Skip to content

Commit

Permalink
generated content from 2024-11-29
Browse files Browse the repository at this point in the history
  • Loading branch information
github-actions[bot] committed Nov 29, 2024
1 parent 79b47fe commit aa040d9
Show file tree
Hide file tree
Showing 77 changed files with 1,748 additions and 0 deletions.
76 changes: 76 additions & 0 deletions mapping.csv
Original file line number Diff line number Diff line change
Expand Up @@ -258049,3 +258049,79 @@ vulnerability,CVE-2018-9354,vulnerability--c078bc3d-7e52-41d6-a2b2-7d4dc4cef2d3
vulnerability,CVE-2018-9349,vulnerability--408bb6bf-9166-4285-be22-3576564f60f7
vulnerability,CVE-2018-9352,vulnerability--2f847724-c776-47ff-9c3a-095c08747a4f
vulnerability,CVE-2018-9351,vulnerability--b61b3680-424b-4c89-b6a2-a268ba4a73b0
vulnerability,CVE-2024-52495,vulnerability--41da1499-5ca1-4e7b-96a4-753826902515
vulnerability,CVE-2024-52497,vulnerability--3f872d6b-ce2f-4b99-ae09-405c05b51ccf
vulnerability,CVE-2024-52490,vulnerability--2fbd8c58-470f-4e66-9a40-25aad888232b
vulnerability,CVE-2024-52501,vulnerability--68fb4693-315d-40aa-99bf-8604d420cd93
vulnerability,CVE-2024-52474,vulnerability--2b988dea-f44b-40fa-8c53-114c7b153fb7
vulnerability,CVE-2024-52475,vulnerability--92064a4d-a553-4b4b-b129-c1e27d6a57d5
vulnerability,CVE-2024-52498,vulnerability--4141367f-420a-4b92-b010-84a0840456f0
vulnerability,CVE-2024-52338,vulnerability--715e3f52-23f5-48fb-b18a-76b8c646f43e
vulnerability,CVE-2024-52499,vulnerability--dbeed49c-241c-4747-99d1-66c1297adfb5
vulnerability,CVE-2024-52481,vulnerability--c10e13ee-698f-4cef-ad3f-b9944d3101f0
vulnerability,CVE-2024-52496,vulnerability--f3eacff3-40b2-4606-899a-27899a15d593
vulnerability,CVE-2024-52283,vulnerability--90a243e1-908c-4b3f-8caf-6d8e6473a69a
vulnerability,CVE-2024-10896,vulnerability--21e8a263-ff93-4394-b3cb-6371f4f1e1c9
vulnerability,CVE-2024-10670,vulnerability--be18ef91-e106-4698-9500-40ad926c9b20
vulnerability,CVE-2024-10780,vulnerability--295f0d8b-65b2-443e-afa6-776a3c148a66
vulnerability,CVE-2024-10510,vulnerability--9c4dede7-c8a8-4800-b7ae-117ddaca9a88
vulnerability,CVE-2024-10473,vulnerability--4834e02e-0028-4897-8dac-cb7f2fe349db
vulnerability,CVE-2024-10798,vulnerability--86e5c26d-f183-49b7-aa8e-5d9bdfc01564
vulnerability,CVE-2024-10493,vulnerability--a3f728bc-7d3f-4d66-b80b-3d248a398a62
vulnerability,CVE-2024-9852,vulnerability--70aa5ba6-3be1-496c-9009-2e494aaa5e86
vulnerability,CVE-2024-9669,vulnerability--a88dca44-3903-4afc-b768-058817ad3ef1
vulnerability,CVE-2024-7747,vulnerability--2f86d85a-ea5d-4d69-adc4-d6a0c3d66b74
vulnerability,CVE-2024-11925,vulnerability--c3ba110c-2f47-4449-b9e3-f556983a66c3
vulnerability,CVE-2024-11203,vulnerability--fee2c535-930b-4cd6-ad3d-6b75d273331a
vulnerability,CVE-2024-11964,vulnerability--f2644ff6-8a41-4f6b-b2ec-32f3edb597ee
vulnerability,CVE-2024-11402,vulnerability--d59eeb2b-db54-41f9-88d4-5839eb90df7d
vulnerability,CVE-2024-11963,vulnerability--c94e2ea3-9af8-495c-8cc2-f3170283419d
vulnerability,CVE-2024-11366,vulnerability--256ecec1-731f-4e35-9cdc-336eca4eeb4f
vulnerability,CVE-2024-11960,vulnerability--e1a9da87-52ff-4e4a-968b-6a77c1cdd63b
vulnerability,CVE-2024-11967,vulnerability--f2422783-80fe-41a3-91ee-e1beecd2efc1
vulnerability,CVE-2024-11918,vulnerability--09090f66-a1dc-40dd-84a9-508dc32e86a2
vulnerability,CVE-2024-11599,vulnerability--9f0749c1-5523-4cf4-b82b-79e28b650a1a
vulnerability,CVE-2024-11458,vulnerability--53e812f7-00d9-47ff-ade8-ab0466784cfb
vulnerability,CVE-2024-11620,vulnerability--90af8bc0-7585-4999-8b2e-d00821562350
vulnerability,CVE-2024-11103,vulnerability--3ea91e6f-99a6-4cd0-86df-ebbfd9f067de
vulnerability,CVE-2024-11684,vulnerability--5c1e6bad-ffcb-4f66-a8c1-91dbe2c23262
vulnerability,CVE-2024-11969,vulnerability--41001caa-c676-41c5-ab87-3aed5e593164
vulnerability,CVE-2024-11971,vulnerability--d64c3603-1cca-418a-9071-e68e7df4109a
vulnerability,CVE-2024-11959,vulnerability--32b66742-eacd-4570-937e-d71a9a4c26e4
vulnerability,CVE-2024-11961,vulnerability--461c1a97-e98b-45c4-829c-badd2f64c8db
vulnerability,CVE-2024-11965,vulnerability--131b987a-d355-40f5-850d-92a84f4269a3
vulnerability,CVE-2024-11966,vulnerability--6be9e6ae-be55-47f4-842b-140c580a3f51
vulnerability,CVE-2024-11761,vulnerability--fd0bf6b7-d555-4e02-b165-ceda459171f5
vulnerability,CVE-2024-11788,vulnerability--bcdefe51-aa4b-4204-8e06-2d285263fef9
vulnerability,CVE-2024-11431,vulnerability--859b6f04-0cff-45ae-bca1-a9f6905dfc9e
vulnerability,CVE-2024-11962,vulnerability--ec7b651f-3918-441a-a0c8-b2b8f3b7abcd
vulnerability,CVE-2024-11968,vulnerability--07e94ff5-72e1-486d-ac45-a42037500e1f
vulnerability,CVE-2024-11082,vulnerability--0e0ecc1b-5eb5-4f5d-ad5d-43aaa68da64b
vulnerability,CVE-2024-11786,vulnerability--6770313c-2390-4b27-8528-b6edabaf4bbc
vulnerability,CVE-2024-11970,vulnerability--628f5be3-748e-4b9a-beee-cdac230664d6
vulnerability,CVE-2024-11685,vulnerability--22f0e590-e19f-41ec-a9cb-a06a7c3f4c52
vulnerability,CVE-2024-11333,vulnerability--377a794b-8f11-453a-af26-7885b47f7f68
vulnerability,CVE-2024-53060,vulnerability--bba28fa8-b128-4d03-ba8b-0cb276998aea
vulnerability,CVE-2024-53732,vulnerability--4de94aaa-175f-4008-bef3-bb2dc2dba92a
vulnerability,CVE-2024-53736,vulnerability--5dd7e43c-00ee-4e92-b866-fb4b7dcd8504
vulnerability,CVE-2024-53008,vulnerability--1e892bdf-303c-4a75-81d5-d8a6147e9cd3
vulnerability,CVE-2024-53733,vulnerability--11bf09b5-418c-4b2c-b236-effcc7a0d076
vulnerability,CVE-2024-53731,vulnerability--d01d8162-d096-41d2-bbd2-8fc99ee378de
vulnerability,CVE-2024-53734,vulnerability--9cdbfaee-8319-4e16-b42a-7b72864a16c7
vulnerability,CVE-2024-53737,vulnerability--6a3bb812-df55-47b4-9f19-27f7dbdd287f
vulnerability,CVE-2024-8066,vulnerability--66af5c7b-9e0d-47a1-9532-291726846366
vulnerability,CVE-2024-8672,vulnerability--f019873a-81a7-4aa8-981b-0d343c06c384
vulnerability,CVE-2024-8300,vulnerability--e56483be-6e1b-4137-b31a-bd1ace3898ef
vulnerability,CVE-2024-8308,vulnerability--063d085c-6d94-444b-a094-d028d57b6e3e
vulnerability,CVE-2024-8299,vulnerability--b127e02e-fd6b-4e58-b043-f21ee66806e9
vulnerability,CVE-2024-38389,vulnerability--fc5347fa-de48-4ea4-8c6c-7afdb0fda75d
vulnerability,CVE-2024-38309,vulnerability--11b2216a-2d95-4a33-9e77-a48fcddf8276
vulnerability,CVE-2024-38658,vulnerability--5b30c745-d67b-4c66-9157-ac399e2a81f1
vulnerability,CVE-2024-22038,vulnerability--ce70bd72-9e32-4ecc-802d-47a5c6e0749e
vulnerability,CVE-2024-22037,vulnerability--9a05efdc-e362-436f-aba0-5f53dc6fdc61
vulnerability,CVE-2024-49502,vulnerability--205135ba-c5d8-4b47-ad09-2f41b1784776
vulnerability,CVE-2024-49503,vulnerability--8f3e5dc0-b4e6-4a51-9d78-3cdc7ec5d438
vulnerability,CVE-2024-36466,vulnerability--9f940bd1-f3a9-430d-b7f0-d3b442c18e7b
vulnerability,CVE-2024-46939,vulnerability--2b0cd801-4431-436a-bb40-747a8831134e
vulnerability,CVE-2023-52922,vulnerability--d118952b-61ae-4573-b90a-2d8c3a4c456b
vulnerability,CVE-2018-9377,vulnerability--f5739db6-77e1-4b90-8d06-ba5442f29de7
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
{
"type": "bundle",
"id": "bundle--95fdbc67-2917-4d16-b576-840bc69e2b80",
"objects": [
{
"type": "vulnerability",
"spec_version": "2.1",
"id": "vulnerability--063d085c-6d94-444b-a094-d028d57b6e3e",
"created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
"created": "2024-11-29T00:22:07.582895Z",
"modified": "2024-11-29T00:22:07.582895Z",
"name": "CVE-2024-8308",
"description": "A low privileged remote attacker can insert a SQL injection in the web application due to improper handling of HTTP request input data which allows to exfiltrate all data.",
"external_references": [
{
"source_name": "cve",
"external_id": "CVE-2024-8308"
}
]
}
]
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
{
"type": "bundle",
"id": "bundle--fdc6e5c0-93b8-4777-8ed6-2dc0c833e6e2",
"objects": [
{
"type": "vulnerability",
"spec_version": "2.1",
"id": "vulnerability--07e94ff5-72e1-486d-ac45-a42037500e1f",
"created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
"created": "2024-11-29T00:22:07.244764Z",
"modified": "2024-11-29T00:22:07.244764Z",
"name": "CVE-2024-11968",
"description": "A vulnerability was found in code-projects Farmacia up to 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file pagamento.php. The manipulation of the argument notaFiscal leads to sql injection. The attack can be launched remotely.",
"external_references": [
{
"source_name": "cve",
"external_id": "CVE-2024-11968"
}
]
}
]
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
{
"type": "bundle",
"id": "bundle--16634ca4-8167-41f5-b926-2b5f814f41ca",
"objects": [
{
"type": "vulnerability",
"spec_version": "2.1",
"id": "vulnerability--09090f66-a1dc-40dd-84a9-508dc32e86a2",
"created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
"created": "2024-11-29T00:22:07.199163Z",
"modified": "2024-11-29T00:22:07.199163Z",
"name": "CVE-2024-11918",
"description": "The Image Alt Text plugin for WordPress is vulnerable to unauthorized modification of data| due to a missing capability check on the iat_add_alt_txt_action and iat_update_alt_txt_action AJAX actions in all versions up to, and including, 2.0.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to update the alt text on arbitrary images.",
"external_references": [
{
"source_name": "cve",
"external_id": "CVE-2024-11918"
}
]
}
]
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
{
"type": "bundle",
"id": "bundle--d1b973a8-f282-4f1e-888d-5dd7a50b51c0",
"objects": [
{
"type": "vulnerability",
"spec_version": "2.1",
"id": "vulnerability--0e0ecc1b-5eb5-4f5d-ad5d-43aaa68da64b",
"created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
"created": "2024-11-29T00:22:07.246472Z",
"modified": "2024-11-29T00:22:07.246472Z",
"name": "CVE-2024-11082",
"description": "The Tumult Hype Animations plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the hypeanimations_panel() function in all versions up to, and including, 1.9.15. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.",
"external_references": [
{
"source_name": "cve",
"external_id": "CVE-2024-11082"
}
]
}
]
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
{
"type": "bundle",
"id": "bundle--a5356dbe-5ae8-4d28-934f-8441b011ac08",
"objects": [
{
"type": "vulnerability",
"spec_version": "2.1",
"id": "vulnerability--11b2216a-2d95-4a33-9e77-a48fcddf8276",
"created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
"created": "2024-11-29T00:22:07.625196Z",
"modified": "2024-11-29T00:22:07.625196Z",
"name": "CVE-2024-38309",
"description": "There are multiple stack-based buffer overflow vulnerabilities in V-SFT (v6.2.2.0 and earlier), TELLUS (v4.0.19.0 and earlier), and TELLUS Lite (v4.0.19.0 and earlier).\r\nIf a user opens a specially crafted file, information may be disclosed and/or arbitrary code may be executed.",
"external_references": [
{
"source_name": "cve",
"external_id": "CVE-2024-38309"
}
]
}
]
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
{
"type": "bundle",
"id": "bundle--487a2838-87a9-4468-a7eb-85e4794b2955",
"objects": [
{
"type": "vulnerability",
"spec_version": "2.1",
"id": "vulnerability--11bf09b5-418c-4b2c-b236-effcc7a0d076",
"created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
"created": "2024-11-29T00:22:07.518277Z",
"modified": "2024-11-29T00:22:07.518277Z",
"name": "CVE-2024-53733",
"description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rohit Harsh Fence URL allows Stored XSS.This issue affects Fence URL: from n/a through 2.0.0.",
"external_references": [
{
"source_name": "cve",
"external_id": "CVE-2024-53733"
}
]
}
]
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
{
"type": "bundle",
"id": "bundle--4b439ba2-16dc-46b6-9895-e5d6bdd03a66",
"objects": [
{
"type": "vulnerability",
"spec_version": "2.1",
"id": "vulnerability--131b987a-d355-40f5-850d-92a84f4269a3",
"created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
"created": "2024-11-29T00:22:07.231142Z",
"modified": "2024-11-29T00:22:07.231142Z",
"name": "CVE-2024-11965",
"description": "A vulnerability has been found in PHPGurukul Complaint Management system 1.0 and classified as critical. This vulnerability affects unknown code of the file /user/reset-password.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.",
"external_references": [
{
"source_name": "cve",
"external_id": "CVE-2024-11965"
}
]
}
]
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
{
"type": "bundle",
"id": "bundle--0a6f57ee-b955-4e39-89d5-98255bc1caee",
"objects": [
{
"type": "vulnerability",
"spec_version": "2.1",
"id": "vulnerability--1e892bdf-303c-4a75-81d5-d8a6147e9cd3",
"created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
"created": "2024-11-29T00:22:07.513762Z",
"modified": "2024-11-29T00:22:07.513762Z",
"name": "CVE-2024-53008",
"description": "Inconsistent interpretation of HTTP requests ('HTTP Request/Response Smuggling') issue exists in HAProxy. If this vulnerability is exploited, a remote attacker may access a path that is restricted by ACL (Access Control List) set on the product. As a result, the attacker may obtain sensitive information.",
"external_references": [
{
"source_name": "cve",
"external_id": "CVE-2024-53008"
}
]
}
]
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
{
"type": "bundle",
"id": "bundle--fc00a497-05fb-4928-83c8-d12b0ed4ef7e",
"objects": [
{
"type": "vulnerability",
"spec_version": "2.1",
"id": "vulnerability--205135ba-c5d8-4b47-ad09-2f41b1784776",
"created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
"created": "2024-11-29T00:22:08.13473Z",
"modified": "2024-11-29T00:22:08.13473Z",
"name": "CVE-2024-49502",
"description": "A Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in the Setup Wizard, HTTP Proxy credentials pane in spacewalk-web allows attackers to attack users by providing specially crafted URLs to click.\nThis issue affects Container suse/manager/5.0/x86_64/server:5.0.2.7.8.1: before 5.0.15-150600.3.10.2; SUSE Manager Server Module 4.3: before 4.3.42-150400.3.52.1.",
"external_references": [
{
"source_name": "cve",
"external_id": "CVE-2024-49502"
}
]
}
]
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
{
"type": "bundle",
"id": "bundle--22cc429f-f7a9-43f5-9af8-76e88a734575",
"objects": [
{
"type": "vulnerability",
"spec_version": "2.1",
"id": "vulnerability--21e8a263-ff93-4394-b3cb-6371f4f1e1c9",
"created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
"created": "2024-11-29T00:22:06.714442Z",
"modified": "2024-11-29T00:22:06.714442Z",
"name": "CVE-2024-10896",
"description": "The Logo Slider WordPress plugin before 4.5.0 does not sanitise and escape some of its Logo and Slider settings, which could allow high privilege users such as Contributor to perform Stored Cross-Site Scripting",
"external_references": [
{
"source_name": "cve",
"external_id": "CVE-2024-10896"
}
]
}
]
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
{
"type": "bundle",
"id": "bundle--862081a3-082f-47fa-a1a1-48acb8b79cea",
"objects": [
{
"type": "vulnerability",
"spec_version": "2.1",
"id": "vulnerability--22f0e590-e19f-41ec-a9cb-a06a7c3f4c52",
"created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
"created": "2024-11-29T00:22:07.251769Z",
"modified": "2024-11-29T00:22:07.251769Z",
"name": "CVE-2024-11685",
"description": "The `Kudos Donations – Easy donations and payments with Mollie` plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of `add_query_arg` without appropriate escaping on the URL in all versions up to, and including, 3.2.9. This makes it possible for unauthenticated attackers to inject arbitrary web scripts that execute if they can successfully trick a user into performing an action, such as clicking on a specially crafted link.",
"external_references": [
{
"source_name": "cve",
"external_id": "CVE-2024-11685"
}
]
}
]
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
{
"type": "bundle",
"id": "bundle--f2d862b9-78a0-4fb6-a810-5cefafacc322",
"objects": [
{
"type": "vulnerability",
"spec_version": "2.1",
"id": "vulnerability--256ecec1-731f-4e35-9cdc-336eca4eeb4f",
"created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
"created": "2024-11-29T00:22:07.185498Z",
"modified": "2024-11-29T00:22:07.185498Z",
"name": "CVE-2024-11366",
"description": "The SEO Landing Page Generator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.66.2. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",
"external_references": [
{
"source_name": "cve",
"external_id": "CVE-2024-11366"
}
]
}
]
}
Loading

0 comments on commit aa040d9

Please sign in to comment.