From 6513621c646b6728d15bbadc2c90ed11b74dd77c Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Sun, 1 Dec 2024 00:27:06 +0000 Subject: [PATCH] generated content from 2024-12-01 --- mapping.csv | 29 +++++++++++++++++++ ...-06be43ca-2dcf-476d-8853-1078e2f8212f.json | 22 ++++++++++++++ ...-07b8aeee-5875-4f1e-a778-e65c9626c3dc.json | 22 ++++++++++++++ ...-0cb663e5-0239-4cc1-b3b1-4431613316d8.json | 22 ++++++++++++++ ...-145c801e-3183-403e-b03b-65b238c3a67f.json | 22 ++++++++++++++ ...-163d2a0f-fcce-423f-bc5c-cf8975853092.json | 22 ++++++++++++++ ...-1908a78e-7867-44bf-a4fd-18bd8e0dc0b6.json | 22 ++++++++++++++ ...-19771f39-e5c3-4602-a995-d353f6616d19.json | 22 ++++++++++++++ ...-2ea173fc-0cbb-4e38-a072-397a452937b9.json | 22 ++++++++++++++ ...-309c8e26-5798-45b4-bcb4-3da9dec265a6.json | 22 ++++++++++++++ ...-30b47a23-b0c6-4ec7-a280-4447d321b347.json | 22 ++++++++++++++ ...-38d7f8e1-863c-4ef7-9f1f-983ae0846041.json | 22 ++++++++++++++ ...-4ec53142-495e-49fb-812a-b714c751642c.json | 22 ++++++++++++++ ...-559e3412-d66f-4740-ba28-cad2f1df8fdc.json | 22 ++++++++++++++ ...-55f7c914-4119-45d1-be1a-f19e76110531.json | 22 ++++++++++++++ ...-78c39fb1-fff9-4366-bd00-751cacde0f16.json | 22 ++++++++++++++ ...-800570c7-28f9-4876-8286-4c335161f407.json | 22 ++++++++++++++ ...-80094ddb-7f5e-434f-ac66-76f92d333b54.json | 22 ++++++++++++++ ...-83f2f687-d162-4e67-a6f8-8af8af5931db.json | 22 ++++++++++++++ ...-86d75778-36f9-4b70-89be-d5a9283ac26c.json | 22 ++++++++++++++ ...-96d1f7b9-2b65-42be-9b6e-1789512bfcfa.json | 22 ++++++++++++++ ...-9d115015-acd5-4151-b658-78c80a8789eb.json | 22 ++++++++++++++ ...-ae04cc41-2396-4c9e-b652-ce4398da18d9.json | 22 ++++++++++++++ ...-afb24d80-a6d2-45b4-87aa-96902abc06a3.json | 22 ++++++++++++++ ...-afe1ff75-188c-4d4c-8b53-e8a15816d96f.json | 22 ++++++++++++++ ...-bad81c19-8036-4192-9bcf-a44ae9de8187.json | 22 ++++++++++++++ ...-bb938a0f-ed8f-45fa-892a-9df205e1eef8.json | 22 ++++++++++++++ ...-bc24a8e8-2c42-4876-b2e7-3c40c2b957bd.json | 22 ++++++++++++++ ...-d5fa72d9-6f1c-4c1d-990d-965ee637de5b.json | 22 ++++++++++++++ ...-f2b00fce-27a1-4214-88ad-d2095c4c38dc.json | 22 ++++++++++++++ 30 files changed, 667 insertions(+) create mode 100644 objects/vulnerability/vulnerability--06be43ca-2dcf-476d-8853-1078e2f8212f.json create mode 100644 objects/vulnerability/vulnerability--07b8aeee-5875-4f1e-a778-e65c9626c3dc.json create mode 100644 objects/vulnerability/vulnerability--0cb663e5-0239-4cc1-b3b1-4431613316d8.json create mode 100644 objects/vulnerability/vulnerability--145c801e-3183-403e-b03b-65b238c3a67f.json create mode 100644 objects/vulnerability/vulnerability--163d2a0f-fcce-423f-bc5c-cf8975853092.json create mode 100644 objects/vulnerability/vulnerability--1908a78e-7867-44bf-a4fd-18bd8e0dc0b6.json create mode 100644 objects/vulnerability/vulnerability--19771f39-e5c3-4602-a995-d353f6616d19.json create mode 100644 objects/vulnerability/vulnerability--2ea173fc-0cbb-4e38-a072-397a452937b9.json create mode 100644 objects/vulnerability/vulnerability--309c8e26-5798-45b4-bcb4-3da9dec265a6.json create mode 100644 objects/vulnerability/vulnerability--30b47a23-b0c6-4ec7-a280-4447d321b347.json create mode 100644 objects/vulnerability/vulnerability--38d7f8e1-863c-4ef7-9f1f-983ae0846041.json create mode 100644 objects/vulnerability/vulnerability--4ec53142-495e-49fb-812a-b714c751642c.json create mode 100644 objects/vulnerability/vulnerability--559e3412-d66f-4740-ba28-cad2f1df8fdc.json create mode 100644 objects/vulnerability/vulnerability--55f7c914-4119-45d1-be1a-f19e76110531.json create mode 100644 objects/vulnerability/vulnerability--78c39fb1-fff9-4366-bd00-751cacde0f16.json create mode 100644 objects/vulnerability/vulnerability--800570c7-28f9-4876-8286-4c335161f407.json create mode 100644 objects/vulnerability/vulnerability--80094ddb-7f5e-434f-ac66-76f92d333b54.json create mode 100644 objects/vulnerability/vulnerability--83f2f687-d162-4e67-a6f8-8af8af5931db.json create mode 100644 objects/vulnerability/vulnerability--86d75778-36f9-4b70-89be-d5a9283ac26c.json create mode 100644 objects/vulnerability/vulnerability--96d1f7b9-2b65-42be-9b6e-1789512bfcfa.json create mode 100644 objects/vulnerability/vulnerability--9d115015-acd5-4151-b658-78c80a8789eb.json create mode 100644 objects/vulnerability/vulnerability--ae04cc41-2396-4c9e-b652-ce4398da18d9.json create mode 100644 objects/vulnerability/vulnerability--afb24d80-a6d2-45b4-87aa-96902abc06a3.json create mode 100644 objects/vulnerability/vulnerability--afe1ff75-188c-4d4c-8b53-e8a15816d96f.json create mode 100644 objects/vulnerability/vulnerability--bad81c19-8036-4192-9bcf-a44ae9de8187.json create mode 100644 objects/vulnerability/vulnerability--bb938a0f-ed8f-45fa-892a-9df205e1eef8.json create mode 100644 objects/vulnerability/vulnerability--bc24a8e8-2c42-4876-b2e7-3c40c2b957bd.json create mode 100644 objects/vulnerability/vulnerability--d5fa72d9-6f1c-4c1d-990d-965ee637de5b.json create mode 100644 objects/vulnerability/vulnerability--f2b00fce-27a1-4214-88ad-d2095c4c38dc.json diff --git a/mapping.csv b/mapping.csv index 308bbb45824..c2a1bd6a8e5 100644 --- a/mapping.csv +++ b/mapping.csv @@ -258202,3 +258202,32 @@ vulnerability,CVE-2024-36623,vulnerability--3249dc75-a290-4460-b87a-24c022d84a27 vulnerability,CVE-2024-36615,vulnerability--da55e3a2-20e3-4198-9cf4-2195463974d3 vulnerability,CVE-2024-36616,vulnerability--9bed2215-6ead-4dd4-958c-c5c34aabb9c5 vulnerability,CVE-2024-36626,vulnerability--021ca777-9565-4b53-8564-fcd32328f5a7 +vulnerability,CVE-2024-12000,vulnerability--30b47a23-b0c6-4ec7-a280-4447d321b347 +vulnerability,CVE-2024-12001,vulnerability--bad81c19-8036-4192-9bcf-a44ae9de8187 +vulnerability,CVE-2024-12002,vulnerability--d5fa72d9-6f1c-4c1d-990d-965ee637de5b +vulnerability,CVE-2024-11998,vulnerability--145c801e-3183-403e-b03b-65b238c3a67f +vulnerability,CVE-2024-11996,vulnerability--06be43ca-2dcf-476d-8853-1078e2f8212f +vulnerability,CVE-2024-11997,vulnerability--55f7c914-4119-45d1-be1a-f19e76110531 +vulnerability,CVE-2024-11252,vulnerability--9d115015-acd5-4151-b658-78c80a8789eb +vulnerability,CVE-2024-53788,vulnerability--38d7f8e1-863c-4ef7-9f1f-983ae0846041 +vulnerability,CVE-2024-53774,vulnerability--afe1ff75-188c-4d4c-8b53-e8a15816d96f +vulnerability,CVE-2024-53778,vulnerability--96d1f7b9-2b65-42be-9b6e-1789512bfcfa +vulnerability,CVE-2024-53764,vulnerability--f2b00fce-27a1-4214-88ad-d2095c4c38dc +vulnerability,CVE-2024-53768,vulnerability--80094ddb-7f5e-434f-ac66-76f92d333b54 +vulnerability,CVE-2024-53738,vulnerability--83f2f687-d162-4e67-a6f8-8af8af5931db +vulnerability,CVE-2024-53767,vulnerability--4ec53142-495e-49fb-812a-b714c751642c +vulnerability,CVE-2024-53756,vulnerability--309c8e26-5798-45b4-bcb4-3da9dec265a6 +vulnerability,CVE-2024-53763,vulnerability--0cb663e5-0239-4cc1-b3b1-4431613316d8 +vulnerability,CVE-2024-53760,vulnerability--ae04cc41-2396-4c9e-b652-ce4398da18d9 +vulnerability,CVE-2024-53758,vulnerability--afb24d80-a6d2-45b4-87aa-96902abc06a3 +vulnerability,CVE-2024-53787,vulnerability--19771f39-e5c3-4602-a995-d353f6616d19 +vulnerability,CVE-2024-53772,vulnerability--1908a78e-7867-44bf-a4fd-18bd8e0dc0b6 +vulnerability,CVE-2024-53771,vulnerability--2ea173fc-0cbb-4e38-a072-397a452937b9 +vulnerability,CVE-2024-53739,vulnerability--bb938a0f-ed8f-45fa-892a-9df205e1eef8 +vulnerability,CVE-2024-53766,vulnerability--559e3412-d66f-4740-ba28-cad2f1df8fdc +vulnerability,CVE-2024-53783,vulnerability--86d75778-36f9-4b70-89be-d5a9283ac26c +vulnerability,CVE-2024-53786,vulnerability--78c39fb1-fff9-4366-bd00-751cacde0f16 +vulnerability,CVE-2024-53757,vulnerability--163d2a0f-fcce-423f-bc5c-cf8975853092 +vulnerability,CVE-2024-53773,vulnerability--800570c7-28f9-4876-8286-4c335161f407 +vulnerability,CVE-2024-43703,vulnerability--bc24a8e8-2c42-4876-b2e7-3c40c2b957bd +vulnerability,CVE-2024-43702,vulnerability--07b8aeee-5875-4f1e-a778-e65c9626c3dc diff --git a/objects/vulnerability/vulnerability--06be43ca-2dcf-476d-8853-1078e2f8212f.json b/objects/vulnerability/vulnerability--06be43ca-2dcf-476d-8853-1078e2f8212f.json new file mode 100644 index 00000000000..44830d1a8a6 --- /dev/null +++ b/objects/vulnerability/vulnerability--06be43ca-2dcf-476d-8853-1078e2f8212f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--bb3dd39b-0f7b-4884-9eb4-a04d2ab3ba0d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--06be43ca-2dcf-476d-8853-1078e2f8212f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-01T00:26:38.37797Z", + "modified": "2024-12-01T00:26:38.37797Z", + "name": "CVE-2024-11996", + "description": "A vulnerability was found in code-projects Farmacia 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /editar-fornecedor.php. The manipulation of the argument cidade leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11996" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--07b8aeee-5875-4f1e-a778-e65c9626c3dc.json b/objects/vulnerability/vulnerability--07b8aeee-5875-4f1e-a778-e65c9626c3dc.json new file mode 100644 index 00000000000..897c1fa14f1 --- /dev/null +++ b/objects/vulnerability/vulnerability--07b8aeee-5875-4f1e-a778-e65c9626c3dc.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a7e08582-580e-4617-a9cd-02911d13af42", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--07b8aeee-5875-4f1e-a778-e65c9626c3dc", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-01T00:26:40.198186Z", + "modified": "2024-12-01T00:26:40.198186Z", + "name": "CVE-2024-43702", + "description": "Software installed and run as a non-privileged user may conduct improper GPU system calls to allow unprivileged access to arbitrary physical memory page.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-43702" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--0cb663e5-0239-4cc1-b3b1-4431613316d8.json b/objects/vulnerability/vulnerability--0cb663e5-0239-4cc1-b3b1-4431613316d8.json new file mode 100644 index 00000000000..609737e8438 --- /dev/null +++ b/objects/vulnerability/vulnerability--0cb663e5-0239-4cc1-b3b1-4431613316d8.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--096ab3aa-2f33-4e15-839a-c3df7c901dec", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--0cb663e5-0239-4cc1-b3b1-4431613316d8", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-01T00:26:38.651875Z", + "modified": "2024-12-01T00:26:38.651875Z", + "name": "CVE-2024-53763", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rejuan Ahamed Best Addons for Elementor allows Stored XSS.This issue affects Best Addons for Elementor: from n/a through 1.0.5.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53763" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--145c801e-3183-403e-b03b-65b238c3a67f.json b/objects/vulnerability/vulnerability--145c801e-3183-403e-b03b-65b238c3a67f.json new file mode 100644 index 00000000000..e4d13122ff3 --- /dev/null +++ b/objects/vulnerability/vulnerability--145c801e-3183-403e-b03b-65b238c3a67f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--8dcb925c-21fc-47b5-a8c4-d9e5efe5fde8", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--145c801e-3183-403e-b03b-65b238c3a67f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-01T00:26:38.358729Z", + "modified": "2024-12-01T00:26:38.358729Z", + "name": "CVE-2024-11998", + "description": "A vulnerability was found in code-projects Farmacia 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /visualizer-forneccedor.chp. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11998" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--163d2a0f-fcce-423f-bc5c-cf8975853092.json b/objects/vulnerability/vulnerability--163d2a0f-fcce-423f-bc5c-cf8975853092.json new file mode 100644 index 00000000000..2f29b00299a --- /dev/null +++ b/objects/vulnerability/vulnerability--163d2a0f-fcce-423f-bc5c-cf8975853092.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--6e93c304-b29f-4779-8da4-70149146333d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--163d2a0f-fcce-423f-bc5c-cf8975853092", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-01T00:26:38.689241Z", + "modified": "2024-12-01T00:26:38.689241Z", + "name": "CVE-2024-53757", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SocialEvolution WP Find Your Nearest allows Stored XSS.This issue affects WP Find Your Nearest: from n/a through 0.3.1.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53757" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--1908a78e-7867-44bf-a4fd-18bd8e0dc0b6.json b/objects/vulnerability/vulnerability--1908a78e-7867-44bf-a4fd-18bd8e0dc0b6.json new file mode 100644 index 00000000000..ad6f8b54bd4 --- /dev/null +++ b/objects/vulnerability/vulnerability--1908a78e-7867-44bf-a4fd-18bd8e0dc0b6.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--fd584e9b-f196-409a-9489-328d17f76424", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--1908a78e-7867-44bf-a4fd-18bd8e0dc0b6", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-01T00:26:38.675429Z", + "modified": "2024-12-01T00:26:38.675429Z", + "name": "CVE-2024-53772", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Mail Picker allows DOM-Based XSS.This issue affects Mail Picker: from n/a through 1.0.14.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53772" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--19771f39-e5c3-4602-a995-d353f6616d19.json b/objects/vulnerability/vulnerability--19771f39-e5c3-4602-a995-d353f6616d19.json new file mode 100644 index 00000000000..e8bf687bd67 --- /dev/null +++ b/objects/vulnerability/vulnerability--19771f39-e5c3-4602-a995-d353f6616d19.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--e2c9d2dc-c27d-4505-bd53-9a5de4860c75", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--19771f39-e5c3-4602-a995-d353f6616d19", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-01T00:26:38.673812Z", + "modified": "2024-12-01T00:26:38.673812Z", + "name": "CVE-2024-53787", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in vinoth06 Random Banner allows Stored XSS.This issue affects Random Banner: from n/a through 4.2.9.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53787" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--2ea173fc-0cbb-4e38-a072-397a452937b9.json b/objects/vulnerability/vulnerability--2ea173fc-0cbb-4e38-a072-397a452937b9.json new file mode 100644 index 00000000000..9d0242b0b00 --- /dev/null +++ b/objects/vulnerability/vulnerability--2ea173fc-0cbb-4e38-a072-397a452937b9.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f682c011-99aa-434c-bf3f-3fff16fe160f", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--2ea173fc-0cbb-4e38-a072-397a452937b9", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-01T00:26:38.678674Z", + "modified": "2024-12-01T00:26:38.678674Z", + "name": "CVE-2024-53771", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sergio Micó SimpleSchema allows DOM-Based XSS.This issue affects SimpleSchema: from n/a through 1.7.6.9.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53771" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--309c8e26-5798-45b4-bcb4-3da9dec265a6.json b/objects/vulnerability/vulnerability--309c8e26-5798-45b4-bcb4-3da9dec265a6.json new file mode 100644 index 00000000000..0eb140f1b6c --- /dev/null +++ b/objects/vulnerability/vulnerability--309c8e26-5798-45b4-bcb4-3da9dec265a6.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c67fcfc9-5c2e-4756-9dd3-e6c1e7522c04", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--309c8e26-5798-45b4-bcb4-3da9dec265a6", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-01T00:26:38.649061Z", + "modified": "2024-12-01T00:26:38.649061Z", + "name": "CVE-2024-53756", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aftab Husain Vertical Carousel allows Stored XSS.This issue affects Vertical Carousel: from n/a through 1.0.2.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53756" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--30b47a23-b0c6-4ec7-a280-4447d321b347.json b/objects/vulnerability/vulnerability--30b47a23-b0c6-4ec7-a280-4447d321b347.json new file mode 100644 index 00000000000..e5af5fe0a88 --- /dev/null +++ b/objects/vulnerability/vulnerability--30b47a23-b0c6-4ec7-a280-4447d321b347.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b86e1738-ddd0-4769-b501-a1c07b0cd2d2", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--30b47a23-b0c6-4ec7-a280-4447d321b347", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-01T00:26:37.891792Z", + "modified": "2024-12-01T00:26:37.891792Z", + "name": "CVE-2024-12000", + "description": "A vulnerability was found in code-projects Blood Bank System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /controllers/updatesettings.php of the component Setting Handler. The manipulation of the argument firstname leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-12000" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--38d7f8e1-863c-4ef7-9f1f-983ae0846041.json b/objects/vulnerability/vulnerability--38d7f8e1-863c-4ef7-9f1f-983ae0846041.json new file mode 100644 index 00000000000..f5fafec91a4 --- /dev/null +++ b/objects/vulnerability/vulnerability--38d7f8e1-863c-4ef7-9f1f-983ae0846041.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--dccd9630-ed4d-43ad-be41-06664aa54852", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--38d7f8e1-863c-4ef7-9f1f-983ae0846041", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-01T00:26:38.633476Z", + "modified": "2024-12-01T00:26:38.633476Z", + "name": "CVE-2024-53788", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Portfoliohub WordPress Portfolio Builder – Portfolio Gallery allows Stored XSS.This issue affects WordPress Portfolio Builder – Portfolio Gallery: from n/a through 1.1.7.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53788" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--4ec53142-495e-49fb-812a-b714c751642c.json b/objects/vulnerability/vulnerability--4ec53142-495e-49fb-812a-b714c751642c.json new file mode 100644 index 00000000000..22149bb79d0 --- /dev/null +++ b/objects/vulnerability/vulnerability--4ec53142-495e-49fb-812a-b714c751642c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--7cb765e8-4b18-48e8-b859-9c319fc45c4e", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--4ec53142-495e-49fb-812a-b714c751642c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-01T00:26:38.647824Z", + "modified": "2024-12-01T00:26:38.647824Z", + "name": "CVE-2024-53767", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pixobe Pixobe Cartography allows DOM-Based XSS.This issue affects Pixobe Cartography: from n/a through 1.0.1.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53767" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--559e3412-d66f-4740-ba28-cad2f1df8fdc.json b/objects/vulnerability/vulnerability--559e3412-d66f-4740-ba28-cad2f1df8fdc.json new file mode 100644 index 00000000000..1977b86a00e --- /dev/null +++ b/objects/vulnerability/vulnerability--559e3412-d66f-4740-ba28-cad2f1df8fdc.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d40439c0-4549-40e9-9ee6-7142d13f341f", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--559e3412-d66f-4740-ba28-cad2f1df8fdc", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-01T00:26:38.683622Z", + "modified": "2024-12-01T00:26:38.683622Z", + "name": "CVE-2024-53766", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Devnex Devnex Addons For Elementor allows DOM-Based XSS.This issue affects Devnex Addons For Elementor: from n/a through 1.0.8.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53766" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--55f7c914-4119-45d1-be1a-f19e76110531.json b/objects/vulnerability/vulnerability--55f7c914-4119-45d1-be1a-f19e76110531.json new file mode 100644 index 00000000000..4f1d8439b32 --- /dev/null +++ b/objects/vulnerability/vulnerability--55f7c914-4119-45d1-be1a-f19e76110531.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--bb6d9cc0-a0b2-4a18-9c50-0892048c490e", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--55f7c914-4119-45d1-be1a-f19e76110531", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-01T00:26:38.381474Z", + "modified": "2024-12-01T00:26:38.381474Z", + "name": "CVE-2024-11997", + "description": "A vulnerability was found in code-projects Farmacia 1.0. It has been classified as problematic. This affects an unknown part of the file /vendas.php. The manipulation of the argument notaFiscal leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11997" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--78c39fb1-fff9-4366-bd00-751cacde0f16.json b/objects/vulnerability/vulnerability--78c39fb1-fff9-4366-bd00-751cacde0f16.json new file mode 100644 index 00000000000..72b14c35ebd --- /dev/null +++ b/objects/vulnerability/vulnerability--78c39fb1-fff9-4366-bd00-751cacde0f16.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--9c22478b-ff9b-4b27-aa0b-80d3608ac926", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--78c39fb1-fff9-4366-bd00-751cacde0f16", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-01T00:26:38.687731Z", + "modified": "2024-12-01T00:26:38.687731Z", + "name": "CVE-2024-53786", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Codeless Cowidgets – Elementor Addons allows Stored XSS.This issue affects Cowidgets – Elementor Addons: from n/a through 1.2.0.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53786" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--800570c7-28f9-4876-8286-4c335161f407.json b/objects/vulnerability/vulnerability--800570c7-28f9-4876-8286-4c335161f407.json new file mode 100644 index 00000000000..98a0e2c17fe --- /dev/null +++ b/objects/vulnerability/vulnerability--800570c7-28f9-4876-8286-4c335161f407.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--668b93e6-3e9d-492f-be41-b7c7dc44aabd", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--800570c7-28f9-4876-8286-4c335161f407", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-01T00:26:38.691134Z", + "modified": "2024-12-01T00:26:38.691134Z", + "name": "CVE-2024-53773", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Praca.Pl sp. Z o.O. Znajdź Pracę z Praca.Pl allows DOM-Based XSS.This issue affects Znajdź Pracę z Praca.Pl: from n/a through 2.2.3.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53773" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--80094ddb-7f5e-434f-ac66-76f92d333b54.json b/objects/vulnerability/vulnerability--80094ddb-7f5e-434f-ac66-76f92d333b54.json new file mode 100644 index 00000000000..cba22f64155 --- /dev/null +++ b/objects/vulnerability/vulnerability--80094ddb-7f5e-434f-ac66-76f92d333b54.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--0e69b5c0-d6c3-4a0d-af5b-2fd76523ddb3", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--80094ddb-7f5e-434f-ac66-76f92d333b54", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-01T00:26:38.641789Z", + "modified": "2024-12-01T00:26:38.641789Z", + "name": "CVE-2024-53768", + "description": "Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in IDE Interactive Content Audit Exporter allows Retrieve Embedded Sensitive Data.This issue affects Content Audit Exporter: from n/a through 1.1.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53768" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--83f2f687-d162-4e67-a6f8-8af8af5931db.json b/objects/vulnerability/vulnerability--83f2f687-d162-4e67-a6f8-8af8af5931db.json new file mode 100644 index 00000000000..9eeb55202b5 --- /dev/null +++ b/objects/vulnerability/vulnerability--83f2f687-d162-4e67-a6f8-8af8af5931db.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--cf8dfac3-4aff-4413-9e55-ba28c5d4a9b7", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--83f2f687-d162-4e67-a6f8-8af8af5931db", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-01T00:26:38.644403Z", + "modified": "2024-12-01T00:26:38.644403Z", + "name": "CVE-2024-53738", + "description": "Server-Side Request Forgery (SSRF) vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster allows Server Side Request Forgery.This issue affects Asset CleanUp: Page Speed Booster: from n/a through 1.3.9.8.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53738" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--86d75778-36f9-4b70-89be-d5a9283ac26c.json b/objects/vulnerability/vulnerability--86d75778-36f9-4b70-89be-d5a9283ac26c.json new file mode 100644 index 00000000000..9276bcc872a --- /dev/null +++ b/objects/vulnerability/vulnerability--86d75778-36f9-4b70-89be-d5a9283ac26c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--3f50c7c7-b8a1-40ef-8708-e4963d26c5e9", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--86d75778-36f9-4b70-89be-d5a9283ac26c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-01T00:26:38.685956Z", + "modified": "2024-12-01T00:26:38.685956Z", + "name": "CVE-2024-53783", + "description": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Anzia Ni WooCommerce Cost Of Goods allows SQL Injection.This issue affects Ni WooCommerce Cost Of Goods: from n/a through 3.2.8.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53783" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--96d1f7b9-2b65-42be-9b6e-1789512bfcfa.json b/objects/vulnerability/vulnerability--96d1f7b9-2b65-42be-9b6e-1789512bfcfa.json new file mode 100644 index 00000000000..abea84a047f --- /dev/null +++ b/objects/vulnerability/vulnerability--96d1f7b9-2b65-42be-9b6e-1789512bfcfa.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--1df687d4-8b3c-4b11-b4d4-8e3570a93979", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--96d1f7b9-2b65-42be-9b6e-1789512bfcfa", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-01T00:26:38.637192Z", + "modified": "2024-12-01T00:26:38.637192Z", + "name": "CVE-2024-53778", + "description": "Cross-Site Request Forgery (CSRF) vulnerability in Essential Marketer Essential Breadcrumbs allows Stored XSS.This issue affects Essential Breadcrumbs: from n/a through 1.1.1.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53778" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--9d115015-acd5-4151-b658-78c80a8789eb.json b/objects/vulnerability/vulnerability--9d115015-acd5-4151-b658-78c80a8789eb.json new file mode 100644 index 00000000000..251939e26eb --- /dev/null +++ b/objects/vulnerability/vulnerability--9d115015-acd5-4151-b658-78c80a8789eb.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--1ee0c04c-dea5-4a94-9b46-1e1cfe3a0ad1", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--9d115015-acd5-4151-b658-78c80a8789eb", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-01T00:26:38.391739Z", + "modified": "2024-12-01T00:26:38.391739Z", + "name": "CVE-2024-11252", + "description": "The Social Sharing Plugin – Sassy Social Share plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the heateor_mastodon_share parameter in all versions up to, and including, 3.3.69 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11252" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--ae04cc41-2396-4c9e-b652-ce4398da18d9.json b/objects/vulnerability/vulnerability--ae04cc41-2396-4c9e-b652-ce4398da18d9.json new file mode 100644 index 00000000000..d5cc766035b --- /dev/null +++ b/objects/vulnerability/vulnerability--ae04cc41-2396-4c9e-b652-ce4398da18d9.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--367bf386-4481-4428-bc8a-eb204f92ceaf", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--ae04cc41-2396-4c9e-b652-ce4398da18d9", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-01T00:26:38.658028Z", + "modified": "2024-12-01T00:26:38.658028Z", + "name": "CVE-2024-53760", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Capitalize My Title allows Stored XSS.This issue affects Capitalize My Title: from n/a through 0.5.3.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53760" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--afb24d80-a6d2-45b4-87aa-96902abc06a3.json b/objects/vulnerability/vulnerability--afb24d80-a6d2-45b4-87aa-96902abc06a3.json new file mode 100644 index 00000000000..93edff6f7ed --- /dev/null +++ b/objects/vulnerability/vulnerability--afb24d80-a6d2-45b4-87aa-96902abc06a3.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f93394e1-527e-4026-a60e-7932be0b6815", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--afb24d80-a6d2-45b4-87aa-96902abc06a3", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-01T00:26:38.671741Z", + "modified": "2024-12-01T00:26:38.671741Z", + "name": "CVE-2024-53758", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Terry Lin WP MathJax allows Stored XSS.This issue affects WP MathJax: from n/a through 1.0.1.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53758" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--afe1ff75-188c-4d4c-8b53-e8a15816d96f.json b/objects/vulnerability/vulnerability--afe1ff75-188c-4d4c-8b53-e8a15816d96f.json new file mode 100644 index 00000000000..ad92a5bc8b4 --- /dev/null +++ b/objects/vulnerability/vulnerability--afe1ff75-188c-4d4c-8b53-e8a15816d96f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--5dd9b49e-e5e2-4d95-badd-fa5e693fe031", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--afe1ff75-188c-4d4c-8b53-e8a15816d96f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-01T00:26:38.635145Z", + "modified": "2024-12-01T00:26:38.635145Z", + "name": "CVE-2024-53774", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sparkle WP Sparkle Elementor Kit allows DOM-Based XSS.This issue affects Sparkle Elementor Kit: from n/a through 2.0.9.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53774" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--bad81c19-8036-4192-9bcf-a44ae9de8187.json b/objects/vulnerability/vulnerability--bad81c19-8036-4192-9bcf-a44ae9de8187.json new file mode 100644 index 00000000000..dca85bac4ba --- /dev/null +++ b/objects/vulnerability/vulnerability--bad81c19-8036-4192-9bcf-a44ae9de8187.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ffe04001-96e1-4dad-9316-2018f4d2f197", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--bad81c19-8036-4192-9bcf-a44ae9de8187", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-01T00:26:37.900937Z", + "modified": "2024-12-01T00:26:37.900937Z", + "name": "CVE-2024-12001", + "description": "A vulnerability classified as problematic has been found in code-projects Wazifa System 1.0. Affected is an unknown function of the file /controllers/updatesettings.php of the component Setting Handler. The manipulation of the argument firstname leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-12001" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--bb938a0f-ed8f-45fa-892a-9df205e1eef8.json b/objects/vulnerability/vulnerability--bb938a0f-ed8f-45fa-892a-9df205e1eef8.json new file mode 100644 index 00000000000..c44ad8be263 --- /dev/null +++ b/objects/vulnerability/vulnerability--bb938a0f-ed8f-45fa-892a-9df205e1eef8.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c533b5bf-3ca2-4975-b801-f83492ac64a9", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--bb938a0f-ed8f-45fa-892a-9df205e1eef8", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-01T00:26:38.681485Z", + "modified": "2024-12-01T00:26:38.681485Z", + "name": "CVE-2024-53739", + "description": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Cool Plugins Cryptocurrency Widgets For Elementor allows PHP Local File Inclusion.This issue affects Cryptocurrency Widgets For Elementor: from n/a through 1.6.4.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53739" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--bc24a8e8-2c42-4876-b2e7-3c40c2b957bd.json b/objects/vulnerability/vulnerability--bc24a8e8-2c42-4876-b2e7-3c40c2b957bd.json new file mode 100644 index 00000000000..1c8744ec28a --- /dev/null +++ b/objects/vulnerability/vulnerability--bc24a8e8-2c42-4876-b2e7-3c40c2b957bd.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--5ac756e8-e672-40ce-b6f8-41a6e888c13c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--bc24a8e8-2c42-4876-b2e7-3c40c2b957bd", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-01T00:26:40.16174Z", + "modified": "2024-12-01T00:26:40.16174Z", + "name": "CVE-2024-43703", + "description": "Software installed and run as a non-privileged user may conduct improper GPU system calls to achieve unauthorised reads and writes of physical memory from the GPU HW.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-43703" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d5fa72d9-6f1c-4c1d-990d-965ee637de5b.json b/objects/vulnerability/vulnerability--d5fa72d9-6f1c-4c1d-990d-965ee637de5b.json new file mode 100644 index 00000000000..5191fa87cbe --- /dev/null +++ b/objects/vulnerability/vulnerability--d5fa72d9-6f1c-4c1d-990d-965ee637de5b.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--8f9441ad-f96a-48fd-aa65-dc47a148f402", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d5fa72d9-6f1c-4c1d-990d-965ee637de5b", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-01T00:26:37.902075Z", + "modified": "2024-12-01T00:26:37.902075Z", + "name": "CVE-2024-12002", + "description": "A vulnerability classified as problematic was found in Tenda FH451, FH1201, FH1202 and FH1206 up to 20241129. Affected by this vulnerability is the function websReadEvent of the file /goform/GetIPTV. The manipulation of the argument Content-Length leads to null pointer dereference. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-12002" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f2b00fce-27a1-4214-88ad-d2095c4c38dc.json b/objects/vulnerability/vulnerability--f2b00fce-27a1-4214-88ad-d2095c4c38dc.json new file mode 100644 index 00000000000..05af317d953 --- /dev/null +++ b/objects/vulnerability/vulnerability--f2b00fce-27a1-4214-88ad-d2095c4c38dc.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--41ac2ccd-6563-4989-8268-1943dec9c93d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f2b00fce-27a1-4214-88ad-d2095c4c38dc", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-12-01T00:26:38.639075Z", + "modified": "2024-12-01T00:26:38.639075Z", + "name": "CVE-2024-53764", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SoftHopper Softtemplates For Elementor allows DOM-Based XSS.This issue affects Softtemplates For Elementor: from n/a through 1.0.8.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53764" + } + ] + } + ] +} \ No newline at end of file