generated content from 2025-01-29

mapping.csv

@@ -265418,3 +265418,104 @@ vulnerability,CVE-2025-0729,vulnerability--61f8d096-1f98-4a10-907b-365aa3c02701
 vulnerability,CVE-2025-0753,vulnerability--e8773b1e-45a5-4821-976c-b53c639cc06f
 vulnerability,CVE-2025-0695,vulnerability--c5692419-08fc-496e-af01-7f4219f27caa
 vulnerability,CVE-2025-0751,vulnerability--a24dc12e-fd9b-413d-b186-01926bfe254b
+vulnerability,CVE-2024-6351,vulnerability--225637a3-2fcf-4cbe-9058-e135749fa286
+vulnerability,CVE-2024-34733,vulnerability--53cac0de-036f-449b-b88c-2a514ac62d97
+vulnerability,CVE-2024-34748,vulnerability--ad0fdf8e-18e5-44a3-9ac7-c42978b05be7
+vulnerability,CVE-2024-34732,vulnerability--2f93403b-7f39-4336-a0dd-2d192472bb19
+vulnerability,CVE-2024-12649,vulnerability--f3ef91cf-d0f3-45a6-9404-122a8837e319
+vulnerability,CVE-2024-12807,vulnerability--282ca648-69b4-4e6c-aeb2-867bd697f72e
+vulnerability,CVE-2024-12723,vulnerability--e93d3970-2c56-46bb-8f16-727ab258c6c7
+vulnerability,CVE-2024-12648,vulnerability--bfe0db72-cf38-406d-a2c6-52cd342a3f3b
+vulnerability,CVE-2024-12647,vulnerability--b19dab35-6843-468e-a531-673638a34719
+vulnerability,CVE-2024-45341,vulnerability--0ed89e5d-f0b0-4d30-b003-f352c2c11cec
+vulnerability,CVE-2024-45340,vulnerability--c7b78348-86f7-4412-9153-4331b58038c1
+vulnerability,CVE-2024-45339,vulnerability--dba11674-5ec9-480a-a704-deebf59d6794
+vulnerability,CVE-2024-45336,vulnerability--7bf4dee1-e08d-4b17-a8ac-808bb6f69998
+vulnerability,CVE-2024-27263,vulnerability--dfca32df-943d-4287-8877-edfb69b2f6ae
+vulnerability,CVE-2024-22315,vulnerability--196971c6-daf9-4d24-88a9-fd9ef2e3eb10
+vulnerability,CVE-2024-57519,vulnerability--a57e82b7-69b8-4283-82bf-6e9f1bba1b3c
+vulnerability,CVE-2024-57514,vulnerability--54236bf3-0d60-4c66-a9c3-f5a1fd384d8e
+vulnerability,CVE-2024-57376,vulnerability--baf7ce08-4aae-48c3-be35-a533f163508a
+vulnerability,CVE-2024-13509,vulnerability--76b4edf3-852b-4525-b803-d9c2e3e6de4d
+vulnerability,CVE-2024-13448,vulnerability--97eea897-d637-4514-957d-4081383f83cf
+vulnerability,CVE-2024-13527,vulnerability--ca275ad8-1b5d-4ef8-b474-6dd467e710c8
+vulnerability,CVE-2024-13484,vulnerability--e511053c-1b46-48f1-9512-bf938f043b70
+vulnerability,CVE-2024-13521,vulnerability--f1b8d037-2d1d-4698-92b5-728afba9a011
+vulnerability,CVE-2024-53881,vulnerability--722cf9f6-9580-482c-95e3-888a74782f27
+vulnerability,CVE-2024-53869,vulnerability--677d21d7-114f-404e-ba38-c82188d53509
+vulnerability,CVE-2024-56529,vulnerability--d6e48626-dae1-490d-ae99-7f5d6221434e
+vulnerability,CVE-2024-23953,vulnerability--0d540c86-bbb0-46e3-95b6-0149edd9b0ef
+vulnerability,CVE-2024-40673,vulnerability--35bafcef-633b-4e28-b5eb-bcdc11cd36e0
+vulnerability,CVE-2024-40651,vulnerability--932a4c01-c167-4be5-a8db-ef3c56247908
+vulnerability,CVE-2024-40675,vulnerability--b5367ad7-c2b1-4f31-abba-38b2f6ec4347
+vulnerability,CVE-2024-40669,vulnerability--007c56f5-79af-4dd3-961f-fa5301531b20
+vulnerability,CVE-2024-40670,vulnerability--0fefec06-2630-43fa-a316-150739f9b6e5
+vulnerability,CVE-2024-40672,vulnerability--9aa0e791-8889-4238-a7c2-b46e91082742
+vulnerability,CVE-2024-40677,vulnerability--b7a42b33-a6e6-487a-a186-7bc3802c676b
+vulnerability,CVE-2024-40649,vulnerability--02c283a3-93fb-432e-b511-ab4abd6dc9f7
+vulnerability,CVE-2024-40676,vulnerability--cc1d979f-002b-4c92-908f-e2130515744b
+vulnerability,CVE-2024-40674,vulnerability--d95bbabb-3bd3-41cf-a843-1cb31084af57
+vulnerability,CVE-2024-7881,vulnerability--7a89ad5b-21a8-4985-95ba-effa5e00205d
+vulnerability,CVE-2024-55968,vulnerability--86febfe4-533b-40eb-8861-25f2d0dad0a2
+vulnerability,CVE-2024-48310,vulnerability--f9b8f4e6-ec38-48a3-9990-4701bb28a7c2
+vulnerability,CVE-2024-29869,vulnerability--ff8b8704-0844-4ad4-9e9c-bb4fab4ab89f
+vulnerability,CVE-2024-0140,vulnerability--a6ec0e08-c2b6-4090-94ad-58db0fd9b7a5
+vulnerability,CVE-2024-0146,vulnerability--5af71729-973e-491d-9353-28f0a4b9e217
+vulnerability,CVE-2024-0149,vulnerability--19d88d03-0c1d-4985-8edc-1f42944c77a4
+vulnerability,CVE-2024-0147,vulnerability--61bda83b-92c0-4fe4-8795-bc77eead68b7
+vulnerability,CVE-2024-0135,vulnerability--3152a3af-3830-4b92-89df-48d6f74865a6
+vulnerability,CVE-2024-0150,vulnerability--d9d1c9e8-5b6d-4c16-b04d-4309ffdca406
+vulnerability,CVE-2024-0136,vulnerability--061253cc-744c-4284-bd36-2dbab6985c82
+vulnerability,CVE-2024-0137,vulnerability--eb8de6b3-3500-4207-aaa1-254b17ddaa46
+vulnerability,CVE-2024-8401,vulnerability--2937c6c6-d21c-4a8c-8a09-211ead61d937
+vulnerability,CVE-2024-11954,vulnerability--47467605-f4cf-4ed3-a755-6e2321c62305
+vulnerability,CVE-2024-11135,vulnerability--135384e9-671d-4a3b-b181-4018f8080fd7
+vulnerability,CVE-2024-11956,vulnerability--7f6360cf-cd2a-40ed-9784-3bce42e1f15e
+vulnerability,CVE-2022-3365,vulnerability--6ba9f86b-fd27-4509-87ae-74c36c8b4439
+vulnerability,CVE-2023-50316,vulnerability--782c525a-a30b-421f-9d4d-1ecef3d1a5b9
+vulnerability,CVE-2018-9373,vulnerability--14ad283f-303f-4923-a6d6-63d84e30cd7d
+vulnerability,CVE-2018-9378,vulnerability--c14ecf8a-0fc0-4bec-ba00-0cf6d5d65def
+vulnerability,CVE-2025-22917,vulnerability--affd6499-db1e-44b5-88ce-d53710ff3d42
+vulnerability,CVE-2025-22865,vulnerability--b4ecc5c5-d206-42c5-a0ff-bcbd6dcb7273
+vulnerability,CVE-2025-22217,vulnerability--a8e5d8b4-0c7e-4793-a19e-be82c2d2a40b
+vulnerability,CVE-2025-23057,vulnerability--3eba19e5-6b43-4a03-aa19-8ca6baa92bc1
+vulnerability,CVE-2025-23055,vulnerability--6a3d7899-aa31-4ef1-b448-8343e2618c7c
+vulnerability,CVE-2025-23212,vulnerability--edf5cb9a-4caf-4b43-925a-965ab7b9a10d
+vulnerability,CVE-2025-23213,vulnerability--4d4737eb-d92c-4030-808e-7f87f9472098
+vulnerability,CVE-2025-23053,vulnerability--8127be1e-5a26-4967-a3c1-e126d45d9988
+vulnerability,CVE-2025-23385,vulnerability--0b045e16-e931-4579-8d3b-6074358cba5a
+vulnerability,CVE-2025-23211,vulnerability--bba31c29-fb25-4822-8f3a-8632df4013ee
+vulnerability,CVE-2025-23084,vulnerability--a2a233b8-3a2b-4b0c-b64a-42b391a0753a
+vulnerability,CVE-2025-23056,vulnerability--b734697f-8373-4bd7-9acc-3e02036b32bc
+vulnerability,CVE-2025-23054,vulnerability--8bfdb1e7-09d9-4b8c-8c43-1386331ba569
+vulnerability,CVE-2025-23045,vulnerability--7f922fd1-6329-4253-b9f0-1d26853fe7e7
+vulnerability,CVE-2025-24478,vulnerability--25f873cb-62c3-4f86-a8e4-7caa89ef7929
+vulnerability,CVE-2025-24800,vulnerability--b6830bb8-587e-486f-9a88-bb7e13fa03bb
+vulnerability,CVE-2025-24482,vulnerability--5cfaddf5-40bc-4aa8-8034-e52a5ef70751
+vulnerability,CVE-2025-24481,vulnerability--cb9667f2-37fc-4b46-8b08-2911fedec474
+vulnerability,CVE-2025-24480,vulnerability--0e81e056-70c4-44b4-b905-1740d0593874
+vulnerability,CVE-2025-24479,vulnerability--12950cf8-ce23-4cec-89f3-c76ad38f8b34
+vulnerability,CVE-2025-24826,vulnerability--cf94f0ac-e105-4cdc-be23-47c3ba8c5c95
+vulnerability,CVE-2025-24810,vulnerability--317cef9a-f6d7-45ee-8b49-93ba6570a2ef
+vulnerability,CVE-2025-0752,vulnerability--e94e7b0c-272b-40f4-a347-30174a6bd108
+vulnerability,CVE-2025-0750,vulnerability--9afcb455-b530-4954-b81a-ae2acc98c00f
+vulnerability,CVE-2025-0631,vulnerability--1d1856d3-f17c-46f1-b4a7-61c23ad538b2
+vulnerability,CVE-2025-0736,vulnerability--a724cf16-b7ad-4e69-8d11-f252803f4338
+vulnerability,CVE-2025-0321,vulnerability--532d49a3-d709-4697-b790-b792511b8054
+vulnerability,CVE-2025-0659,vulnerability--14a82fed-1808-49bb-9d29-9a690562d727
+vulnerability,CVE-2025-0290,vulnerability--dca5cc7d-b7eb-44c5-9280-1fc99d22d626
+vulnerability,CVE-2025-0790,vulnerability--0dbafeb7-0fc1-48a1-ae93-1908175a3306
+vulnerability,CVE-2025-0784,vulnerability--b20e0918-899c-4eea-8348-627e8cba6bd3
+vulnerability,CVE-2025-0432,vulnerability--2f34a3ff-2970-4b03-839f-4a26ec8eb8a9
+vulnerability,CVE-2025-0788,vulnerability--a8b4e28b-bd78-4a3a-8ce5-2d6841a8deb0
+vulnerability,CVE-2025-0789,vulnerability--5f980ecf-4dbd-4262-b817-83ff57fae895
+vulnerability,CVE-2025-0787,vulnerability--3695372e-7b8a-4d28-af6a-487c7cb308bd
+vulnerability,CVE-2025-0065,vulnerability--1d367d14-97de-4311-a810-dce6db624806
+vulnerability,CVE-2025-0754,vulnerability--a54c2a37-6c3a-4c4a-ac94-0d5906073134
+vulnerability,CVE-2025-0785,vulnerability--9c4884dd-a185-4688-a3b3-2a43b4a21f6b
+vulnerability,CVE-2025-0791,vulnerability--4fc76791-9c2a-4e92-8b60-0dfd416a88d0
+vulnerability,CVE-2025-0781,vulnerability--44df3c07-5a59-48be-82b4-6f8d4269020d
+vulnerability,CVE-2025-0783,vulnerability--bb77c8e8-19a5-4bb9-8dd2-6ad27dc0a9b9
+vulnerability,CVE-2025-0786,vulnerability--154f53f0-1669-4b78-ba08-5d1c5b0fca3d
+vulnerability,CVE-2017-13318,vulnerability--5fca670a-5d8c-47a7-b35d-f464513c0bb5
+vulnerability,CVE-2017-13317,vulnerability--3bca6861-fd37-4dea-93c4-109e74dac8c0

objects/vulnerability/vulnerability--007c56f5-79af-4dd3-961f-fa5301531b20.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--6235b5bd-2324-48a5-8c27-39bf62ba789c",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--007c56f5-79af-4dd3-961f-fa5301531b20",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-29T00:19:03.934524Z",
+            "modified": "2025-01-29T00:19:03.934524Z",
+            "name": "CVE-2024-40669",
+            "description": "In TBD of TBD, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-40669"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--02c283a3-93fb-432e-b511-ab4abd6dc9f7.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--97686608-8685-4300-b5c5-f0891b145090",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--02c283a3-93fb-432e-b511-ab4abd6dc9f7",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-29T00:19:03.958255Z",
+            "modified": "2025-01-29T00:19:03.958255Z",
+            "name": "CVE-2024-40649",
+            "description": "In TBD of TBD, there is a possible use-after-free due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-40649"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--061253cc-744c-4284-bd36-2dbab6985c82.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--004e511c-23e4-466e-8b30-2e600bdd8989",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--061253cc-744c-4284-bd36-2dbab6985c82",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-29T00:19:04.353484Z",
+            "modified": "2025-01-29T00:19:04.353484Z",
+            "name": "CVE-2024-0136",
+            "description": "NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code obtaining read and write access to host devices. This vulnerability is present only when the NVIDIA Container Toolkit is configured in a nondefault way. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-0136"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--0b045e16-e931-4579-8d3b-6074358cba5a.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--b2088f4a-56d7-461f-a925-22bab0517780",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--0b045e16-e931-4579-8d3b-6074358cba5a",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-29T00:19:12.746005Z",
+            "modified": "2025-01-29T00:19:12.746005Z",
+            "name": "CVE-2025-23385",
+            "description": "In JetBrains ReSharper before 2024.3.4, 2024.2.8, and 2024.1.7, Rider before 2024.3.4, 2024.2.8, and 2024.1.7, dotTrace before 2024.3.4, 2024.2.8, and 2024.1.7, ETW Host Service before 16.43, Local Privilege Escalation via the ETW Host Service was possible",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2025-23385"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--0d540c86-bbb0-46e3-95b6-0149edd9b0ef.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--e92aaa11-49b1-4ba7-88bf-c6450ecee1a0",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--0d540c86-bbb0-46e3-95b6-0149edd9b0ef",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-29T00:19:03.800979Z",
+            "modified": "2025-01-29T00:19:03.800979Z",
+            "name": "CVE-2024-23953",
+            "description": "Use of Arrays.equals() in LlapSignerImpl in Apache Hive to compare message signatures allows attacker to forge a valid signature for an arbitrary message byte by byte. The attacker should be an authorized user of the product to perform this attack. Users are recommended to upgrade to version 4.0.0, which fixes this issue.\n\nThe problem occurs when an application doesn’t use a constant-time algorithm for validating a signature. The method Arrays.equals() returns false right away when it sees that one of the input’s bytes are different. It means that the comparison time depends on the contents of the arrays. This little thing may allow an attacker to forge a valid signature for an arbitrary message byte by byte. So it might allow malicious users to submit splits/work with selected signatures to LLAP without running as a privileged user, potentially leading to DDoS attack.\n\nMore details in the reference section.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-23953"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--0dbafeb7-0fc1-48a1-ae93-1908175a3306.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--eb369b75-7bd0-4b35-ab09-4ae054e4f2c2",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--0dbafeb7-0fc1-48a1-ae93-1908175a3306",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-29T00:19:12.836059Z",
+            "modified": "2025-01-29T00:19:12.836059Z",
+            "name": "CVE-2025-0790",
+            "description": "A vulnerability classified as problematic was found in ESAFENET CDG V5. This vulnerability affects unknown code of the file /doneDetail.jsp. The manipulation of the argument curpage leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2025-0790"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--0e81e056-70c4-44b4-b905-1740d0593874.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--1ca5f998-8053-4a07-85f6-217d63693327",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--0e81e056-70c4-44b4-b905-1740d0593874",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-29T00:19:12.785458Z",
+            "modified": "2025-01-29T00:19:12.785458Z",
+            "name": "CVE-2025-24480",
+            "description": "A Remote Code Execution Vulnerability exists in the product and version listed above. The vulnerability is due to lack of input sanitation and could allow a remote attacker to run commands or code as a high privileged user.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2025-24480"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--0ed89e5d-f0b0-4d30-b003-f352c2c11cec.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--676b6503-3252-40f2-bea3-1ceb19efadbc",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--0ed89e5d-f0b0-4d30-b003-f352c2c11cec",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-29T00:19:02.531112Z",
+            "modified": "2025-01-29T00:19:02.531112Z",
+            "name": "CVE-2024-45341",
+            "description": "A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. Certificates containing URIs are not permitted in the web PKI, so this only affects users of private PKIs which make use of URIs.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-45341"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--0fefec06-2630-43fa-a316-150739f9b6e5.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--0c770d06-ec26-4d2b-8a76-013aa0a8ba3d",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--0fefec06-2630-43fa-a316-150739f9b6e5",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-29T00:19:03.942206Z",
+            "modified": "2025-01-29T00:19:03.942206Z",
+            "name": "CVE-2024-40670",
+            "description": "In TBD of TBD, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-40670"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--12950cf8-ce23-4cec-89f3-c76ad38f8b34.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--3fa60c3f-82f8-452c-95e1-b27e542550d1",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--12950cf8-ce23-4cec-89f3-c76ad38f8b34",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-29T00:19:12.794097Z",
+            "modified": "2025-01-29T00:19:12.794097Z",
+            "name": "CVE-2025-24479",
+            "description": "A Local Code Execution Vulnerability exists in the product and version listed above. The vulnerability is due to a default setting in Windows and allows access to the Command Prompt as a higher privileged user.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2025-24479"
+                }
+            ]
+        }
+    ]
+}