory for __GFP_ZERO\") which causes MTE\n(Memory Tagging Extension) to falsely report a slab-out-of-bounds error.\n\nThe problem occurs when zeroing out spare memory in __do_krealloc. The\noriginal code only considered software-based KASAN and did not account\nfor MTE. It does not reset the KASAN tag before calling memset, leading\nto a mismatch between the pointer tag and the memory tag, resulting\nin a false positive.\n\nExample of the error:\n==================================================================\nswapper/0: BUG: KASAN: slab-out-of-bounds in __memset+0x84/0x188\nswapper/0: Write at addr f4ffff8005f0fdf0 by task swapper/0/1\nswapper/0: Pointer tag: [f4], memory tag: [fe]\nswapper/0:\nswapper/0: CPU: 4 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.12.\nswapper/0: Hardware name: MT6991(ENG) (DT)\nswapper/0: Call trace:\nswapper/0: dump_backtrace+0xfc/0x17c\nswapper/0: show_stack+0x18/0x28\nswapper/0: dump_stack_lvl+0x40/0xa0\nswapper/0: print_report+0x1b8/0x71c\nswapper/0: kasan_report+0xec/0x14c\nswapper/0: __do_kernel_fault+0x60/0x29c\nswapper/0: do_bad_area+0x30/0xdc\nswapper/0: do_tag_check_fault+0x20/0x34\nswapper/0: do_mem_abort+0x58/0x104\nswapper/0: el1_abort+0x3c/0x5c\nswapper/0: el1h_64_sync_handler+0x80/0xcc\nswapper/0: el1h_64_sync+0x68/0x6c\nswapper/0: __memset+0x84/0x188\nswapper/0: btf_populate_kfunc_set+0x280/0x3d8\nswapper/0: __register_btf_kfunc_id_set+0x43c/0x468\nswapper/0: register_btf_kfunc_id_set+0x48/0x60\nswapper/0: register_nf_nat_bpf+0x1c/0x40\nswapper/0: nf_nat_init+0xc0/0x128\nswapper/0: do_one_initcall+0x184/0x464\nswapper/0: do_initcall_level+0xdc/0x1b0\nswapper/0: do_initcalls+0x70/0xc0\nswapper/0: do_basic_setup+0x1c/0x28\nswapper/0: kernel_init_freeable+0x144/0x1b8\nswapper/0: kernel_init+0x20/0x1a8\nswapper/0: ret_from_fork+0x10/0x20\n==================================================================", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53097" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--3e8d43ed-386e-426e-8746-bdf468742bea.json b/objects/vulnerability/vulnerability--3e8d43ed-386e-426e-8746-bdf468742bea.json new file mode 100644 index 00000000000..f1a10962806 --- /dev/null +++ b/objects/vulnerability/vulnerability--3e8d43ed-386e-426e-8746-bdf468742bea.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--08d9fb05-d6d9-4f63-a242-b5f5208b7ff0", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--3e8d43ed-386e-426e-8746-bdf468742bea", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.410531Z", + "modified": "2024-11-26T00:38:59.410531Z", + "name": "CVE-2024-53096", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: resolve faulty mmap_region() error path behaviour\n\nThe mmap_region() function is somewhat terrifying, with spaghetti-like\ncontrol flow and numerous means by which issues can arise and incomplete\nstate, memory leaks and other unpleasantness can occur.\n\nA large amount of the complexity arises from trying to handle errors late\nin the process of mapping a VMA, which forms the basis of recently\nobserved issues with resource leaks and observable inconsistent state.\n\nTaking advantage of previous patches in this series we move a number of\nchecks earlier in the code, simplifying things by moving the core of the\nlogic into a static internal function __mmap_region().\n\nDoing this allows us to perform a number of checks up front before we do\nany real work, and allows us to unwind the writable unmap check\nunconditionally as required and to perform a CONFIG_DEBUG_VM_MAPLE_TREE\nvalidation unconditionally also.\n\nWe move a number of things here:\n\n1. We preallocate memory for the iterator before we call the file-backed\n memory hook, allowing us to exit early and avoid having to perform\n complicated and error-prone close/free logic. We carefully free\n iterator state on both success and error paths.\n\n2. The enclosing mmap_region() function handles the mapping_map_writable()\n logic early. Previously the logic had the mapping_map_writable() at the\n point of mapping a newly allocated file-backed VMA, and a matching\n mapping_unmap_writable() on success and error paths.\n\n We now do this unconditionally if this is a file-backed, shared writable\n mapping. If a driver changes the flags to eliminate VM_MAYWRITE, however\n doing so does not invalidate the seal check we just performed, and we in\n any case always decrement the counter in the wrapper.\n\n We perform a debug assert to ensure a driver does not attempt to do the\n opposite.\n\n3. We also move arch_validate_flags() up into the mmap_region()\n function. This is only relevant on arm64 and sparc64, and the check is\n only meaningful for SPARC with ADI enabled. We explicitly add a warning\n for this arch if a driver invalidates this check, though the code ought\n eventually to be fixed to eliminate the need for this.\n\nWith all of these measures in place, we no longer need to explicitly close\nthe VMA on error paths, as we place all checks which might fail prior to a\ncall to any driver mmap hook.\n\nThis eliminates an entire class of errors, makes the code easier to reason\nabout and more robust.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53096" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--46029916-8234-4625-a4ee-1b11b7bb3da8.json b/objects/vulnerability/vulnerability--46029916-8234-4625-a4ee-1b11b7bb3da8.json new file mode 100644 index 00000000000..4cb60bf4407 --- /dev/null +++ b/objects/vulnerability/vulnerability--46029916-8234-4625-a4ee-1b11b7bb3da8.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--48ecd9b0-dec9-4e6e-bf58-1c4c65be493d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--46029916-8234-4625-a4ee-1b11b7bb3da8", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:39:13.961522Z", + "modified": "2024-11-26T00:39:13.961522Z", + "name": "CVE-2020-12491", + "description": "Improper control of framework service permissions with possibility of some sensitive device information leakage.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2020-12491" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--5686e4e1-33af-4faa-989d-aa895312e6f7.json b/objects/vulnerability/vulnerability--5686e4e1-33af-4faa-989d-aa895312e6f7.json new file mode 100644 index 00000000000..292e495352d --- /dev/null +++ b/objects/vulnerability/vulnerability--5686e4e1-33af-4faa-989d-aa895312e6f7.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--699f2e54-998d-4782-be93-dc007923813c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--5686e4e1-33af-4faa-989d-aa895312e6f7", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.155031Z", + "modified": "2024-11-26T00:38:59.155031Z", + "name": "CVE-2024-11664", + "description": "A vulnerability, which was classified as critical, has been found in eNMS up to 4.2. Affected by this issue is the function multiselect_filtering of the file eNMS/controller.py of the component TGZ File Handler. The manipulation leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The patch is identified as 22b0b443acca740fc83b5544165c1f53eff3f529. It is recommended to apply a patch to fix this issue.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11664" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--57743b5c-00fd-459e-9336-bc398b413ce3.json b/objects/vulnerability/vulnerability--57743b5c-00fd-459e-9336-bc398b413ce3.json new file mode 100644 index 00000000000..87c601ae53a --- /dev/null +++ b/objects/vulnerability/vulnerability--57743b5c-00fd-459e-9336-bc398b413ce3.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--1ee1b06c-5504-43a9-bdfa-53879eefa527", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--57743b5c-00fd-459e-9336-bc398b413ce3", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.454776Z", + "modified": "2024-11-26T00:38:59.454776Z", + "name": "CVE-2024-53262", + "description": "SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. The static error.html template for errors contains placeholders that are replaced without escaping the content first. error.html is the page that is rendered when everything else fails. It can contain the following placeholders: %sveltekit.status% — the HTTP status, and %sveltekit.error.message% — the error message. This leads to possible injection if an app explicitly creates an error with a message that contains user controlled content. Only applications where user provided input is used in the `Error` message will be vulnerable, so the vast majority of applications will not be vulnerable This issue has been addressed in version 2.8.3 and all users are advised to upgrade. There are no known workarounds for this vulnerability.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53262" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--5a5d4d96-89bd-4e1f-9f1b-ba9cec28c95a.json b/objects/vulnerability/vulnerability--5a5d4d96-89bd-4e1f-9f1b-ba9cec28c95a.json new file mode 100644 index 00000000000..df4c18e0e27 --- /dev/null +++ b/objects/vulnerability/vulnerability--5a5d4d96-89bd-4e1f-9f1b-ba9cec28c95a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--21b1b6f3-0fcf-4b83-ad39-78f34ae4e976", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--5a5d4d96-89bd-4e1f-9f1b-ba9cec28c95a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.407561Z", + "modified": "2024-11-26T00:38:59.407561Z", + "name": "CVE-2024-53101", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: Fix uninitialized value issue in from_kuid and from_kgid\n\nocfs2_setattr() uses attr->ia_mode, attr->ia_uid and attr->ia_gid in\na trace point even though ATTR_MODE, ATTR_UID and ATTR_GID aren't set.\n\nInitialize all fields of newattrs to avoid uninitialized variables, by\nchecking if ATTR_MODE, ATTR_UID, ATTR_GID are initialized, otherwise 0.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53101" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--5e6f1a57-9325-40c2-a7ae-8850ef2c09c0.json b/objects/vulnerability/vulnerability--5e6f1a57-9325-40c2-a7ae-8850ef2c09c0.json new file mode 100644 index 00000000000..41bc3e4699a --- /dev/null +++ b/objects/vulnerability/vulnerability--5e6f1a57-9325-40c2-a7ae-8850ef2c09c0.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d72bcafc-90a0-4402-8713-272e26f1676a", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--5e6f1a57-9325-40c2-a7ae-8850ef2c09c0", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:39:08.7602Z", + "modified": "2024-11-26T00:39:08.7602Z", + "name": "CVE-2023-26280", + "description": "IBM Jazz Foundation 7.0.2 and 7.0.3 could allow a user to change their dashboard using a specially crafted HTTP request due to improper access control.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-26280" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--6453e02f-9010-49d4-8ea8-a8473da2bc33.json b/objects/vulnerability/vulnerability--6453e02f-9010-49d4-8ea8-a8473da2bc33.json new file mode 100644 index 00000000000..2ba0871bb3b --- /dev/null +++ b/objects/vulnerability/vulnerability--6453e02f-9010-49d4-8ea8-a8473da2bc33.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--9dfab0c8-11e1-4edc-bce1-ccf706075d86", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--6453e02f-9010-49d4-8ea8-a8473da2bc33", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:58.936242Z", + "modified": "2024-11-26T00:38:58.936242Z", + "name": "CVE-2024-50671", + "description": "Incorrect access control in Adapt Learning Adapt Authoring Tool <= 0.11.3 allows attackers with Authenticated User roles to obtain email addresses via the \"Get users\" feature. The vulnerability occurs due to a flaw in permission verification logic, where the wildcard character in permitted URLs grants unintended access to endpoints restricted to users with Super Admin roles. This makes it possible for attackers to disclose the email addresses of all users.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-50671" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--674602da-0f50-4e12-8f11-1977a57b86a2.json b/objects/vulnerability/vulnerability--674602da-0f50-4e12-8f11-1977a57b86a2.json new file mode 100644 index 00000000000..fe3daf5c287 --- /dev/null +++ b/objects/vulnerability/vulnerability--674602da-0f50-4e12-8f11-1977a57b86a2.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--9cc84840-9a6a-4059-a966-7c80003be63c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--674602da-0f50-4e12-8f11-1977a57b86a2", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.446426Z", + "modified": "2024-11-26T00:38:59.446426Z", + "name": "CVE-2024-53261", + "description": "SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. \"Unsanitized input from *the request URL* flows into `end`, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).\" The files `packages/kit/src/exports/vite/dev/index.js` and `packages/kit/src/exports/vite/utils.js` both contain user controllable data which under specific conditions may flow to dev mode pages. There is little to no expected impact. The Vite development is not exposed to the network by default and even if someone were able to trick a developer into executing an XSS against themselves, a development database should not have any sensitive data. None the less this issue has been addressed in version 2.8.3 and all users are advised to upgrade.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53261" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--69f57ec5-fe34-40ef-b4b4-7af1fef802de.json b/objects/vulnerability/vulnerability--69f57ec5-fe34-40ef-b4b4-7af1fef802de.json new file mode 100644 index 00000000000..b2ff85d15ad --- /dev/null +++ b/objects/vulnerability/vulnerability--69f57ec5-fe34-40ef-b4b4-7af1fef802de.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--42cbcea3-5b50-48d4-9944-420017703934", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--69f57ec5-fe34-40ef-b4b4-7af1fef802de", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:58.650704Z", + "modified": "2024-11-26T00:38:58.650704Z", + "name": "CVE-2024-45756", + "description": "An issue was discovered in Centreon centreon-open-tickets 24.10.x before 24.10.0, 24.04.x before 24.04.2, 23.10.x before 23.10.1, 23.04.x before 23.04.3, and 22.10.x before 22.10.2. SQL injection can occur in the form to create a ticket. Exploitation is only accessible to authenticated users with high-privileged access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-45756" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--6b341259-c806-4996-98e1-f0808136ebe3.json b/objects/vulnerability/vulnerability--6b341259-c806-4996-98e1-f0808136ebe3.json new file mode 100644 index 00000000000..9d385e087da --- /dev/null +++ b/objects/vulnerability/vulnerability--6b341259-c806-4996-98e1-f0808136ebe3.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--44637071-2dc8-425f-bb53-d9b51da55e4f", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--6b341259-c806-4996-98e1-f0808136ebe3", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.12876Z", + "modified": "2024-11-26T00:38:59.12876Z", + "name": "CVE-2024-11657", + "description": "A vulnerability, which was classified as critical, was found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118. Affected is an unknown function of the file /admin/network/diag_nslookup. The manipulation of the argument diag_nslookup leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11657" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--7240dec6-5f49-4a43-a2fc-d53b609a3df2.json b/objects/vulnerability/vulnerability--7240dec6-5f49-4a43-a2fc-d53b609a3df2.json new file mode 100644 index 00000000000..ddc0e802ced --- /dev/null +++ b/objects/vulnerability/vulnerability--7240dec6-5f49-4a43-a2fc-d53b609a3df2.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--e5813d7b-85f9-4e29-a556-a73453a2af50", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--7240dec6-5f49-4a43-a2fc-d53b609a3df2", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.134069Z", + "modified": "2024-11-26T00:38:59.134069Z", + "name": "CVE-2024-11648", + "description": "A vulnerability, which was classified as critical, was found in 1000 Projects Beauty Parlour Management System 1.0. This affects an unknown part of the file /admin/add-customer.php. The manipulation of the argument name leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11648" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--759153b5-3c95-452d-8298-5a8125886d04.json b/objects/vulnerability/vulnerability--759153b5-3c95-452d-8298-5a8125886d04.json new file mode 100644 index 00000000000..662ac84e814 --- /dev/null +++ b/objects/vulnerability/vulnerability--759153b5-3c95-452d-8298-5a8125886d04.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--fa0a1fba-6379-4cbd-b22f-6e8d4a8e353d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--759153b5-3c95-452d-8298-5a8125886d04", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.180557Z", + "modified": "2024-11-26T00:38:59.180557Z", + "name": "CVE-2024-11670", + "description": "Incorrect authorization in the permission validation component of Devolutions Remote Desktop Manager 2024.2.21 and earlier on Windows allows a malicious authenticated user to bypass the \"View Password\" permission via specific actions.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11670" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--75d873ae-df25-43c2-bb23-a612bb026868.json b/objects/vulnerability/vulnerability--75d873ae-df25-43c2-bb23-a612bb026868.json new file mode 100644 index 00000000000..11039d0299c --- /dev/null +++ b/objects/vulnerability/vulnerability--75d873ae-df25-43c2-bb23-a612bb026868.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--757d4117-e638-473c-a435-e966eaafe497", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--75d873ae-df25-43c2-bb23-a612bb026868", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:58.680821Z", + "modified": "2024-11-26T00:38:58.680821Z", + "name": "CVE-2024-10451", + "description": "A flaw was found in Keycloak. This issue occurs because sensitive runtime values, such as passwords, may be captured during the Keycloak build process and embedded as default values in bytecode, leading to unintended information disclosure. In Keycloak 26, sensitive data specified directly in environment variables during the build process is also stored as a default values, making it accessible during runtime. Indirect usage of environment variables for SPI options and Quarkus properties is also vulnerable due to unconditional expansion by PropertyMapper logic, capturing sensitive data as default values in all Keycloak versions up to 26.0.2.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-10451" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--7c23e8f3-0550-4efe-8c20-14e59b76d3f3.json b/objects/vulnerability/vulnerability--7c23e8f3-0550-4efe-8c20-14e59b76d3f3.json new file mode 100644 index 00000000000..6670abfc24a --- /dev/null +++ b/objects/vulnerability/vulnerability--7c23e8f3-0550-4efe-8c20-14e59b76d3f3.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--15fcb2b1-e757-4592-8718-1ab557e71d67", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--7c23e8f3-0550-4efe-8c20-14e59b76d3f3", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:39:01.028496Z", + "modified": "2024-11-26T00:39:01.028496Z", + "name": "CVE-2024-6538", + "description": "A flaw was found in OpenShift Console. A Server Side Request Forgery (SSRF) attack can happen if an attacker supplies all or part of a URL to the server to query. The server is considered to be in a privileged network position and can often reach exposed services that aren't readily available to clients due to network filtering. Leveraging such an attack vector, the attacker can have an impact on other services and potentially disclose information or have other nefarious effects on the system.\nThe /api/dev-console/proxy/internet endpoint on the OpenShit Console allows authenticated users to have the console's pod perform arbitrary and fully controlled HTTP(s) requests. The full response to these requests is returned by the endpoint.\nWhile the name of this endpoint suggests the requests are only bound to the internet, no such checks are in place. An authenticated user can therefore ask the console to perform arbitrary HTTP requests from outside the cluster to a service inside the cluster.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-6538" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--80e67362-a90b-421f-8a49-33b015c0a675.json b/objects/vulnerability/vulnerability--80e67362-a90b-421f-8a49-33b015c0a675.json new file mode 100644 index 00000000000..2ea3609fe25 --- /dev/null +++ b/objects/vulnerability/vulnerability--80e67362-a90b-421f-8a49-33b015c0a675.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--9f84a802-2ab0-4a36-b9b6-b06bc9c5aee7", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--80e67362-a90b-421f-8a49-33b015c0a675", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.167879Z", + "modified": "2024-11-26T00:38:59.167879Z", + "name": "CVE-2024-11650", + "description": "A vulnerability was found in Tenda i9 1.0.0.8(3828) and classified as critical. This issue affects the function websReadEvent of the file /goform/GetIPTV. The manipulation leads to null pointer dereference. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11650" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--815d5e4c-52ba-4c98-a3d2-c540b02b7956.json b/objects/vulnerability/vulnerability--815d5e4c-52ba-4c98-a3d2-c540b02b7956.json new file mode 100644 index 00000000000..dc686462b1e --- /dev/null +++ b/objects/vulnerability/vulnerability--815d5e4c-52ba-4c98-a3d2-c540b02b7956.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--4fdc620e-436f-44b3-b1f5-70c228485e8e", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--815d5e4c-52ba-4c98-a3d2-c540b02b7956", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.178176Z", + "modified": "2024-11-26T00:38:59.178176Z", + "name": "CVE-2024-11654", + "description": "A vulnerability classified as critical has been found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118. This affects an unknown part of the file /admin/network/diag_traceroute6. The manipulation of the argument diag_traceroute6 leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11654" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--83e04e8f-6262-4fb2-9f07-9b593f323abc.json b/objects/vulnerability/vulnerability--83e04e8f-6262-4fb2-9f07-9b593f323abc.json new file mode 100644 index 00000000000..7bebd1125b0 --- /dev/null +++ b/objects/vulnerability/vulnerability--83e04e8f-6262-4fb2-9f07-9b593f323abc.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--bfee1cb9-cff8-427a-b96b-b5399d22ff3c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--83e04e8f-6262-4fb2-9f07-9b593f323abc", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.161836Z", + "modified": "2024-11-26T00:38:59.161836Z", + "name": "CVE-2024-11403", + "description": "There exists an out of bounds read/write in LibJXL versions prior to commit 9cc451b91b74ba470fd72bd48c121e9f33d24c99. The JPEG decoder used by the JPEG XL encoder when doing JPEG recompression (i.e. if using JxlEncoderAddJPEGFrame on untrusted input) does not properly check bounds in the presence of incomplete codes. This could lead to an out-of-bounds write. In jpegli which is released as part of the same project, the same vulnerability is present. However, the relevant buffer is part of a bigger structure, and the code makes no assumptions on the values that could be overwritten. The issue could however cause jpegli to read uninitialised memory, or addresses of functions.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11403" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--85299bb3-8cda-403c-89b4-40c302d76410.json b/objects/vulnerability/vulnerability--85299bb3-8cda-403c-89b4-40c302d76410.json new file mode 100644 index 00000000000..47ebf39100d --- /dev/null +++ b/objects/vulnerability/vulnerability--85299bb3-8cda-403c-89b4-40c302d76410.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--101dc458-5ba6-42d1-a469-ad4ec1dfca7d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--85299bb3-8cda-403c-89b4-40c302d76410", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:58.688382Z", + "modified": "2024-11-26T00:38:58.688382Z", + "name": "CVE-2024-10492", + "description": "A vulnerability was found in Keycloak. A user with high privileges could read sensitive information from a Vault file that is not within the expected context. This attacker must have previous high access to the Keycloak server in order to perform resource creation, for example, an LDAP provider configuration and set up a Vault read file, which will only inform whether that file exists or not.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-10492" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--88d27a3b-f0ac-4139-ae8c-8a17bb4e88c5.json b/objects/vulnerability/vulnerability--88d27a3b-f0ac-4139-ae8c-8a17bb4e88c5.json new file mode 100644 index 00000000000..2baf6f8bc37 --- /dev/null +++ b/objects/vulnerability/vulnerability--88d27a3b-f0ac-4139-ae8c-8a17bb4e88c5.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b827e9a4-6e45-4352-8367-2261ffc80254", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--88d27a3b-f0ac-4139-ae8c-8a17bb4e88c5", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.429769Z", + "modified": "2024-11-26T00:38:59.429769Z", + "name": "CVE-2024-53255", + "description": "BoidCMS is a free and open-source flat file CMS for building simple websites and blogs, developed using PHP and uses JSON as a database. In affected versions a reflected Cross-site Scripting (XSS) vulnerability exists in the /admin?page=media endpoint in the file parameter, allowing an attacker to inject arbitrary JavaScript code. This code could be used to steal the user's session cookie, perform phishing attacks, or deface the website. This issue has been addressed in version 2.1.2 and all users are advised to upgrade. There are no known workarounds for this vulnerability.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53255" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8af65061-8d5a-4532-b2aa-14bd8bd31356.json b/objects/vulnerability/vulnerability--8af65061-8d5a-4532-b2aa-14bd8bd31356.json new file mode 100644 index 00000000000..c1205512c5c --- /dev/null +++ b/objects/vulnerability/vulnerability--8af65061-8d5a-4532-b2aa-14bd8bd31356.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--e7c65f5b-c204-4f42-a382-db3f8dc85483", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8af65061-8d5a-4532-b2aa-14bd8bd31356", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:39:05.047359Z", + "modified": "2024-11-26T00:39:05.047359Z", + "name": "CVE-2022-33862", + "description": "IPP software prior to v1.71 is vulnerable to default credential vulnerability. This could\nlead attackers to identify and access vulnerable systems.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-33862" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8c827b77-8d7a-42ef-8294-2374771f14a4.json b/objects/vulnerability/vulnerability--8c827b77-8d7a-42ef-8294-2374771f14a4.json new file mode 100644 index 00000000000..4e703be7ad7 --- /dev/null +++ b/objects/vulnerability/vulnerability--8c827b77-8d7a-42ef-8294-2374771f14a4.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--6e90a472-b13b-435a-b029-7e6596d27519", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8c827b77-8d7a-42ef-8294-2374771f14a4", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:39:14.30456Z", + "modified": "2024-11-26T00:39:14.30456Z", + "name": "CVE-2020-11311", + "description": "This record is rejected as duplicate. All references should point to CVE-2021-1904.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2020-11311" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8cf04b58-0357-46df-8602-531e4cdc41d3.json b/objects/vulnerability/vulnerability--8cf04b58-0357-46df-8602-531e4cdc41d3.json new file mode 100644 index 00000000000..a80ed882167 --- /dev/null +++ b/objects/vulnerability/vulnerability--8cf04b58-0357-46df-8602-531e4cdc41d3.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--938062d8-205b-4c53-a40a-1ca96d9ee69f", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8cf04b58-0357-46df-8602-531e4cdc41d3", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:39:08.377104Z", + "modified": "2024-11-26T00:39:08.377104Z", + "name": "CVE-2023-45181", + "description": "IBM Jazz Foundation 7.0.2 and below are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-45181" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8d665a2e-7e98-4a8a-a48b-9667f18f9da6.json b/objects/vulnerability/vulnerability--8d665a2e-7e98-4a8a-a48b-9667f18f9da6.json new file mode 100644 index 00000000000..fdd6b9ca893 --- /dev/null +++ b/objects/vulnerability/vulnerability--8d665a2e-7e98-4a8a-a48b-9667f18f9da6.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a84ed5a6-75c1-4482-aeb4-78affe6b83d1", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8d665a2e-7e98-4a8a-a48b-9667f18f9da6", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.417527Z", + "modified": "2024-11-26T00:38:59.417527Z", + "name": "CVE-2024-53258", + "description": "Autolab is a course management service that enables auto-graded programming assignments. From Autolab versions v.3.0.0 onward students can download all assignments from another student, as long as they are logged in, using the download_all_submissions feature. This can allow for leakage of submissions to unauthorized users, such as downloading submissions from other students in the class, or even instructor test submissions, given they know their user IDs. This issue has been patched in commit `1aa4c769` which is not yet in a release version, but is expected to be included in version 3.0.3. Users are advised to either manually patch or to wait for version 3.0.3. As a workaround administrators can disable the feature.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53258" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8e5e130e-1df4-44d7-aaf4-01f310c43638.json b/objects/vulnerability/vulnerability--8e5e130e-1df4-44d7-aaf4-01f310c43638.json new file mode 100644 index 00000000000..c8e91ced317 --- /dev/null +++ b/objects/vulnerability/vulnerability--8e5e130e-1df4-44d7-aaf4-01f310c43638.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--026a9f38-d942-45ef-b960-735dbdd31183", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8e5e130e-1df4-44d7-aaf4-01f310c43638", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.450313Z", + "modified": "2024-11-26T00:38:59.450313Z", + "name": "CVE-2024-53100", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme: tcp: avoid race between queue_lock lock and destroy\n\nCommit 76d54bf20cdc (\"nvme-tcp: don't access released socket during\nerror recovery\") added a mutex_lock() call for the queue->queue_lock\nin nvme_tcp_get_address(). However, the mutex_lock() races with\nmutex_destroy() in nvme_tcp_free_queue(), and causes the WARN below.\n\nDEBUG_LOCKS_WARN_ON(lock->magic != lock)\nWARNING: CPU: 3 PID: 34077 at kernel/locking/mutex.c:587 __mutex_lock+0xcf0/0x1220\nModules linked in: nvmet_tcp nvmet nvme_tcp nvme_fabrics iw_cm ib_cm ib_core pktcdvd nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip_set nf_tables qrtr sunrpc ppdev 9pnet_virtio 9pnet pcspkr netfs parport_pc parport e1000 i2c_piix4 i2c_smbus loop fuse nfnetlink zram bochs drm_vram_helper drm_ttm_helper ttm drm_kms_helper xfs drm sym53c8xx floppy nvme scsi_transport_spi nvme_core nvme_auth serio_raw ata_generic pata_acpi dm_multipath qemu_fw_cfg [last unloaded: ib_uverbs]\nCPU: 3 UID: 0 PID: 34077 Comm: udisksd Not tainted 6.11.0-rc7 #319\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-2.fc40 04/01/2014\nRIP: 0010:__mutex_lock+0xcf0/0x1220\nCode: 08 84 d2 0f 85 c8 04 00 00 8b 15 ef b6 c8 01 85 d2 0f 85 78 f4 ff ff 48 c7 c6 20 93 ee af 48 c7 c7 60 91 ee af e8 f0 a7 6d fd <0f> 0b e9 5e f4 ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 f2 48 c1\nRSP: 0018:ffff88811305f760 EFLAGS: 00010286\nRAX: 0000000000000000 RBX: ffff88812c652058 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001\nRBP: ffff88811305f8b0 R08: 0000000000000001 R09: ffffed1075c36341\nR10: ffff8883ae1b1a0b R11: 0000000000010498 R12: 0000000000000000\nR13: 0000000000000000 R14: dffffc0000000000 R15: ffff88812c652058\nFS: 00007f9713ae4980(0000) GS:ffff8883ae180000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fcd78483c7c CR3: 0000000122c38000 CR4: 00000000000006f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \n ? __warn.cold+0x5b/0x1af\n ? __mutex_lock+0xcf0/0x1220\n ? report_bug+0x1ec/0x390\n ? handle_bug+0x3c/0x80\n ? exc_invalid_op+0x13/0x40\n ? asm_exc_invalid_op+0x16/0x20\n ? __mutex_lock+0xcf0/0x1220\n ? nvme_tcp_get_address+0xc2/0x1e0 [nvme_tcp]\n ? __pfx___mutex_lock+0x10/0x10\n ? __lock_acquire+0xd6a/0x59e0\n ? nvme_tcp_get_address+0xc2/0x1e0 [nvme_tcp]\n nvme_tcp_get_address+0xc2/0x1e0 [nvme_tcp]\n ? __pfx_nvme_tcp_get_address+0x10/0x10 [nvme_tcp]\n nvme_sysfs_show_address+0x81/0xc0 [nvme_core]\n dev_attr_show+0x42/0x80\n ? __asan_memset+0x1f/0x40\n sysfs_kf_seq_show+0x1f0/0x370\n seq_read_iter+0x2cb/0x1130\n ? rw_verify_area+0x3b1/0x590\n ? __mutex_lock+0x433/0x1220\n vfs_read+0x6a6/0xa20\n ? lockdep_hardirqs_on+0x78/0x100\n ? __pfx_vfs_read+0x10/0x10\n ksys_read+0xf7/0x1d0\n ? __pfx_ksys_read+0x10/0x10\n ? __x64_sys_openat+0x105/0x1d0\n do_syscall_64+0x93/0x180\n ? lockdep_hardirqs_on_prepare+0x16d/0x400\n ? do_syscall_64+0x9f/0x180\n ? lockdep_hardirqs_on+0x78/0x100\n ? do_syscall_64+0x9f/0x180\n ? __pfx_ksys_read+0x10/0x10\n ? lockdep_hardirqs_on_prepare+0x16d/0x400\n ? do_syscall_64+0x9f/0x180\n ? lockdep_hardirqs_on+0x78/0x100\n ? do_syscall_64+0x9f/0x180\n ? lockdep_hardirqs_on_prepare+0x16d/0x400\n ? do_syscall_64+0x9f/0x180\n ? lockdep_hardirqs_on+0x78/0x100\n ? do_syscall_64+0x9f/0x180\n ? lockdep_hardirqs_on_prepare+0x16d/0x400\n ? do_syscall_64+0x9f/0x180\n ? lockdep_hardirqs_on+0x78/0x100\n ? do_syscall_64+0x9f/0x180\n ? lockdep_hardirqs_on_prepare+0x16d/0x400\n ? do_syscall_64+0x9f/0x180\n ? lockdep_hardirqs_on+0x78/0x100\n ? do_syscall_64+0x9f/0x180\n ? do_syscall_64+0x9f/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f9713f55cfa\nCode: 55 48 89 e5 48 83 ec 20 48 89 55 e8 48 89 75 f0 89 7d f8 e8 e8 74 f8 ff 48 8b 55 e8 48 8b 75 f0 4\n---truncated---", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53100" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--923be98c-463a-4850-bc83-606b258c9ccc.json b/objects/vulnerability/vulnerability--923be98c-463a-4850-bc83-606b258c9ccc.json new file mode 100644 index 00000000000..5cf7cb1615e --- /dev/null +++ b/objects/vulnerability/vulnerability--923be98c-463a-4850-bc83-606b258c9ccc.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a1c48496-e3dc-491c-a26c-03ee8ba4eebd", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--923be98c-463a-4850-bc83-606b258c9ccc", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.441981Z", + "modified": "2024-11-26T00:38:59.441981Z", + "name": "CVE-2024-53597", + "description": "masterstack_imgcap v0.0.1 was discovered to contain a SQL injection vulnerability via the endpoint /submit.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53597" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--94facfd9-67a3-460e-8cea-792e5b0ceb3f.json b/objects/vulnerability/vulnerability--94facfd9-67a3-460e-8cea-792e5b0ceb3f.json new file mode 100644 index 00000000000..4812d958d99 --- /dev/null +++ b/objects/vulnerability/vulnerability--94facfd9-67a3-460e-8cea-792e5b0ceb3f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f0c71fa3-7e96-447c-93e6-ba4428680f38", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--94facfd9-67a3-460e-8cea-792e5b0ceb3f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.127144Z", + "modified": "2024-11-26T00:38:59.127144Z", + "name": "CVE-2024-11498", + "description": "There exists a stack buffer overflow in libjxl. A specifically-crafted file can cause the JPEG XL decoder to use large amounts of stack space (up to 256mb is possible, maybe 512mb), potentially exhausting the stack. An attacker can craft a file that will cause excessive memory usage. We recommend upgrading past commit 65fbec56bc578b6b6ee02a527be70787bbd053b0.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11498" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--96e8cf0b-3caf-4c10-b9fc-46e9ed1d9101.json b/objects/vulnerability/vulnerability--96e8cf0b-3caf-4c10-b9fc-46e9ed1d9101.json new file mode 100644 index 00000000000..43f151c1d61 --- /dev/null +++ b/objects/vulnerability/vulnerability--96e8cf0b-3caf-4c10-b9fc-46e9ed1d9101.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--caf5db4d-5c80-43f2-915a-b4fb0fdad17a", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--96e8cf0b-3caf-4c10-b9fc-46e9ed1d9101", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:58.583003Z", + "modified": "2024-11-26T00:38:58.583003Z", + "name": "CVE-2024-52811", + "description": "The ngtcp2 project is an effort to implement IETF QUIC protocol in C. In affected versions acks are not validated before being written to the qlog leading to a buffer overflow. In `ngtcp2_conn::conn_recv_pkt` for an ACK, there was new logic that got added to skip `conn_recv_ack` if an ack has already been processed in the payload. However, this causes us to also skip `ngtcp2_pkt_validate_ack`. The ack which was skipped still got written to qlog. The bug occurs in `ngtcp2_qlog::write_ack_frame`. It is now possible to reach this code with an invalid ack, suppose `largest_ack=0` and `first_ack_range=15`. Subtracting `largest_ack - first_ack_range` will lead to an integer underflow which is 20 chars long. However, the ngtcp2 qlog code assumes the number written is a signed integer and only accounts for 19 characters of overhead (see `NGTCP2_QLOG_ACK_FRAME_RANGE_OVERHEAD`). Therefore, we overwrite the buffer causing a heap overflow. This is high priority and could potentially impact many users if they enable qlog. qlog is disabled by default. Due to its overhead, it is most likely used for debugging purpose, but the actual use is unknown. ngtcp2 v1.9.1 fixes the bug and users are advised to upgrade. Users unable to upgrade should not turn on qlog.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-52811" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--98ea4ef4-4705-4232-bf21-4f2fe8baa163.json b/objects/vulnerability/vulnerability--98ea4ef4-4705-4232-bf21-4f2fe8baa163.json new file mode 100644 index 00000000000..e2e0f2deadd --- /dev/null +++ b/objects/vulnerability/vulnerability--98ea4ef4-4705-4232-bf21-4f2fe8baa163.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--cc3bfe82-3e45-47c6-844f-50a92c8ff9f1", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--98ea4ef4-4705-4232-bf21-4f2fe8baa163", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:39:13.945348Z", + "modified": "2024-11-26T00:39:13.945348Z", + "name": "CVE-2020-12492", + "description": "Improper handling of WiFi information by framework services can allow certain malicious applications to obtain sensitive information.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2020-12492" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--a641d065-ef5f-419a-aeb4-49accf724779.json b/objects/vulnerability/vulnerability--a641d065-ef5f-419a-aeb4-49accf724779.json new file mode 100644 index 00000000000..f35a52af1ff --- /dev/null +++ b/objects/vulnerability/vulnerability--a641d065-ef5f-419a-aeb4-49accf724779.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--2fb61408-c711-42ac-9d92-ccda677bf82f", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--a641d065-ef5f-419a-aeb4-49accf724779", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.064854Z", + "modified": "2024-11-26T00:38:59.064854Z", + "name": "CVE-2024-7056", + "description": "The WPForms WordPress plugin before 1.9.1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as Admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-7056" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--a64b67dd-9347-420c-ac3f-d041c485d6d7.json b/objects/vulnerability/vulnerability--a64b67dd-9347-420c-ac3f-d041c485d6d7.json new file mode 100644 index 00000000000..0f9910fbfbc --- /dev/null +++ b/objects/vulnerability/vulnerability--a64b67dd-9347-420c-ac3f-d041c485d6d7.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--9e0d6110-ec1a-4e14-b13b-bf8bd886575a", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--a64b67dd-9347-420c-ac3f-d041c485d6d7", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.152302Z", + "modified": "2024-11-26T00:38:59.152302Z", + "name": "CVE-2024-11649", + "description": "A vulnerability has been found in 1000 Projects Beauty Parlour Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/search-appointment.php. The manipulation of the argument searchdata leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11649" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--a928c22f-f6cb-4b3c-9ad7-09a6b365f6e5.json b/objects/vulnerability/vulnerability--a928c22f-f6cb-4b3c-9ad7-09a6b365f6e5.json new file mode 100644 index 00000000000..2448c1cffa4 --- /dev/null +++ b/objects/vulnerability/vulnerability--a928c22f-f6cb-4b3c-9ad7-09a6b365f6e5.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d60d6715-dd8e-42b9-8b3d-26d7a0aaff43", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--a928c22f-f6cb-4b3c-9ad7-09a6b365f6e5", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.136688Z", + "modified": "2024-11-26T00:38:59.136688Z", + "name": "CVE-2024-11663", + "description": "A vulnerability classified as critical was found in Codezips E-Commerce Site 1.0. Affected by this vulnerability is an unknown functionality of the file search.php. The manipulation of the argument keywords leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11663" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--aa1d2f44-391e-46ed-97dd-e0ff9702d318.json b/objects/vulnerability/vulnerability--aa1d2f44-391e-46ed-97dd-e0ff9702d318.json new file mode 100644 index 00000000000..f526a190b4e --- /dev/null +++ b/objects/vulnerability/vulnerability--aa1d2f44-391e-46ed-97dd-e0ff9702d318.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--551d8cad-d68d-4565-91b8-1c6fae0e6c2b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--aa1d2f44-391e-46ed-97dd-e0ff9702d318", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.124934Z", + "modified": "2024-11-26T00:38:59.124934Z", + "name": "CVE-2024-11651", + "description": "A vulnerability was found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118. It has been classified as critical. Affected is an unknown function of the file /admin/network/wifi_schedule. The manipulation of the argument wifi_schedule_day_em_5 leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11651" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--aa598c6d-9adc-4db2-9da8-7f33d42b6e2d.json b/objects/vulnerability/vulnerability--aa598c6d-9adc-4db2-9da8-7f33d42b6e2d.json new file mode 100644 index 00000000000..1a26691a4cd --- /dev/null +++ b/objects/vulnerability/vulnerability--aa598c6d-9adc-4db2-9da8-7f33d42b6e2d.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--770c3f90-1eae-49d2-aed8-1df679a1099f", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--aa598c6d-9adc-4db2-9da8-7f33d42b6e2d", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:58.38586Z", + "modified": "2024-11-26T00:38:58.38586Z", + "name": "CVE-2024-51723", + "description": "A Stored Cross-Site Scripting (XSS) vulnerability in the Management Console of BlackBerry AtHoc version 7.15 could allow an attacker to potentially execute actions in the context of the victim's session.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-51723" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--ad7dcc7e-b55f-476f-83cc-8cec346dfd9e.json b/objects/vulnerability/vulnerability--ad7dcc7e-b55f-476f-83cc-8cec346dfd9e.json new file mode 100644 index 00000000000..51ccfe8204e --- /dev/null +++ b/objects/vulnerability/vulnerability--ad7dcc7e-b55f-476f-83cc-8cec346dfd9e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--3621b65c-5c30-496f-89e0-bed6dfcbd773", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--ad7dcc7e-b55f-476f-83cc-8cec346dfd9e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.141033Z", + "modified": "2024-11-26T00:38:59.141033Z", + "name": "CVE-2024-11674", + "description": "A vulnerability, which was classified as critical, was found in CodeAstro Hospital Management System 1.0. Affected is an unknown function of the file /backend/doc/his_doc_update-account.php. The manipulation of the argument doc_dpic leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11674" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--ae2dac61-64c4-47bc-a4cd-5bed7ecf667d.json b/objects/vulnerability/vulnerability--ae2dac61-64c4-47bc-a4cd-5bed7ecf667d.json new file mode 100644 index 00000000000..d3c0d7cbbd9 --- /dev/null +++ b/objects/vulnerability/vulnerability--ae2dac61-64c4-47bc-a4cd-5bed7ecf667d.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--2a71093d-b29b-48e2-a05c-9f403b89e9cd", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--ae2dac61-64c4-47bc-a4cd-5bed7ecf667d", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:58.730154Z", + "modified": "2024-11-26T00:38:58.730154Z", + "name": "CVE-2024-9666", + "description": "A vulnerability was found in the Keycloak Server. The Keycloak Server is vulnerable to a denial of service (DoS) attack due to improper handling of proxy headers. When Keycloak is configured to accept incoming proxy headers, it may accept non-IP values, such as obfuscated identifiers, without proper validation. This issue can lead to costly DNS resolution operations, which an attacker could exploit to tie up IO threads and potentially cause a denial of service.\nThe attacker must have access to send requests to a Keycloak instance that is configured to accept proxy headers, specifically when reverse proxies do not overwrite incoming headers, and Keycloak is configured to trust these headers.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-9666" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--b1d8de43-6af5-419f-9dae-265507aa68c3.json b/objects/vulnerability/vulnerability--b1d8de43-6af5-419f-9dae-265507aa68c3.json new file mode 100644 index 00000000000..28a5e8e2004 --- /dev/null +++ b/objects/vulnerability/vulnerability--b1d8de43-6af5-419f-9dae-265507aa68c3.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--20b19646-7c00-4dae-811d-77358240cc3d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--b1d8de43-6af5-419f-9dae-265507aa68c3", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:39:00.886083Z", + "modified": "2024-11-26T00:39:00.886083Z", + "name": "CVE-2024-27134", + "description": "Excessive directory permissions in MLflow leads to local privilege escalation when using spark_udf. This behavior can be exploited by a local attacker to gain elevated permissions by using a ToCToU attack. The issue is only relevant when the spark_udf() MLflow API is called.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-27134" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--bb4e1983-288f-41bd-b434-14ad10b1611e.json b/objects/vulnerability/vulnerability--bb4e1983-288f-41bd-b434-14ad10b1611e.json new file mode 100644 index 00000000000..dc741cbe57a --- /dev/null +++ b/objects/vulnerability/vulnerability--bb4e1983-288f-41bd-b434-14ad10b1611e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--6fa2686c-d6ff-49e9-a93e-3bf725e43a05", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--bb4e1983-288f-41bd-b434-14ad10b1611e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.163384Z", + "modified": "2024-11-26T00:38:59.163384Z", + "name": "CVE-2024-11672", + "description": "Incorrect authorization in the add permission component in Devolutions Remote Desktop Manager 2024.2.21 and earlier on Windows allows an authenticated malicious user to bypass the \"Add\" permission via the import in vault feature.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11672" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--be483057-8fad-4121-8d91-f5d655ac4ca7.json b/objects/vulnerability/vulnerability--be483057-8fad-4121-8d91-f5d655ac4ca7.json new file mode 100644 index 00000000000..ab057fcb39b --- /dev/null +++ b/objects/vulnerability/vulnerability--be483057-8fad-4121-8d91-f5d655ac4ca7.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--5c604bf0-771a-44f1-b61c-62b496556b26", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--be483057-8fad-4121-8d91-f5d655ac4ca7", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.173509Z", + "modified": "2024-11-26T00:38:59.173509Z", + "name": "CVE-2024-11673", + "description": "A vulnerability, which was classified as problematic, has been found in 1000 Projects Bookstore Management System 1.0. This issue affects some unknown processing. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11673" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--c3a0a868-a10e-4d18-82a3-ce6fc2e12c5d.json b/objects/vulnerability/vulnerability--c3a0a868-a10e-4d18-82a3-ce6fc2e12c5d.json new file mode 100644 index 00000000000..2ca126b28be --- /dev/null +++ b/objects/vulnerability/vulnerability--c3a0a868-a10e-4d18-82a3-ce6fc2e12c5d.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--3837aff2-db92-4199-b00f-a4c065c8f8fe", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--c3a0a868-a10e-4d18-82a3-ce6fc2e12c5d", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.143897Z", + "modified": "2024-11-26T00:38:59.143897Z", + "name": "CVE-2024-11483", + "description": "A vulnerability was found in the Ansible Automation Platform (AAP). This flaw allows attackers to escalate privileges by improperly leveraging read-scoped OAuth2 tokens to gain write access. This issue affects API endpoints that rely on ansible_base.oauth2_provider for OAuth2 authentication. While the impact is limited to actions within the user’s assigned permissions, it undermines scoped access controls, potentially allowing unintended modifications in the application and consuming services.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11483" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--ca7aa8ad-a2ac-4804-8785-1ef7634c70b6.json b/objects/vulnerability/vulnerability--ca7aa8ad-a2ac-4804-8785-1ef7634c70b6.json new file mode 100644 index 00000000000..a4dcafedd5c --- /dev/null +++ b/objects/vulnerability/vulnerability--ca7aa8ad-a2ac-4804-8785-1ef7634c70b6.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--cd44ff1b-4401-4508-833e-81cb95a57b7a", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--ca7aa8ad-a2ac-4804-8785-1ef7634c70b6", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.415161Z", + "modified": "2024-11-26T00:38:59.415161Z", + "name": "CVE-2024-53102", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme: make keep-alive synchronous operation\n\nThe nvme keep-alive operation, which executes at a periodic interval,\ncould potentially sneak in while shutting down a fabric controller.\nThis may lead to a race between the fabric controller admin queue\ndestroy code path (invoked while shutting down controller) and hw/hctx\nqueue dispatcher called from the nvme keep-alive async request queuing\noperation. This race could lead to the kernel crash shown below:\n\nCall Trace:\n autoremove_wake_function+0x0/0xbc (unreliable)\n __blk_mq_sched_dispatch_requests+0x114/0x24c\n blk_mq_sched_dispatch_requests+0x44/0x84\n blk_mq_run_hw_queue+0x140/0x220\n nvme_keep_alive_work+0xc8/0x19c [nvme_core]\n process_one_work+0x200/0x4e0\n worker_thread+0x340/0x504\n kthread+0x138/0x140\n start_kernel_thread+0x14/0x18\n\nWhile shutting down fabric controller, if nvme keep-alive request sneaks\nin then it would be flushed off. The nvme_keep_alive_end_io function is\nthen invoked to handle the end of the keep-alive operation which\ndecrements the admin->q_usage_counter and assuming this is the last/only\nrequest in the admin queue then the admin->q_usage_counter becomes zero.\nIf that happens then blk-mq destroy queue operation (blk_mq_destroy_\nqueue()) which could be potentially running simultaneously on another\ncpu (as this is the controller shutdown code path) would forward\nprogress and deletes the admin queue. So, now from this point onward\nwe are not supposed to access the admin queue resources. However the\nissue here's that the nvme keep-alive thread running hw/hctx queue\ndispatch operation hasn't yet finished its work and so it could still\npotentially access the admin queue resource while the admin queue had\nbeen already deleted and that causes the above crash.\n\nThis fix helps avoid the observed crash by implementing keep-alive as a\nsynchronous operation so that we decrement admin->q_usage_counter only\nafter keep-alive command finished its execution and returns the command\nstatus back up to its caller (blk_execute_rq()). This would ensure that\nfabric shutdown code path doesn't destroy the fabric admin queue until\nkeep-alive request finished execution and also keep-alive thread is not\nrunning hw/hctx queue dispatch operation.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53102" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--cc934916-9ba1-4ae6-b54e-a23fbdf5fc42.json b/objects/vulnerability/vulnerability--cc934916-9ba1-4ae6-b54e-a23fbdf5fc42.json new file mode 100644 index 00000000000..e0d89a35b2e --- /dev/null +++ b/objects/vulnerability/vulnerability--cc934916-9ba1-4ae6-b54e-a23fbdf5fc42.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--56261312-5bd7-4e85-a0af-3577753cf18d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--cc934916-9ba1-4ae6-b54e-a23fbdf5fc42", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:39:05.008318Z", + "modified": "2024-11-26T00:39:05.008318Z", + "name": "CVE-2022-33861", + "description": "IPP software versions prior to v1.71 do not sufficiently verify the authenticity of data, in a\nway that causes it to accept invalid data.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-33861" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d13d6d4c-d1a7-429d-a35f-4c66318f0198.json b/objects/vulnerability/vulnerability--d13d6d4c-d1a7-429d-a35f-4c66318f0198.json new file mode 100644 index 00000000000..d749e04871c --- /dev/null +++ b/objects/vulnerability/vulnerability--d13d6d4c-d1a7-429d-a35f-4c66318f0198.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--42c3f6d3-4d69-4198-8fb2-1286e6bf521c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d13d6d4c-d1a7-429d-a35f-4c66318f0198", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:58.672819Z", + "modified": "2024-11-26T00:38:58.672819Z", + "name": "CVE-2024-10710", + "description": "The YaDisk Files WordPress plugin through 1.2.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-10710" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d154720b-297a-4bec-809b-5d3fd2d01b47.json b/objects/vulnerability/vulnerability--d154720b-297a-4bec-809b-5d3fd2d01b47.json new file mode 100644 index 00000000000..81282c50e1d --- /dev/null +++ b/objects/vulnerability/vulnerability--d154720b-297a-4bec-809b-5d3fd2d01b47.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c6d07b28-b410-4587-8814-181157db4efd", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d154720b-297a-4bec-809b-5d3fd2d01b47", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.171086Z", + "modified": "2024-11-26T00:38:59.171086Z", + "name": "CVE-2024-11661", + "description": "A vulnerability was found in Codezips Free Exam Hall Seating Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file profile.php of the component Profile Image Handler. The manipulation of the argument image leads to unrestricted upload. The attack can be initiated remotely. The researcher submit confuses the vulnerability class of this issue.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11661" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e0381604-98f7-401d-9e49-d1b6fc0c1eb8.json b/objects/vulnerability/vulnerability--e0381604-98f7-401d-9e49-d1b6fc0c1eb8.json new file mode 100644 index 00000000000..e093879b575 --- /dev/null +++ b/objects/vulnerability/vulnerability--e0381604-98f7-401d-9e49-d1b6fc0c1eb8.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--1cf921f7-da09-4766-bf84-5d0492419e86", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e0381604-98f7-401d-9e49-d1b6fc0c1eb8", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.488929Z", + "modified": "2024-11-26T00:38:59.488929Z", + "name": "CVE-2024-8272", + "description": "The com.uaudio.bsd.helper service, responsible for handling privileged operations, fails to implement critical client validation during XPC inter-process communication (IPC). Specifically, the service does not verify the code requirements, entitlements, or security flags of any client attempting to establish a connection. This lack of proper validation allows unauthorized clients to exploit the service's methods and escalate privileges to root.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-8272" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e4cbb225-8bf7-4807-8bb7-210c20bf82da.json b/objects/vulnerability/vulnerability--e4cbb225-8bf7-4807-8bb7-210c20bf82da.json new file mode 100644 index 00000000000..9e3f5dbe880 --- /dev/null +++ b/objects/vulnerability/vulnerability--e4cbb225-8bf7-4807-8bb7-210c20bf82da.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--dd539ca4-77ce-485f-b1b4-52c585e896c2", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e4cbb225-8bf7-4807-8bb7-210c20bf82da", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.160368Z", + "modified": "2024-11-26T00:38:59.160368Z", + "name": "CVE-2024-11671", + "description": "Improper authentication in SQL data source MFA validation in Devolutions Remote Desktop Manager 2024.3.17 and earlier on Windows allows an authenticated user to bypass the MFA validation via data source switching.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11671" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e50d80e6-6aae-4140-b28a-d67f62213592.json b/objects/vulnerability/vulnerability--e50d80e6-6aae-4140-b28a-d67f62213592.json new file mode 100644 index 00000000000..c93ad29d036 --- /dev/null +++ b/objects/vulnerability/vulnerability--e50d80e6-6aae-4140-b28a-d67f62213592.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--9e36fc7f-3c1c-4300-9ee0-abd770b2890d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e50d80e6-6aae-4140-b28a-d67f62213592", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.151362Z", + "modified": "2024-11-26T00:38:59.151362Z", + "name": "CVE-2024-11652", + "description": "A vulnerability was found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/sn_package/sn_https. The manipulation of the argument https_enable leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11652" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e710dcc8-523a-488e-bd3e-e3ec1e00384e.json b/objects/vulnerability/vulnerability--e710dcc8-523a-488e-bd3e-e3ec1e00384e.json new file mode 100644 index 00000000000..ca9f92cba63 --- /dev/null +++ b/objects/vulnerability/vulnerability--e710dcc8-523a-488e-bd3e-e3ec1e00384e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--604d7c54-6dd4-4b98-bbaf-d5361d52d9ea", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e710dcc8-523a-488e-bd3e-e3ec1e00384e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.461081Z", + "modified": "2024-11-26T00:38:59.461081Z", + "name": "CVE-2024-53554", + "description": "A Client-Side Template Injection (CSTI) vulnerability in the component /project/new/scrum of Taiga v 8.6.1 allows remote attackers to execute arbitrary code by injecting a malicious payload within the new project details.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53554" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e9a39785-3ee8-41d6-9a96-c6313ae23851.json b/objects/vulnerability/vulnerability--e9a39785-3ee8-41d6-9a96-c6313ae23851.json new file mode 100644 index 00000000000..de534f82091 --- /dev/null +++ b/objects/vulnerability/vulnerability--e9a39785-3ee8-41d6-9a96-c6313ae23851.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--899d26f2-0ff6-4723-aeaf-2f00dfbdf5d0", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e9a39785-3ee8-41d6-9a96-c6313ae23851", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.463085Z", + "modified": "2024-11-26T00:38:59.463085Z", + "name": "CVE-2024-53599", + "description": "A cross-site scripting (XSS) vulnerability in the /scroll.php endpoint of LafeLabs Chaos v0.0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53599" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--ea5e23c2-e765-4262-b2c4-54687533d86c.json b/objects/vulnerability/vulnerability--ea5e23c2-e765-4262-b2c4-54687533d86c.json new file mode 100644 index 00000000000..5b5a64f7ec5 --- /dev/null +++ b/objects/vulnerability/vulnerability--ea5e23c2-e765-4262-b2c4-54687533d86c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--4ba69405-e900-45ea-8c5b-ccb1cbaf3161", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--ea5e23c2-e765-4262-b2c4-54687533d86c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.453734Z", + "modified": "2024-11-26T00:38:59.453734Z", + "name": "CVE-2024-53843", + "description": "@dapperduckling/keycloak-connector-server is an opinionated series of libraries for Node.js applications and frontend clients to interface with keycloak. A Reflected Cross-Site Scripting (XSS) vulnerability was discovered in the authentication flow of the application. This issue arises due to improper sanitization of the URL parameters, allowing the URL bar's contents to be injected and reflected into the HTML page. An attacker could craft a malicious URL to execute arbitrary JavaScript in the browser of a victim who visits the link. Any application utilizing this authentication library is vulnerable. Users of the application are at risk if they can be lured into clicking on a crafted malicious link. The vulnerability has been patched in version 2.5.5 by ensuring proper sanitization and escaping of user input in the affected URL parameters. Users are strongly encouraged to upgrade. If upgrading is not immediately possible, users can implement the following workarounds: 1. Employ a Web Application Firewall (WAF) to block malicious requests containing suspicious URL parameters. or 2. Apply input validation and escaping directly within the application’s middleware or reverse proxy layer, specifically targeting the affected parameters.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53843" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f123fdb4-fb72-4918-bd61-077f6cb9409a.json b/objects/vulnerability/vulnerability--f123fdb4-fb72-4918-bd61-077f6cb9409a.json new file mode 100644 index 00000000000..7238f97de0c --- /dev/null +++ b/objects/vulnerability/vulnerability--f123fdb4-fb72-4918-bd61-077f6cb9409a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a809c96e-d1ff-4045-8c98-5380a8dc96ca", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f123fdb4-fb72-4918-bd61-077f6cb9409a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.165522Z", + "modified": "2024-11-26T00:38:59.165522Z", + "name": "CVE-2024-11653", + "description": "A vulnerability was found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/network/diag_traceroute. The manipulation of the argument diag_traceroute leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11653" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f211c1f3-8e2c-4aef-9ab5-b84aa71046b0.json b/objects/vulnerability/vulnerability--f211c1f3-8e2c-4aef-9ab5-b84aa71046b0.json new file mode 100644 index 00000000000..ca9baddb957 --- /dev/null +++ b/objects/vulnerability/vulnerability--f211c1f3-8e2c-4aef-9ab5-b84aa71046b0.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--86ef034b-0f4e-4d7d-a943-d93e6409bc8c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f211c1f3-8e2c-4aef-9ab5-b84aa71046b0", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.135308Z", + "modified": "2024-11-26T00:38:59.135308Z", + "name": "CVE-2024-11660", + "description": "A vulnerability was found in code-projects Farmacia 1.0. It has been classified as problematic. This affects an unknown part of the file usuario.php. The manipulation of the argument name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11660" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f2c5fce6-c99f-4e4b-99cd-768043991366.json b/objects/vulnerability/vulnerability--f2c5fce6-c99f-4e4b-99cd-768043991366.json new file mode 100644 index 00000000000..8a5c1ca94da --- /dev/null +++ b/objects/vulnerability/vulnerability--f2c5fce6-c99f-4e4b-99cd-768043991366.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--2030fd1e-6eca-4e46-9a5f-65fde5037852", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f2c5fce6-c99f-4e4b-99cd-768043991366", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:39:00.498977Z", + "modified": "2024-11-26T00:39:00.498977Z", + "name": "CVE-2024-32468", + "description": "Deno is a runtime for JavaScript and TypeScript written in rust. Several cross-site scripting vulnerabilities existed in the `deno_doc` crate which lead to Self-XSS with deno doc --html. 1.) XSS in generated `search_index.js`, `deno_doc` outputs a JavaScript file for searching. However, the generated file used `innerHTML` on unsanitzed HTML input. 2.) XSS via property, method and enum names, `deno_doc` did not sanitize property names, method names and enum names. The first XSS most likely didn't have an impact since `deno doc --html` is expected to be used locally with own packages.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-32468" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f4b2a9a2-d9de-419f-a3c8-deb2e3526576.json b/objects/vulnerability/vulnerability--f4b2a9a2-d9de-419f-a3c8-deb2e3526576.json new file mode 100644 index 00000000000..43c4cac12c6 --- /dev/null +++ b/objects/vulnerability/vulnerability--f4b2a9a2-d9de-419f-a3c8-deb2e3526576.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b033b967-91a9-4294-94b1-350cdee2dec5", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f4b2a9a2-d9de-419f-a3c8-deb2e3526576", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:39:01.045948Z", + "modified": "2024-11-26T00:39:01.045948Z", + "name": "CVE-2024-6393", + "description": "The Photo Gallery, Sliders, Proofing and WordPress plugin before 3.59.5 does not sanitise and escape some of its Images settings, which could allow high privilege users such as Admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-6393" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f4b4cd43-b743-4e54-be4e-67de5897926e.json b/objects/vulnerability/vulnerability--f4b4cd43-b743-4e54-be4e-67de5897926e.json new file mode 100644 index 00000000000..d7b1ef54d91 --- /dev/null +++ b/objects/vulnerability/vulnerability--f4b4cd43-b743-4e54-be4e-67de5897926e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--8586e114-127f-4bec-82b8-6e1c974af0b8", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f4b4cd43-b743-4e54-be4e-67de5897926e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:39:03.633554Z", + "modified": "2024-11-26T00:39:03.633554Z", + "name": "CVE-2021-23282", + "description": "Eaton Intelligent Power Manager (IPM) prior to 1.70 is vulnerable to stored Cross site scripting. The\nvulnerability exists due to insufficient validation of input from certain resources by the IPM software.\nThe attacker would need access to the local Subnet and an administrator interaction to compromise\nthe system", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2021-23282" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f62a8657-7cef-45c9-bff6-6f888b6b8bc7.json b/objects/vulnerability/vulnerability--f62a8657-7cef-45c9-bff6-6f888b6b8bc7.json new file mode 100644 index 00000000000..3958c601077 --- /dev/null +++ b/objects/vulnerability/vulnerability--f62a8657-7cef-45c9-bff6-6f888b6b8bc7.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--084e592d-b680-4dd2-8160-926601661b17", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f62a8657-7cef-45c9-bff6-6f888b6b8bc7", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:58.697236Z", + "modified": "2024-11-26T00:38:58.697236Z", + "name": "CVE-2024-10709", + "description": "The YaDisk Files WordPress plugin through 1.2.5 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-10709" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f6df5a43-79d5-4b5d-bcc7-42eccb771de1.json b/objects/vulnerability/vulnerability--f6df5a43-79d5-4b5d-bcc7-42eccb771de1.json new file mode 100644 index 00000000000..24e4020b648 --- /dev/null +++ b/objects/vulnerability/vulnerability--f6df5a43-79d5-4b5d-bcc7-42eccb771de1.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--3e5911e2-e87a-4103-93e8-6bf16807b66b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f6df5a43-79d5-4b5d-bcc7-42eccb771de1", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.0257Z", + "modified": "2024-11-26T00:38:59.0257Z", + "name": "CVE-2024-7915", + "description": "The application Sensei Mac Cleaner contains a local privilege escalation vulnerability, allowing an attacker to perform multiple operations as the root user. These operations include arbitrary file deletion and writing, loading and unloading daemons, manipulating file permissions, and loading extensions, among other actions.\n\n\nThe vulnerable module org.cindori.SenseiHelper can be contacted via XPC. While the module performs client validation, it relies on the client's PID obtained through the public processIdentifier property of the NSXPCConnection class. This approach makes the module susceptible to a PID Reuse Attack, enabling an attacker to impersonate a legitimate client and send crafted XPC messages to invoke arbitrary methods exposed by the HelperProtocol interface.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-7915" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f83a0107-d037-48e2-b5c7-a680749759d1.json b/objects/vulnerability/vulnerability--f83a0107-d037-48e2-b5c7-a680749759d1.json new file mode 100644 index 00000000000..56fff8bed80 --- /dev/null +++ b/objects/vulnerability/vulnerability--f83a0107-d037-48e2-b5c7-a680749759d1.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--441dc69f-6ba9-4084-bb75-afbab9170caf", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f83a0107-d037-48e2-b5c7-a680749759d1", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.157776Z", + "modified": "2024-11-26T00:38:59.157776Z", + "name": "CVE-2024-11655", + "description": "A vulnerability classified as critical was found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118. This vulnerability affects unknown code of the file /admin/network/diag_pinginterface. The manipulation of the argument diag_ping leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11655" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f8440396-dcbb-4b91-aeb5-a3fe8e77ef45.json b/objects/vulnerability/vulnerability--f8440396-dcbb-4b91-aeb5-a3fe8e77ef45.json new file mode 100644 index 00000000000..73cf576aec4 --- /dev/null +++ b/objects/vulnerability/vulnerability--f8440396-dcbb-4b91-aeb5-a3fe8e77ef45.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--1a0b8d7f-5a25-4922-8c39-6ed008da96bf", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f8440396-dcbb-4b91-aeb5-a3fe8e77ef45", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:58.548171Z", + "modified": "2024-11-26T00:38:58.548171Z", + "name": "CVE-2024-52529", + "description": "Cilium is a networking, observability, and security solution with an eBPF-based dataplane. For users with the following configuration: 1. An allow policy that selects a Layer 3 destination and a port range `AND` 2. A Layer 7 allow policy that selects a specific port within the first policy's range the Layer 7 enforcement would not occur for the traffic selected by the Layer 7 policy. This issue only affects users who use Cilium's port range functionality, which was introduced in Cilium v1.16. This issue is patched in PR #35150. This issue affects Cilium v1.16 between v1.16.0 and v1.16.3 inclusive. This issue is patched in Cilium v1.16.4. Users are advised to upgrade. Users with network policies that match the pattern described above can work around the issue by rewriting any policies that use port ranges to individually specify the ports permitted for traffic.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-52529" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--fc8a231f-bf21-4709-854d-86204e094cc3.json b/objects/vulnerability/vulnerability--fc8a231f-bf21-4709-854d-86204e094cc3.json new file mode 100644 index 00000000000..3539eb675d0 --- /dev/null +++ b/objects/vulnerability/vulnerability--fc8a231f-bf21-4709-854d-86204e094cc3.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--49211b61-f97d-4476-8e82-ed6058fb29e5", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--fc8a231f-bf21-4709-854d-86204e094cc3", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.432543Z", + "modified": "2024-11-26T00:38:59.432543Z", + "name": "CVE-2024-53098", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/ufence: Prefetch ufence addr to catch bogus address\n\naccess_ok() only checks for addr overflow so also try to read the addr\nto catch invalid addr sent from userspace.\n\n(cherry picked from commit 9408c4508483ffc60811e910a93d6425b8e63928)", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53098" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--fea1c417-214d-4de7-8641-c2d32cd9de9e.json b/objects/vulnerability/vulnerability--fea1c417-214d-4de7-8641-c2d32cd9de9e.json new file mode 100644 index 00000000000..5c4d2b56cc1 --- /dev/null +++ b/objects/vulnerability/vulnerability--fea1c417-214d-4de7-8641-c2d32cd9de9e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--7e6785d4-094f-4a83-9857-d65aa1ee708b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--fea1c417-214d-4de7-8641-c2d32cd9de9e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-11-26T00:38:59.457357Z", + "modified": "2024-11-26T00:38:59.457357Z", + "name": "CVE-2024-53930", + "description": "WikiDocs before 1.0.65 allows stored XSS by authenticated users via data that comes after $$\\\\, which is mishandled by a KaTeX parser.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53930" + } + ] + } + ] +} \ No newline at end of file