From b5bf9555a228d7c0554c85155418c043f1f1d11f Mon Sep 17 00:00:00 2001 From: gitadvisor Date: Thu, 23 Jan 2025 22:18:13 +0000 Subject: [PATCH] generated content from 2025-01-23 --- mapping.csv | 7 ++++++ ...-1c51b35e-b6c2-44f0-808f-b13e10ecf3f3.json | 22 +++++++++++++++++++ ...-3613f8d3-b364-4438-989b-8999cd5491ac.json | 22 +++++++++++++++++++ ...-5f932593-a28c-4cd0-a59e-be298151357c.json | 22 +++++++++++++++++++ ...-bcc2cefa-3923-41c1-8004-9b569b379d51.json | 22 +++++++++++++++++++ ...-c69a5b11-0be6-46a1-9fbe-7496fe897fa7.json | 22 +++++++++++++++++++ ...-cdf339d7-3527-474f-9183-d379ccd96b59.json | 22 +++++++++++++++++++ ...-d1fe6816-5ab7-4aff-a745-e5a21e1484be.json | 22 +++++++++++++++++++ 8 files changed, 161 insertions(+) create mode 100644 objects/vulnerability/vulnerability--1c51b35e-b6c2-44f0-808f-b13e10ecf3f3.json create mode 100644 objects/vulnerability/vulnerability--3613f8d3-b364-4438-989b-8999cd5491ac.json create mode 100644 objects/vulnerability/vulnerability--5f932593-a28c-4cd0-a59e-be298151357c.json create mode 100644 objects/vulnerability/vulnerability--bcc2cefa-3923-41c1-8004-9b569b379d51.json create mode 100644 objects/vulnerability/vulnerability--c69a5b11-0be6-46a1-9fbe-7496fe897fa7.json create mode 100644 objects/vulnerability/vulnerability--cdf339d7-3527-474f-9183-d379ccd96b59.json create mode 100644 objects/vulnerability/vulnerability--d1fe6816-5ab7-4aff-a745-e5a21e1484be.json diff --git a/mapping.csv b/mapping.csv index 0e1e7d278c..0efc4cbbd7 100644 --- a/mapping.csv +++ b/mapping.csv @@ -264918,3 +264918,10 @@ vulnerability,CVE-2025-24033,vulnerability--4f589dd2-6614-488f-b30c-57bb15ced5b3 vulnerability,CVE-2025-24353,vulnerability--85dcd26b-842f-47c3-93e5-152daed37a30 vulnerability,CVE-2025-23012,vulnerability--da876d7d-4263-4d34-8cdc-fb2cdc834b2c vulnerability,CVE-2025-23011,vulnerability--0424aa6f-c071-427c-bcb7-49f8c8ab6454 +vulnerability,CVE-2024-57556,vulnerability--bcc2cefa-3923-41c1-8004-9b569b379d51 +vulnerability,CVE-2024-57386,vulnerability--d1fe6816-5ab7-4aff-a745-e5a21e1484be +vulnerability,CVE-2024-57328,vulnerability--3613f8d3-b364-4438-989b-8999cd5491ac +vulnerability,CVE-2024-57329,vulnerability--5f932593-a28c-4cd0-a59e-be298151357c +vulnerability,CVE-2024-57326,vulnerability--cdf339d7-3527-474f-9183-d379ccd96b59 +vulnerability,CVE-2024-53588,vulnerability--1c51b35e-b6c2-44f0-808f-b13e10ecf3f3 +vulnerability,CVE-2025-0693,vulnerability--c69a5b11-0be6-46a1-9fbe-7496fe897fa7 diff --git a/objects/vulnerability/vulnerability--1c51b35e-b6c2-44f0-808f-b13e10ecf3f3.json b/objects/vulnerability/vulnerability--1c51b35e-b6c2-44f0-808f-b13e10ecf3f3.json new file mode 100644 index 0000000000..0e9fa05028 --- /dev/null +++ b/objects/vulnerability/vulnerability--1c51b35e-b6c2-44f0-808f-b13e10ecf3f3.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--01977575-4354-45e2-ab83-020123a14e39", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--1c51b35e-b6c2-44f0-808f-b13e10ecf3f3", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-23T22:17:45.921312Z", + "modified": "2025-01-23T22:17:45.921312Z", + "name": "CVE-2024-53588", + "description": "A DLL hijacking vulnerability in iTop VPN v16.0 allows attackers to execute arbitrary code via placing a crafted DLL file into the path \\ProgramData\\iTop VPN\\Downloader\\vpn6.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53588" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--3613f8d3-b364-4438-989b-8999cd5491ac.json b/objects/vulnerability/vulnerability--3613f8d3-b364-4438-989b-8999cd5491ac.json new file mode 100644 index 0000000000..fcaac8c331 --- /dev/null +++ b/objects/vulnerability/vulnerability--3613f8d3-b364-4438-989b-8999cd5491ac.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f3ff45f7-4e75-4927-9744-40e6ac2ceb79", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--3613f8d3-b364-4438-989b-8999cd5491ac", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-23T22:17:45.533372Z", + "modified": "2025-01-23T22:17:45.533372Z", + "name": "CVE-2024-57328", + "description": "A SQL Injection vulnerability exists in the login form of Online Food Ordering System v1.0. The vulnerability arises because the input fields username and password are not properly sanitized, allowing attackers to inject malicious SQL queries to bypass authentication and gain unauthorized access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-57328" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--5f932593-a28c-4cd0-a59e-be298151357c.json b/objects/vulnerability/vulnerability--5f932593-a28c-4cd0-a59e-be298151357c.json new file mode 100644 index 0000000000..04959d1c97 --- /dev/null +++ b/objects/vulnerability/vulnerability--5f932593-a28c-4cd0-a59e-be298151357c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--4a2cb886-0085-47fe-a84e-a9da6a6bf8f6", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--5f932593-a28c-4cd0-a59e-be298151357c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-23T22:17:45.536695Z", + "modified": "2025-01-23T22:17:45.536695Z", + "name": "CVE-2024-57329", + "description": "HortusFox v3.9 contains a stored XSS vulnerability in the \"Add Plant\" function. The name input field does not sanitize or escape user inputs, allowing attackers to inject and execute arbitrary JavaScript payloads.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-57329" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--bcc2cefa-3923-41c1-8004-9b569b379d51.json b/objects/vulnerability/vulnerability--bcc2cefa-3923-41c1-8004-9b569b379d51.json new file mode 100644 index 0000000000..5f392de499 --- /dev/null +++ b/objects/vulnerability/vulnerability--bcc2cefa-3923-41c1-8004-9b569b379d51.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a2180e9b-de55-4237-a39e-7dcfd13f1ab0", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--bcc2cefa-3923-41c1-8004-9b569b379d51", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-23T22:17:45.520915Z", + "modified": "2025-01-23T22:17:45.520915Z", + "name": "CVE-2024-57556", + "description": "Cross Site Scripting vulnerability in nbubna store v.2.14.2 and before allows a remote attacker to execute arbitrary code via the store.deep.js component", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-57556" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--c69a5b11-0be6-46a1-9fbe-7496fe897fa7.json b/objects/vulnerability/vulnerability--c69a5b11-0be6-46a1-9fbe-7496fe897fa7.json new file mode 100644 index 0000000000..c3330be647 --- /dev/null +++ b/objects/vulnerability/vulnerability--c69a5b11-0be6-46a1-9fbe-7496fe897fa7.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a1196c13-81b4-4e8f-96f2-98f25fb4df48", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--c69a5b11-0be6-46a1-9fbe-7496fe897fa7", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-23T22:17:55.707073Z", + "modified": "2025-01-23T22:17:55.707073Z", + "name": "CVE-2025-0693", + "description": "Variable response times in the AWS Sign-in IAM user login flow allowed for the use of brute force enumeration techniques to identify valid IAM usernames in an arbitrary AWS account.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-0693" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--cdf339d7-3527-474f-9183-d379ccd96b59.json b/objects/vulnerability/vulnerability--cdf339d7-3527-474f-9183-d379ccd96b59.json new file mode 100644 index 0000000000..6ee6102d0b --- /dev/null +++ b/objects/vulnerability/vulnerability--cdf339d7-3527-474f-9183-d379ccd96b59.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--690d466f-1d98-4a1c-a42e-024e7ff94886", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--cdf339d7-3527-474f-9183-d379ccd96b59", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-23T22:17:45.539351Z", + "modified": "2025-01-23T22:17:45.539351Z", + "name": "CVE-2024-57326", + "description": "A Reflected Cross-Site Scripting (XSS) vulnerability exists in the search.php file of the Online Pizza Delivery System 1.0. The vulnerability allows an attacker to execute arbitrary JavaScript code in the browser via unsanitized input passed through the search parameter.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-57326" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d1fe6816-5ab7-4aff-a745-e5a21e1484be.json b/objects/vulnerability/vulnerability--d1fe6816-5ab7-4aff-a745-e5a21e1484be.json new file mode 100644 index 0000000000..0bb5a6caae --- /dev/null +++ b/objects/vulnerability/vulnerability--d1fe6816-5ab7-4aff-a745-e5a21e1484be.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--5266e2cc-a909-48c6-a049-02e66d209c2a", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d1fe6816-5ab7-4aff-a745-e5a21e1484be", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-23T22:17:45.531484Z", + "modified": "2025-01-23T22:17:45.531484Z", + "name": "CVE-2024-57386", + "description": "Cross Site Scripting vulnerability in Wallos v.2.41.0 allows a remote attacker to execute arbitrary code via the profile picture function.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-57386" + } + ] + } + ] +} \ No newline at end of file