generated content from 2025-01-30

mapping.csv

@@ -265519,3 +265519,74 @@ vulnerability,CVE-2025-0783,vulnerability--bb77c8e8-19a5-4bb9-8dd2-6ad27dc0a9b9
 vulnerability,CVE-2025-0786,vulnerability--154f53f0-1669-4b78-ba08-5d1c5b0fca3d
 vulnerability,CVE-2017-13318,vulnerability--5fca670a-5d8c-47a7-b35d-f464513c0bb5
 vulnerability,CVE-2017-13317,vulnerability--3bca6861-fd37-4dea-93c4-109e74dac8c0
+vulnerability,CVE-2024-12705,vulnerability--b2b61e84-bff5-4041-86f5-1f6f3d1e9095
+vulnerability,CVE-2024-12749,vulnerability--4e138669-5eed-4dbf-82c2-c9d31246a991
+vulnerability,CVE-2024-54851,vulnerability--990fc8c5-1354-4a3d-90ad-f84ce21e3ec7
+vulnerability,CVE-2024-54852,vulnerability--e1b4419b-aec4-4dcb-a986-509c257fd116
+vulnerability,CVE-2024-54461,vulnerability--cfe6c8c4-0084-40c6-81b1-c2460789c094
+vulnerability,CVE-2024-54462,vulnerability--d45cad06-dd79-4f99-8489-6027d5411b0c
+vulnerability,CVE-2024-10001,vulnerability--ae72d079-5688-47c3-a10f-f0d0b9a857f4
+vulnerability,CVE-2024-57510,vulnerability--19c32296-0354-4f17-88f9-fc62f9508eb3
+vulnerability,CVE-2024-57395,vulnerability--8f077954-cb1b-4621-a519-04b64e49b944
+vulnerability,CVE-2024-57437,vulnerability--7329cdfe-9a4f-42b6-8a45-4651a20bf7b1
+vulnerability,CVE-2024-57438,vulnerability--cf2314c2-5b43-4c54-b513-2183fee1c622
+vulnerability,CVE-2024-57439,vulnerability--cdd54ffb-6412-4e38-b21d-170b0e707f44
+vulnerability,CVE-2024-57513,vulnerability--51f7f7a6-4e9c-423b-9dab-f069091d768b
+vulnerability,CVE-2024-57509,vulnerability--03d0be12-d661-46e9-84f2-22b2b3511cef
+vulnerability,CVE-2024-57665,vulnerability--e8a92744-69b7-414f-bb7c-37c5c3f13d5e
+vulnerability,CVE-2024-57965,vulnerability--a0de6edb-776f-4525-ba46-0075cbf712a0
+vulnerability,CVE-2024-57436,vulnerability--146dfdc2-48fa-4a3f-95ab-6a437ba953b8
+vulnerability,CVE-2024-13696,vulnerability--3c7f8a9e-00bc-4d3f-81e9-69f3e4aa2693
+vulnerability,CVE-2024-13561,vulnerability--6c0d1b17-3c8a-4fdc-a7b3-6bba0676f78c
+vulnerability,CVE-2024-51182,vulnerability--22f99bda-88e9-400c-adee-6e4d2e230ab0
+vulnerability,CVE-2024-23733,vulnerability--43137e27-7c4a-41a3-889b-c3613af15307
+vulnerability,CVE-2024-7695,vulnerability--144d90c4-5e11-4b15-ad39-47b41d498bb5
+vulnerability,CVE-2024-48849,vulnerability--d5cd6951-d054-411c-9033-5c008def7d4a
+vulnerability,CVE-2024-48852,vulnerability--87717ed5-271e-41b8-8dfc-a8bd2f54bb75
+vulnerability,CVE-2024-48761,vulnerability--d8076c5f-0901-45ac-be78-5a09cd1a1e24
+vulnerability,CVE-2024-41140,vulnerability--5d9c2980-a492-44d3-ba3b-f8675287abcf
+vulnerability,CVE-2024-11187,vulnerability--78b530c1-b8ab-43c3-9f9f-1603f504da3b
+vulnerability,CVE-2023-33838,vulnerability--96af1df9-f53f-4451-ba74-ac29adde11ac
+vulnerability,CVE-2023-35017,vulnerability--0f945940-fd9c-4250-b92e-dbdef99d0949
+vulnerability,CVE-2023-35907,vulnerability--010eb10e-881f-46c6-a6ac-f71b936364c8
+vulnerability,CVE-2023-37413,vulnerability--6938acf1-bddc-415a-982e-8c91a49fc9fa
+vulnerability,CVE-2023-37398,vulnerability--825fc663-2fce-4f06-bfab-b48e02546ea5
+vulnerability,CVE-2023-37412,vulnerability--aecd7a2e-2095-49fe-a1c7-08c0aacd8442
+vulnerability,CVE-2025-21396,vulnerability--d8adfde6-5ea7-4ff4-a2e6-5d223f3ead55
+vulnerability,CVE-2025-21415,vulnerability--3e827318-0e2b-4d99-8aac-1730763b016f
+vulnerability,CVE-2025-23362,vulnerability--112fb592-e91f-41a8-b43c-847d8840e58a
+vulnerability,CVE-2025-24790,vulnerability--6831a6bc-df78-4845-8ff8-b408d9c0efae
+vulnerability,CVE-2025-24789,vulnerability--daa13730-9e74-4cfa-8a75-22332c18553d
+vulnerability,CVE-2025-24374,vulnerability--e1473664-1729-4468-8efc-d00e67bfca77
+vulnerability,CVE-2025-24793,vulnerability--36e1e4b8-f6e4-4349-a4d9-65fbd644c469
+vulnerability,CVE-2025-24788,vulnerability--4c4fe1f7-886d-4bda-87f8-65da89da9287
+vulnerability,CVE-2025-24791,vulnerability--29ef3689-ddc6-43c5-b713-bff830ab0c87
+vulnerability,CVE-2025-24795,vulnerability--a5581176-0b13-40d4-9048-6af2655c9fa2
+vulnerability,CVE-2025-24884,vulnerability--14cf20bd-f6a6-4d78-a967-db0497ff21d6
+vulnerability,CVE-2025-24792,vulnerability--5acd634d-9e87-4c37-b2e8-437404c472fb
+vulnerability,CVE-2025-24527,vulnerability--15dc676b-3654-41e2-8dc8-b697a8a74ed3
+vulnerability,CVE-2025-24794,vulnerability--74723deb-8b58-4107-862b-28075a776359
+vulnerability,CVE-2025-24882,vulnerability--18b18c7b-9f1f-4cc7-80e7-9591d258d1a4
+vulnerability,CVE-2025-0792,vulnerability--3e4efaf9-2073-441a-a360-a3dbc04cf453
+vulnerability,CVE-2025-0803,vulnerability--424951a8-70a3-4666-814d-2e9a6481c8b2
+vulnerability,CVE-2025-0804,vulnerability--854c1d57-2573-4c95-82fe-b9dd2d452470
+vulnerability,CVE-2025-0841,vulnerability--2303f30d-c9c0-4ccc-a71f-81dcbbf90af1
+vulnerability,CVE-2025-0843,vulnerability--867f08b4-2e86-4390-a31e-abb9b0f4b308
+vulnerability,CVE-2025-0851,vulnerability--b6352885-d4ef-45ec-9db4-92c81c704b95
+vulnerability,CVE-2025-0353,vulnerability--96c7bbce-92a4-4dd1-b806-79e1c6b0bff6
+vulnerability,CVE-2025-0797,vulnerability--c2ab6b7d-5ba9-489d-9c9f-7f4521e1abe1
+vulnerability,CVE-2025-0802,vulnerability--47ad921c-9308-436f-bc0b-47ce3bf1c151
+vulnerability,CVE-2025-0762,vulnerability--7123c975-5828-4206-b8a3-ea85b51d1f20
+vulnerability,CVE-2025-0840,vulnerability--2e1ba8c5-986a-41be-856e-38469e5ee692
+vulnerability,CVE-2025-0844,vulnerability--699f374d-9d3d-4999-98c9-32c079f93183
+vulnerability,CVE-2025-0793,vulnerability--44d4c44a-d83c-48f7-8415-81c6ccc2b3e8
+vulnerability,CVE-2025-0800,vulnerability--926919bd-42b9-4983-8cd1-12f391ae91dd
+vulnerability,CVE-2025-0842,vulnerability--42b1654e-3a85-4193-9c03-ea8b2f1c9c67
+vulnerability,CVE-2025-0798,vulnerability--489fa6cb-110e-4df2-9a11-f2311c4e6043
+vulnerability,CVE-2025-0795,vulnerability--bbf028f4-153a-4c56-91a4-7b6c4d3311a0
+vulnerability,CVE-2025-0617,vulnerability--39f10dc5-2918-44dd-a109-8fafbed8dc26
+vulnerability,CVE-2025-0794,vulnerability--c9c64ecf-f33a-44bc-9ecc-100d44176ef9
+vulnerability,CVE-2025-0806,vulnerability--d41ac2f8-cfa5-4b70-8a8d-34eabb3e0eb6
+vulnerability,CVE-2025-20014,vulnerability--8b926aa0-ef43-474e-8aee-cc3a54b90852
+vulnerability,CVE-2025-20061,vulnerability--293e9954-316b-4986-9160-d5a67ed003c6
+vulnerability,CVE-2021-3978,vulnerability--a1b23a7f-7bd3-4f11-8aef-12c1668b13ea

objects/vulnerability/vulnerability--010eb10e-881f-46c6-a6ac-f71b936364c8.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--81d75bb3-54ea-44db-a86d-e1c60595e7f6",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--010eb10e-881f-46c6-a6ac-f71b936364c8",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-30T00:19:01.154989Z",
+            "modified": "2025-01-30T00:19:01.154989Z",
+            "name": "CVE-2023-35907",
+            "description": "IBM Aspera Faspex 5.0.0 through 5.0.10 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2023-35907"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--03d0be12-d661-46e9-84f2-22b2b3511cef.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--5c88914b-4ffd-4cd9-ab9e-3f4cc189e629",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--03d0be12-d661-46e9-84f2-22b2b3511cef",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-30T00:18:55.901674Z",
+            "modified": "2025-01-30T00:18:55.901674Z",
+            "name": "CVE-2024-57509",
+            "description": "Buffer Overflow vulnerability in Bento4 mp42avc v.3bdc891602d19789b8e8626e4a3e613a937b4d35 allows a local attacker to execute arbitrary code via the AP4_File::ParseStream and related functions.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-57509"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--0f945940-fd9c-4250-b92e-dbdef99d0949.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--fc5bc4ac-9785-4cd8-a124-d609a51a9b63",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--0f945940-fd9c-4250-b92e-dbdef99d0949",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-30T00:19:01.116558Z",
+            "modified": "2025-01-30T00:19:01.116558Z",
+            "name": "CVE-2023-35017",
+            "description": "IBM Security Verify Governance 10.0.2 Identity Manager can transmit user credentials in clear text that could be obtained by an attacker using man in the middle techniques.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2023-35017"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--112fb592-e91f-41a8-b43c-847d8840e58a.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--34a31330-20df-4e2e-8ea8-94978aded75c",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--112fb592-e91f-41a8-b43c-847d8840e58a",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-30T00:19:05.763031Z",
+            "modified": "2025-01-30T00:19:05.763031Z",
+            "name": "CVE-2025-23362",
+            "description": "The old versions of EXIF Viewer Classic contain a cross-site scripting vulnerability caused by improper handling of EXIF meta data. When an image is rendered and crafted EXIF meta data is processed, an arbitrary script may be executed on the web browser. Versions 2.3.2 and 2.4.0 were reported as vulnerable. According to the vendor, the product has been refactored after those old versions and the version 3.0.1 is not vulnerable.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2025-23362"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--144d90c4-5e11-4b15-ad39-47b41d498bb5.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--78623c44-6569-4b44-9e69-4089acc81c5e",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--144d90c4-5e11-4b15-ad39-47b41d498bb5",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-30T00:18:56.906556Z",
+            "modified": "2025-01-30T00:18:56.906556Z",
+            "name": "CVE-2024-7695",
+            "description": "Multiple switches are affected by an out-of-bounds write vulnerability. This vulnerability is caused by insufficient input validation, which allows data to be written to memory outside the bounds of the buffer. Successful exploitation of this vulnerability could result in a denial-of-service attack. \n\nThis vulnerability poses a significant remote threat if the affected products are exposed to publicly accessible networks. Attackers could potentially disrupt operations by shutting down the affected systems. Due to the critical nature of this security risk, we strongly recommend taking immediate action to prevent its potential exploitation.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-7695"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--146dfdc2-48fa-4a3f-95ab-6a437ba953b8.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--20417e2a-7f5f-4b51-904e-6777050682cd",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--146dfdc2-48fa-4a3f-95ab-6a437ba953b8",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-30T00:18:55.912316Z",
+            "modified": "2025-01-30T00:18:55.912316Z",
+            "name": "CVE-2024-57436",
+            "description": "RuoYi v4.8.0 was discovered to allow unauthorized attackers to view the session ID of the admin in the system monitoring. This issue can allow attackers to impersonate Admin users via using a crafted cookie.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-57436"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--14cf20bd-f6a6-4d78-a967-db0497ff21d6.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--78647f17-d2b9-4603-8ae1-c9aa6378d0e6",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--14cf20bd-f6a6-4d78-a967-db0497ff21d6",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-30T00:19:05.790424Z",
+            "modified": "2025-01-30T00:19:05.790424Z",
+            "name": "CVE-2025-24884",
+            "description": "kube-audit-rest is a simple logger of mutation/creation requests to the k8s api. If the \"full-elastic-stack\" example vector configuration was used for a real cluster, the previous values of kubernetes secrets would have been disclosed in the audit messages. This vulnerability is fixed in 1.0.16.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2025-24884"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--15dc676b-3654-41e2-8dc8-b697a8a74ed3.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--ed9a21d8-921b-4bc4-bae0-49b27e208da9",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--15dc676b-3654-41e2-8dc8-b697a8a74ed3",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-30T00:19:05.817189Z",
+            "modified": "2025-01-30T00:19:05.817189Z",
+            "name": "CVE-2025-24527",
+            "description": "An issue was discovered in Akamai Enterprise Application Access (EAA) before 2025-01-17. If an admin knows another tenant's 128-bit connector GUID, they can execute debug commands on that connector.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2025-24527"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--18b18c7b-9f1f-4cc7-80e7-9591d258d1a4.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--43168b01-ba01-4e70-9c2c-01ee1d101e30",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--18b18c7b-9f1f-4cc7-80e7-9591d258d1a4",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-30T00:19:05.826203Z",
+            "modified": "2025-01-30T00:19:05.826203Z",
+            "name": "CVE-2025-24882",
+            "description": "regclient is a Docker and OCI Registry Client in Go. A malicious registry could return a different digest for a pinned manifest without detection. This vulnerability is fixed in 0.7.1.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2025-24882"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--19c32296-0354-4f17-88f9-fc62f9508eb3.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--05b3c3a7-6bb5-458c-87be-c64248b640e1",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--19c32296-0354-4f17-88f9-fc62f9508eb3",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-30T00:18:55.864623Z",
+            "modified": "2025-01-30T00:18:55.864623Z",
+            "name": "CVE-2024-57510",
+            "description": "Buffer Overflow vulnerability in Bento4 mp42avc v.3bdc891602d19789b8e8626e4a3e613a937b4d35 allows a local attacker to execute arbitrary code via the AP4_MemoryByteStream::WritePartial.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-57510"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--22f99bda-88e9-400c-adee-6e4d2e230ab0.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--fb35ce35-c7e1-4369-81d2-70e50b9514b4",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--22f99bda-88e9-400c-adee-6e4d2e230ab0",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-30T00:18:56.379706Z",
+            "modified": "2025-01-30T00:18:56.379706Z",
+            "name": "CVE-2024-51182",
+            "description": "HTML Injection vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows a remote attacker to inject arbitrary HTML code via the \"erro\" parameter.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-51182"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--2303f30d-c9c0-4ccc-a71f-81dcbbf90af1.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--b054f725-ede6-43f0-94cc-6ab3e302f626",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--2303f30d-c9c0-4ccc-a71f-81dcbbf90af1",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-30T00:19:05.841904Z",
+            "modified": "2025-01-30T00:19:05.841904Z",
+            "name": "CVE-2025-0841",
+            "description": "A vulnerability has been found in Aridius XYZ up to 20240927 on OpenCart and classified as critical. This vulnerability affects the function loadMore of the component News. The manipulation leads to deserialization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2025-0841"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--293e9954-316b-4986-9160-d5a67ed003c6.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--89b98c74-3e38-4ddf-9e4e-6ef9405586b4",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--293e9954-316b-4986-9160-d5a67ed003c6",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-30T00:19:05.924173Z",
+            "modified": "2025-01-30T00:19:05.924173Z",
+            "name": "CVE-2025-20061",
+            "description": "mySCADA myPRO does not properly neutralize POST requests sent to a specific port with email information. This vulnerability could be exploited by an attacker to execute arbitrary commands on the affected system.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2025-20061"
+                }
+            ]
+        }
+    ]
+}