generated content from 2024-10-23

mapping.csv

@@ -253043,3 +253043,84 @@ vulnerability,CVE-2022-49029,vulnerability--0bf8a3a2-c242-4f30-9049-c04ab1796ab2
 vulnerability,CVE-2022-49013,vulnerability--95035909-4433-44db-bfd9-a216dca8deab
 vulnerability,CVE-2022-49028,vulnerability--bd5f4682-a471-4dcd-b778-53afb12f6b52
 vulnerability,CVE-2023-52917,vulnerability--6ce5f83e-73f6-4db5-89e6-f7dfa3a567b0
+vulnerability,CVE-2024-48929,vulnerability--2aacee59-bb61-4e72-9ac6-9a68236f3259
+vulnerability,CVE-2024-48656,vulnerability--e27870b4-b518-4680-b555-3b5deca79c7b
+vulnerability,CVE-2024-48644,vulnerability--afd5358a-0344-4601-bac0-bf7f050045ed
+vulnerability,CVE-2024-48919,vulnerability--fb292b08-081e-45ae-880b-857f53823c72
+vulnerability,CVE-2024-48926,vulnerability--0ea1cf37-3658-4ba7-86fc-44f6a32a8fa6
+vulnerability,CVE-2024-48415,vulnerability--80023d2d-3bc7-4284-a3b4-df13e7055a68
+vulnerability,CVE-2024-48925,vulnerability--cc505ea3-7378-4d2f-b832-a33365ab4943
+vulnerability,CVE-2024-48570,vulnerability--37c54e56-5dbc-46c9-85bf-134b6ab29a90
+vulnerability,CVE-2024-48706,vulnerability--20cf6117-dc2c-4ffc-94e5-a0f45040276c
+vulnerability,CVE-2024-48708,vulnerability--dd6274e8-e114-4ac6-8163-d2b61ebdbfff
+vulnerability,CVE-2024-48927,vulnerability--0634d30c-f858-4d33-9f36-ca7dcc919cb3
+vulnerability,CVE-2024-48652,vulnerability--f0e85e14-367b-437e-a6ab-a782af09b585
+vulnerability,CVE-2024-48707,vulnerability--77184983-f3f7-42ba-8b52-e391a8441d04
+vulnerability,CVE-2024-48903,vulnerability--a1b33226-d655-4e31-8022-ccbd0acde117
+vulnerability,CVE-2024-48657,vulnerability--775b8fed-2434-471a-ba9e-f654db153489
+vulnerability,CVE-2024-48605,vulnerability--8dfbbfb3-328e-4128-a74d-b8875aecf10e
+vulnerability,CVE-2024-48904,vulnerability--26746168-474a-4bdb-81aa-d9cdec764eb6
+vulnerability,CVE-2024-45526,vulnerability--c80d71e6-fb44-4897-88be-89fc7648ba10
+vulnerability,CVE-2024-45334,vulnerability--1e0047c5-05c0-4727-b0d8-9d526fd6edf9
+vulnerability,CVE-2024-45335,vulnerability--b9fc5e70-7f16-45fa-8a70-ec7c96a5e995
+vulnerability,CVE-2024-45518,vulnerability--884ca6cb-9884-4374-9d47-2ed87858b491
+vulnerability,CVE-2024-10002,vulnerability--d380c30a-2bea-41e2-ba49-88e1efe4707a
+vulnerability,CVE-2024-10003,vulnerability--5903dbec-7fe4-43d4-bd12-ec2497361417
+vulnerability,CVE-2024-10189,vulnerability--bf5ab58d-adf6-48e3-8111-76ee953f40ac
+vulnerability,CVE-2024-10231,vulnerability--07da5af5-8432-4eaf-9226-6ee965fb9d24
+vulnerability,CVE-2024-10229,vulnerability--928d3cc7-37b9-4184-9584-1c2a01824bb8
+vulnerability,CVE-2024-10183,vulnerability--17c69cfc-0cd3-4c57-a249-737d176ffbe2
+vulnerability,CVE-2024-10234,vulnerability--251144ca-17f3-40b5-8550-18c030d922e4
+vulnerability,CVE-2024-10230,vulnerability--b5e99393-8963-4a60-bc2b-145b0ba7500d
+vulnerability,CVE-2024-9541,vulnerability--638d724e-09da-4a6e-8fc7-aa73863ebb2c
+vulnerability,CVE-2024-9287,vulnerability--913273eb-c76c-4679-8d27-81fde87d734c
+vulnerability,CVE-2024-9987,vulnerability--5ddbe6f9-5b53-4b89-8da8-072ca6e78c97
+vulnerability,CVE-2024-9627,vulnerability--9f21a81e-0f08-4a93-b392-1df08715c21c
+vulnerability,CVE-2024-9591,vulnerability--6b809fbf-8cb6-41d7-9231-1083094a222f
+vulnerability,CVE-2024-9588,vulnerability--47ddc863-e134-4186-ac74-6029e60d497c
+vulnerability,CVE-2024-9589,vulnerability--39d32c5b-8147-4837-a742-ab4329a32451
+vulnerability,CVE-2024-9677,vulnerability--1ae85a3a-0a43-4065-b9fa-4d07d9ce04b6
+vulnerability,CVE-2024-9050,vulnerability--3600f6ec-0234-4147-a97c-8d41c3f1010b
+vulnerability,CVE-2024-9231,vulnerability--7528c1d2-ea65-4715-9f62-c7fbfc05dea9
+vulnerability,CVE-2024-9590,vulnerability--3966e491-6023-4c6b-8c35-e5f642c5d80e
+vulnerability,CVE-2024-9129,vulnerability--afcaaebd-15de-48c5-8e8b-f4796b59c37f
+vulnerability,CVE-2024-39753,vulnerability--bb43ce1b-a558-4d92-927e-d1885c61bd8d
+vulnerability,CVE-2024-47819,vulnerability--517a6b4a-4e59-4bf8-84b1-0ed550804f4c
+vulnerability,CVE-2024-50312,vulnerability--499c12a0-3438-4625-a09b-c74c0d8449b4
+vulnerability,CVE-2024-50311,vulnerability--188ad362-75b8-4fc0-a90c-962cc4104fef
+vulnerability,CVE-2024-26273,vulnerability--f2e64c6a-a0ec-4c9e-9640-06f6d6efef17
+vulnerability,CVE-2024-26271,vulnerability--28047597-887b-4e03-bff5-89fda817b10f
+vulnerability,CVE-2024-26519,vulnerability--7162a6e8-dacd-40b0-ae6d-40df0ae37a88
+vulnerability,CVE-2024-26272,vulnerability--8e510e71-eb46-4d97-b1f5-3d6d63952bc6
+vulnerability,CVE-2024-7587,vulnerability--c7b312fc-e420-47ab-b090-f52f355facc9
+vulnerability,CVE-2024-44812,vulnerability--8ed057c9-2a13-4c7c-a2a4-46f606433c24
+vulnerability,CVE-2024-44331,vulnerability--202710e5-5a88-4a24-99f4-4254d2aeee5d
+vulnerability,CVE-2024-8852,vulnerability--70a94517-228f-431f-8e1c-f6f059a9a1d3
+vulnerability,CVE-2024-8980,vulnerability--bb7bcaee-1116-41e3-870d-34e513f37f0f
+vulnerability,CVE-2024-38002,vulnerability--7be5a499-87d8-4f88-a69f-fbd9dc75b823
+vulnerability,CVE-2024-40494,vulnerability--23fab1f4-d6fe-42b0-b55a-3f4c726b8f77
+vulnerability,CVE-2024-40493,vulnerability--42868780-0872-4836-8f61-f7d7823a8536
+vulnerability,CVE-2024-31029,vulnerability--b051ca3b-134a-4d7a-929a-b0d9b11c32a0
+vulnerability,CVE-2024-41717,vulnerability--f6e986f0-557a-4349-bfd9-d9cb95f383fe
+vulnerability,CVE-2024-41183,vulnerability--1d8adf09-4911-4534-aeec-4ec1cf98f518
+vulnerability,CVE-2024-35308,vulnerability--9d6e7d6e-0578-4b28-a926-e7f33c878865
+vulnerability,CVE-2024-49208,vulnerability--22315352-e10d-498e-8329-606ee747285b
+vulnerability,CVE-2024-49373,vulnerability--48bfe356-4349-4c8a-8be9-bee1a33bdc59
+vulnerability,CVE-2024-49211,vulnerability--c96343ec-0407-4563-9879-8ec8a9edb486
+vulnerability,CVE-2024-49210,vulnerability--835d704b-f607-4fa4-9c6b-209aa7b9d166
+vulnerability,CVE-2024-49209,vulnerability--a268faba-8e8f-47fc-a7e5-0f6d46c7e295
+vulnerability,CVE-2024-46902,vulnerability--446434e8-756e-4ea5-a2ad-763f2fd2d82d
+vulnerability,CVE-2024-46903,vulnerability--fd67fbe9-4daf-406d-9043-58b28d107c38
+vulnerability,CVE-2024-46482,vulnerability--fcebff86-b4ea-487a-b255-5ff039361f6a
+vulnerability,CVE-2024-46240,vulnerability--ebe6c318-e2c8-48ef-b53c-dec49814b67d
+vulnerability,CVE-2024-46538,vulnerability--3111f198-6011-49c1-a086-48742524059e
+vulnerability,CVE-2024-46483,vulnerability--859c02db-f899-461a-bd41-93dff552ad4d
+vulnerability,CVE-2024-42643,vulnerability--abb48e93-c5dd-4d8b-bf65-ca993143684c
+vulnerability,CVE-2024-43812,vulnerability--da5152ce-775e-4828-9be3-32391429d842
+vulnerability,CVE-2024-43698,vulnerability--b737498f-a7fd-453f-abf8-820c80c3ffa2
+vulnerability,CVE-2024-43173,vulnerability--396a8bbe-348e-4dcb-a9d2-b80a64a23151
+vulnerability,CVE-2024-43177,vulnerability--048d1195-5e7e-4d56-8a22-5604ab0936f1
+vulnerability,CVE-2022-23862,vulnerability--3bbd7a5f-b37b-40a8-8c3c-852680a0c463
+vulnerability,CVE-2022-23861,vulnerability--b59dca9d-63ca-4235-89a2-418315f2140e
+vulnerability,CVE-2023-52919,vulnerability--05104d54-b04b-461a-a8f0-e1b1e4b18727
+vulnerability,CVE-2023-52918,vulnerability--0e3b5255-c10c-4239-a366-68d9d2d95938

objects/vulnerability/vulnerability--048d1195-5e7e-4d56-8a22-5604ab0936f1.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--e526c247-1ba6-48e5-8382-86c26a716752",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--048d1195-5e7e-4d56-8a22-5604ab0936f1",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-23T00:20:44.513962Z",
+            "modified": "2024-10-23T00:20:44.513962Z",
+            "name": "CVE-2024-43177",
+            "description": "IBM Concert 1.0.0 and 1.0.1 vulnerable to attacks that rely on the use of cookies without the SameSite attribute.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-43177"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--05104d54-b04b-461a-a8f0-e1b1e4b18727.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--1c9b79cf-dacd-47ec-8c33-d74448b5c314",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--05104d54-b04b-461a-a8f0-e1b1e4b18727",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-23T00:20:51.622242Z",
+            "modified": "2024-10-23T00:20:51.622242Z",
+            "name": "CVE-2023-52919",
+            "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: nci: fix possible NULL pointer dereference in send_acknowledge()\n\nHandle memory allocation failure from nci_skb_alloc() (calling\nalloc_skb()) to avoid possible NULL pointer dereference.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2023-52919"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--0634d30c-f858-4d33-9f36-ca7dcc919cb3.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--5be1375f-4591-40d7-ab19-d1ef46dc2ad2",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--0634d30c-f858-4d33-9f36-ca7dcc919cb3",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-23T00:20:42.271209Z",
+            "modified": "2024-10-23T00:20:42.271209Z",
+            "name": "CVE-2024-48927",
+            "description": "Umbraco, a free and open source .NET content management system, has a remote code execution issue in versions on the 13.x branch prior to 13.5.2, 10.x prior to 10.8.7, and 8.x prior to 8.18.15. There is a potential risk of code execution for Backoffice users when they “preview” SVG files in full screen mode. Versions 13.5.2, 10.8,7, and 8.18.15 contain a patch for the issue. As a workaround, derver-side file validation is available to strip script tags from file's content during the file upload process.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-48927"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--07da5af5-8432-4eaf-9226-6ee965fb9d24.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--4f955dab-d4df-4a7b-ab5b-0a3c851e49ce",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--07da5af5-8432-4eaf-9226-6ee965fb9d24",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-23T00:20:42.416293Z",
+            "modified": "2024-10-23T00:20:42.416293Z",
+            "name": "CVE-2024-10231",
+            "description": "Type Confusion in V8 in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-10231"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--0e3b5255-c10c-4239-a366-68d9d2d95938.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--8870fa03-2aea-4ab4-b89c-533544ce2992",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--0e3b5255-c10c-4239-a366-68d9d2d95938",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-23T00:20:51.654965Z",
+            "modified": "2024-10-23T00:20:51.654965Z",
+            "name": "CVE-2023-52918",
+            "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: pci: cx23885: check cx23885_vdev_init() return\n\ncx23885_vdev_init() can return a NULL pointer, but that pointer\nis used in the next line without a check.\n\nAdd a NULL pointer check and go to the error unwind if it is NULL.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2023-52918"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--0ea1cf37-3658-4ba7-86fc-44f6a32a8fa6.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--f858f820-4a95-422a-8404-837e3ac61129",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--0ea1cf37-3658-4ba7-86fc-44f6a32a8fa6",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-23T00:20:42.242282Z",
+            "modified": "2024-10-23T00:20:42.242282Z",
+            "name": "CVE-2024-48926",
+            "description": "Umbraco, a free and open source .NET content management system, has an insufficient session expiration issue in versions on the 13.x branch prior to 13.5.2, 10.x prior to 10.8.7, and 8.x prior to 8.18.15. The Backoffice displays the logout page with a session timeout message before the server session has fully expired, causing users to believe they have been logged out approximately 30 seconds before they actually are. Versions 13.5.2, 10.8,7, and 8.18.15 contain a patch for the issue.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-48926"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--17c69cfc-0cd3-4c57-a249-737d176ffbe2.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--c2d23ec6-4599-4355-a703-736a3d02b30d",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--17c69cfc-0cd3-4c57-a249-737d176ffbe2",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-23T00:20:42.419837Z",
+            "modified": "2024-10-23T00:20:42.419837Z",
+            "name": "CVE-2024-10183",
+            "description": "A vulnerability in Jamf Pro's Jamf Remote Assist tool allows a local, non-privileged user to escalate their privileges to root on MacOS systems.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-10183"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--188ad362-75b8-4fc0-a90c-962cc4104fef.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--8fc983d9-40a1-4712-a269-42df7d57be20",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--188ad362-75b8-4fc0-a90c-962cc4104fef",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-23T00:20:42.619225Z",
+            "modified": "2024-10-23T00:20:42.619225Z",
+            "name": "CVE-2024-50311",
+            "description": "A denial of service (DoS) vulnerability was found in OpenShift. This flaw allows attackers to exploit the GraphQL batching functionality. The vulnerability arises when multiple queries can be sent within a single request, enabling an attacker to submit a request containing thousands of aliases in one query. This issue causes excessive resource consumption, leading to application unavailability for legitimate users.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-50311"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--1ae85a3a-0a43-4065-b9fa-4d07d9ce04b6.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--befe9fa1-009e-4ac4-8189-31d626e86459",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--1ae85a3a-0a43-4065-b9fa-4d07d9ce04b6",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-23T00:20:42.474852Z",
+            "modified": "2024-10-23T00:20:42.474852Z",
+            "name": "CVE-2024-9677",
+            "description": "The insufficiently protected credentials vulnerability in the CLI command of the USG FLEX H series uOS firmware version V1.21 and earlier versions could allow an authenticated local attacker to gain privilege escalation by stealing the authentication token of a login administrator. Note that this attack could be successful only if the administrator has not logged out.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-9677"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--1d8adf09-4911-4534-aeec-4ec1cf98f518.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--adbc057a-a9d9-4a16-865e-da34369a2634",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--1d8adf09-4911-4534-aeec-4ec1cf98f518",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-23T00:20:43.331883Z",
+            "modified": "2024-10-23T00:20:43.331883Z",
+            "name": "CVE-2024-41183",
+            "description": "Trend Micro VPN, version 5.8.1012 and below is vulnerable to an arbitrary file overwrite under specific conditions that can lead to elevation of privileges.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-41183"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--1e0047c5-05c0-4727-b0d8-9d526fd6edf9.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--1e414e61-0c80-4999-b430-0f8965d62d4d",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--1e0047c5-05c0-4727-b0d8-9d526fd6edf9",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-23T00:20:42.39287Z",
+            "modified": "2024-10-23T00:20:42.39287Z",
+            "name": "CVE-2024-45334",
+            "description": "Trend Micro Antivirus One versions 3.10.4 and below (Consumer) is vulnerable to an Arbitrary Configuration Update that could allow unauthorized access to product configurations and functions.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-45334"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--202710e5-5a88-4a24-99f4-4254d2aeee5d.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--baabb36b-3893-4208-81b8-27693834250c",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--202710e5-5a88-4a24-99f4-4254d2aeee5d",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-23T00:20:42.893677Z",
+            "modified": "2024-10-23T00:20:42.893677Z",
+            "name": "CVE-2024-44331",
+            "description": "Incorrect Access Control in GStreamer RTSP server 1.25.0 in gst-rtsp-server/rtsp-media.c allows remote attackers to cause a denial of service via a series of specially crafted hexstream requests.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-44331"
+                }
+            ]
+        }
+    ]
+}