generated content from 2025-01-11

mapping.csv

@@ -262844,3 +262844,75 @@ vulnerability,CVE-2025-0347,vulnerability--cd128437-010e-4bd4-acf1-6c9b466e7b59
 vulnerability,CVE-2025-0334,vulnerability--f5fec77e-aac2-4280-b5ac-b6f6c0a5c2fb
 vulnerability,CVE-2025-0306,vulnerability--5cfca704-ae04-493d-96fd-efb8759c6bd9
 vulnerability,CVE-2025-0341,vulnerability--8d1893fa-8938-4353-81fd-e9c2bb0599ea
+vulnerability,CVE-2024-12473,vulnerability--bde33c42-90e3-4f55-a961-dfeb203b92d3
+vulnerability,CVE-2024-12606,vulnerability--c27c1456-29e1-4c63-b807-caecd93af052
+vulnerability,CVE-2024-12847,vulnerability--24b2cfdc-361e-4413-8f70-c05cc5cd2c4e
+vulnerability,CVE-2024-9133,vulnerability--82d64a83-b9ad-4928-ada1-66a13a729e7b
+vulnerability,CVE-2024-9132,vulnerability--ba9e1ef4-3295-4a1d-ba70-d28b1216fcfd
+vulnerability,CVE-2024-9134,vulnerability--579042c6-8b5e-465d-b407-ac31a502a065
+vulnerability,CVE-2024-9188,vulnerability--4ffd9de7-c0cc-40e2-ad51-2e1c2bafd06b
+vulnerability,CVE-2024-9131,vulnerability--7c5d1297-67fc-4037-b811-b894286e4e0f
+vulnerability,CVE-2024-47518,vulnerability--4610342c-1829-4d74-b7ec-7ba1dc4e341f
+vulnerability,CVE-2024-47517,vulnerability--5aeb5816-ddb3-4795-b708-c061468c9a8c
+vulnerability,CVE-2024-47519,vulnerability--b2c603f6-d1f6-455d-b169-3b724368e691
+vulnerability,CVE-2024-47520,vulnerability--4a9e011d-3a39-458a-affa-887e2537544a
+vulnerability,CVE-2024-50807,vulnerability--c025691d-43d7-44f5-9dce-0e7d13a8da60
+vulnerability,CVE-2024-7142,vulnerability--b715bfd6-5197-4e5c-82c1-6d533cff3944
+vulnerability,CVE-2024-7095,vulnerability--001435ec-758b-450b-a16b-03ba9314329b
+vulnerability,CVE-2024-25371,vulnerability--6c94c78d-c7ff-4ce8-b3e4-562eab501b4d
+vulnerability,CVE-2024-33297,vulnerability--ccc5fa0e-6813-472c-b17e-ad1b7eefe1f8
+vulnerability,CVE-2024-33298,vulnerability--099992de-1380-4f1b-8f79-780f27fcb12f
+vulnerability,CVE-2024-33299,vulnerability--e53507e4-ec0c-471c-b430-d8358bb83935
+vulnerability,CVE-2024-41787,vulnerability--69d1a517-d243-4f94-87f7-8fae248c2106
+vulnerability,CVE-2024-54997,vulnerability--c84f2b31-fc9e-4cda-b51f-1dccb3eba2e9
+vulnerability,CVE-2024-54848,vulnerability--2e3d2d08-2602-48ad-b7fe-88ca5b4a15f3
+vulnerability,CVE-2024-54998,vulnerability--aed1e255-f777-4ca9-89b5-207646f7cd15
+vulnerability,CVE-2024-54849,vulnerability--78ff9555-ba35-42fb-91fd-90d9854d6c62
+vulnerability,CVE-2024-54994,vulnerability--e181286d-df71-4911-bb25-6424412c29b2
+vulnerability,CVE-2024-54847,vulnerability--608461ed-eb1a-45a9-afea-7e2a4057c2ed
+vulnerability,CVE-2024-54846,vulnerability--df09034c-44a0-4f12-bd9c-e1acd53d753e
+vulnerability,CVE-2024-54687,vulnerability--25fcd9e5-f7df-478b-af5c-e74af2f333ee
+vulnerability,CVE-2024-54910,vulnerability--87b582d4-5009-4ca2-a389-5be69eda6187
+vulnerability,CVE-2024-54996,vulnerability--e4fa3ae1-ddb2-452e-81cb-fe64cdddb564
+vulnerability,CVE-2024-57211,vulnerability--0a4f9e6c-c7ee-4338-9ece-2d2a0fb4cfc7
+vulnerability,CVE-2024-57224,vulnerability--af8b60f5-dea9-4e96-8ad0-b47eb4217a9c
+vulnerability,CVE-2024-57214,vulnerability--5a8e4a94-66d4-4b30-a0b6-ccaaa4e3bcb4
+vulnerability,CVE-2024-57227,vulnerability--6d6a38f6-d59c-4f03-9118-d1eaa00c9ed3
+vulnerability,CVE-2024-57223,vulnerability--9e175e7b-ea03-4e7b-8d75-01dc87edbe11
+vulnerability,CVE-2024-57212,vulnerability--8e7709e7-1deb-48e5-b190-110cf706e529
+vulnerability,CVE-2024-57226,vulnerability--4541d484-ae4d-4ff5-9e3c-b430f3649f7a
+vulnerability,CVE-2024-57225,vulnerability--e65d8928-4ed9-40cb-8e8b-57518ebc300b
+vulnerability,CVE-2024-57687,vulnerability--180c6919-bf21-468d-96e9-f66898b4af3c
+vulnerability,CVE-2024-57213,vulnerability--3a16debc-2339-4131-af62-0b0c5d056b07
+vulnerability,CVE-2024-57228,vulnerability--c16f7cbf-4a00-4010-92af-15292563fc85
+vulnerability,CVE-2024-57822,vulnerability--ad9ca2a6-a125-4511-b2ef-bb861c02e577
+vulnerability,CVE-2024-57823,vulnerability--e9d81c4a-4865-4939-b273-3a900eeb7e50
+vulnerability,CVE-2024-57222,vulnerability--c001c3ef-1a30-403f-b4a9-53641e7983d3
+vulnerability,CVE-2024-57686,vulnerability--9f137e86-f113-47f0-92c3-1845b1b70bf4
+vulnerability,CVE-2024-56511,vulnerability--61b24901-2ffa-479f-9344-0cdadc80fba4
+vulnerability,CVE-2024-46210,vulnerability--c933696a-9e7c-44b1-b81b-9d3bb83a3264
+vulnerability,CVE-2024-13318,vulnerability--321d71be-2374-4a49-9154-1c0a597316ce
+vulnerability,CVE-2024-13183,vulnerability--7193ba0d-1af5-4eb8-896c-e3611a655112
+vulnerability,CVE-2024-5872,vulnerability--3ea81628-beb4-43c2-8c0b-d2e903b75911
+vulnerability,CVE-2024-29971,vulnerability--6b1daa1d-622b-4e0f-aa63-3cf5d26dff0e
+vulnerability,CVE-2024-29970,vulnerability--eacfb119-45c2-49a5-8ff4-f25ce5367157
+vulnerability,CVE-2024-6880,vulnerability--8826d474-0a3d-42ae-8136-99ffe41eaeaa
+vulnerability,CVE-2024-6662,vulnerability--5e7a7afc-926c-49d8-9a8a-2721edd0b0a6
+vulnerability,CVE-2024-6437,vulnerability--940c13e5-8c6e-4fec-9253-d28b6c94b7ef
+vulnerability,CVE-2025-22599,vulnerability--e17c2855-3f64-496f-8c80-abfdea012b8a
+vulnerability,CVE-2025-22597,vulnerability--798c78a4-b787-49da-81fa-16bfe4c758d8
+vulnerability,CVE-2025-22946,vulnerability--2b2e97dc-a5af-4a37-8c37-3af37bd5786b
+vulnerability,CVE-2025-22949,vulnerability--f53dfbaf-feb9-4807-a349-50df5b2b738c
+vulnerability,CVE-2025-22152,vulnerability--c803cf23-1a84-4646-955f-a5e583b523c5
+vulnerability,CVE-2025-22596,vulnerability--4d6b59b0-9230-4399-852f-1642215a6c67
+vulnerability,CVE-2025-22598,vulnerability--58054b0d-c543-4ff1-8de9-5cd2dd882da7
+vulnerability,CVE-2025-22600,vulnerability--211c92bc-77f3-42a4-9d37-45dd658485fa
+vulnerability,CVE-2025-23113,vulnerability--9afacc13-68e3-4f6c-9ecb-896013e6aa0d
+vulnerability,CVE-2025-23112,vulnerability--c6e66fcf-821a-4e34-8c3f-07b442cdaefc
+vulnerability,CVE-2025-23022,vulnerability--f8bbee80-484a-4ad8-98fc-ebcb8a44c018
+vulnerability,CVE-2025-23111,vulnerability--844558c4-4512-4de0-bfa3-59010ac33b3a
+vulnerability,CVE-2025-23110,vulnerability--13e6542d-9e2b-460e-9394-48a7e6092a12
+vulnerability,CVE-2025-23078,vulnerability--4c2fae7e-fac8-4527-9d6d-198cb63dc104
+vulnerability,CVE-2025-23016,vulnerability--03787242-183b-45a6-aec8-687072ab084c
+vulnerability,CVE-2025-23079,vulnerability--091d1c97-18a2-497b-9917-40855ce16cfb
+vulnerability,CVE-2025-0311,vulnerability--685024a3-d7b0-4766-b3c4-5fee0b4ecec4

objects/vulnerability/vulnerability--001435ec-758b-450b-a16b-03ba9314329b.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--9dae7372-18bb-4549-80e1-990daae151e7",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--001435ec-758b-450b-a16b-03ba9314329b",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-11T00:20:56.546959Z",
+            "modified": "2025-01-11T00:20:56.546959Z",
+            "name": "CVE-2024-7095",
+            "description": "On affected platforms running Arista EOS with SNMP configured, if “snmp-server transmit max-size” is configured, under some circumstances a specially crafted packet can cause the snmpd process to leak memory. This may result in the snmpd process being terminated (causing SNMP requests to time out until snmpd is restarted) and memory pressure for other processes on the switch. Increased memory pressure can cause processes other than snmpd to be at risk for unexpected termination as well.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-7095"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--03787242-183b-45a6-aec8-687072ab084c.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--23dedb5a-e05e-4356-b70b-2886b5d96582",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--03787242-183b-45a6-aec8-687072ab084c",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-11T00:21:07.885483Z",
+            "modified": "2025-01-11T00:21:07.885483Z",
+            "name": "CVE-2025-23016",
+            "description": "FastCGI fcgi2 (aka fcgi) 2.x through 2.4.4 has an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2025-23016"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--091d1c97-18a2-497b-9917-40855ce16cfb.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--258c2c1e-8f12-4137-9432-8363ee3b206b",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--091d1c97-18a2-497b-9917-40855ce16cfb",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-11T00:21:07.887748Z",
+            "modified": "2025-01-11T00:21:07.887748Z",
+            "name": "CVE-2025-23079",
+            "description": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - ArticleFeedbackv5 extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - ArticleFeedbackv5 extension: from 1.42.X before 1.42.2.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2025-23079"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--099992de-1380-4f1b-8f79-780f27fcb12f.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--7786d1d5-b77e-4afa-b0ff-15fa42c6c416",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--099992de-1380-4f1b-8f79-780f27fcb12f",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-11T00:20:56.888397Z",
+            "modified": "2025-01-11T00:20:56.888397Z",
+            "name": "CVE-2024-33298",
+            "description": "Microweber Cross Site Scripting vulnerability in Microweber v.2.0.9 allows a remote attacker to execute arbitrary code via the create new backup function in the endpoint /admin/module/view?type=admin__backup",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-33298"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--0a4f9e6c-c7ee-4338-9ece-2d2a0fb4cfc7.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--f4a8eef5-b22d-480e-b6cd-0b0b0b19fbb1",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--0a4f9e6c-c7ee-4338-9ece-2d2a0fb4cfc7",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-11T00:20:57.73231Z",
+            "modified": "2025-01-11T00:20:57.73231Z",
+            "name": "CVE-2024-57211",
+            "description": "TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the modifyOne parameter in the enable_wsh function.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-57211"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--13e6542d-9e2b-460e-9394-48a7e6092a12.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--19d6d98d-67db-40f2-97f8-83379aa2c29d",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--13e6542d-9e2b-460e-9394-48a7e6092a12",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-11T00:21:07.883009Z",
+            "modified": "2025-01-11T00:21:07.883009Z",
+            "name": "CVE-2025-23110",
+            "description": "An issue was discovered in REDCap 14.9.6. A Reflected cross-site scripting (XSS) vulnerability in the email-subject field exists while performing an upload of a CSV file containing a list of alert configurations. An attacker can send the victim a CSV file containing the XSS payload in the email-subject. Once the victim uploads the file, he automatically lands on a page to view the uploaded data. If the victim clicks on the email-subject value, it triggers the XSS payload.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2025-23110"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--180c6919-bf21-468d-96e9-f66898b4af3c.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--53429934-21b2-494e-800b-46aba3402766",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--180c6919-bf21-468d-96e9-f66898b4af3c",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-11T00:20:57.839765Z",
+            "modified": "2025-01-11T00:20:57.839765Z",
+            "name": "CVE-2024-57687",
+            "description": "An OS Command Injection vulnerability was found in /landrecordsys/admin/dashboard.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the \"Cookie\" GET request parameter.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-57687"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--211c92bc-77f3-42a4-9d37-45dd658485fa.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--56d2c99e-885a-4eea-926b-29246f9b96ea",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--211c92bc-77f3-42a4-9d37-45dd658485fa",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-11T00:21:07.771052Z",
+            "modified": "2025-01-11T00:21:07.771052Z",
+            "name": "CVE-2025-22600",
+            "description": "WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the configuracao_doacao.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the avulso parameter. This vulnerability is fixed in 3.2.8.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2025-22600"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--24b2cfdc-361e-4413-8f70-c05cc5cd2c4e.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--7f109cc2-9936-49c1-a98b-7f378d377d86",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--24b2cfdc-361e-4413-8f70-c05cc5cd2c4e",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-11T00:20:56.187829Z",
+            "modified": "2025-01-11T00:20:56.187829Z",
+            "name": "CVE-2024-12847",
+            "description": "NETGEAR DGN1000 before 1.1.00.48 is vulnerable to an authentication bypass vulnerability. A remote and unauthenticated attacker can execute arbitrary operating system commands as root by sending crafted HTTP requests to the setup.cgi endpoint. This vulnerability has been exploited in the wild since at least 2017.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-12847"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--25fcd9e5-f7df-478b-af5c-e74af2f333ee.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--d04e81f4-bfc5-4dd7-9583-3bc02eab0ca7",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--25fcd9e5-f7df-478b-af5c-e74af2f333ee",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-11T00:20:57.565139Z",
+            "modified": "2025-01-11T00:20:57.565139Z",
+            "name": "CVE-2024-54687",
+            "description": "Vtiger CRM v.6.1 and before is vulnerable to Cross Site Scripting (XSS) via the Documents module and function uploadAndSaveFile in CRMEntity.php.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-54687"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--2b2e97dc-a5af-4a37-8c37-3af37bd5786b.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--c2f4cbe6-845e-4e65-932b-ce1acdb978e9",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--2b2e97dc-a5af-4a37-8c37-3af37bd5786b",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-11T00:21:07.74891Z",
+            "modified": "2025-01-11T00:21:07.74891Z",
+            "name": "CVE-2025-22946",
+            "description": "Tenda ac9 v1.0 firmware v15.03.05.19 contains a stack overflow vulnerability in /goform/SetOnlineDevName, which may lead to remote arbitrary code execution.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2025-22946"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--2e3d2d08-2602-48ad-b7fe-88ca5b4a15f3.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--56b70cde-4653-4d5f-8e37-54bff1d5d106",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--2e3d2d08-2602-48ad-b7fe-88ca5b4a15f3",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-11T00:20:57.525287Z",
+            "modified": "2025-01-11T00:20:57.525287Z",
+            "name": "CVE-2024-54848",
+            "description": "Improper handling and storage of certificates in CP Plus CP-VNR-3104 B3223P22C02424 allow attackers to decrypt communications or execute a man-in-the-middle attacks.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-54848"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--321d71be-2374-4a49-9154-1c0a597316ce.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--488bf995-70ae-425d-8221-f754c0d03195",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--321d71be-2374-4a49-9154-1c0a597316ce",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-11T00:20:58.245483Z",
+            "modified": "2025-01-11T00:20:58.245483Z",
+            "name": "CVE-2024-13318",
+            "description": "The Essential WP Real Estate plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the cl_delete_listing_func() function in all versions up to, and including, 1.1.3. This makes it possible for unauthenticated attackers to delete arbitrary pages and posts.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-13318"
+                }
+            ]
+        }
+    ]
+}