From b55cd68b08e7b61d8b8efbcfd6e32b0abdd765af Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 23 Aug 2024 00:18:56 +0000 Subject: [PATCH] generated content from 2024-08-23 --- mapping.csv | 131 ++++++++++++++++++ ...-04d9cf9c-e048-46c5-9732-7e6f8b7f2132.json | 22 +++ ...-0664f910-385e-424f-b1b2-3d4426feb71a.json | 22 +++ ...-06744872-dd45-4215-b11b-eea73b86186b.json | 22 +++ ...-098f9d7c-1a0b-4ab2-babb-bbcffa9659a9.json | 22 +++ ...-0b02302d-a98e-46d9-8b1b-9c4b15416ae6.json | 22 +++ ...-0c6284c1-fc58-451e-9b57-5c3c7b924e6f.json | 22 +++ ...-0d6f01ff-aa11-412b-850e-d6a5e59ff780.json | 22 +++ ...-0de901fb-95ee-4120-b962-48e5367e0dd8.json | 22 +++ ...-0e35c507-475d-46ad-be49-04df09eb429d.json | 22 +++ ...-13c5b5a0-00ca-436c-98dd-d95d7ae6d404.json | 22 +++ ...-156733b8-dcfa-4cff-b98c-dda97d3ddaf7.json | 22 +++ ...-18b15f03-2bbb-49f1-a33f-bc8108b93c98.json | 22 +++ ...-194dafce-a8d6-4212-9a5c-a9e751d43c0a.json | 22 +++ ...-1c1c4ef9-6e88-42bb-b708-72bfc4a7f888.json | 22 +++ ...-1d998ec4-a1d4-4999-a62c-90f840a9ac55.json | 22 +++ ...-1e5513bb-16e5-40e5-a10a-8abd941e0643.json | 22 +++ ...-2060f577-a923-48b7-bc5a-ae517b68e05c.json | 22 +++ ...-2097f48b-532c-4024-87a6-4a5dc7c5d81e.json | 22 +++ ...-27729b34-5223-4206-8ca0-8a4dd9b59ecc.json | 22 +++ ...-278e8531-8c26-45a0-a437-8c97a00d59f1.json | 22 +++ ...-281032dd-fd68-4e69-a6b4-715eaf2930fc.json | 22 +++ ...-2ac03ed5-cc3b-4e79-a44e-81f064f07380.json | 22 +++ ...-2ed10d2c-9280-407b-a500-61950e497a3c.json | 22 +++ ...-2f60afe3-4d9d-472b-b01a-9df40f2b965b.json | 22 +++ ...-2fd26090-8337-453a-b7e7-dc23b2fc153c.json | 22 +++ ...-32874e27-9c87-4529-abac-4e39078f382c.json | 22 +++ ...-346dc62d-5db4-47e2-a624-995bc9b9dda1.json | 22 +++ ...-374c260d-256c-4f9b-8765-3df5014b767f.json | 22 +++ ...-3abf3760-165f-4f94-84a9-dff80a178c1d.json | 22 +++ ...-3b6364c8-4407-40a9-8e23-108ca7c20a68.json | 22 +++ ...-3c6302f3-282a-4cc1-a55d-e53f0bb3f556.json | 22 +++ ...-3e5b9432-f515-438d-904a-97eb93d2a63a.json | 22 +++ ...-44592313-df01-4a2a-b0b2-11cf26c60575.json | 22 +++ ...-46154e26-b7ca-4875-95ae-a2fd2e5b4252.json | 22 +++ ...-46be382d-a438-47e8-ad48-5d785d687af8.json | 22 +++ ...-4811e357-634a-4f36-a655-1805c1423fd4.json | 22 +++ ...-4a8cb57d-7842-43de-bab5-55afa4f838aa.json | 22 +++ ...-4f0f9b3d-34dd-44d0-9204-ff75e883efed.json | 22 +++ ...-5210b489-856b-4734-9db4-5c8204c648c2.json | 22 +++ ...-52eda593-9c76-4a87-8e30-48b08dd21d78.json | 22 +++ ...-53006157-d4bc-40f8-987e-6dc2e6ded5aa.json | 22 +++ ...-5488434d-dff0-4d85-801d-8527f0ef360c.json | 22 +++ ...-55aee876-9af3-4222-8622-3e06ca42b536.json | 22 +++ ...-55b8140d-a7b5-455c-b97c-f1e40b743f33.json | 22 +++ ...-57c362a7-f7b7-47ae-8242-44d194902454.json | 22 +++ ...-58c4ea8b-70ee-46db-ab11-cf4634522c03.json | 22 +++ ...-59b462b8-c083-4279-976f-08722d268f38.json | 22 +++ ...-5a4c2498-0d3c-4870-98bc-5468c6385bbf.json | 22 +++ ...-5c90c528-128b-4b3b-b03a-dc221736066c.json | 22 +++ ...-5e76ad4c-0590-4699-9f76-ba4a1ad49b40.json | 22 +++ ...-5f0ff48a-bb2a-4da5-8535-223326f72286.json | 22 +++ ...-60268af0-16bf-4cdd-9a98-61ba4553fc90.json | 22 +++ ...-655f887e-d379-4c61-85b3-217504de2ee4.json | 22 +++ ...-68e080fe-c461-4716-8301-622257d755c6.json | 22 +++ ...-691c48d8-9cd1-4386-8b6d-5113730317ba.json | 22 +++ ...-6be096e2-f4ff-420c-97f4-857059956588.json | 22 +++ ...-6c28cc64-e841-4806-83d2-6e2f72cda97a.json | 22 +++ ...-6f394d1e-a87e-4b9b-a5e0-ff6b9a22fd78.json | 22 +++ ...-70829031-8bbc-4420-8f22-8fd2f4974711.json | 22 +++ ...-71fe0023-0b81-4dcc-9fe2-b6ce1bf2743b.json | 22 +++ ...-735e8ec1-b6ad-4442-829d-49fab6f61fbd.json | 22 +++ ...-75fcaf04-0f08-4c5a-a7a1-cb28c48a1268.json | 22 +++ ...-7952a05e-ff94-4396-9125-8ebaa73b9609.json | 22 +++ ...-7af1b428-5566-4602-87a2-48d301f1a199.json | 22 +++ ...-7ded9583-0d17-430c-8a96-9c3bdd11d917.json | 22 +++ ...-81347644-7cc6-438c-aa07-2aa4b3bdb6d1.json | 22 +++ ...-81ecb962-58de-4369-a53c-5117561af26c.json | 22 +++ ...-875b8b0e-2096-4b41-832e-94d8d2454b58.json | 22 +++ ...-8a371200-14e1-42c0-9d2f-274f97968db3.json | 22 +++ ...-8b579734-49e8-41d9-8c6e-5d885b8adb0c.json | 22 +++ ...-8b8abc33-830a-442e-b520-85673ff49513.json | 22 +++ ...-8c6d7e53-6f06-4403-b8c1-489a07c3d978.json | 22 +++ ...-8d8358a7-1dff-4179-92e7-2d74cddcb8f4.json | 22 +++ ...-8e4f89e6-aa88-47fe-96a9-2f033acdcbbb.json | 22 +++ ...-8e94a15f-a103-4659-a3dd-d75fbefc2685.json | 22 +++ ...-8eb05bec-e87f-4247-b348-d2a3faaf3542.json | 22 +++ ...-8fa1f79c-251a-4ce8-88cf-526dca65cb3e.json | 22 +++ ...-903c12bb-128a-4e4b-ab35-c69213a2f502.json | 22 +++ ...-917ff001-170a-48cc-b2ab-80d8d4b7b51e.json | 22 +++ ...-93ea1dae-be38-443f-8d45-b471d1adfa3a.json | 22 +++ ...-97b3c281-bd85-48df-a89e-e2161e658950.json | 22 +++ ...-99730eb5-4968-443e-9bf8-93d436cf7c4e.json | 22 +++ ...-99fc773d-0557-4e02-9a15-cbd1ca4be4f4.json | 22 +++ ...-9b1abf86-4327-4641-866a-17e0c6a9560c.json | 22 +++ ...-9c6e462a-8125-4ef5-9447-a56f11ac0e41.json | 22 +++ ...-a5e9daef-8593-4df3-93e4-263bc6777535.json | 22 +++ ...-a889e09c-4295-477e-81f8-d61622cbb6db.json | 22 +++ ...-ab9d904e-b351-4ccc-83fa-f999a978c0e7.json | 22 +++ ...-adc110f3-d5f7-4e9f-8da0-0b110a911a0c.json | 22 +++ ...-b22084f2-c34b-4e02-ab4a-46a949843aae.json | 22 +++ ...-b4a900a8-cfc5-4274-9ef1-bc419e623eea.json | 22 +++ ...-b6ff0c13-9ca1-4cef-9092-09ce3ef86968.json | 22 +++ ...-be153ac3-5bb9-465f-b93c-16e833048160.json | 22 +++ ...-c0e57f27-76e7-49b9-9166-ead06ca559fb.json | 22 +++ ...-c1405b6e-ea21-4c08-975d-6582dd8e5b4d.json | 22 +++ ...-c630221d-7bdd-4cec-963a-7eef68f1ed21.json | 22 +++ ...-c841e569-db73-49c0-95ed-71899f7c9abf.json | 22 +++ ...-c8bc9354-2eb7-4de5-b603-1914816f7b0a.json | 22 +++ ...-c9b3ac91-c31d-4fd2-b0e2-1f9f3314495d.json | 22 +++ ...-ca4905b2-8713-4531-a66b-cdb7c4f3f9b0.json | 22 +++ ...-cd7e5653-5e8e-43b9-853a-60140dc86b4e.json | 22 +++ ...-cec4adfa-d5bf-4a3e-bc4f-0b81a8a14174.json | 22 +++ ...-cf48250d-709b-4cac-8876-dbd569c8fba1.json | 22 +++ ...-d08a29eb-bc1c-40fe-a7fb-e0adc05a087c.json | 22 +++ ...-d0abe792-fd68-444b-aa11-e9fc2ab43d84.json | 22 +++ ...-d1aefbd4-6810-477d-bd6e-98b05fd1d0c2.json | 22 +++ ...-d391b022-d892-4774-8ec7-df8d5abf29a6.json | 22 +++ ...-d5fe5564-e56e-4c37-aa3c-8e599b6df59c.json | 22 +++ ...-e043c330-90b7-47ca-a2d2-22b76d86b11e.json | 22 +++ ...-e0bf2853-d977-4c16-978b-acf708e7949e.json | 22 +++ ...-e1a3ed61-b949-4986-92d5-3b1bdce4d81f.json | 22 +++ ...-e1f16696-65bd-40df-a00e-def731e574d9.json | 22 +++ ...-e282c348-7485-414b-aaf9-67df01c887ec.json | 22 +++ ...-e2e4511d-e048-45d3-b2a4-47be0a96bb2a.json | 22 +++ ...-e3b5239b-0b45-4a29-a850-7cd294db8ed6.json | 22 +++ ...-e3b8511d-bbd1-44b1-938e-c7f42ceff138.json | 22 +++ ...-e4c76dc9-6fa9-4594-84cf-9bdd88efd43b.json | 22 +++ ...-e6d37994-6cb9-4176-9a53-dec3a4a6ef60.json | 22 +++ ...-e8865892-9a50-4e4a-ad53-46e0bdd5d63e.json | 22 +++ ...-e8915762-5996-4e35-a6dc-6b6971099ebd.json | 22 +++ ...-e8b7f343-73fe-446d-9345-2cf395d7388f.json | 22 +++ ...-e9377a72-1787-4ca3-aa8a-1f5168d5f71f.json | 22 +++ ...-e99f706c-f2b5-4583-aef7-1b9ad4aa8bb3.json | 22 +++ ...-e9ebefcb-7aee-4905-9d61-3315f96fa3b8.json | 22 +++ ...-ed6a5881-e4db-48ab-a6e0-801f2eda6539.json | 22 +++ ...-ee0f4931-5113-46bd-98bb-3224a4c044aa.json | 22 +++ ...-f2ed860e-3195-47dc-aef0-a3bed5bc5028.json | 22 +++ ...-f3dc84cf-493f-4d9e-990c-bb01a85be0fc.json | 22 +++ ...-f48ea6f6-b5a5-4b6f-9849-fdc3da2c379b.json | 22 +++ ...-fdae7072-5c1e-4cee-8f22-acd734acfda5.json | 22 +++ ...-fdf66df1-cd78-4228-b95d-248cacdacfbb.json | 22 +++ 132 files changed, 3013 insertions(+) create mode 100644 objects/vulnerability/vulnerability--04d9cf9c-e048-46c5-9732-7e6f8b7f2132.json create mode 100644 objects/vulnerability/vulnerability--0664f910-385e-424f-b1b2-3d4426feb71a.json create mode 100644 objects/vulnerability/vulnerability--06744872-dd45-4215-b11b-eea73b86186b.json create mode 100644 objects/vulnerability/vulnerability--098f9d7c-1a0b-4ab2-babb-bbcffa9659a9.json create mode 100644 objects/vulnerability/vulnerability--0b02302d-a98e-46d9-8b1b-9c4b15416ae6.json create mode 100644 objects/vulnerability/vulnerability--0c6284c1-fc58-451e-9b57-5c3c7b924e6f.json create mode 100644 objects/vulnerability/vulnerability--0d6f01ff-aa11-412b-850e-d6a5e59ff780.json create mode 100644 objects/vulnerability/vulnerability--0de901fb-95ee-4120-b962-48e5367e0dd8.json create mode 100644 objects/vulnerability/vulnerability--0e35c507-475d-46ad-be49-04df09eb429d.json create mode 100644 objects/vulnerability/vulnerability--13c5b5a0-00ca-436c-98dd-d95d7ae6d404.json create mode 100644 objects/vulnerability/vulnerability--156733b8-dcfa-4cff-b98c-dda97d3ddaf7.json create mode 100644 objects/vulnerability/vulnerability--18b15f03-2bbb-49f1-a33f-bc8108b93c98.json create mode 100644 objects/vulnerability/vulnerability--194dafce-a8d6-4212-9a5c-a9e751d43c0a.json create mode 100644 objects/vulnerability/vulnerability--1c1c4ef9-6e88-42bb-b708-72bfc4a7f888.json create mode 100644 objects/vulnerability/vulnerability--1d998ec4-a1d4-4999-a62c-90f840a9ac55.json create mode 100644 objects/vulnerability/vulnerability--1e5513bb-16e5-40e5-a10a-8abd941e0643.json create mode 100644 objects/vulnerability/vulnerability--2060f577-a923-48b7-bc5a-ae517b68e05c.json create mode 100644 objects/vulnerability/vulnerability--2097f48b-532c-4024-87a6-4a5dc7c5d81e.json create mode 100644 objects/vulnerability/vulnerability--27729b34-5223-4206-8ca0-8a4dd9b59ecc.json create mode 100644 objects/vulnerability/vulnerability--278e8531-8c26-45a0-a437-8c97a00d59f1.json create mode 100644 objects/vulnerability/vulnerability--281032dd-fd68-4e69-a6b4-715eaf2930fc.json create mode 100644 objects/vulnerability/vulnerability--2ac03ed5-cc3b-4e79-a44e-81f064f07380.json create mode 100644 objects/vulnerability/vulnerability--2ed10d2c-9280-407b-a500-61950e497a3c.json create mode 100644 objects/vulnerability/vulnerability--2f60afe3-4d9d-472b-b01a-9df40f2b965b.json create mode 100644 objects/vulnerability/vulnerability--2fd26090-8337-453a-b7e7-dc23b2fc153c.json create mode 100644 objects/vulnerability/vulnerability--32874e27-9c87-4529-abac-4e39078f382c.json create mode 100644 objects/vulnerability/vulnerability--346dc62d-5db4-47e2-a624-995bc9b9dda1.json create mode 100644 objects/vulnerability/vulnerability--374c260d-256c-4f9b-8765-3df5014b767f.json create mode 100644 objects/vulnerability/vulnerability--3abf3760-165f-4f94-84a9-dff80a178c1d.json create mode 100644 objects/vulnerability/vulnerability--3b6364c8-4407-40a9-8e23-108ca7c20a68.json create mode 100644 objects/vulnerability/vulnerability--3c6302f3-282a-4cc1-a55d-e53f0bb3f556.json create mode 100644 objects/vulnerability/vulnerability--3e5b9432-f515-438d-904a-97eb93d2a63a.json create mode 100644 objects/vulnerability/vulnerability--44592313-df01-4a2a-b0b2-11cf26c60575.json create mode 100644 objects/vulnerability/vulnerability--46154e26-b7ca-4875-95ae-a2fd2e5b4252.json create mode 100644 objects/vulnerability/vulnerability--46be382d-a438-47e8-ad48-5d785d687af8.json create mode 100644 objects/vulnerability/vulnerability--4811e357-634a-4f36-a655-1805c1423fd4.json create mode 100644 objects/vulnerability/vulnerability--4a8cb57d-7842-43de-bab5-55afa4f838aa.json create mode 100644 objects/vulnerability/vulnerability--4f0f9b3d-34dd-44d0-9204-ff75e883efed.json create mode 100644 objects/vulnerability/vulnerability--5210b489-856b-4734-9db4-5c8204c648c2.json create mode 100644 objects/vulnerability/vulnerability--52eda593-9c76-4a87-8e30-48b08dd21d78.json create mode 100644 objects/vulnerability/vulnerability--53006157-d4bc-40f8-987e-6dc2e6ded5aa.json create mode 100644 objects/vulnerability/vulnerability--5488434d-dff0-4d85-801d-8527f0ef360c.json create mode 100644 objects/vulnerability/vulnerability--55aee876-9af3-4222-8622-3e06ca42b536.json create mode 100644 objects/vulnerability/vulnerability--55b8140d-a7b5-455c-b97c-f1e40b743f33.json create mode 100644 objects/vulnerability/vulnerability--57c362a7-f7b7-47ae-8242-44d194902454.json create mode 100644 objects/vulnerability/vulnerability--58c4ea8b-70ee-46db-ab11-cf4634522c03.json create mode 100644 objects/vulnerability/vulnerability--59b462b8-c083-4279-976f-08722d268f38.json create mode 100644 objects/vulnerability/vulnerability--5a4c2498-0d3c-4870-98bc-5468c6385bbf.json create mode 100644 objects/vulnerability/vulnerability--5c90c528-128b-4b3b-b03a-dc221736066c.json create mode 100644 objects/vulnerability/vulnerability--5e76ad4c-0590-4699-9f76-ba4a1ad49b40.json create mode 100644 objects/vulnerability/vulnerability--5f0ff48a-bb2a-4da5-8535-223326f72286.json create mode 100644 objects/vulnerability/vulnerability--60268af0-16bf-4cdd-9a98-61ba4553fc90.json create mode 100644 objects/vulnerability/vulnerability--655f887e-d379-4c61-85b3-217504de2ee4.json create mode 100644 objects/vulnerability/vulnerability--68e080fe-c461-4716-8301-622257d755c6.json create mode 100644 objects/vulnerability/vulnerability--691c48d8-9cd1-4386-8b6d-5113730317ba.json create mode 100644 objects/vulnerability/vulnerability--6be096e2-f4ff-420c-97f4-857059956588.json create mode 100644 objects/vulnerability/vulnerability--6c28cc64-e841-4806-83d2-6e2f72cda97a.json create mode 100644 objects/vulnerability/vulnerability--6f394d1e-a87e-4b9b-a5e0-ff6b9a22fd78.json create mode 100644 objects/vulnerability/vulnerability--70829031-8bbc-4420-8f22-8fd2f4974711.json create mode 100644 objects/vulnerability/vulnerability--71fe0023-0b81-4dcc-9fe2-b6ce1bf2743b.json create mode 100644 objects/vulnerability/vulnerability--735e8ec1-b6ad-4442-829d-49fab6f61fbd.json create mode 100644 objects/vulnerability/vulnerability--75fcaf04-0f08-4c5a-a7a1-cb28c48a1268.json create mode 100644 objects/vulnerability/vulnerability--7952a05e-ff94-4396-9125-8ebaa73b9609.json create mode 100644 objects/vulnerability/vulnerability--7af1b428-5566-4602-87a2-48d301f1a199.json create mode 100644 objects/vulnerability/vulnerability--7ded9583-0d17-430c-8a96-9c3bdd11d917.json create mode 100644 objects/vulnerability/vulnerability--81347644-7cc6-438c-aa07-2aa4b3bdb6d1.json create mode 100644 objects/vulnerability/vulnerability--81ecb962-58de-4369-a53c-5117561af26c.json create mode 100644 objects/vulnerability/vulnerability--875b8b0e-2096-4b41-832e-94d8d2454b58.json create mode 100644 objects/vulnerability/vulnerability--8a371200-14e1-42c0-9d2f-274f97968db3.json create mode 100644 objects/vulnerability/vulnerability--8b579734-49e8-41d9-8c6e-5d885b8adb0c.json create mode 100644 objects/vulnerability/vulnerability--8b8abc33-830a-442e-b520-85673ff49513.json create mode 100644 objects/vulnerability/vulnerability--8c6d7e53-6f06-4403-b8c1-489a07c3d978.json create mode 100644 objects/vulnerability/vulnerability--8d8358a7-1dff-4179-92e7-2d74cddcb8f4.json create mode 100644 objects/vulnerability/vulnerability--8e4f89e6-aa88-47fe-96a9-2f033acdcbbb.json create mode 100644 objects/vulnerability/vulnerability--8e94a15f-a103-4659-a3dd-d75fbefc2685.json create mode 100644 objects/vulnerability/vulnerability--8eb05bec-e87f-4247-b348-d2a3faaf3542.json create mode 100644 objects/vulnerability/vulnerability--8fa1f79c-251a-4ce8-88cf-526dca65cb3e.json create mode 100644 objects/vulnerability/vulnerability--903c12bb-128a-4e4b-ab35-c69213a2f502.json create mode 100644 objects/vulnerability/vulnerability--917ff001-170a-48cc-b2ab-80d8d4b7b51e.json create mode 100644 objects/vulnerability/vulnerability--93ea1dae-be38-443f-8d45-b471d1adfa3a.json create mode 100644 objects/vulnerability/vulnerability--97b3c281-bd85-48df-a89e-e2161e658950.json create mode 100644 objects/vulnerability/vulnerability--99730eb5-4968-443e-9bf8-93d436cf7c4e.json create mode 100644 objects/vulnerability/vulnerability--99fc773d-0557-4e02-9a15-cbd1ca4be4f4.json create mode 100644 objects/vulnerability/vulnerability--9b1abf86-4327-4641-866a-17e0c6a9560c.json create mode 100644 objects/vulnerability/vulnerability--9c6e462a-8125-4ef5-9447-a56f11ac0e41.json create mode 100644 objects/vulnerability/vulnerability--a5e9daef-8593-4df3-93e4-263bc6777535.json create mode 100644 objects/vulnerability/vulnerability--a889e09c-4295-477e-81f8-d61622cbb6db.json create mode 100644 objects/vulnerability/vulnerability--ab9d904e-b351-4ccc-83fa-f999a978c0e7.json create mode 100644 objects/vulnerability/vulnerability--adc110f3-d5f7-4e9f-8da0-0b110a911a0c.json create mode 100644 objects/vulnerability/vulnerability--b22084f2-c34b-4e02-ab4a-46a949843aae.json create mode 100644 objects/vulnerability/vulnerability--b4a900a8-cfc5-4274-9ef1-bc419e623eea.json create mode 100644 objects/vulnerability/vulnerability--b6ff0c13-9ca1-4cef-9092-09ce3ef86968.json create mode 100644 objects/vulnerability/vulnerability--be153ac3-5bb9-465f-b93c-16e833048160.json create mode 100644 objects/vulnerability/vulnerability--c0e57f27-76e7-49b9-9166-ead06ca559fb.json create mode 100644 objects/vulnerability/vulnerability--c1405b6e-ea21-4c08-975d-6582dd8e5b4d.json create mode 100644 objects/vulnerability/vulnerability--c630221d-7bdd-4cec-963a-7eef68f1ed21.json create mode 100644 objects/vulnerability/vulnerability--c841e569-db73-49c0-95ed-71899f7c9abf.json create mode 100644 objects/vulnerability/vulnerability--c8bc9354-2eb7-4de5-b603-1914816f7b0a.json create mode 100644 objects/vulnerability/vulnerability--c9b3ac91-c31d-4fd2-b0e2-1f9f3314495d.json create mode 100644 objects/vulnerability/vulnerability--ca4905b2-8713-4531-a66b-cdb7c4f3f9b0.json create mode 100644 objects/vulnerability/vulnerability--cd7e5653-5e8e-43b9-853a-60140dc86b4e.json create mode 100644 objects/vulnerability/vulnerability--cec4adfa-d5bf-4a3e-bc4f-0b81a8a14174.json create mode 100644 objects/vulnerability/vulnerability--cf48250d-709b-4cac-8876-dbd569c8fba1.json create mode 100644 objects/vulnerability/vulnerability--d08a29eb-bc1c-40fe-a7fb-e0adc05a087c.json create mode 100644 objects/vulnerability/vulnerability--d0abe792-fd68-444b-aa11-e9fc2ab43d84.json create mode 100644 objects/vulnerability/vulnerability--d1aefbd4-6810-477d-bd6e-98b05fd1d0c2.json create mode 100644 objects/vulnerability/vulnerability--d391b022-d892-4774-8ec7-df8d5abf29a6.json create mode 100644 objects/vulnerability/vulnerability--d5fe5564-e56e-4c37-aa3c-8e599b6df59c.json create mode 100644 objects/vulnerability/vulnerability--e043c330-90b7-47ca-a2d2-22b76d86b11e.json create mode 100644 objects/vulnerability/vulnerability--e0bf2853-d977-4c16-978b-acf708e7949e.json create mode 100644 objects/vulnerability/vulnerability--e1a3ed61-b949-4986-92d5-3b1bdce4d81f.json create mode 100644 objects/vulnerability/vulnerability--e1f16696-65bd-40df-a00e-def731e574d9.json create mode 100644 objects/vulnerability/vulnerability--e282c348-7485-414b-aaf9-67df01c887ec.json create mode 100644 objects/vulnerability/vulnerability--e2e4511d-e048-45d3-b2a4-47be0a96bb2a.json create mode 100644 objects/vulnerability/vulnerability--e3b5239b-0b45-4a29-a850-7cd294db8ed6.json create mode 100644 objects/vulnerability/vulnerability--e3b8511d-bbd1-44b1-938e-c7f42ceff138.json create mode 100644 objects/vulnerability/vulnerability--e4c76dc9-6fa9-4594-84cf-9bdd88efd43b.json create mode 100644 objects/vulnerability/vulnerability--e6d37994-6cb9-4176-9a53-dec3a4a6ef60.json create mode 100644 objects/vulnerability/vulnerability--e8865892-9a50-4e4a-ad53-46e0bdd5d63e.json create mode 100644 objects/vulnerability/vulnerability--e8915762-5996-4e35-a6dc-6b6971099ebd.json create mode 100644 objects/vulnerability/vulnerability--e8b7f343-73fe-446d-9345-2cf395d7388f.json create mode 100644 objects/vulnerability/vulnerability--e9377a72-1787-4ca3-aa8a-1f5168d5f71f.json create mode 100644 objects/vulnerability/vulnerability--e99f706c-f2b5-4583-aef7-1b9ad4aa8bb3.json create mode 100644 objects/vulnerability/vulnerability--e9ebefcb-7aee-4905-9d61-3315f96fa3b8.json create mode 100644 objects/vulnerability/vulnerability--ed6a5881-e4db-48ab-a6e0-801f2eda6539.json create mode 100644 objects/vulnerability/vulnerability--ee0f4931-5113-46bd-98bb-3224a4c044aa.json create mode 100644 objects/vulnerability/vulnerability--f2ed860e-3195-47dc-aef0-a3bed5bc5028.json create mode 100644 objects/vulnerability/vulnerability--f3dc84cf-493f-4d9e-990c-bb01a85be0fc.json create mode 100644 objects/vulnerability/vulnerability--f48ea6f6-b5a5-4b6f-9849-fdc3da2c379b.json create mode 100644 objects/vulnerability/vulnerability--fdae7072-5c1e-4cee-8f22-acd734acfda5.json create mode 100644 objects/vulnerability/vulnerability--fdf66df1-cd78-4228-b95d-248cacdacfbb.json diff --git a/mapping.csv b/mapping.csv index ad2987d48c1..21fd99a9b1e 100644 --- a/mapping.csv +++ b/mapping.csv @@ -247227,3 +247227,134 @@ vulnerability,CVE-2023-52913,vulnerability--89741f0d-d7ab-45a3-ba03-722f137a638c vulnerability,CVE-2023-52894,vulnerability--41720441-19b9-44d2-ad52-c2f0cf81ec5b vulnerability,CVE-2023-22576,vulnerability--271303b0-0890-48e2-b12f-45295d638f92 vulnerability,CVE-2023-49198,vulnerability--7d4a68a2-fcbf-4511-a2ff-a1f72a271c43 +vulnerability,CVE-2022-48919,vulnerability--52eda593-9c76-4a87-8e30-48b08dd21d78 +vulnerability,CVE-2022-48930,vulnerability--e1f16696-65bd-40df-a00e-def731e574d9 +vulnerability,CVE-2022-48936,vulnerability--156733b8-dcfa-4cff-b98c-dda97d3ddaf7 +vulnerability,CVE-2022-48939,vulnerability--0b02302d-a98e-46d9-8b1b-9c4b15416ae6 +vulnerability,CVE-2022-48923,vulnerability--be153ac3-5bb9-465f-b93c-16e833048160 +vulnerability,CVE-2022-48926,vulnerability--46154e26-b7ca-4875-95ae-a2fd2e5b4252 +vulnerability,CVE-2022-48941,vulnerability--0e35c507-475d-46ad-be49-04df09eb429d +vulnerability,CVE-2022-48904,vulnerability--278e8531-8c26-45a0-a437-8c97a00d59f1 +vulnerability,CVE-2022-48927,vulnerability--f48ea6f6-b5a5-4b6f-9849-fdc3da2c379b +vulnerability,CVE-2022-48921,vulnerability--53006157-d4bc-40f8-987e-6dc2e6ded5aa +vulnerability,CVE-2022-48901,vulnerability--5a4c2498-0d3c-4870-98bc-5468c6385bbf +vulnerability,CVE-2022-48933,vulnerability--3abf3760-165f-4f94-84a9-dff80a178c1d +vulnerability,CVE-2022-48917,vulnerability--cd7e5653-5e8e-43b9-853a-60140dc86b4e +vulnerability,CVE-2022-48908,vulnerability--d1aefbd4-6810-477d-bd6e-98b05fd1d0c2 +vulnerability,CVE-2022-48925,vulnerability--d5fe5564-e56e-4c37-aa3c-8e599b6df59c +vulnerability,CVE-2022-48907,vulnerability--8b8abc33-830a-442e-b520-85673ff49513 +vulnerability,CVE-2022-48920,vulnerability--4a8cb57d-7842-43de-bab5-55afa4f838aa +vulnerability,CVE-2022-48912,vulnerability--3b6364c8-4407-40a9-8e23-108ca7c20a68 +vulnerability,CVE-2022-48937,vulnerability--55b8140d-a7b5-455c-b97c-f1e40b743f33 +vulnerability,CVE-2022-48938,vulnerability--27729b34-5223-4206-8ca0-8a4dd9b59ecc +vulnerability,CVE-2022-48909,vulnerability--e043c330-90b7-47ca-a2d2-22b76d86b11e +vulnerability,CVE-2022-48928,vulnerability--57c362a7-f7b7-47ae-8242-44d194902454 +vulnerability,CVE-2022-48914,vulnerability--6f394d1e-a87e-4b9b-a5e0-ff6b9a22fd78 +vulnerability,CVE-2022-48922,vulnerability--2097f48b-532c-4024-87a6-4a5dc7c5d81e +vulnerability,CVE-2022-48913,vulnerability--81347644-7cc6-438c-aa07-2aa4b3bdb6d1 +vulnerability,CVE-2022-48905,vulnerability--8d8358a7-1dff-4179-92e7-2d74cddcb8f4 +vulnerability,CVE-2022-48918,vulnerability--2fd26090-8337-453a-b7e7-dc23b2fc153c +vulnerability,CVE-2022-48915,vulnerability--13c5b5a0-00ca-436c-98dd-d95d7ae6d404 +vulnerability,CVE-2022-48935,vulnerability--8c6d7e53-6f06-4403-b8c1-489a07c3d978 +vulnerability,CVE-2022-48943,vulnerability--e9377a72-1787-4ca3-aa8a-1f5168d5f71f +vulnerability,CVE-2022-48940,vulnerability--8a371200-14e1-42c0-9d2f-274f97968db3 +vulnerability,CVE-2022-48934,vulnerability--346dc62d-5db4-47e2-a624-995bc9b9dda1 +vulnerability,CVE-2022-48942,vulnerability--194dafce-a8d6-4212-9a5c-a9e751d43c0a +vulnerability,CVE-2022-48910,vulnerability--098f9d7c-1a0b-4ab2-babb-bbcffa9659a9 +vulnerability,CVE-2022-48911,vulnerability--7ded9583-0d17-430c-8a96-9c3bdd11d917 +vulnerability,CVE-2022-48929,vulnerability--32874e27-9c87-4529-abac-4e39078f382c +vulnerability,CVE-2022-48903,vulnerability--7952a05e-ff94-4396-9125-8ebaa73b9609 +vulnerability,CVE-2022-48902,vulnerability--0c6284c1-fc58-451e-9b57-5c3c7b924e6f +vulnerability,CVE-2022-48932,vulnerability--8b579734-49e8-41d9-8c6e-5d885b8adb0c +vulnerability,CVE-2022-48916,vulnerability--18b15f03-2bbb-49f1-a33f-bc8108b93c98 +vulnerability,CVE-2022-48906,vulnerability--58c4ea8b-70ee-46db-ab11-cf4634522c03 +vulnerability,CVE-2022-48931,vulnerability--735e8ec1-b6ad-4442-829d-49fab6f61fbd +vulnerability,CVE-2022-48924,vulnerability--ed6a5881-e4db-48ab-a6e0-801f2eda6539 +vulnerability,CVE-2021-4441,vulnerability--917ff001-170a-48cc-b2ab-80d8d4b7b51e +vulnerability,CVE-2024-40884,vulnerability--59b462b8-c083-4279-976f-08722d268f38 +vulnerability,CVE-2024-40886,vulnerability--903c12bb-128a-4e4b-ab35-c69213a2f502 +vulnerability,CVE-2024-42056,vulnerability--d08a29eb-bc1c-40fe-a7fb-e0adc05a087c +vulnerability,CVE-2024-42418,vulnerability--e8915762-5996-4e35-a6dc-6b6971099ebd +vulnerability,CVE-2024-42767,vulnerability--b4a900a8-cfc5-4274-9ef1-bc419e623eea +vulnerability,CVE-2024-42769,vulnerability--7af1b428-5566-4602-87a2-48d301f1a199 +vulnerability,CVE-2024-42490,vulnerability--2f60afe3-4d9d-472b-b01a-9df40f2b965b +vulnerability,CVE-2024-42768,vulnerability--5488434d-dff0-4d85-801d-8527f0ef360c +vulnerability,CVE-2024-42772,vulnerability--d391b022-d892-4774-8ec7-df8d5abf29a6 +vulnerability,CVE-2024-42599,vulnerability--9c6e462a-8125-4ef5-9447-a56f11ac0e41 +vulnerability,CVE-2024-42411,vulnerability--e0bf2853-d977-4c16-978b-acf708e7949e +vulnerability,CVE-2024-42762,vulnerability--c9b3ac91-c31d-4fd2-b0e2-1f9f3314495d +vulnerability,CVE-2024-42775,vulnerability--fdf66df1-cd78-4228-b95d-248cacdacfbb +vulnerability,CVE-2024-42770,vulnerability--5f0ff48a-bb2a-4da5-8535-223326f72286 +vulnerability,CVE-2024-42776,vulnerability--adc110f3-d5f7-4e9f-8da0-0b110a911a0c +vulnerability,CVE-2024-42773,vulnerability--5c90c528-128b-4b3b-b03a-dc221736066c +vulnerability,CVE-2024-42763,vulnerability--e8b7f343-73fe-446d-9345-2cf395d7388f +vulnerability,CVE-2024-42774,vulnerability--8eb05bec-e87f-4247-b348-d2a3faaf3542 +vulnerability,CVE-2024-42771,vulnerability--f3dc84cf-493f-4d9e-990c-bb01a85be0fc +vulnerability,CVE-2024-42761,vulnerability--1c1c4ef9-6e88-42bb-b708-72bfc4a7f888 +vulnerability,CVE-2024-42497,vulnerability--68e080fe-c461-4716-8301-622257d755c6 +vulnerability,CVE-2024-38209,vulnerability--e6d37994-6cb9-4176-9a53-dec3a4a6ef60 +vulnerability,CVE-2024-38210,vulnerability--8e4f89e6-aa88-47fe-96a9-2f033acdcbbb +vulnerability,CVE-2024-38208,vulnerability--a889e09c-4295-477e-81f8-d61622cbb6db +vulnerability,CVE-2024-36444,vulnerability--e1a3ed61-b949-4986-92d5-3b1bdce4d81f +vulnerability,CVE-2024-36445,vulnerability--b22084f2-c34b-4e02-ab4a-46a949843aae +vulnerability,CVE-2024-36439,vulnerability--60268af0-16bf-4cdd-9a98-61ba4553fc90 +vulnerability,CVE-2024-36440,vulnerability--8fa1f79c-251a-4ce8-88cf-526dca65cb3e +vulnerability,CVE-2024-36443,vulnerability--374c260d-256c-4f9b-8765-3df5014b767f +vulnerability,CVE-2024-36442,vulnerability--46be382d-a438-47e8-ad48-5d785d687af8 +vulnerability,CVE-2024-36441,vulnerability--6be096e2-f4ff-420c-97f4-857059956588 +vulnerability,CVE-2024-7836,vulnerability--2ac03ed5-cc3b-4e79-a44e-81f064f07380 +vulnerability,CVE-2024-7634,vulnerability--ab9d904e-b351-4ccc-83fa-f999a978c0e7 +vulnerability,CVE-2024-7110,vulnerability--1d998ec4-a1d4-4999-a62c-90f840a9ac55 +vulnerability,CVE-2024-7848,vulnerability--0664f910-385e-424f-b1b2-3d4426feb71a +vulnerability,CVE-2024-7778,vulnerability--06744872-dd45-4215-b11b-eea73b86186b +vulnerability,CVE-2024-7384,vulnerability--5210b489-856b-4734-9db4-5c8204c648c2 +vulnerability,CVE-2024-39836,vulnerability--a5e9daef-8593-4df3-93e4-263bc6777535 +vulnerability,CVE-2024-39576,vulnerability--3c6302f3-282a-4cc1-a55d-e53f0bb3f556 +vulnerability,CVE-2024-39745,vulnerability--8e94a15f-a103-4659-a3dd-d75fbefc2685 +vulnerability,CVE-2024-39810,vulnerability--55aee876-9af3-4222-8622-3e06ca42b536 +vulnerability,CVE-2024-39744,vulnerability--ee0f4931-5113-46bd-98bb-3224a4c044aa +vulnerability,CVE-2024-39776,vulnerability--4f0f9b3d-34dd-44d0-9204-ff75e883efed +vulnerability,CVE-2024-39746,vulnerability--281032dd-fd68-4e69-a6b4-715eaf2930fc +vulnerability,CVE-2024-39717,vulnerability--44592313-df01-4a2a-b0b2-11cf26c60575 +vulnerability,CVE-2024-43033,vulnerability--e8865892-9a50-4e4a-ad53-46e0bdd5d63e +vulnerability,CVE-2024-43398,vulnerability--c8bc9354-2eb7-4de5-b603-1914816f7b0a +vulnerability,CVE-2024-43790,vulnerability--04d9cf9c-e048-46c5-9732-7e6f8b7f2132 +vulnerability,CVE-2024-43331,vulnerability--99730eb5-4968-443e-9bf8-93d436cf7c4e +vulnerability,CVE-2024-43780,vulnerability--5e76ad4c-0590-4699-9f76-ba4a1ad49b40 +vulnerability,CVE-2024-43785,vulnerability--875b8b0e-2096-4b41-832e-94d8d2454b58 +vulnerability,CVE-2024-43813,vulnerability--99fc773d-0557-4e02-9a15-cbd1ca4be4f4 +vulnerability,CVE-2024-43787,vulnerability--e4c76dc9-6fa9-4594-84cf-9bdd88efd43b +vulnerability,CVE-2024-5583,vulnerability--691c48d8-9cd1-4386-8b6d-5113730317ba +vulnerability,CVE-2024-8072,vulnerability--e3b8511d-bbd1-44b1-938e-c7f42ceff138 +vulnerability,CVE-2024-8071,vulnerability--fdae7072-5c1e-4cee-8f22-acd734acfda5 +vulnerability,CVE-2024-8081,vulnerability--e99f706c-f2b5-4583-aef7-1b9ad4aa8bb3 +vulnerability,CVE-2024-8075,vulnerability--c0e57f27-76e7-49b9-9166-ead06ca559fb +vulnerability,CVE-2024-8083,vulnerability--2060f577-a923-48b7-bc5a-ae517b68e05c +vulnerability,CVE-2024-8088,vulnerability--75fcaf04-0f08-4c5a-a7a1-cb28c48a1268 +vulnerability,CVE-2024-8041,vulnerability--93ea1dae-be38-443f-8d45-b471d1adfa3a +vulnerability,CVE-2024-8078,vulnerability--655f887e-d379-4c61-85b3-217504de2ee4 +vulnerability,CVE-2024-8086,vulnerability--0d6f01ff-aa11-412b-850e-d6a5e59ff780 +vulnerability,CVE-2024-8080,vulnerability--81ecb962-58de-4369-a53c-5117561af26c +vulnerability,CVE-2024-8089,vulnerability--c1405b6e-ea21-4c08-975d-6582dd8e5b4d +vulnerability,CVE-2024-8079,vulnerability--cec4adfa-d5bf-4a3e-bc4f-0b81a8a14174 +vulnerability,CVE-2024-8084,vulnerability--cf48250d-709b-4cac-8876-dbd569c8fba1 +vulnerability,CVE-2024-8077,vulnerability--71fe0023-0b81-4dcc-9fe2-b6ce1bf2743b +vulnerability,CVE-2024-8076,vulnerability--e2e4511d-e048-45d3-b2a4-47be0a96bb2a +vulnerability,CVE-2024-8087,vulnerability--70829031-8bbc-4420-8f22-8fd2f4974711 +vulnerability,CVE-2024-3127,vulnerability--3e5b9432-f515-438d-904a-97eb93d2a63a +vulnerability,CVE-2024-45168,vulnerability--c841e569-db73-49c0-95ed-71899f7c9abf +vulnerability,CVE-2024-45191,vulnerability--e9ebefcb-7aee-4905-9d61-3315f96fa3b8 +vulnerability,CVE-2024-45167,vulnerability--9b1abf86-4327-4641-866a-17e0c6a9560c +vulnerability,CVE-2024-45201,vulnerability--e3b5239b-0b45-4a29-a850-7cd294db8ed6 +vulnerability,CVE-2024-45166,vulnerability--d0abe792-fd68-444b-aa11-e9fc2ab43d84 +vulnerability,CVE-2024-45165,vulnerability--e282c348-7485-414b-aaf9-67df01c887ec +vulnerability,CVE-2024-45163,vulnerability--1e5513bb-16e5-40e5-a10a-8abd941e0643 +vulnerability,CVE-2024-45193,vulnerability--4811e357-634a-4f36-a655-1805c1423fd4 +vulnerability,CVE-2024-45192,vulnerability--f2ed860e-3195-47dc-aef0-a3bed5bc5028 +vulnerability,CVE-2024-45169,vulnerability--ca4905b2-8713-4531-a66b-cdb7c4f3f9b0 +vulnerability,CVE-2024-6870,vulnerability--6c28cc64-e841-4806-83d2-6e2f72cda97a +vulnerability,CVE-2024-6502,vulnerability--c630221d-7bdd-4cec-963a-7eef68f1ed21 +vulnerability,CVE-2024-35151,vulnerability--b6ff0c13-9ca1-4cef-9092-09ce3ef86968 +vulnerability,CVE-2024-32939,vulnerability--0de901fb-95ee-4120-b962-48e5367e0dd8 +vulnerability,CVE-2023-7260,vulnerability--97b3c281-bd85-48df-a89e-e2161e658950 +vulnerability,CVE-2023-6452,vulnerability--2ed10d2c-9280-407b-a500-61950e497a3c diff --git a/objects/vulnerability/vulnerability--04d9cf9c-e048-46c5-9732-7e6f8b7f2132.json b/objects/vulnerability/vulnerability--04d9cf9c-e048-46c5-9732-7e6f8b7f2132.json new file mode 100644 index 00000000000..835b59383cf --- /dev/null +++ b/objects/vulnerability/vulnerability--04d9cf9c-e048-46c5-9732-7e6f8b7f2132.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--4a858081-c9fd-4c8b-9115-0b5c70e44a30", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--04d9cf9c-e048-46c5-9732-7e6f8b7f2132", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.556601Z", + "modified": "2024-08-23T00:18:38.556601Z", + "name": "CVE-2024-43790", + "description": "Vim is an open source command line text editor. When performing a search and displaying the search-count message is disabled (:set shm+=S), the search pattern is displayed at the bottom of the screen in a buffer (msgbuf). When right-left mode (:set rl) is enabled, the search pattern is reversed. This happens by allocating a new buffer. If the search pattern contains some ASCII NUL characters, the buffer allocated will be smaller than the original allocated buffer (because for allocating the reversed buffer, the strlen() function is called, which only counts until it notices an ASCII NUL byte ) and thus the original length indicator is wrong. This causes an overflow when accessing characters inside the msgbuf by the previously (now wrong) length of the msgbuf. The issue has been fixed as of Vim patch v9.1.0689.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-43790" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--0664f910-385e-424f-b1b2-3d4426feb71a.json b/objects/vulnerability/vulnerability--0664f910-385e-424f-b1b2-3d4426feb71a.json new file mode 100644 index 00000000000..7ef942406b0 --- /dev/null +++ b/objects/vulnerability/vulnerability--0664f910-385e-424f-b1b2-3d4426feb71a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--0d95ca34-49da-4580-9834-410cb67fec3f", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--0664f910-385e-424f-b1b2-3d4426feb71a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.292793Z", + "modified": "2024-08-23T00:18:38.292793Z", + "name": "CVE-2024-7848", + "description": "The User Private Files – WordPress File Sharing Plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.1.0 via the 'dpk_upvf_update_doc' due to missing validation on the 'docid' user controlled key. This makes it possible for authenticated attackers, with subscriber-level access and above, to gain access to other user's private files.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-7848" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--06744872-dd45-4215-b11b-eea73b86186b.json b/objects/vulnerability/vulnerability--06744872-dd45-4215-b11b-eea73b86186b.json new file mode 100644 index 00000000000..7968f063c94 --- /dev/null +++ b/objects/vulnerability/vulnerability--06744872-dd45-4215-b11b-eea73b86186b.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--8551c352-0fde-4e12-9899-6e72658eded9", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--06744872-dd45-4215-b11b-eea73b86186b", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.294685Z", + "modified": "2024-08-23T00:18:38.294685Z", + "name": "CVE-2024-7778", + "description": "The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.10.36 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-7778" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--098f9d7c-1a0b-4ab2-babb-bbcffa9659a9.json b/objects/vulnerability/vulnerability--098f9d7c-1a0b-4ab2-babb-bbcffa9659a9.json new file mode 100644 index 00000000000..09bab0a3a8b --- /dev/null +++ b/objects/vulnerability/vulnerability--098f9d7c-1a0b-4ab2-babb-bbcffa9659a9.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--7e237219-f8b9-45db-b610-f59d88da2e7c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--098f9d7c-1a0b-4ab2-babb-bbcffa9659a9", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.244372Z", + "modified": "2024-08-23T00:18:25.244372Z", + "name": "CVE-2022-48910", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv6: ensure we call ipv6_mc_down() at most once\n\nThere are two reasons for addrconf_notify() to be called with NETDEV_DOWN:\neither the network device is actually going down, or IPv6 was disabled\non the interface.\n\nIf either of them stays down while the other is toggled, we repeatedly\ncall the code for NETDEV_DOWN, including ipv6_mc_down(), while never\ncalling the corresponding ipv6_mc_up() in between. This will cause a\nnew entry in idev->mc_tomb to be allocated for each multicast group\nthe interface is subscribed to, which in turn leaks one struct ifmcaddr6\nper nontrivial multicast group the interface is subscribed to.\n\nThe following reproducer will leak at least $n objects:\n\nip addr add ff2e::4242/32 dev eth0 autojoin\nsysctl -w net.ipv6.conf.eth0.disable_ipv6=1\nfor i in $(seq 1 $n); do\n\tip link set up eth0; ip link set down eth0\ndone\n\nJoining groups with IPV6_ADD_MEMBERSHIP (unprivileged) or setting the\nsysctl net.ipv6.conf.eth0.forwarding to 1 (=> subscribing to ff02::2)\ncan also be used to create a nontrivial idev->mc_list, which will the\nleak objects with the right up-down-sequence.\n\nBased on both sources for NETDEV_DOWN events the interface IPv6 state\nshould be considered:\n\n - not ready if the network interface is not ready OR IPv6 is disabled\n for it\n - ready if the network interface is ready AND IPv6 is enabled for it\n\nThe functions ipv6_mc_up() and ipv6_down() should only be run when this\nstate changes.\n\nImplement this by remembering when the IPv6 state is ready, and only\nrun ipv6_mc_down() if it actually changed from ready to not ready.\n\nThe other direction (not ready -> ready) already works correctly, as:\n\n - the interface notification triggered codepath for NETDEV_UP /\n NETDEV_CHANGE returns early if ipv6 is disabled, and\n - the disable_ipv6=0 triggered codepath skips fully initializing the\n interface as long as addrconf_link_ready(dev) returns false\n - calling ipv6_mc_up() repeatedly does not leak anything", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48910" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--0b02302d-a98e-46d9-8b1b-9c4b15416ae6.json b/objects/vulnerability/vulnerability--0b02302d-a98e-46d9-8b1b-9c4b15416ae6.json new file mode 100644 index 00000000000..3e7d1bea67e --- /dev/null +++ b/objects/vulnerability/vulnerability--0b02302d-a98e-46d9-8b1b-9c4b15416ae6.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b812a688-6a0b-4d9f-b5de-d171b2394310", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--0b02302d-a98e-46d9-8b1b-9c4b15416ae6", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.176054Z", + "modified": "2024-08-23T00:18:25.176054Z", + "name": "CVE-2022-48939", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Add schedule points in batch ops\n\nsyzbot reported various soft lockups caused by bpf batch operations.\n\n INFO: task kworker/1:1:27 blocked for more than 140 seconds.\n INFO: task hung in rcu_barrier\n\nNothing prevents batch ops to process huge amount of data,\nwe need to add schedule points in them.\n\nNote that maybe_wait_bpf_programs(map) calls from\ngeneric_map_delete_batch() can be factorized by moving\nthe call after the loop.\n\nThis will be done later in -next tree once we get this fix merged,\nunless there is strong opinion doing this optimization sooner.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48939" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--0c6284c1-fc58-451e-9b57-5c3c7b924e6f.json b/objects/vulnerability/vulnerability--0c6284c1-fc58-451e-9b57-5c3c7b924e6f.json new file mode 100644 index 00000000000..0f4ff76ae92 --- /dev/null +++ b/objects/vulnerability/vulnerability--0c6284c1-fc58-451e-9b57-5c3c7b924e6f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--e4db61d0-8c2b-4084-b5bc-76c915dca30d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--0c6284c1-fc58-451e-9b57-5c3c7b924e6f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.255564Z", + "modified": "2024-08-23T00:18:25.255564Z", + "name": "CVE-2022-48902", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: do not WARN_ON() if we have PageError set\n\nWhenever we do any extent buffer operations we call\nassert_eb_page_uptodate() to complain loudly if we're operating on an\nnon-uptodate page. Our overnight tests caught this warning earlier this\nweek\n\n WARNING: CPU: 1 PID: 553508 at fs/btrfs/extent_io.c:6849 assert_eb_page_uptodate+0x3f/0x50\n CPU: 1 PID: 553508 Comm: kworker/u4:13 Tainted: G W 5.17.0-rc3+ #564\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.13.0-2.fc32 04/01/2014\n Workqueue: btrfs-cache btrfs_work_helper\n RIP: 0010:assert_eb_page_uptodate+0x3f/0x50\n RSP: 0018:ffffa961440a7c68 EFLAGS: 00010246\n RAX: 0017ffffc0002112 RBX: ffffe6e74453f9c0 RCX: 0000000000001000\n RDX: ffffe6e74467c887 RSI: ffffe6e74453f9c0 RDI: ffff8d4c5efc2fc0\n RBP: 0000000000000d56 R08: ffff8d4d4a224000 R09: 0000000000000000\n R10: 00015817fa9d1ef0 R11: 000000000000000c R12: 00000000000007b1\n R13: ffff8d4c5efc2fc0 R14: 0000000001500000 R15: 0000000001cb1000\n FS: 0000000000000000(0000) GS:ffff8d4dbbd00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007ff31d3448d8 CR3: 0000000118be8004 CR4: 0000000000370ee0\n Call Trace:\n\n extent_buffer_test_bit+0x3f/0x70\n free_space_test_bit+0xa6/0xc0\n load_free_space_tree+0x1f6/0x470\n caching_thread+0x454/0x630\n ? rcu_read_lock_sched_held+0x12/0x60\n ? rcu_read_lock_sched_held+0x12/0x60\n ? rcu_read_lock_sched_held+0x12/0x60\n ? lock_release+0x1f0/0x2d0\n btrfs_work_helper+0xf2/0x3e0\n ? lock_release+0x1f0/0x2d0\n ? finish_task_switch.isra.0+0xf9/0x3a0\n process_one_work+0x26d/0x580\n ? process_one_work+0x580/0x580\n worker_thread+0x55/0x3b0\n ? process_one_work+0x580/0x580\n kthread+0xf0/0x120\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x1f/0x30\n\nThis was partially fixed by c2e39305299f01 (\"btrfs: clear extent buffer\nuptodate when we fail to write it\"), however all that fix did was keep\nus from finding extent buffers after a failed writeout. It didn't keep\nus from continuing to use a buffer that we already had found.\n\nIn this case we're searching the commit root to cache the block group,\nso we can start committing the transaction and switch the commit root\nand then start writing. After the switch we can look up an extent\nbuffer that hasn't been written yet and start processing that block\ngroup. Then we fail to write that block out and clear Uptodate on the\npage, and then we start spewing these errors.\n\nNormally we're protected by the tree lock to a certain degree here. If\nwe read a block we have that block read locked, and we block the writer\nfrom locking the block before we submit it for the write. However this\nisn't necessarily fool proof because the read could happen before we do\nthe submit_bio and after we locked and unlocked the extent buffer.\n\nAlso in this particular case we have path->skip_locking set, so that\nwon't save us here. We'll simply get a block that was valid when we\nread it, but became invalid while we were using it.\n\nWhat we really want is to catch the case where we've \"read\" a block but\nit's not marked Uptodate. On read we ClearPageError(), so if we're\n!Uptodate and !Error we know we didn't do the right thing for reading\nthe page.\n\nFix this by checking !Uptodate && !Error, this way we will not complain\nif our buffer gets invalidated while we're using it, and we'll maintain\nthe spirit of the check which is to make sure we have a fully in-cache\nblock while we're messing with it.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48902" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--0d6f01ff-aa11-412b-850e-d6a5e59ff780.json b/objects/vulnerability/vulnerability--0d6f01ff-aa11-412b-850e-d6a5e59ff780.json new file mode 100644 index 00000000000..9d412d31ccf --- /dev/null +++ b/objects/vulnerability/vulnerability--0d6f01ff-aa11-412b-850e-d6a5e59ff780.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--8ebd14df-d15e-4316-a4a5-f9f3d2e7f248", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--0d6f01ff-aa11-412b-850e-d6a5e59ff780", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.984372Z", + "modified": "2024-08-23T00:18:38.984372Z", + "name": "CVE-2024-8086", + "description": "A vulnerability has been found in SourceCodester E-Commerce System 1.0 and classified as critical. This vulnerability affects unknown code of the file /ecommerce/admin/login.php of the component Admin Login. The manipulation of the argument user_email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-8086" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--0de901fb-95ee-4120-b962-48e5367e0dd8.json b/objects/vulnerability/vulnerability--0de901fb-95ee-4120-b962-48e5367e0dd8.json new file mode 100644 index 00000000000..2afb9abfecd --- /dev/null +++ b/objects/vulnerability/vulnerability--0de901fb-95ee-4120-b962-48e5367e0dd8.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--8e497f8f-6f3c-4c4a-a834-e8f67e73ad02", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--0de901fb-95ee-4120-b962-48e5367e0dd8", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:39.193436Z", + "modified": "2024-08-23T00:18:39.193436Z", + "name": "CVE-2024-32939", + "description": "Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.x <= 9.10.0, 9.8.x <= 9.8.2, when shared channels are enabled, fail to redact remote users' original email addresses stored in user props when email addresses are otherwise configured not to be visible in the local server.\"", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-32939" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--0e35c507-475d-46ad-be49-04df09eb429d.json b/objects/vulnerability/vulnerability--0e35c507-475d-46ad-be49-04df09eb429d.json new file mode 100644 index 00000000000..b6caf6e2a46 --- /dev/null +++ b/objects/vulnerability/vulnerability--0e35c507-475d-46ad-be49-04df09eb429d.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--5c48c4f5-ac8c-4344-9121-7dd9d22c6def", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--0e35c507-475d-46ad-be49-04df09eb429d", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.182327Z", + "modified": "2024-08-23T00:18:25.182327Z", + "name": "CVE-2022-48941", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix concurrent reset and removal of VFs\n\nCommit c503e63200c6 (\"ice: Stop processing VF messages during teardown\")\nintroduced a driver state flag, ICE_VF_DEINIT_IN_PROGRESS, which is\nintended to prevent some issues with concurrently handling messages from\nVFs while tearing down the VFs.\n\nThis change was motivated by crashes caused while tearing down and\nbringing up VFs in rapid succession.\n\nIt turns out that the fix actually introduces issues with the VF driver\ncaused because the PF no longer responds to any messages sent by the VF\nduring its .remove routine. This results in the VF potentially removing\nits DMA memory before the PF has shut down the device queues.\n\nAdditionally, the fix doesn't actually resolve concurrency issues within\nthe ice driver. It is possible for a VF to initiate a reset just prior\nto the ice driver removing VFs. This can result in the remove task\nconcurrently operating while the VF is being reset. This results in\nsimilar memory corruption and panics purportedly fixed by that commit.\n\nFix this concurrency at its root by protecting both the reset and\nremoval flows using the existing VF cfg_lock. This ensures that we\ncannot remove the VF while any outstanding critical tasks such as a\nvirtchnl message or a reset are occurring.\n\nThis locking change also fixes the root cause originally fixed by commit\nc503e63200c6 (\"ice: Stop processing VF messages during teardown\"), so we\ncan simply revert it.\n\nNote that I kept these two changes together because simply reverting the\noriginal commit alone would leave the driver vulnerable to worse race\nconditions.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48941" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--13c5b5a0-00ca-436c-98dd-d95d7ae6d404.json b/objects/vulnerability/vulnerability--13c5b5a0-00ca-436c-98dd-d95d7ae6d404.json new file mode 100644 index 00000000000..33fd69491bf --- /dev/null +++ b/objects/vulnerability/vulnerability--13c5b5a0-00ca-436c-98dd-d95d7ae6d404.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--5592f48b-ae48-46b0-8971-a1e8324f3681", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--13c5b5a0-00ca-436c-98dd-d95d7ae6d404", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.230538Z", + "modified": "2024-08-23T00:18:25.230538Z", + "name": "CVE-2022-48915", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: core: Fix TZ_GET_TRIP NULL pointer dereference\n\nDo not call get_trip_hyst() from thermal_genl_cmd_tz_get_trip() if\nthe thermal zone does not define one.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48915" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--156733b8-dcfa-4cff-b98c-dda97d3ddaf7.json b/objects/vulnerability/vulnerability--156733b8-dcfa-4cff-b98c-dda97d3ddaf7.json new file mode 100644 index 00000000000..15d277a8077 --- /dev/null +++ b/objects/vulnerability/vulnerability--156733b8-dcfa-4cff-b98c-dda97d3ddaf7.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--95b9f29e-6e89-43a4-a253-b4d52980df32", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--156733b8-dcfa-4cff-b98c-dda97d3ddaf7", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.174134Z", + "modified": "2024-08-23T00:18:25.174134Z", + "name": "CVE-2022-48936", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\ngso: do not skip outer ip header in case of ipip and net_failover\n\nWe encounter a tcp drop issue in our cloud environment. Packet GROed in\nhost forwards to a VM virtio_net nic with net_failover enabled. VM acts\nas a IPVS LB with ipip encapsulation. The full path like:\nhost gro -> vm virtio_net rx -> net_failover rx -> ipvs fullnat\n -> ipip encap -> net_failover tx -> virtio_net tx\n\nWhen net_failover transmits a ipip pkt (gso_type = 0x0103, which means\nSKB_GSO_TCPV4, SKB_GSO_DODGY and SKB_GSO_IPXIP4), there is no gso\ndid because it supports TSO and GSO_IPXIP4. But network_header points to\ninner ip header.\n\nCall Trace:\n tcp4_gso_segment ------> return NULL\n inet_gso_segment ------> inner iph, network_header points to\n ipip_gso_segment\n inet_gso_segment ------> outer iph\n skb_mac_gso_segment\n\nAfterwards virtio_net transmits the pkt, only inner ip header is modified.\nAnd the outer one just keeps unchanged. The pkt will be dropped in remote\nhost.\n\nCall Trace:\n inet_gso_segment ------> inner iph, outer iph is skipped\n skb_mac_gso_segment\n __skb_gso_segment\n validate_xmit_skb\n validate_xmit_skb_list\n sch_direct_xmit\n __qdisc_run\n __dev_queue_xmit ------> virtio_net\n dev_hard_start_xmit\n __dev_queue_xmit ------> net_failover\n ip_finish_output2\n ip_output\n iptunnel_xmit\n ip_tunnel_xmit\n ipip_tunnel_xmit ------> ipip\n dev_hard_start_xmit\n __dev_queue_xmit\n ip_finish_output2\n ip_output\n ip_forward\n ip_rcv\n __netif_receive_skb_one_core\n netif_receive_skb_internal\n napi_gro_receive\n receive_buf\n virtnet_poll\n net_rx_action\n\nThe root cause of this issue is specific with the rare combination of\nSKB_GSO_DODGY and a tunnel device that adds an SKB_GSO_ tunnel option.\nSKB_GSO_DODGY is set from external virtio_net. We need to reset network\nheader when callbacks.gso_segment() returns NULL.\n\nThis patch also includes ipv6_gso_segment(), considering SIT, etc.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48936" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--18b15f03-2bbb-49f1-a33f-bc8108b93c98.json b/objects/vulnerability/vulnerability--18b15f03-2bbb-49f1-a33f-bc8108b93c98.json new file mode 100644 index 00000000000..cc51890a58f --- /dev/null +++ b/objects/vulnerability/vulnerability--18b15f03-2bbb-49f1-a33f-bc8108b93c98.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f4470318-c0c5-4029-b8fb-5304b47ca204", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--18b15f03-2bbb-49f1-a33f-bc8108b93c98", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.258329Z", + "modified": "2024-08-23T00:18:25.258329Z", + "name": "CVE-2022-48916", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Fix double list_add when enabling VMD in scalable mode\n\nWhen enabling VMD and IOMMU scalable mode, the following kernel panic\ncall trace/kernel log is shown in Eagle Stream platform (Sapphire Rapids\nCPU) during booting:\n\npci 0000:59:00.5: Adding to iommu group 42\n...\nvmd 0000:59:00.5: PCI host bridge to bus 10000:80\npci 10000:80:01.0: [8086:352a] type 01 class 0x060400\npci 10000:80:01.0: reg 0x10: [mem 0x00000000-0x0001ffff 64bit]\npci 10000:80:01.0: enabling Extended Tags\npci 10000:80:01.0: PME# supported from D0 D3hot D3cold\npci 10000:80:01.0: DMAR: Setup RID2PASID failed\npci 10000:80:01.0: Failed to add to iommu group 42: -16\npci 10000:80:03.0: [8086:352b] type 01 class 0x060400\npci 10000:80:03.0: reg 0x10: [mem 0x00000000-0x0001ffff 64bit]\npci 10000:80:03.0: enabling Extended Tags\npci 10000:80:03.0: PME# supported from D0 D3hot D3cold\n------------[ cut here ]------------\nkernel BUG at lib/list_debug.c:29!\ninvalid opcode: 0000 [#1] PREEMPT SMP NOPTI\nCPU: 0 PID: 7 Comm: kworker/0:1 Not tainted 5.17.0-rc3+ #7\nHardware name: Lenovo ThinkSystem SR650V3/SB27A86647, BIOS ESE101Y-1.00 01/13/2022\nWorkqueue: events work_for_cpu_fn\nRIP: 0010:__list_add_valid.cold+0x26/0x3f\nCode: 9a 4a ab ff 4c 89 c1 48 c7 c7 40 0c d9 9e e8 b9 b1 fe ff 0f\n 0b 48 89 f2 4c 89 c1 48 89 fe 48 c7 c7 f0 0c d9 9e e8 a2 b1\n fe ff <0f> 0b 48 89 d1 4c 89 c6 4c 89 ca 48 c7 c7 98 0c d9\n 9e e8 8b b1 fe\nRSP: 0000:ff5ad434865b3a40 EFLAGS: 00010246\nRAX: 0000000000000058 RBX: ff4d61160b74b880 RCX: ff4d61255e1fffa8\nRDX: 0000000000000000 RSI: 00000000fffeffff RDI: ffffffff9fd34f20\nRBP: ff4d611d8e245c00 R08: 0000000000000000 R09: ff5ad434865b3888\nR10: ff5ad434865b3880 R11: ff4d61257fdc6fe8 R12: ff4d61160b74b8a0\nR13: ff4d61160b74b8a0 R14: ff4d611d8e245c10 R15: ff4d611d8001ba70\nFS: 0000000000000000(0000) GS:ff4d611d5ea00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ff4d611fa1401000 CR3: 0000000aa0210001 CR4: 0000000000771ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n \n intel_pasid_alloc_table+0x9c/0x1d0\n dmar_insert_one_dev_info+0x423/0x540\n ? device_to_iommu+0x12d/0x2f0\n intel_iommu_attach_device+0x116/0x290\n __iommu_attach_device+0x1a/0x90\n iommu_group_add_device+0x190/0x2c0\n __iommu_probe_device+0x13e/0x250\n iommu_probe_device+0x24/0x150\n iommu_bus_notifier+0x69/0x90\n blocking_notifier_call_chain+0x5a/0x80\n device_add+0x3db/0x7b0\n ? arch_memremap_can_ram_remap+0x19/0x50\n ? memremap+0x75/0x140\n pci_device_add+0x193/0x1d0\n pci_scan_single_device+0xb9/0xf0\n pci_scan_slot+0x4c/0x110\n pci_scan_child_bus_extend+0x3a/0x290\n vmd_enable_domain.constprop.0+0x63e/0x820\n vmd_probe+0x163/0x190\n local_pci_probe+0x42/0x80\n work_for_cpu_fn+0x13/0x20\n process_one_work+0x1e2/0x3b0\n worker_thread+0x1c4/0x3a0\n ? rescuer_thread+0x370/0x370\n kthread+0xc7/0xf0\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x1f/0x30\n \nModules linked in:\n---[ end trace 0000000000000000 ]---\n...\nKernel panic - not syncing: Fatal exception\nKernel Offset: 0x1ca00000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff)\n---[ end Kernel panic - not syncing: Fatal exception ]---\n\nThe following 'lspci' output shows devices '10000:80:*' are subdevices of\nthe VMD device 0000:59:00.5:\n\n $ lspci\n ...\n 0000:59:00.5 RAID bus controller: Intel Corporation Volume Management Device NVMe RAID Controller (rev 20)\n ...\n 10000:80:01.0 PCI bridge: Intel Corporation Device 352a (rev 03)\n 10000:80:03.0 PCI bridge: Intel Corporation Device 352b (rev 03)\n 10000:80:05.0 PCI bridge: Intel Corporation Device 352c (rev 03)\n 10000:80:07.0 PCI bridge: Intel Corporation Device 352d (rev 03)\n 10000:81:00.0 Non-Volatile memory controller: Intel Corporation NVMe Datacenter SSD [3DNAND, Beta Rock Controller]\n 10000:82:00\n---truncated---", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48916" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--194dafce-a8d6-4212-9a5c-a9e751d43c0a.json b/objects/vulnerability/vulnerability--194dafce-a8d6-4212-9a5c-a9e751d43c0a.json new file mode 100644 index 00000000000..1e8946a953e --- /dev/null +++ b/objects/vulnerability/vulnerability--194dafce-a8d6-4212-9a5c-a9e751d43c0a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--4282e3b5-1169-486c-ad43-ff73ba918eca", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--194dafce-a8d6-4212-9a5c-a9e751d43c0a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.242699Z", + "modified": "2024-08-23T00:18:25.242699Z", + "name": "CVE-2022-48942", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: Handle failure to register sensor with thermal zone correctly\n\nIf an attempt is made to a sensor with a thermal zone and it fails,\nthe call to devm_thermal_zone_of_sensor_register() may return -ENODEV.\nThis may result in crashes similar to the following.\n\nUnable to handle kernel NULL pointer dereference at virtual address 00000000000003cd\n...\nInternal error: Oops: 96000021 [#1] PREEMPT SMP\n...\npstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : mutex_lock+0x18/0x60\nlr : thermal_zone_device_update+0x40/0x2e0\nsp : ffff800014c4fc60\nx29: ffff800014c4fc60 x28: ffff365ee3f6e000 x27: ffffdde218426790\nx26: ffff365ee3f6e000 x25: 0000000000000000 x24: ffff365ee3f6e000\nx23: ffffdde218426870 x22: ffff365ee3f6e000 x21: 00000000000003cd\nx20: ffff365ee8bf3308 x19: ffffffffffffffed x18: 0000000000000000\nx17: ffffdde21842689c x16: ffffdde1cb7a0b7c x15: 0000000000000040\nx14: ffffdde21a4889a0 x13: 0000000000000228 x12: 0000000000000000\nx11: 0000000000000000 x10: 0000000000000000 x9 : 0000000000000000\nx8 : 0000000001120000 x7 : 0000000000000001 x6 : 0000000000000000\nx5 : 0068000878e20f07 x4 : 0000000000000000 x3 : 00000000000003cd\nx2 : ffff365ee3f6e000 x1 : 0000000000000000 x0 : 00000000000003cd\nCall trace:\n mutex_lock+0x18/0x60\n hwmon_notify_event+0xfc/0x110\n 0xffffdde1cb7a0a90\n 0xffffdde1cb7a0b7c\n irq_thread_fn+0x2c/0xa0\n irq_thread+0x134/0x240\n kthread+0x178/0x190\n ret_from_fork+0x10/0x20\nCode: d503201f d503201f d2800001 aa0103e4 (c8e47c02)\n\nJon Hunter reports that the exact call sequence is:\n\nhwmon_notify_event()\n --> hwmon_thermal_notify()\n --> thermal_zone_device_update()\n --> update_temperature()\n --> mutex_lock()\n\nThe hwmon core needs to handle all errors returned from calls\nto devm_thermal_zone_of_sensor_register(). If the call fails\nwith -ENODEV, report that the sensor was not attached to a\nthermal zone but continue to register the hwmon device.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48942" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--1c1c4ef9-6e88-42bb-b708-72bfc4a7f888.json b/objects/vulnerability/vulnerability--1c1c4ef9-6e88-42bb-b708-72bfc4a7f888.json new file mode 100644 index 00000000000..aa89f6d559d --- /dev/null +++ b/objects/vulnerability/vulnerability--1c1c4ef9-6e88-42bb-b708-72bfc4a7f888.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--873301e3-3355-4918-99be-ad68e841aaec", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--1c1c4ef9-6e88-42bb-b708-72bfc4a7f888", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:37.898133Z", + "modified": "2024-08-23T00:18:37.898133Z", + "name": "CVE-2024-42761", + "description": "A Stored Cross Site Scripting (XSS) vulnerability was found in \"/admin_schedule.php\" in Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via scheduleDurationPHP parameter.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-42761" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--1d998ec4-a1d4-4999-a62c-90f840a9ac55.json b/objects/vulnerability/vulnerability--1d998ec4-a1d4-4999-a62c-90f840a9ac55.json new file mode 100644 index 00000000000..ff185671f76 --- /dev/null +++ b/objects/vulnerability/vulnerability--1d998ec4-a1d4-4999-a62c-90f840a9ac55.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--237bdd0d-25c5-4410-9926-4ff8b46a6d33", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--1d998ec4-a1d4-4999-a62c-90f840a9ac55", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.286546Z", + "modified": "2024-08-23T00:18:38.286546Z", + "name": "CVE-2024-7110", + "description": "An issue was discovered in GitLab EE affecting all versions starting 17.0 to 17.1.6, 17.2 prior to 17.2.4, and 17.3 prior to 17.3.1 allows an attacker to execute arbitrary command in a victim's pipeline through prompt injection.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-7110" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--1e5513bb-16e5-40e5-a10a-8abd941e0643.json b/objects/vulnerability/vulnerability--1e5513bb-16e5-40e5-a10a-8abd941e0643.json new file mode 100644 index 00000000000..0a28f3a50f6 --- /dev/null +++ b/objects/vulnerability/vulnerability--1e5513bb-16e5-40e5-a10a-8abd941e0643.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a7d4f89b-c1ee-49a7-823f-dd0a4ee1cf3c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--1e5513bb-16e5-40e5-a10a-8abd941e0643", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:39.066564Z", + "modified": "2024-08-23T00:18:39.066564Z", + "name": "CVE-2024-45163", + "description": "The Mirai botnet through 2024-08-19 mishandles simultaneous TCP connections to the CNC (command and control) server. Unauthenticated sessions remain open, causing resource consumption. For example, an attacker can send a recognized username (such as root), or can send arbitrary data.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-45163" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--2060f577-a923-48b7-bc5a-ae517b68e05c.json b/objects/vulnerability/vulnerability--2060f577-a923-48b7-bc5a-ae517b68e05c.json new file mode 100644 index 00000000000..20bc5b8a665 --- /dev/null +++ b/objects/vulnerability/vulnerability--2060f577-a923-48b7-bc5a-ae517b68e05c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--410ce3eb-c5ce-46c1-8eea-6d5bdb09939b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--2060f577-a923-48b7-bc5a-ae517b68e05c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.980353Z", + "modified": "2024-08-23T00:18:38.980353Z", + "name": "CVE-2024-8083", + "description": "A vulnerability, which was classified as critical, has been found in SourceCodester Online Computer and Laptop Store 1.0. Affected by this issue is some unknown functionality of the file /php-ocls/classes/Master.php?f=pay_order. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-8083" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--2097f48b-532c-4024-87a6-4a5dc7c5d81e.json b/objects/vulnerability/vulnerability--2097f48b-532c-4024-87a6-4a5dc7c5d81e.json new file mode 100644 index 00000000000..0ae173c1238 --- /dev/null +++ b/objects/vulnerability/vulnerability--2097f48b-532c-4024-87a6-4a5dc7c5d81e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--8c3c57f7-a4c2-4b79-ba0b-7bb5427d0c03", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--2097f48b-532c-4024-87a6-4a5dc7c5d81e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.219704Z", + "modified": "2024-08-23T00:18:25.219704Z", + "name": "CVE-2022-48922", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nriscv: fix oops caused by irqsoff latency tracer\n\nThe trace_hardirqs_{on,off}() require the caller to setup frame pointer\nproperly. This because these two functions use macro 'CALLER_ADDR1' (aka.\n__builtin_return_address(1)) to acquire caller info. If the $fp is used\nfor other purpose, the code generated this macro (as below) could trigger\nmemory access fault.\n\n 0xffffffff8011510e <+80>: ld a1,-16(s0)\n 0xffffffff80115112 <+84>: ld s2,-8(a1) # <-- paging fault here\n\nThe oops message during booting if compiled with 'irqoff' tracer enabled:\n[ 0.039615][ T0] Unable to handle kernel NULL pointer dereference at virtual address 00000000000000f8\n[ 0.041925][ T0] Oops [#1]\n[ 0.042063][ T0] Modules linked in:\n[ 0.042864][ T0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.17.0-rc1-00233-g9a20c48d1ed2 #29\n[ 0.043568][ T0] Hardware name: riscv-virtio,qemu (DT)\n[ 0.044343][ T0] epc : trace_hardirqs_on+0x56/0xe2\n[ 0.044601][ T0] ra : restore_all+0x12/0x6e\n[ 0.044721][ T0] epc : ffffffff80126a5c ra : ffffffff80003b94 sp : ffffffff81403db0\n[ 0.044801][ T0] gp : ffffffff8163acd8 tp : ffffffff81414880 t0 : 0000000000000020\n[ 0.044882][ T0] t1 : 0098968000000000 t2 : 0000000000000000 s0 : ffffffff81403de0\n[ 0.044967][ T0] s1 : 0000000000000000 a0 : 0000000000000001 a1 : 0000000000000100\n[ 0.045046][ T0] a2 : 0000000000000000 a3 : 0000000000000000 a4 : 0000000000000000\n[ 0.045124][ T0] a5 : 0000000000000000 a6 : 0000000000000000 a7 : 0000000054494d45\n[ 0.045210][ T0] s2 : ffffffff80003b94 s3 : ffffffff81a8f1b0 s4 : ffffffff80e27b50\n[ 0.045289][ T0] s5 : ffffffff81414880 s6 : ffffffff8160fa00 s7 : 00000000800120e8\n[ 0.045389][ T0] s8 : 0000000080013100 s9 : 000000000000007f s10: 0000000000000000\n[ 0.045474][ T0] s11: 0000000000000000 t3 : 7fffffffffffffff t4 : 0000000000000000\n[ 0.045548][ T0] t5 : 0000000000000000 t6 : ffffffff814aa368\n[ 0.045620][ T0] status: 0000000200000100 badaddr: 00000000000000f8 cause: 000000000000000d\n[ 0.046402][ T0] [] restore_all+0x12/0x6e\n\nThis because the $fp(aka. $s0) register is not used as frame pointer in the\nassembly entry code.\n\n\tresume_kernel:\n\t\tREG_L s0, TASK_TI_PREEMPT_COUNT(tp)\n\t\tbnez s0, restore_all\n\t\tREG_L s0, TASK_TI_FLAGS(tp)\n andi s0, s0, _TIF_NEED_RESCHED\n beqz s0, restore_all\n call preempt_schedule_irq\n j restore_all\n\nTo fix above issue, here we add one extra level wrapper for function\ntrace_hardirqs_{on,off}() so they can be safely called by low level entry\ncode.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48922" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--27729b34-5223-4206-8ca0-8a4dd9b59ecc.json b/objects/vulnerability/vulnerability--27729b34-5223-4206-8ca0-8a4dd9b59ecc.json new file mode 100644 index 00000000000..ba4ca7c144f --- /dev/null +++ b/objects/vulnerability/vulnerability--27729b34-5223-4206-8ca0-8a4dd9b59ecc.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--826a69bb-5698-45de-971a-e9927748fd68", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--27729b34-5223-4206-8ca0-8a4dd9b59ecc", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.209193Z", + "modified": "2024-08-23T00:18:25.209193Z", + "name": "CVE-2022-48938", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nCDC-NCM: avoid overflow in sanity checking\n\nA broken device may give an extreme offset like 0xFFF0\nand a reasonable length for a fragment. In the sanity\ncheck as formulated now, this will create an integer\noverflow, defeating the sanity check. Both offset\nand offset + len need to be checked in such a manner\nthat no overflow can occur.\nAnd those quantities should be unsigned.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48938" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--278e8531-8c26-45a0-a437-8c97a00d59f1.json b/objects/vulnerability/vulnerability--278e8531-8c26-45a0-a437-8c97a00d59f1.json new file mode 100644 index 00000000000..0e0eb0836a3 --- /dev/null +++ b/objects/vulnerability/vulnerability--278e8531-8c26-45a0-a437-8c97a00d59f1.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--5b92e3fc-01c8-4117-8afc-a5fbc0d10e94", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--278e8531-8c26-45a0-a437-8c97a00d59f1", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.184419Z", + "modified": "2024-08-23T00:18:25.184419Z", + "name": "CVE-2022-48904", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/amd: Fix I/O page table memory leak\n\nThe current logic updates the I/O page table mode for the domain\nbefore calling the logic to free memory used for the page table.\nThis results in IOMMU page table memory leak, and can be observed\nwhen launching VM w/ pass-through devices.\n\nFix by freeing the memory used for page table before updating the mode.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48904" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--281032dd-fd68-4e69-a6b4-715eaf2930fc.json b/objects/vulnerability/vulnerability--281032dd-fd68-4e69-a6b4-715eaf2930fc.json new file mode 100644 index 00000000000..8995be81ae0 --- /dev/null +++ b/objects/vulnerability/vulnerability--281032dd-fd68-4e69-a6b4-715eaf2930fc.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--1a817233-84df-4ee1-bc50-60b39387c265", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--281032dd-fd68-4e69-a6b4-715eaf2930fc", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.412456Z", + "modified": "2024-08-23T00:18:38.412456Z", + "name": "CVE-2024-39746", + "description": "IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-39746" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--2ac03ed5-cc3b-4e79-a44e-81f064f07380.json b/objects/vulnerability/vulnerability--2ac03ed5-cc3b-4e79-a44e-81f064f07380.json new file mode 100644 index 00000000000..35a0c5e3f95 --- /dev/null +++ b/objects/vulnerability/vulnerability--2ac03ed5-cc3b-4e79-a44e-81f064f07380.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f85b249a-0049-435d-8eaf-d072d3ea8e3d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--2ac03ed5-cc3b-4e79-a44e-81f064f07380", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.267842Z", + "modified": "2024-08-23T00:18:38.267842Z", + "name": "CVE-2024-7836", + "description": "The Themify Builder plugin for WordPress is vulnerable to unauthorized post duplication due to missing checks on the duplicate_page_ajaxify function in all versions up to, and including, 7.6.1. This makes it possible for authenticated attackers, with Contributor-level access and above, to duplicate and view private or draft posts created by other users that otherwise shouldn't be accessible to them.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-7836" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--2ed10d2c-9280-407b-a500-61950e497a3c.json b/objects/vulnerability/vulnerability--2ed10d2c-9280-407b-a500-61950e497a3c.json new file mode 100644 index 00000000000..bd6779423aa --- /dev/null +++ b/objects/vulnerability/vulnerability--2ed10d2c-9280-407b-a500-61950e497a3c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--10e115d9-56d7-4a87-b80c-c694d4eae27a", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--2ed10d2c-9280-407b-a500-61950e497a3c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:41.465496Z", + "modified": "2024-08-23T00:18:41.465496Z", + "name": "CVE-2023-6452", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Web Security (Transaction Viewer) allows Stored XSS.\n\n\n\n\n\nThe\n Forcepoint Web Security portal allows administrators to generate \ndetailed reports on user requests made through the Web proxy. It has \nbeen determined that the \"user agent\" field in the Transaction Viewer is\n vulnerable to a persistent Cross-Site Scripting (XSS) vulnerability, \nwhich can be exploited by any user who can route traffic through the \nForcepoint Web proxy.\n\nThis \nvulnerability enables unauthorized attackers to execute JavaScript \nwithin the browser context of a Forcepoint administrator, thereby \nallowing them to perform actions on the administrator's behalf. Such a \nbreach could lead to unauthorized access or modifications, posing a \nsignificant security risk.\n\n\n\n\n\n\nThis issue affects Web Security: before 8.5.6.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-6452" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--2f60afe3-4d9d-472b-b01a-9df40f2b965b.json b/objects/vulnerability/vulnerability--2f60afe3-4d9d-472b-b01a-9df40f2b965b.json new file mode 100644 index 00000000000..427ffad0947 --- /dev/null +++ b/objects/vulnerability/vulnerability--2f60afe3-4d9d-472b-b01a-9df40f2b965b.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--bd9cab68-37a7-4383-aff8-e1399678d486", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--2f60afe3-4d9d-472b-b01a-9df40f2b965b", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:37.85215Z", + "modified": "2024-08-23T00:18:37.85215Z", + "name": "CVE-2024-42490", + "description": "authentik is an open-source Identity Provider. Several API endpoints can be accessed by users without correct authentication/authorization. The main API endpoints affected by this are /api/v3/crypto/certificatekeypairs//view_certificate/, /api/v3/crypto/certificatekeypairs//view_private_key/, and /api/v3/.../used_by/. Note that all of the affected API endpoints require the knowledge of the ID of an object, which especially for certificates is not accessible to an unprivileged user. Additionally the IDs for most objects are UUIDv4, meaning they are not easily guessable/enumerable. authentik 2024.4.4, 2024.6.4 and 2024.8.0 fix this issue.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-42490" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--2fd26090-8337-453a-b7e7-dc23b2fc153c.json b/objects/vulnerability/vulnerability--2fd26090-8337-453a-b7e7-dc23b2fc153c.json new file mode 100644 index 00000000000..29f2c81272b --- /dev/null +++ b/objects/vulnerability/vulnerability--2fd26090-8337-453a-b7e7-dc23b2fc153c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f1bf3efd-c24b-452a-9b73-0032d0eff37e", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--2fd26090-8337-453a-b7e7-dc23b2fc153c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.228328Z", + "modified": "2024-08-23T00:18:25.228328Z", + "name": "CVE-2022-48918", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\niwlwifi: mvm: check debugfs_dir ptr before use\n\nWhen \"debugfs=off\" is used on the kernel command line, iwiwifi's\nmvm module uses an invalid/unchecked debugfs_dir pointer and causes\na BUG:\n\n BUG: kernel NULL pointer dereference, address: 000000000000004f\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] PREEMPT SMP\n CPU: 1 PID: 503 Comm: modprobe Tainted: G W 5.17.0-rc5 #7\n Hardware name: Dell Inc. Inspiron 15 5510/076F7Y, BIOS 2.4.1 11/05/2021\n RIP: 0010:iwl_mvm_dbgfs_register+0x692/0x700 [iwlmvm]\n Code: 69 a0 be 80 01 00 00 48 c7 c7 50 73 6a a0 e8 95 cf ee e0 48 8b 83 b0 1e 00 00 48 c7 c2 54 73 6a a0 be 64 00 00 00 48 8d 7d 8c <48> 8b 48 50 e8 15 22 07 e1 48 8b 43 28 48 8d 55 8c 48 c7 c7 5f 73\n RSP: 0018:ffffc90000a0ba68 EFLAGS: 00010246\n RAX: ffffffffffffffff RBX: ffff88817d6e3328 RCX: ffff88817d6e3328\n RDX: ffffffffa06a7354 RSI: 0000000000000064 RDI: ffffc90000a0ba6c\n RBP: ffffc90000a0bae0 R08: ffffffff824e4880 R09: ffffffffa069d620\n R10: ffffc90000a0ba00 R11: ffffffffffffffff R12: 0000000000000000\n R13: ffffc90000a0bb28 R14: ffff88817d6e3328 R15: ffff88817d6e3320\n FS: 00007f64dd92d740(0000) GS:ffff88847f640000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000000000000004f CR3: 000000016fc79001 CR4: 0000000000770ee0\n PKRU: 55555554\n Call Trace:\n \n ? iwl_mvm_mac_setup_register+0xbdc/0xda0 [iwlmvm]\n iwl_mvm_start_post_nvm+0x71/0x100 [iwlmvm]\n iwl_op_mode_mvm_start+0xab8/0xb30 [iwlmvm]\n _iwl_op_mode_start+0x6f/0xd0 [iwlwifi]\n iwl_opmode_register+0x6a/0xe0 [iwlwifi]\n ? 0xffffffffa0231000\n iwl_mvm_init+0x35/0x1000 [iwlmvm]\n ? 0xffffffffa0231000\n do_one_initcall+0x5a/0x1b0\n ? kmem_cache_alloc+0x1e5/0x2f0\n ? do_init_module+0x1e/0x220\n do_init_module+0x48/0x220\n load_module+0x2602/0x2bc0\n ? __kernel_read+0x145/0x2e0\n ? kernel_read_file+0x229/0x290\n __do_sys_finit_module+0xc5/0x130\n ? __do_sys_finit_module+0xc5/0x130\n __x64_sys_finit_module+0x13/0x20\n do_syscall_64+0x38/0x90\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n RIP: 0033:0x7f64dda564dd\n Code: 5b 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 1b 29 0f 00 f7 d8 64 89 01 48\n RSP: 002b:00007ffdba393f88 EFLAGS: 00000246 ORIG_RAX: 0000000000000139\n RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f64dda564dd\n RDX: 0000000000000000 RSI: 00005575399e2ab2 RDI: 0000000000000001\n RBP: 000055753a91c5e0 R08: 0000000000000000 R09: 0000000000000002\n R10: 0000000000000001 R11: 0000000000000246 R12: 00005575399e2ab2\n R13: 000055753a91ceb0 R14: 0000000000000000 R15: 000055753a923018\n \n Modules linked in: btintel(+) btmtk bluetooth vfat snd_hda_codec_hdmi fat snd_hda_codec_realtek snd_hda_codec_generic iwlmvm(+) snd_sof_pci_intel_tgl mac80211 snd_sof_intel_hda_common soundwire_intel soundwire_generic_allocation soundwire_cadence soundwire_bus snd_sof_intel_hda snd_sof_pci snd_sof snd_sof_xtensa_dsp snd_soc_hdac_hda snd_hda_ext_core snd_soc_acpi_intel_match snd_soc_acpi snd_soc_core btrfs snd_compress snd_hda_intel snd_intel_dspcfg snd_intel_sdw_acpi snd_hda_codec raid6_pq iwlwifi snd_hda_core snd_pcm snd_timer snd soundcore cfg80211 intel_ish_ipc(+) thunderbolt rfkill intel_ishtp ucsi_acpi wmi i2c_hid_acpi i2c_hid evdev\n CR2: 000000000000004f\n ---[ end trace 0000000000000000 ]---\n\nCheck the debugfs_dir pointer for an error before using it.\n\n[change to make both conditional]", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48918" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--32874e27-9c87-4529-abac-4e39078f382c.json b/objects/vulnerability/vulnerability--32874e27-9c87-4529-abac-4e39078f382c.json new file mode 100644 index 00000000000..0b584186a2d --- /dev/null +++ b/objects/vulnerability/vulnerability--32874e27-9c87-4529-abac-4e39078f382c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--eb1c0787-0674-4071-8c76-6b2ddf7cfde0", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--32874e27-9c87-4529-abac-4e39078f382c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.250427Z", + "modified": "2024-08-23T00:18:25.250427Z", + "name": "CVE-2022-48929", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix crash due to out of bounds access into reg2btf_ids.\n\nWhen commit e6ac2450d6de (\"bpf: Support bpf program calling kernel function\") added\nkfunc support, it defined reg2btf_ids as a cheap way to translate the verifier\nreg type to the appropriate btf_vmlinux BTF ID, however\ncommit c25b2ae13603 (\"bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL\")\nmoved the __BPF_REG_TYPE_MAX from the last member of bpf_reg_type enum to after\nthe base register types, and defined other variants using type flag\ncomposition. However, now, the direct usage of reg->type to index into\nreg2btf_ids may no longer fall into __BPF_REG_TYPE_MAX range, and hence lead to\nout of bounds access and kernel crash on dereference of bad pointer.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48929" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--346dc62d-5db4-47e2-a624-995bc9b9dda1.json b/objects/vulnerability/vulnerability--346dc62d-5db4-47e2-a624-995bc9b9dda1.json new file mode 100644 index 00000000000..327e10cdfae --- /dev/null +++ b/objects/vulnerability/vulnerability--346dc62d-5db4-47e2-a624-995bc9b9dda1.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--261831dc-1e46-4bb0-a684-9b3e355f53af", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--346dc62d-5db4-47e2-a624-995bc9b9dda1", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.24063Z", + "modified": "2024-08-23T00:18:25.24063Z", + "name": "CVE-2022-48934", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac()\n\nida_simple_get() returns an id between min (0) and max (NFP_MAX_MAC_INDEX)\ninclusive.\nSo NFP_MAX_MAC_INDEX (0xff) is a valid id.\n\nIn order for the error handling path to work correctly, the 'invalid'\nvalue for 'ida_idx' should not be in the 0..NFP_MAX_MAC_INDEX range,\ninclusive.\n\nSo set it to -1.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48934" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--374c260d-256c-4f9b-8765-3df5014b767f.json b/objects/vulnerability/vulnerability--374c260d-256c-4f9b-8765-3df5014b767f.json new file mode 100644 index 00000000000..008d379c4ea --- /dev/null +++ b/objects/vulnerability/vulnerability--374c260d-256c-4f9b-8765-3df5014b767f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--7f0f06c2-c19c-44af-b7f1-1101de3204f6", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--374c260d-256c-4f9b-8765-3df5014b767f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.117067Z", + "modified": "2024-08-23T00:18:38.117067Z", + "name": "CVE-2024-36443", + "description": "Swissphone DiCal-RED 4009 devices allow a remote attacker to gain read access to almost the whole file system via anonymous FTP.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-36443" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--3abf3760-165f-4f94-84a9-dff80a178c1d.json b/objects/vulnerability/vulnerability--3abf3760-165f-4f94-84a9-dff80a178c1d.json new file mode 100644 index 00000000000..241577294d4 --- /dev/null +++ b/objects/vulnerability/vulnerability--3abf3760-165f-4f94-84a9-dff80a178c1d.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--e7d0d20e-ad5c-47aa-b1ee-eeb08cf6d2d3", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--3abf3760-165f-4f94-84a9-dff80a178c1d", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.193734Z", + "modified": "2024-08-23T00:18:25.193734Z", + "name": "CVE-2022-48933", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: fix memory leak during stateful obj update\n\nstateful objects can be updated from the control plane.\nThe transaction logic allocates a temporary object for this purpose.\n\nThe ->init function was called for this object, so plain kfree() leaks\nresources. We must call ->destroy function of the object.\n\nnft_obj_destroy does this, but it also decrements the module refcount,\nbut the update path doesn't increment it.\n\nTo avoid special-casing the update object release, do module_get for\nthe update case too and release it via nft_obj_destroy().", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48933" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--3b6364c8-4407-40a9-8e23-108ca7c20a68.json b/objects/vulnerability/vulnerability--3b6364c8-4407-40a9-8e23-108ca7c20a68.json new file mode 100644 index 00000000000..0a228603b1e --- /dev/null +++ b/objects/vulnerability/vulnerability--3b6364c8-4407-40a9-8e23-108ca7c20a68.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ab45a31f-b09d-4f2f-b51f-31b5ba11c095", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--3b6364c8-4407-40a9-8e23-108ca7c20a68", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.204638Z", + "modified": "2024-08-23T00:18:25.204638Z", + "name": "CVE-2022-48912", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: fix use-after-free in __nf_register_net_hook()\n\nWe must not dereference @new_hooks after nf_hook_mutex has been released,\nbecause other threads might have freed our allocated hooks already.\n\nBUG: KASAN: use-after-free in nf_hook_entries_get_hook_ops include/linux/netfilter.h:130 [inline]\nBUG: KASAN: use-after-free in hooks_validate net/netfilter/core.c:171 [inline]\nBUG: KASAN: use-after-free in __nf_register_net_hook+0x77a/0x820 net/netfilter/core.c:438\nRead of size 2 at addr ffff88801c1a8000 by task syz-executor237/4430\n\nCPU: 1 PID: 4430 Comm: syz-executor237 Not tainted 5.17.0-rc5-syzkaller-00306-g2293be58d6a1 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nCall Trace:\n \n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\n print_address_description.constprop.0.cold+0x8d/0x336 mm/kasan/report.c:255\n __kasan_report mm/kasan/report.c:442 [inline]\n kasan_report.cold+0x83/0xdf mm/kasan/report.c:459\n nf_hook_entries_get_hook_ops include/linux/netfilter.h:130 [inline]\n hooks_validate net/netfilter/core.c:171 [inline]\n __nf_register_net_hook+0x77a/0x820 net/netfilter/core.c:438\n nf_register_net_hook+0x114/0x170 net/netfilter/core.c:571\n nf_register_net_hooks+0x59/0xc0 net/netfilter/core.c:587\n nf_synproxy_ipv6_init+0x85/0xe0 net/netfilter/nf_synproxy_core.c:1218\n synproxy_tg6_check+0x30d/0x560 net/ipv6/netfilter/ip6t_SYNPROXY.c:81\n xt_check_target+0x26c/0x9e0 net/netfilter/x_tables.c:1038\n check_target net/ipv6/netfilter/ip6_tables.c:530 [inline]\n find_check_entry.constprop.0+0x7f1/0x9e0 net/ipv6/netfilter/ip6_tables.c:573\n translate_table+0xc8b/0x1750 net/ipv6/netfilter/ip6_tables.c:735\n do_replace net/ipv6/netfilter/ip6_tables.c:1153 [inline]\n do_ip6t_set_ctl+0x56e/0xb90 net/ipv6/netfilter/ip6_tables.c:1639\n nf_setsockopt+0x83/0xe0 net/netfilter/nf_sockopt.c:101\n ipv6_setsockopt+0x122/0x180 net/ipv6/ipv6_sockglue.c:1024\n rawv6_setsockopt+0xd3/0x6a0 net/ipv6/raw.c:1084\n __sys_setsockopt+0x2db/0x610 net/socket.c:2180\n __do_sys_setsockopt net/socket.c:2191 [inline]\n __se_sys_setsockopt net/socket.c:2188 [inline]\n __x64_sys_setsockopt+0xba/0x150 net/socket.c:2188\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f65a1ace7d9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 71 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f65a1a7f308 EFLAGS: 00000246 ORIG_RAX: 0000000000000036\nRAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f65a1ace7d9\nRDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003\nRBP: 00007f65a1b574c8 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000020000000 R11: 0000000000000246 R12: 00007f65a1b55130\nR13: 00007f65a1b574c0 R14: 00007f65a1b24090 R15: 0000000000022000\n \n\nThe buggy address belongs to the page:\npage:ffffea0000706a00 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1c1a8\nflags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)\nraw: 00fff00000000000 ffffea0001c1b108 ffffea000046dd08 0000000000000000\nraw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\npage_owner tracks the page as freed\npage last allocated via order 2, migratetype Unmovable, gfp_mask 0x52dc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_ZERO), pid 4430, ts 1061781545818, free_ts 1061791488993\n prep_new_page mm/page_alloc.c:2434 [inline]\n get_page_from_freelist+0xa72/0x2f50 mm/page_alloc.c:4165\n __alloc_pages+0x1b2/0x500 mm/page_alloc.c:5389\n __alloc_pages_node include/linux/gfp.h:572 [inline]\n alloc_pages_node include/linux/gfp.h:595 [inline]\n kmalloc_large_node+0x62/0x130 mm/slub.c:4438\n __kmalloc_node+0x35a/0x4a0 mm/slub.\n---truncated---", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48912" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--3c6302f3-282a-4cc1-a55d-e53f0bb3f556.json b/objects/vulnerability/vulnerability--3c6302f3-282a-4cc1-a55d-e53f0bb3f556.json new file mode 100644 index 00000000000..2000770ea33 --- /dev/null +++ b/objects/vulnerability/vulnerability--3c6302f3-282a-4cc1-a55d-e53f0bb3f556.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--1dae5271-c89d-4a58-81e5-184816167bde", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--3c6302f3-282a-4cc1-a55d-e53f0bb3f556", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.381649Z", + "modified": "2024-08-23T00:18:38.381649Z", + "name": "CVE-2024-39576", + "description": "Dell Power Manager (DPM), versions 3.15.0 and prior, contains an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution and Elevation of privileges.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-39576" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--3e5b9432-f515-438d-904a-97eb93d2a63a.json b/objects/vulnerability/vulnerability--3e5b9432-f515-438d-904a-97eb93d2a63a.json new file mode 100644 index 00000000000..c820365f4ad --- /dev/null +++ b/objects/vulnerability/vulnerability--3e5b9432-f515-438d-904a-97eb93d2a63a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--cfdd36c1-3354-4ab7-93b1-30b9b04bbe1a", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--3e5b9432-f515-438d-904a-97eb93d2a63a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:39.037902Z", + "modified": "2024-08-23T00:18:39.037902Z", + "name": "CVE-2024-3127", + "description": "An issue has been discovered in GitLab EE affecting all versions starting from 12.5 before 17.1.6, all versions starting from 17.2 before 17.2.4, all versions starting from 17.3 before 17.3.1. Under certain conditions it may be possible to bypass the IP restriction for groups through GraphQL allowing unauthorised users to perform some actions at the group level.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-3127" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--44592313-df01-4a2a-b0b2-11cf26c60575.json b/objects/vulnerability/vulnerability--44592313-df01-4a2a-b0b2-11cf26c60575.json new file mode 100644 index 00000000000..f1de12bab47 --- /dev/null +++ b/objects/vulnerability/vulnerability--44592313-df01-4a2a-b0b2-11cf26c60575.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--1fa3e53e-e04b-40da-80de-ee8d0296998e", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--44592313-df01-4a2a-b0b2-11cf26c60575", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.417711Z", + "modified": "2024-08-23T00:18:38.417711Z", + "name": "CVE-2024-39717", + "description": "The Versa Director GUI provides an option to customize the look and feel of the user interface. This option is only available for a user logged with Provider-Data-Center-Admin or Provider-Data-Center-System-Admin. (Tenant level users do not have this privilege). The “Change Favicon” (Favorite Icon) option can be mis-used to upload a malicious file ending with .png extension to masquerade as image file. This is possible only after a user with Provider-Data-Center-Admin or Provider-Data-Center-System-Admin has successfully authenticated and logged in. \r\n\r\nSeverity: HIGH\r\n \r\nExploitation Status:\r\n\r\nVersa Networks is aware of one confirmed customer reported instance where this vulnerability was exploited because the Firewall guidelines which were published in 2015 & 2017 were not implemented by that customer. This non-implementation resulted in the bad actor being able to exploit this vulnerability without using the GUI. In our testing (not exhaustive, as not all numerical versions of major browsers were tested) the malicious file does not get executed on the client. There are reports of others based on backbone telemetry observations of a 3rd party provider, however these are unconfirmed to date.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-39717" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--46154e26-b7ca-4875-95ae-a2fd2e5b4252.json b/objects/vulnerability/vulnerability--46154e26-b7ca-4875-95ae-a2fd2e5b4252.json new file mode 100644 index 00000000000..caf07970310 --- /dev/null +++ b/objects/vulnerability/vulnerability--46154e26-b7ca-4875-95ae-a2fd2e5b4252.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b87fe2bf-61bc-4678-a64f-722c57f33afb", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--46154e26-b7ca-4875-95ae-a2fd2e5b4252", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.181293Z", + "modified": "2024-08-23T00:18:25.181293Z", + "name": "CVE-2022-48926", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: rndis: add spinlock for rndis response list\n\nThere's no lock for rndis response list. It could cause list corruption\nif there're two different list_add at the same time like below.\nIt's better to add in rndis_add_response / rndis_free_response\n/ rndis_get_next_response to prevent any race condition on response list.\n\n[ 361.894299] [1: irq/191-dwc3:16979] list_add corruption.\nnext->prev should be prev (ffffff80651764d0),\nbut was ffffff883dc36f80. (next=ffffff80651764d0).\n\n[ 361.904380] [1: irq/191-dwc3:16979] Call trace:\n[ 361.904391] [1: irq/191-dwc3:16979] __list_add_valid+0x74/0x90\n[ 361.904401] [1: irq/191-dwc3:16979] rndis_msg_parser+0x168/0x8c0\n[ 361.904409] [1: irq/191-dwc3:16979] rndis_command_complete+0x24/0x84\n[ 361.904417] [1: irq/191-dwc3:16979] usb_gadget_giveback_request+0x20/0xe4\n[ 361.904426] [1: irq/191-dwc3:16979] dwc3_gadget_giveback+0x44/0x60\n[ 361.904434] [1: irq/191-dwc3:16979] dwc3_ep0_complete_data+0x1e8/0x3a0\n[ 361.904442] [1: irq/191-dwc3:16979] dwc3_ep0_interrupt+0x29c/0x3dc\n[ 361.904450] [1: irq/191-dwc3:16979] dwc3_process_event_entry+0x78/0x6cc\n[ 361.904457] [1: irq/191-dwc3:16979] dwc3_process_event_buf+0xa0/0x1ec\n[ 361.904465] [1: irq/191-dwc3:16979] dwc3_thread_interrupt+0x34/0x5c", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48926" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--46be382d-a438-47e8-ad48-5d785d687af8.json b/objects/vulnerability/vulnerability--46be382d-a438-47e8-ad48-5d785d687af8.json new file mode 100644 index 00000000000..537cec94e61 --- /dev/null +++ b/objects/vulnerability/vulnerability--46be382d-a438-47e8-ad48-5d785d687af8.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f7e75bbc-ae06-4949-8911-a3f7206cc54f", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--46be382d-a438-47e8-ad48-5d785d687af8", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.130577Z", + "modified": "2024-08-23T00:18:38.130577Z", + "name": "CVE-2024-36442", + "description": "cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an authenticated attacker to gain access to arbitrary files on the device's file system.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-36442" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--4811e357-634a-4f36-a655-1805c1423fd4.json b/objects/vulnerability/vulnerability--4811e357-634a-4f36-a655-1805c1423fd4.json new file mode 100644 index 00000000000..7a9a09f11a2 --- /dev/null +++ b/objects/vulnerability/vulnerability--4811e357-634a-4f36-a655-1805c1423fd4.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--976b4159-f5b1-47cc-95e1-9878fad4c4a6", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--4811e357-634a-4f36-a655-1805c1423fd4", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:39.067772Z", + "modified": "2024-08-23T00:18:39.067772Z", + "name": "CVE-2024-45193", + "description": "** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in Matrix libolm (aka Olm) through 3.2.16. There is Ed25519 signature malleability due to lack of validation criteria (does not ensure that S < n). NOTE: This vulnerability only affects products that are no longer supported by the maintainer.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-45193" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--4a8cb57d-7842-43de-bab5-55afa4f838aa.json b/objects/vulnerability/vulnerability--4a8cb57d-7842-43de-bab5-55afa4f838aa.json new file mode 100644 index 00000000000..9679384665e --- /dev/null +++ b/objects/vulnerability/vulnerability--4a8cb57d-7842-43de-bab5-55afa4f838aa.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--2b36fdb5-f698-4a8d-915b-bea2a860a826", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--4a8cb57d-7842-43de-bab5-55afa4f838aa", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.202259Z", + "modified": "2024-08-23T00:18:25.202259Z", + "name": "CVE-2022-48920", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: get rid of warning on transaction commit when using flushoncommit\n\nWhen using the flushoncommit mount option, during almost every transaction\ncommit we trigger a warning from __writeback_inodes_sb_nr():\n\n $ cat fs/fs-writeback.c:\n (...)\n static void __writeback_inodes_sb_nr(struct super_block *sb, ...\n {\n (...)\n WARN_ON(!rwsem_is_locked(&sb->s_umount));\n (...)\n }\n (...)\n\nThe trace produced in dmesg looks like the following:\n\n [947.473890] WARNING: CPU: 5 PID: 930 at fs/fs-writeback.c:2610 __writeback_inodes_sb_nr+0x7e/0xb3\n [947.481623] Modules linked in: nfsd nls_cp437 cifs asn1_decoder cifs_arc4 fscache cifs_md4 ipmi_ssif\n [947.489571] CPU: 5 PID: 930 Comm: btrfs-transacti Not tainted 95.16.3-srb-asrock-00001-g36437ad63879 #186\n [947.497969] RIP: 0010:__writeback_inodes_sb_nr+0x7e/0xb3\n [947.502097] Code: 24 10 4c 89 44 24 18 c6 (...)\n [947.519760] RSP: 0018:ffffc90000777e10 EFLAGS: 00010246\n [947.523818] RAX: 0000000000000000 RBX: 0000000000963300 RCX: 0000000000000000\n [947.529765] RDX: 0000000000000000 RSI: 000000000000fa51 RDI: ffffc90000777e50\n [947.535740] RBP: ffff888101628a90 R08: ffff888100955800 R09: ffff888100956000\n [947.541701] R10: 0000000000000002 R11: 0000000000000001 R12: ffff888100963488\n [947.547645] R13: ffff888100963000 R14: ffff888112fb7200 R15: ffff888100963460\n [947.553621] FS: 0000000000000000(0000) GS:ffff88841fd40000(0000) knlGS:0000000000000000\n [947.560537] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [947.565122] CR2: 0000000008be50c4 CR3: 000000000220c000 CR4: 00000000001006e0\n [947.571072] Call Trace:\n [947.572354] \n [947.573266] btrfs_commit_transaction+0x1f1/0x998\n [947.576785] ? start_transaction+0x3ab/0x44e\n [947.579867] ? schedule_timeout+0x8a/0xdd\n [947.582716] transaction_kthread+0xe9/0x156\n [947.585721] ? btrfs_cleanup_transaction.isra.0+0x407/0x407\n [947.590104] kthread+0x131/0x139\n [947.592168] ? set_kthread_struct+0x32/0x32\n [947.595174] ret_from_fork+0x22/0x30\n [947.597561] \n [947.598553] ---[ end trace 644721052755541c ]---\n\nThis is because we started using writeback_inodes_sb() to flush delalloc\nwhen committing a transaction (when using -o flushoncommit), in order to\navoid deadlocks with filesystem freeze operations. This change was made\nby commit ce8ea7cc6eb313 (\"btrfs: don't call btrfs_start_delalloc_roots\nin flushoncommit\"). After that change we started producing that warning,\nand every now and then a user reports this since the warning happens too\noften, it spams dmesg/syslog, and a user is unsure if this reflects any\nproblem that might compromise the filesystem's reliability.\n\nWe can not just lock the sb->s_umount semaphore before calling\nwriteback_inodes_sb(), because that would at least deadlock with\nfilesystem freezing, since at fs/super.c:freeze_super() sync_filesystem()\nis called while we are holding that semaphore in write mode, and that can\ntrigger a transaction commit, resulting in a deadlock. It would also\ntrigger the same type of deadlock in the unmount path. Possibly, it could\nalso introduce some other locking dependencies that lockdep would report.\n\nTo fix this call try_to_writeback_inodes_sb() instead of\nwriteback_inodes_sb(), because that will try to read lock sb->s_umount\nand then will only call writeback_inodes_sb() if it was able to lock it.\nThis is fine because the cases where it can't read lock sb->s_umount\nare during a filesystem unmount or during a filesystem freeze - in those\ncases sb->s_umount is write locked and sync_filesystem() is called, which\ncalls writeback_inodes_sb(). In other words, in all cases where we can't\ntake a read lock on sb->s_umount, writeback is already being triggered\nelsewhere.\n\nAn alternative would be to call btrfs_start_delalloc_roots() with a\nnumber of pages different from LONG_MAX, for example matching the number\nof delalloc bytes we currently have, in \n---truncated---", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48920" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--4f0f9b3d-34dd-44d0-9204-ff75e883efed.json b/objects/vulnerability/vulnerability--4f0f9b3d-34dd-44d0-9204-ff75e883efed.json new file mode 100644 index 00000000000..61c06035c2e --- /dev/null +++ b/objects/vulnerability/vulnerability--4f0f9b3d-34dd-44d0-9204-ff75e883efed.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d7f25e55-942a-4189-a095-a55a274f8912", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--4f0f9b3d-34dd-44d0-9204-ff75e883efed", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.403628Z", + "modified": "2024-08-23T00:18:38.403628Z", + "name": "CVE-2024-39776", + "description": "Avtec Outpost stores sensitive information in an insecure location without proper access controls in place.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-39776" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--5210b489-856b-4734-9db4-5c8204c648c2.json b/objects/vulnerability/vulnerability--5210b489-856b-4734-9db4-5c8204c648c2.json new file mode 100644 index 00000000000..31b3f67ec9c --- /dev/null +++ b/objects/vulnerability/vulnerability--5210b489-856b-4734-9db4-5c8204c648c2.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--459f6459-5e19-4e89-b745-ae231a2e6eba", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--5210b489-856b-4734-9db4-5c8204c648c2", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.302727Z", + "modified": "2024-08-23T00:18:38.302727Z", + "name": "CVE-2024-7384", + "description": "The AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the acym_extractArchive function in all versions up to, and including, 9.7.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-7384" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--52eda593-9c76-4a87-8e30-48b08dd21d78.json b/objects/vulnerability/vulnerability--52eda593-9c76-4a87-8e30-48b08dd21d78.json new file mode 100644 index 00000000000..fdac6e6c0f4 --- /dev/null +++ b/objects/vulnerability/vulnerability--52eda593-9c76-4a87-8e30-48b08dd21d78.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--7ed3242d-73be-4fc0-bc9d-20f4d590b47d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--52eda593-9c76-4a87-8e30-48b08dd21d78", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.161253Z", + "modified": "2024-08-23T00:18:25.161253Z", + "name": "CVE-2022-48919", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix double free race when mount fails in cifs_get_root()\n\nWhen cifs_get_root() fails during cifs_smb3_do_mount() we call\ndeactivate_locked_super() which eventually will call delayed_free() which\nwill free the context.\nIn this situation we should not proceed to enter the out: section in\ncifs_smb3_do_mount() and free the same resources a second time.\n\n[Thu Feb 10 12:59:06 2022] BUG: KASAN: use-after-free in rcu_cblist_dequeue+0x32/0x60\n[Thu Feb 10 12:59:06 2022] Read of size 8 at addr ffff888364f4d110 by task swapper/1/0\n\n[Thu Feb 10 12:59:06 2022] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G OE 5.17.0-rc3+ #4\n[Thu Feb 10 12:59:06 2022] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.0 12/17/2019\n[Thu Feb 10 12:59:06 2022] Call Trace:\n[Thu Feb 10 12:59:06 2022] \n[Thu Feb 10 12:59:06 2022] dump_stack_lvl+0x5d/0x78\n[Thu Feb 10 12:59:06 2022] print_address_description.constprop.0+0x24/0x150\n[Thu Feb 10 12:59:06 2022] ? rcu_cblist_dequeue+0x32/0x60\n[Thu Feb 10 12:59:06 2022] kasan_report.cold+0x7d/0x117\n[Thu Feb 10 12:59:06 2022] ? rcu_cblist_dequeue+0x32/0x60\n[Thu Feb 10 12:59:06 2022] __asan_load8+0x86/0xa0\n[Thu Feb 10 12:59:06 2022] rcu_cblist_dequeue+0x32/0x60\n[Thu Feb 10 12:59:06 2022] rcu_core+0x547/0xca0\n[Thu Feb 10 12:59:06 2022] ? call_rcu+0x3c0/0x3c0\n[Thu Feb 10 12:59:06 2022] ? __this_cpu_preempt_check+0x13/0x20\n[Thu Feb 10 12:59:06 2022] ? lock_is_held_type+0xea/0x140\n[Thu Feb 10 12:59:06 2022] rcu_core_si+0xe/0x10\n[Thu Feb 10 12:59:06 2022] __do_softirq+0x1d4/0x67b\n[Thu Feb 10 12:59:06 2022] __irq_exit_rcu+0x100/0x150\n[Thu Feb 10 12:59:06 2022] irq_exit_rcu+0xe/0x30\n[Thu Feb 10 12:59:06 2022] sysvec_hyperv_stimer0+0x9d/0xc0\n...\n[Thu Feb 10 12:59:07 2022] Freed by task 58179:\n[Thu Feb 10 12:59:07 2022] kasan_save_stack+0x26/0x50\n[Thu Feb 10 12:59:07 2022] kasan_set_track+0x25/0x30\n[Thu Feb 10 12:59:07 2022] kasan_set_free_info+0x24/0x40\n[Thu Feb 10 12:59:07 2022] ____kasan_slab_free+0x137/0x170\n[Thu Feb 10 12:59:07 2022] __kasan_slab_free+0x12/0x20\n[Thu Feb 10 12:59:07 2022] slab_free_freelist_hook+0xb3/0x1d0\n[Thu Feb 10 12:59:07 2022] kfree+0xcd/0x520\n[Thu Feb 10 12:59:07 2022] cifs_smb3_do_mount+0x149/0xbe0 [cifs]\n[Thu Feb 10 12:59:07 2022] smb3_get_tree+0x1a0/0x2e0 [cifs]\n[Thu Feb 10 12:59:07 2022] vfs_get_tree+0x52/0x140\n[Thu Feb 10 12:59:07 2022] path_mount+0x635/0x10c0\n[Thu Feb 10 12:59:07 2022] __x64_sys_mount+0x1bf/0x210\n[Thu Feb 10 12:59:07 2022] do_syscall_64+0x5c/0xc0\n[Thu Feb 10 12:59:07 2022] entry_SYSCALL_64_after_hwframe+0x44/0xae\n\n[Thu Feb 10 12:59:07 2022] Last potentially related work creation:\n[Thu Feb 10 12:59:07 2022] kasan_save_stack+0x26/0x50\n[Thu Feb 10 12:59:07 2022] __kasan_record_aux_stack+0xb6/0xc0\n[Thu Feb 10 12:59:07 2022] kasan_record_aux_stack_noalloc+0xb/0x10\n[Thu Feb 10 12:59:07 2022] call_rcu+0x76/0x3c0\n[Thu Feb 10 12:59:07 2022] cifs_umount+0xce/0xe0 [cifs]\n[Thu Feb 10 12:59:07 2022] cifs_kill_sb+0xc8/0xe0 [cifs]\n[Thu Feb 10 12:59:07 2022] deactivate_locked_super+0x5d/0xd0\n[Thu Feb 10 12:59:07 2022] cifs_smb3_do_mount+0xab9/0xbe0 [cifs]\n[Thu Feb 10 12:59:07 2022] smb3_get_tree+0x1a0/0x2e0 [cifs]\n[Thu Feb 10 12:59:07 2022] vfs_get_tree+0x52/0x140\n[Thu Feb 10 12:59:07 2022] path_mount+0x635/0x10c0\n[Thu Feb 10 12:59:07 2022] __x64_sys_mount+0x1bf/0x210\n[Thu Feb 10 12:59:07 2022] do_syscall_64+0x5c/0xc0\n[Thu Feb 10 12:59:07 2022] entry_SYSCALL_64_after_hwframe+0x44/0xae", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48919" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--53006157-d4bc-40f8-987e-6dc2e6ded5aa.json b/objects/vulnerability/vulnerability--53006157-d4bc-40f8-987e-6dc2e6ded5aa.json new file mode 100644 index 00000000000..2b59752ad29 --- /dev/null +++ b/objects/vulnerability/vulnerability--53006157-d4bc-40f8-987e-6dc2e6ded5aa.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--25da6ff0-4dcb-403c-99dc-ec3c8e21dba8", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--53006157-d4bc-40f8-987e-6dc2e6ded5aa", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.189677Z", + "modified": "2024-08-23T00:18:25.189677Z", + "name": "CVE-2022-48921", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/fair: Fix fault in reweight_entity\n\nSyzbot found a GPF in reweight_entity. This has been bisected to\ncommit 4ef0c5c6b5ba (\"kernel/sched: Fix sched_fork() access an invalid\nsched_task_group\")\n\nThere is a race between sched_post_fork() and setpriority(PRIO_PGRP)\nwithin a thread group that causes a null-ptr-deref in\nreweight_entity() in CFS. The scenario is that the main process spawns\nnumber of new threads, which then call setpriority(PRIO_PGRP, 0, -20),\nwait, and exit. For each of the new threads the copy_process() gets\ninvoked, which adds the new task_struct and calls sched_post_fork()\nfor it.\n\nIn the above scenario there is a possibility that\nsetpriority(PRIO_PGRP) and set_one_prio() will be called for a thread\nin the group that is just being created by copy_process(), and for\nwhich the sched_post_fork() has not been executed yet. This will\ntrigger a null pointer dereference in reweight_entity(), as it will\ntry to access the run queue pointer, which hasn't been set.\n\nBefore the mentioned change the cfs_rq pointer for the task has been\nset in sched_fork(), which is called much earlier in copy_process(),\nbefore the new task is added to the thread_group. Now it is done in\nthe sched_post_fork(), which is called after that. To fix the issue\nthe remove the update_load param from the update_load param() function\nand call reweight_task() only if the task flag doesn't have the\nTASK_NEW flag set.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48921" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--5488434d-dff0-4d85-801d-8527f0ef360c.json b/objects/vulnerability/vulnerability--5488434d-dff0-4d85-801d-8527f0ef360c.json new file mode 100644 index 00000000000..904b5c2318d --- /dev/null +++ b/objects/vulnerability/vulnerability--5488434d-dff0-4d85-801d-8527f0ef360c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--bda2e49f-27ff-4707-80fc-272e6f05cbcc", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--5488434d-dff0-4d85-801d-8527f0ef360c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:37.854861Z", + "modified": "2024-08-23T00:18:37.854861Z", + "name": "CVE-2024-42768", + "description": "A Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipara Hotel Management System v1.0 via /admin/delete_room.php.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-42768" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--55aee876-9af3-4222-8622-3e06ca42b536.json b/objects/vulnerability/vulnerability--55aee876-9af3-4222-8622-3e06ca42b536.json new file mode 100644 index 00000000000..33a888d8287 --- /dev/null +++ b/objects/vulnerability/vulnerability--55aee876-9af3-4222-8622-3e06ca42b536.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--cdb4de75-ecd0-4305-a7d2-dbdcbcb8d695", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--55aee876-9af3-4222-8622-3e06ca42b536", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.385645Z", + "modified": "2024-08-23T00:18:38.385645Z", + "name": "CVE-2024-39810", + "description": "Mattermost versions 9.5.x <= 9.5.7 and 9.10.x <= 9.10.0 fail to time limit and size limit the CA path file in the ElasticSearch configuration which allows a System Role with access to the Elasticsearch system console to add any file as a CA path field, such as /dev/zero and, after testing the connection, cause the application to crash.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-39810" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--55b8140d-a7b5-455c-b97c-f1e40b743f33.json b/objects/vulnerability/vulnerability--55b8140d-a7b5-455c-b97c-f1e40b743f33.json new file mode 100644 index 00000000000..fbf192776dc --- /dev/null +++ b/objects/vulnerability/vulnerability--55b8140d-a7b5-455c-b97c-f1e40b743f33.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a1f24ba8-b494-484b-8f07-662ff74f6f2f", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--55b8140d-a7b5-455c-b97c-f1e40b743f33", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.20633Z", + "modified": "2024-08-23T00:18:25.20633Z", + "name": "CVE-2022-48937", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: add a schedule point in io_add_buffers()\n\nLooping ~65535 times doing kmalloc() calls can trigger soft lockups,\nespecially with DEBUG features (like KASAN).\n\n[ 253.536212] watchdog: BUG: soft lockup - CPU#64 stuck for 26s! [b219417889:12575]\n[ 253.544433] Modules linked in: vfat fat i2c_mux_pca954x i2c_mux spidev cdc_acm xhci_pci xhci_hcd sha3_generic gq(O)\n[ 253.544451] CPU: 64 PID: 12575 Comm: b219417889 Tainted: G S O 5.17.0-smp-DEV #801\n[ 253.544457] RIP: 0010:kernel_text_address (./include/asm-generic/sections.h:192 ./include/linux/kallsyms.h:29 kernel/extable.c:67 kernel/extable.c:98)\n[ 253.544464] Code: 0f 93 c0 48 c7 c1 e0 63 d7 a4 48 39 cb 0f 92 c1 20 c1 0f b6 c1 5b 5d c3 90 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 53 48 89 fb <48> c7 c0 00 00 80 a0 41 be 01 00 00 00 48 39 c7 72 0c 48 c7 c0 40\n[ 253.544468] RSP: 0018:ffff8882d8baf4c0 EFLAGS: 00000246\n[ 253.544471] RAX: 1ffff1105b175e00 RBX: ffffffffa13ef09a RCX: 00000000a13ef001\n[ 253.544474] RDX: ffffffffa13ef09a RSI: ffff8882d8baf558 RDI: ffffffffa13ef09a\n[ 253.544476] RBP: ffff8882d8baf4d8 R08: ffff8882d8baf5e0 R09: 0000000000000004\n[ 253.544479] R10: ffff8882d8baf5e8 R11: ffffffffa0d59a50 R12: ffff8882eab20380\n[ 253.544481] R13: ffffffffa0d59a50 R14: dffffc0000000000 R15: 1ffff1105b175eb0\n[ 253.544483] FS: 00000000016d3380(0000) GS:ffff88af48c00000(0000) knlGS:0000000000000000\n[ 253.544486] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 253.544488] CR2: 00000000004af0f0 CR3: 00000002eabfa004 CR4: 00000000003706e0\n[ 253.544491] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 253.544492] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 253.544494] Call Trace:\n[ 253.544496] \n[ 253.544498] ? io_queue_sqe (fs/io_uring.c:7143)\n[ 253.544505] __kernel_text_address (kernel/extable.c:78)\n[ 253.544508] unwind_get_return_address (arch/x86/kernel/unwind_frame.c:19)\n[ 253.544514] arch_stack_walk (arch/x86/kernel/stacktrace.c:27)\n[ 253.544517] ? io_queue_sqe (fs/io_uring.c:7143)\n[ 253.544521] stack_trace_save (kernel/stacktrace.c:123)\n[ 253.544527] ____kasan_kmalloc (mm/kasan/common.c:39 mm/kasan/common.c:45 mm/kasan/common.c:436 mm/kasan/common.c:515)\n[ 253.544531] ? ____kasan_kmalloc (mm/kasan/common.c:39 mm/kasan/common.c:45 mm/kasan/common.c:436 mm/kasan/common.c:515)\n[ 253.544533] ? __kasan_kmalloc (mm/kasan/common.c:524)\n[ 253.544535] ? kmem_cache_alloc_trace (./include/linux/kasan.h:270 mm/slab.c:3567)\n[ 253.544541] ? io_issue_sqe (fs/io_uring.c:4556 fs/io_uring.c:4589 fs/io_uring.c:6828)\n[ 253.544544] ? __io_queue_sqe (fs/io_uring.c:?)\n[ 253.544551] __kasan_kmalloc (mm/kasan/common.c:524)\n[ 253.544553] kmem_cache_alloc_trace (./include/linux/kasan.h:270 mm/slab.c:3567)\n[ 253.544556] ? io_issue_sqe (fs/io_uring.c:4556 fs/io_uring.c:4589 fs/io_uring.c:6828)\n[ 253.544560] io_issue_sqe (fs/io_uring.c:4556 fs/io_uring.c:4589 fs/io_uring.c:6828)\n[ 253.544564] ? __kasan_slab_alloc (mm/kasan/common.c:45 mm/kasan/common.c:436 mm/kasan/common.c:469)\n[ 253.544567] ? __kasan_slab_alloc (mm/kasan/common.c:39 mm/kasan/common.c:45 mm/kasan/common.c:436 mm/kasan/common.c:469)\n[ 253.544569] ? kmem_cache_alloc_bulk (mm/slab.h:732 mm/slab.c:3546)\n[ 253.544573] ? __io_alloc_req_refill (fs/io_uring.c:2078)\n[ 253.544578] ? io_submit_sqes (fs/io_uring.c:7441)\n[ 253.544581] ? __se_sys_io_uring_enter (fs/io_uring.c:10154 fs/io_uring.c:10096)\n[ 253.544584] ? __x64_sys_io_uring_enter (fs/io_uring.c:10096)\n[ 253.544587] ? do_syscall_64 (arch/x86/entry/common.c:50 arch/x86/entry/common.c:80)\n[ 253.544590] ? entry_SYSCALL_64_after_hwframe (??:?)\n[ 253.544596] __io_queue_sqe (fs/io_uring.c:?)\n[ 253.544600] io_queue_sqe (fs/io_uring.c:7143)\n[ 253.544603] io_submit_sqe (fs/io_uring.c:?)\n[ 253.544608] io_submit_sqes (fs/io_uring.c:?)\n[ 253.544612] __se_sys_io_uring_enter (fs/io_uring.c:10154 fs/io_uri\n---truncated---", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48937" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--57c362a7-f7b7-47ae-8242-44d194902454.json b/objects/vulnerability/vulnerability--57c362a7-f7b7-47ae-8242-44d194902454.json new file mode 100644 index 00000000000..9617c00ff1c --- /dev/null +++ b/objects/vulnerability/vulnerability--57c362a7-f7b7-47ae-8242-44d194902454.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ee94b14a-8ea6-43b6-be1b-47b6ec01de1f", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--57c362a7-f7b7-47ae-8242-44d194902454", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.211694Z", + "modified": "2024-08-23T00:18:25.211694Z", + "name": "CVE-2022-48928", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: adc: men_z188_adc: Fix a resource leak in an error handling path\n\nIf iio_device_register() fails, a previous ioremap() is left unbalanced.\n\nUpdate the error handling path and add the missing iounmap() call, as\nalready done in the remove function.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48928" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--58c4ea8b-70ee-46db-ab11-cf4634522c03.json b/objects/vulnerability/vulnerability--58c4ea8b-70ee-46db-ab11-cf4634522c03.json new file mode 100644 index 00000000000..6c80574b588 --- /dev/null +++ b/objects/vulnerability/vulnerability--58c4ea8b-70ee-46db-ab11-cf4634522c03.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--2a26a646-3cf8-4a83-aea9-f2c8c969af10", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--58c4ea8b-70ee-46db-ab11-cf4634522c03", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.259531Z", + "modified": "2024-08-23T00:18:25.259531Z", + "name": "CVE-2022-48906", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: Correctly set DATA_FIN timeout when number of retransmits is large\n\nSyzkaller with UBSAN uncovered a scenario where a large number of\nDATA_FIN retransmits caused a shift-out-of-bounds in the DATA_FIN\ntimeout calculation:\n\n================================================================================\nUBSAN: shift-out-of-bounds in net/mptcp/protocol.c:470:29\nshift exponent 32 is too large for 32-bit type 'unsigned int'\nCPU: 1 PID: 13059 Comm: kworker/1:0 Not tainted 5.17.0-rc2-00630-g5fbf21c90c60 #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014\nWorkqueue: events mptcp_worker\nCall Trace:\n \n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\n ubsan_epilogue+0xb/0x5a lib/ubsan.c:151\n __ubsan_handle_shift_out_of_bounds.cold+0xb2/0x20e lib/ubsan.c:330\n mptcp_set_datafin_timeout net/mptcp/protocol.c:470 [inline]\n __mptcp_retrans.cold+0x72/0x77 net/mptcp/protocol.c:2445\n mptcp_worker+0x58a/0xa70 net/mptcp/protocol.c:2528\n process_one_work+0x9df/0x16d0 kernel/workqueue.c:2307\n worker_thread+0x95/0xe10 kernel/workqueue.c:2454\n kthread+0x2f4/0x3b0 kernel/kthread.c:377\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295\n \n================================================================================\n\nThis change limits the maximum timeout by limiting the size of the\nshift, which keeps all intermediate values in-bounds.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48906" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--59b462b8-c083-4279-976f-08722d268f38.json b/objects/vulnerability/vulnerability--59b462b8-c083-4279-976f-08722d268f38.json new file mode 100644 index 00000000000..c789d18087f --- /dev/null +++ b/objects/vulnerability/vulnerability--59b462b8-c083-4279-976f-08722d268f38.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--9005a42d-2197-4f2a-bdfb-b63ee072e9bf", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--59b462b8-c083-4279-976f-08722d268f38", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:37.768024Z", + "modified": "2024-08-23T00:18:37.768024Z", + "name": "CVE-2024-40884", + "description": "Mattermost versions 9.5.x <= 9.5.7, 9.10.x <= 9.10.0 fail to properly enforce permissions which allows a team admin user without \"Add Team Members\" permission to disable the invite URL.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-40884" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--5a4c2498-0d3c-4870-98bc-5468c6385bbf.json b/objects/vulnerability/vulnerability--5a4c2498-0d3c-4870-98bc-5468c6385bbf.json new file mode 100644 index 00000000000..e59d3c0aa78 --- /dev/null +++ b/objects/vulnerability/vulnerability--5a4c2498-0d3c-4870-98bc-5468c6385bbf.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a4f13670-1e22-445e-8587-9186fd94f12e", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--5a4c2498-0d3c-4870-98bc-5468c6385bbf", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.192673Z", + "modified": "2024-08-23T00:18:25.192673Z", + "name": "CVE-2022-48901", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: do not start relocation until in progress drops are done\n\nWe hit a bug with a recovering relocation on mount for one of our file\nsystems in production. I reproduced this locally by injecting errors\ninto snapshot delete with balance running at the same time. This\npresented as an error while looking up an extent item\n\n WARNING: CPU: 5 PID: 1501 at fs/btrfs/extent-tree.c:866 lookup_inline_extent_backref+0x647/0x680\n CPU: 5 PID: 1501 Comm: btrfs-balance Not tainted 5.16.0-rc8+ #8\n RIP: 0010:lookup_inline_extent_backref+0x647/0x680\n RSP: 0018:ffffae0a023ab960 EFLAGS: 00010202\n RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: 000000000000000c RDI: 0000000000000000\n RBP: ffff943fd2a39b60 R08: 0000000000000000 R09: 0000000000000001\n R10: 0001434088152de0 R11: 0000000000000000 R12: 0000000001d05000\n R13: ffff943fd2a39b60 R14: ffff943fdb96f2a0 R15: ffff9442fc923000\n FS: 0000000000000000(0000) GS:ffff944e9eb40000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f1157b1fca8 CR3: 000000010f092000 CR4: 0000000000350ee0\n Call Trace:\n \n insert_inline_extent_backref+0x46/0xd0\n __btrfs_inc_extent_ref.isra.0+0x5f/0x200\n ? btrfs_merge_delayed_refs+0x164/0x190\n __btrfs_run_delayed_refs+0x561/0xfa0\n ? btrfs_search_slot+0x7b4/0xb30\n ? btrfs_update_root+0x1a9/0x2c0\n btrfs_run_delayed_refs+0x73/0x1f0\n ? btrfs_update_root+0x1a9/0x2c0\n btrfs_commit_transaction+0x50/0xa50\n ? btrfs_update_reloc_root+0x122/0x220\n prepare_to_merge+0x29f/0x320\n relocate_block_group+0x2b8/0x550\n btrfs_relocate_block_group+0x1a6/0x350\n btrfs_relocate_chunk+0x27/0xe0\n btrfs_balance+0x777/0xe60\n balance_kthread+0x35/0x50\n ? btrfs_balance+0xe60/0xe60\n kthread+0x16b/0x190\n ? set_kthread_struct+0x40/0x40\n ret_from_fork+0x22/0x30\n \n\nNormally snapshot deletion and relocation are excluded from running at\nthe same time by the fs_info->cleaner_mutex. However if we had a\npending balance waiting to get the ->cleaner_mutex, and a snapshot\ndeletion was running, and then the box crashed, we would come up in a\nstate where we have a half deleted snapshot.\n\nAgain, in the normal case the snapshot deletion needs to complete before\nrelocation can start, but in this case relocation could very well start\nbefore the snapshot deletion completes, as we simply add the root to the\ndead roots list and wait for the next time the cleaner runs to clean up\nthe snapshot.\n\nFix this by setting a bit on the fs_info if we have any DEAD_ROOT's that\nhad a pending drop_progress key. If they do then we know we were in the\nmiddle of the drop operation and set a flag on the fs_info. Then\nbalance can wait until this flag is cleared to start up again.\n\nIf there are DEAD_ROOT's that don't have a drop_progress set then we're\nsafe to start balance right away as we'll be properly protected by the\ncleaner_mutex.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48901" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--5c90c528-128b-4b3b-b03a-dc221736066c.json b/objects/vulnerability/vulnerability--5c90c528-128b-4b3b-b03a-dc221736066c.json new file mode 100644 index 00000000000..4e2f664598c --- /dev/null +++ b/objects/vulnerability/vulnerability--5c90c528-128b-4b3b-b03a-dc221736066c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--896c7dd4-daf5-4f3f-b242-f7a00481ed72", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--5c90c528-128b-4b3b-b03a-dc221736066c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:37.883623Z", + "modified": "2024-08-23T00:18:37.883623Z", + "name": "CVE-2024-42773", + "description": "An Incorrect Access Control vulnerability was found in /admin/edit_room_controller.php in Kashipara Hotel Management System v1.0, which allows an unauthenticated attacker to edit the valid hotel room entries in the administrator section.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-42773" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--5e76ad4c-0590-4699-9f76-ba4a1ad49b40.json b/objects/vulnerability/vulnerability--5e76ad4c-0590-4699-9f76-ba4a1ad49b40.json new file mode 100644 index 00000000000..66a03cfd54e --- /dev/null +++ b/objects/vulnerability/vulnerability--5e76ad4c-0590-4699-9f76-ba4a1ad49b40.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--7a7ae2b3-86fa-4b40-8439-6d26c9b458ec", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--5e76ad4c-0590-4699-9f76-ba4a1ad49b40", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.563555Z", + "modified": "2024-08-23T00:18:38.563555Z", + "name": "CVE-2024-43780", + "description": "Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.0, 9.8.x <= 9.8.2 fail to enforce permissions which allows a guest user with read access to upload files to a channel.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-43780" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--5f0ff48a-bb2a-4da5-8535-223326f72286.json b/objects/vulnerability/vulnerability--5f0ff48a-bb2a-4da5-8535-223326f72286.json new file mode 100644 index 00000000000..029186883b1 --- /dev/null +++ b/objects/vulnerability/vulnerability--5f0ff48a-bb2a-4da5-8535-223326f72286.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d85fbcb0-b25d-4c5b-9c76-29ab70a547db", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--5f0ff48a-bb2a-4da5-8535-223326f72286", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:37.880939Z", + "modified": "2024-08-23T00:18:37.880939Z", + "name": "CVE-2024-42770", + "description": "A Stored Cross Site Scripting (XSS) vulnerability was found in \"/core/signup_user.php\" of Kashipara Hotel Management System v1.0, which allows remote attackers to execute arbitrary code via the \"user_email\" parameter.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-42770" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--60268af0-16bf-4cdd-9a98-61ba4553fc90.json b/objects/vulnerability/vulnerability--60268af0-16bf-4cdd-9a98-61ba4553fc90.json new file mode 100644 index 00000000000..583c0316297 --- /dev/null +++ b/objects/vulnerability/vulnerability--60268af0-16bf-4cdd-9a98-61ba4553fc90.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--62f8de9e-3a48-41ab-96ca-acd4034abf03", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--60268af0-16bf-4cdd-9a98-61ba4553fc90", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.104433Z", + "modified": "2024-08-23T00:18:38.104433Z", + "name": "CVE-2024-36439", + "description": "Swissphone DiCal-RED 4009 devices allow a remote attacker to gain access to the administrative web interface via the device password's hash value, without knowing the actual device password.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-36439" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--655f887e-d379-4c61-85b3-217504de2ee4.json b/objects/vulnerability/vulnerability--655f887e-d379-4c61-85b3-217504de2ee4.json new file mode 100644 index 00000000000..71f68ad3eed --- /dev/null +++ b/objects/vulnerability/vulnerability--655f887e-d379-4c61-85b3-217504de2ee4.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d8dfed35-d662-4871-b81a-84312e0f5c0f", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--655f887e-d379-4c61-85b3-217504de2ee4", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.983466Z", + "modified": "2024-08-23T00:18:38.983466Z", + "name": "CVE-2024-8078", + "description": "A vulnerability was found in TOTOLINK AC1200 T8 4.1.5cu.862_B20230228. It has been declared as critical. This vulnerability affects the function setTracerouteCfg. The manipulation leads to buffer overflow. The attack can be initiated remotely. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-8078" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--68e080fe-c461-4716-8301-622257d755c6.json b/objects/vulnerability/vulnerability--68e080fe-c461-4716-8301-622257d755c6.json new file mode 100644 index 00000000000..0867e6b6ced --- /dev/null +++ b/objects/vulnerability/vulnerability--68e080fe-c461-4716-8301-622257d755c6.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ceededdd-4785-40b3-b5fe-2ba846de1762", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--68e080fe-c461-4716-8301-622257d755c6", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:37.903393Z", + "modified": "2024-08-23T00:18:37.903393Z", + "name": "CVE-2024-42497", + "description": "Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.x <= 9.10.0, 9.8.x <= 9.8.2 fail to properly enforce permissions which allows a user with systems manager role with read-only access to teams to perform write operations on teams.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-42497" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--691c48d8-9cd1-4386-8b6d-5113730317ba.json b/objects/vulnerability/vulnerability--691c48d8-9cd1-4386-8b6d-5113730317ba.json new file mode 100644 index 00000000000..996c4a501ee --- /dev/null +++ b/objects/vulnerability/vulnerability--691c48d8-9cd1-4386-8b6d-5113730317ba.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--cffbd0ce-e4b8-4ca7-8854-9038ee52d629", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--691c48d8-9cd1-4386-8b6d-5113730317ba", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.731929Z", + "modified": "2024-08-23T00:18:38.731929Z", + "name": "CVE-2024-5583", + "description": "The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the carousel_direction parameter of testimonials widget in all versions up to, and including, 5.6.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-5583" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--6be096e2-f4ff-420c-97f4-857059956588.json b/objects/vulnerability/vulnerability--6be096e2-f4ff-420c-97f4-857059956588.json new file mode 100644 index 00000000000..e72940f9b19 --- /dev/null +++ b/objects/vulnerability/vulnerability--6be096e2-f4ff-420c-97f4-857059956588.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d52a3925-cf4d-4e3b-baff-84a6c9890916", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--6be096e2-f4ff-420c-97f4-857059956588", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.132111Z", + "modified": "2024-08-23T00:18:38.132111Z", + "name": "CVE-2024-36441", + "description": "Swissphone DiCal-RED 4009 devices allow an unauthenticated attacker use a port-2101 TCP connection to gain access to operation messages that are received by the device.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-36441" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--6c28cc64-e841-4806-83d2-6e2f72cda97a.json b/objects/vulnerability/vulnerability--6c28cc64-e841-4806-83d2-6e2f72cda97a.json new file mode 100644 index 00000000000..bc056c50891 --- /dev/null +++ b/objects/vulnerability/vulnerability--6c28cc64-e841-4806-83d2-6e2f72cda97a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c1474c14-21f9-4d34-91e9-e01ce58b4ffe", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--6c28cc64-e841-4806-83d2-6e2f72cda97a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:39.112406Z", + "modified": "2024-08-23T00:18:39.112406Z", + "name": "CVE-2024-6870", + "description": "The Responsive Lightbox & Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via file uploads in all versions up to, and including, 2.4.7 due to insufficient input sanitization and output escaping affecting the rl_upload_image AJAX endpoint. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the 3gp2 file.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-6870" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--6f394d1e-a87e-4b9b-a5e0-ff6b9a22fd78.json b/objects/vulnerability/vulnerability--6f394d1e-a87e-4b9b-a5e0-ff6b9a22fd78.json new file mode 100644 index 00000000000..50fda00e480 --- /dev/null +++ b/objects/vulnerability/vulnerability--6f394d1e-a87e-4b9b-a5e0-ff6b9a22fd78.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--cb361672-d04e-4a51-ae4f-099f167614f1", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--6f394d1e-a87e-4b9b-a5e0-ff6b9a22fd78", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.214512Z", + "modified": "2024-08-23T00:18:25.214512Z", + "name": "CVE-2022-48914", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen/netfront: destroy queues before real_num_tx_queues is zeroed\n\nxennet_destroy_queues() relies on info->netdev->real_num_tx_queues to\ndelete queues. Since d7dac083414eb5bb99a6d2ed53dc2c1b405224e5\n(\"net-sysfs: update the queue counts in the unregistration path\"),\nunregister_netdev() indirectly sets real_num_tx_queues to 0. Those two\nfacts together means, that xennet_destroy_queues() called from\nxennet_remove() cannot do its job, because it's called after\nunregister_netdev(). This results in kfree-ing queues that are still\nlinked in napi, which ultimately crashes:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] PREEMPT SMP PTI\n CPU: 1 PID: 52 Comm: xenwatch Tainted: G W 5.16.10-1.32.fc32.qubes.x86_64+ #226\n RIP: 0010:free_netdev+0xa3/0x1a0\n Code: ff 48 89 df e8 2e e9 00 00 48 8b 43 50 48 8b 08 48 8d b8 a0 fe ff ff 48 8d a9 a0 fe ff ff 49 39 c4 75 26 eb 47 e8 ed c1 66 ff <48> 8b 85 60 01 00 00 48 8d 95 60 01 00 00 48 89 ef 48 2d 60 01 00\n RSP: 0000:ffffc90000bcfd00 EFLAGS: 00010286\n RAX: 0000000000000000 RBX: ffff88800edad000 RCX: 0000000000000000\n RDX: 0000000000000001 RSI: ffffc90000bcfc30 RDI: 00000000ffffffff\n RBP: fffffffffffffea0 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000001 R12: ffff88800edad050\n R13: ffff8880065f8f88 R14: 0000000000000000 R15: ffff8880066c6680\n FS: 0000000000000000(0000) GS:ffff8880f3300000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 00000000e998c006 CR4: 00000000003706e0\n Call Trace:\n \n xennet_remove+0x13d/0x300 [xen_netfront]\n xenbus_dev_remove+0x6d/0xf0\n __device_release_driver+0x17a/0x240\n device_release_driver+0x24/0x30\n bus_remove_device+0xd8/0x140\n device_del+0x18b/0x410\n ? _raw_spin_unlock+0x16/0x30\n ? klist_iter_exit+0x14/0x20\n ? xenbus_dev_request_and_reply+0x80/0x80\n device_unregister+0x13/0x60\n xenbus_dev_changed+0x18e/0x1f0\n xenwatch_thread+0xc0/0x1a0\n ? do_wait_intr_irq+0xa0/0xa0\n kthread+0x16b/0x190\n ? set_kthread_struct+0x40/0x40\n ret_from_fork+0x22/0x30\n \n\nFix this by calling xennet_destroy_queues() from xennet_uninit(),\nwhen real_num_tx_queues is still available. This ensures that queues are\ndestroyed when real_num_tx_queues is set to 0, regardless of how\nunregister_netdev() was called.\n\nOriginally reported at\nhttps://github.com/QubesOS/qubes-issues/issues/7257", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48914" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--70829031-8bbc-4420-8f22-8fd2f4974711.json b/objects/vulnerability/vulnerability--70829031-8bbc-4420-8f22-8fd2f4974711.json new file mode 100644 index 00000000000..800dc15ddb1 --- /dev/null +++ b/objects/vulnerability/vulnerability--70829031-8bbc-4420-8f22-8fd2f4974711.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--aae16946-1d7b-44fa-bc5c-d25381758eee", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--70829031-8bbc-4420-8f22-8fd2f4974711", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.994214Z", + "modified": "2024-08-23T00:18:38.994214Z", + "name": "CVE-2024-8087", + "description": "A vulnerability was found in SourceCodester E-Commerce System 1.0 and classified as critical. This issue affects some unknown processing of the file /ecommerce/popup_Item.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-8087" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--71fe0023-0b81-4dcc-9fe2-b6ce1bf2743b.json b/objects/vulnerability/vulnerability--71fe0023-0b81-4dcc-9fe2-b6ce1bf2743b.json new file mode 100644 index 00000000000..7309af017c4 --- /dev/null +++ b/objects/vulnerability/vulnerability--71fe0023-0b81-4dcc-9fe2-b6ce1bf2743b.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a373cc4f-c448-41d9-bbc8-dd516e6c1023", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--71fe0023-0b81-4dcc-9fe2-b6ce1bf2743b", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.991668Z", + "modified": "2024-08-23T00:18:38.991668Z", + "name": "CVE-2024-8077", + "description": "A vulnerability was found in TOTOLINK AC1200 T8 4.1.5cu.862_B20230228. It has been classified as critical. This affects the function setTracerouteCfg. The manipulation leads to os command injection. It is possible to initiate the attack remotely. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-8077" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--735e8ec1-b6ad-4442-829d-49fab6f61fbd.json b/objects/vulnerability/vulnerability--735e8ec1-b6ad-4442-829d-49fab6f61fbd.json new file mode 100644 index 00000000000..401af41368d --- /dev/null +++ b/objects/vulnerability/vulnerability--735e8ec1-b6ad-4442-829d-49fab6f61fbd.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--fb6043c4-27b9-4401-b438-942ee59ed8d3", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--735e8ec1-b6ad-4442-829d-49fab6f61fbd", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.261898Z", + "modified": "2024-08-23T00:18:25.261898Z", + "name": "CVE-2022-48931", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nconfigfs: fix a race in configfs_{,un}register_subsystem()\n\nWhen configfs_register_subsystem() or configfs_unregister_subsystem()\nis executing link_group() or unlink_group(),\nit is possible that two processes add or delete list concurrently.\nSome unfortunate interleavings of them can cause kernel panic.\n\nOne of cases is:\nA --> B --> C --> D\nA <-- B <-- C <-- D\n\n delete list_head *B | delete list_head *C\n--------------------------------|-----------------------------------\nconfigfs_unregister_subsystem | configfs_unregister_subsystem\n unlink_group | unlink_group\n unlink_obj | unlink_obj\n list_del_init | list_del_init\n __list_del_entry | __list_del_entry\n __list_del | __list_del\n // next == C |\n next->prev = prev |\n | next->prev = prev\n prev->next = next |\n | // prev == B\n | prev->next = next\n\nFix this by adding mutex when calling link_group() or unlink_group(),\nbut parent configfs_subsystem is NULL when config_item is root.\nSo I create a mutex configfs_subsystem_mutex.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48931" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--75fcaf04-0f08-4c5a-a7a1-cb28c48a1268.json b/objects/vulnerability/vulnerability--75fcaf04-0f08-4c5a-a7a1-cb28c48a1268.json new file mode 100644 index 00000000000..260258bc04a --- /dev/null +++ b/objects/vulnerability/vulnerability--75fcaf04-0f08-4c5a-a7a1-cb28c48a1268.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--2f872f7f-5d2a-49b5-bf6d-644849656702", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--75fcaf04-0f08-4c5a-a7a1-cb28c48a1268", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.981558Z", + "modified": "2024-08-23T00:18:38.981558Z", + "name": "CVE-2024-8088", + "description": "There is a HIGH severity vulnerability affecting the CPython \"zipfile\"\nmodule.\n\n\n\n\n\nWhen iterating over names of entries in a zip archive (for example, methods\nof \"zipfile.ZipFile\" like \"namelist()\", \"iterdir()\", \"extractall()\", etc)\nthe process can be put into an infinite loop with a maliciously crafted\nzip archive. This defect applies when reading only metadata or extracting\nthe contents of the zip archive. Programs that are not handling\nuser-controlled zip archives are not affected.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-8088" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--7952a05e-ff94-4396-9125-8ebaa73b9609.json b/objects/vulnerability/vulnerability--7952a05e-ff94-4396-9125-8ebaa73b9609.json new file mode 100644 index 00000000000..12face81c70 --- /dev/null +++ b/objects/vulnerability/vulnerability--7952a05e-ff94-4396-9125-8ebaa73b9609.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--828f7e05-0c16-4a4f-8199-31052e5f5db8", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--7952a05e-ff94-4396-9125-8ebaa73b9609", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.252257Z", + "modified": "2024-08-23T00:18:25.252257Z", + "name": "CVE-2022-48903", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix relocation crash due to premature return from btrfs_commit_transaction()\n\nWe are seeing crashes similar to the following trace:\n\n[38.969182] WARNING: CPU: 20 PID: 2105 at fs/btrfs/relocation.c:4070 btrfs_relocate_block_group+0x2dc/0x340 [btrfs]\n[38.973556] CPU: 20 PID: 2105 Comm: btrfs Not tainted 5.17.0-rc4 #54\n[38.974580] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014\n[38.976539] RIP: 0010:btrfs_relocate_block_group+0x2dc/0x340 [btrfs]\n[38.980336] RSP: 0000:ffffb0dd42e03c20 EFLAGS: 00010206\n[38.981218] RAX: ffff96cfc4ede800 RBX: ffff96cfc3ce0000 RCX: 000000000002ca14\n[38.982560] RDX: 0000000000000000 RSI: 4cfd109a0bcb5d7f RDI: ffff96cfc3ce0360\n[38.983619] RBP: ffff96cfc309c000 R08: 0000000000000000 R09: 0000000000000000\n[38.984678] R10: ffff96cec0000001 R11: ffffe84c80000000 R12: ffff96cfc4ede800\n[38.985735] R13: 0000000000000000 R14: 0000000000000000 R15: ffff96cfc3ce0360\n[38.987146] FS: 00007f11c15218c0(0000) GS:ffff96d6dfb00000(0000) knlGS:0000000000000000\n[38.988662] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[38.989398] CR2: 00007ffc922c8e60 CR3: 00000001147a6001 CR4: 0000000000370ee0\n[38.990279] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[38.991219] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[38.992528] Call Trace:\n[38.992854] \n[38.993148] btrfs_relocate_chunk+0x27/0xe0 [btrfs]\n[38.993941] btrfs_balance+0x78e/0xea0 [btrfs]\n[38.994801] ? vsnprintf+0x33c/0x520\n[38.995368] ? __kmalloc_track_caller+0x351/0x440\n[38.996198] btrfs_ioctl_balance+0x2b9/0x3a0 [btrfs]\n[38.997084] btrfs_ioctl+0x11b0/0x2da0 [btrfs]\n[38.997867] ? mod_objcg_state+0xee/0x340\n[38.998552] ? seq_release+0x24/0x30\n[38.999184] ? proc_nr_files+0x30/0x30\n[38.999654] ? call_rcu+0xc8/0x2f0\n[39.000228] ? __x64_sys_ioctl+0x84/0xc0\n[39.000872] ? btrfs_ioctl_get_supported_features+0x30/0x30 [btrfs]\n[39.001973] __x64_sys_ioctl+0x84/0xc0\n[39.002566] do_syscall_64+0x3a/0x80\n[39.003011] entry_SYSCALL_64_after_hwframe+0x44/0xae\n[39.003735] RIP: 0033:0x7f11c166959b\n[39.007324] RSP: 002b:00007fff2543e998 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\n[39.008521] RAX: ffffffffffffffda RBX: 00007f11c1521698 RCX: 00007f11c166959b\n[39.009833] RDX: 00007fff2543ea40 RSI: 00000000c4009420 RDI: 0000000000000003\n[39.011270] RBP: 0000000000000003 R08: 0000000000000013 R09: 00007f11c16f94e0\n[39.012581] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff25440df3\n[39.014046] R13: 0000000000000000 R14: 00007fff2543ea40 R15: 0000000000000001\n[39.015040] \n[39.015418] ---[ end trace 0000000000000000 ]---\n[43.131559] ------------[ cut here ]------------\n[43.132234] kernel BUG at fs/btrfs/extent-tree.c:2717!\n[43.133031] invalid opcode: 0000 [#1] PREEMPT SMP PTI\n[43.133702] CPU: 1 PID: 1839 Comm: btrfs Tainted: G W 5.17.0-rc4 #54\n[43.134863] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014\n[43.136426] RIP: 0010:unpin_extent_range+0x37a/0x4f0 [btrfs]\n[43.139913] RSP: 0000:ffffb0dd4216bc70 EFLAGS: 00010246\n[43.140629] RAX: 0000000000000000 RBX: ffff96cfc34490f8 RCX: 0000000000000001\n[43.141604] RDX: 0000000080000001 RSI: 0000000051d00000 RDI: 00000000ffffffff\n[43.142645] RBP: 0000000000000000 R08: 0000000000000000 R09: ffff96cfd07dca50\n[43.143669] R10: ffff96cfc46e8a00 R11: fffffffffffec000 R12: 0000000041d00000\n[43.144657] R13: ffff96cfc3ce0000 R14: ffffb0dd4216bd08 R15: 0000000000000000\n[43.145686] FS: 00007f7657dd68c0(0000) GS:ffff96d6df640000(0000) knlGS:0000000000000000\n[43.146808] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[43.147584] CR2: 00007f7fe81bf5b0 CR3: 00000001093ee004 CR4: 0000000000370ee0\n[43.148589] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[43.149581] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 00000000000\n---truncated---", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48903" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--7af1b428-5566-4602-87a2-48d301f1a199.json b/objects/vulnerability/vulnerability--7af1b428-5566-4602-87a2-48d301f1a199.json new file mode 100644 index 00000000000..ddd97518753 --- /dev/null +++ b/objects/vulnerability/vulnerability--7af1b428-5566-4602-87a2-48d301f1a199.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--1fbf423c-4c07-4eb2-8c0f-ab6e8e25bbf5", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--7af1b428-5566-4602-87a2-48d301f1a199", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:37.846661Z", + "modified": "2024-08-23T00:18:37.846661Z", + "name": "CVE-2024-42769", + "description": "A Reflected Cross Site Scripting (XSS) vulnerability was found in \"/core/signup_user.php \" of Kashipara Hotel Management System v1.0, which allows remote attackers to execute arbitrary code via \"user_fname\" and \"user_lname\" parameters.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-42769" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--7ded9583-0d17-430c-8a96-9c3bdd11d917.json b/objects/vulnerability/vulnerability--7ded9583-0d17-430c-8a96-9c3bdd11d917.json new file mode 100644 index 00000000000..b156113622c --- /dev/null +++ b/objects/vulnerability/vulnerability--7ded9583-0d17-430c-8a96-9c3bdd11d917.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--436dcf91-8aa0-4cdd-9f88-8e196659564f", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--7ded9583-0d17-430c-8a96-9c3bdd11d917", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.247052Z", + "modified": "2024-08-23T00:18:25.247052Z", + "name": "CVE-2022-48911", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_queue: fix possible use-after-free\n\nEric Dumazet says:\n The sock_hold() side seems suspect, because there is no guarantee\n that sk_refcnt is not already 0.\n\nOn failure, we cannot queue the packet and need to indicate an\nerror. The packet will be dropped by the caller.\n\nv2: split skb prefetch hunk into separate change", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48911" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--81347644-7cc6-438c-aa07-2aa4b3bdb6d1.json b/objects/vulnerability/vulnerability--81347644-7cc6-438c-aa07-2aa4b3bdb6d1.json new file mode 100644 index 00000000000..bb4a0a3b097 --- /dev/null +++ b/objects/vulnerability/vulnerability--81347644-7cc6-438c-aa07-2aa4b3bdb6d1.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--70b260db-40fb-48f4-952f-dee6227af8ff", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--81347644-7cc6-438c-aa07-2aa4b3bdb6d1", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.221355Z", + "modified": "2024-08-23T00:18:25.221355Z", + "name": "CVE-2022-48913", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nblktrace: fix use after free for struct blk_trace\n\nWhen tracing the whole disk, 'dropped' and 'msg' will be created\nunder 'q->debugfs_dir' and 'bt->dir' is NULL, thus blk_trace_free()\nwon't remove those files. What's worse, the following UAF can be\ntriggered because of accessing stale 'dropped' and 'msg':\n\n==================================================================\nBUG: KASAN: use-after-free in blk_dropped_read+0x89/0x100\nRead of size 4 at addr ffff88816912f3d8 by task blktrace/1188\n\nCPU: 27 PID: 1188 Comm: blktrace Not tainted 5.17.0-rc4-next-20220217+ #469\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ?-20190727_073836-4\nCall Trace:\n \n dump_stack_lvl+0x34/0x44\n print_address_description.constprop.0.cold+0xab/0x381\n ? blk_dropped_read+0x89/0x100\n ? blk_dropped_read+0x89/0x100\n kasan_report.cold+0x83/0xdf\n ? blk_dropped_read+0x89/0x100\n kasan_check_range+0x140/0x1b0\n blk_dropped_read+0x89/0x100\n ? blk_create_buf_file_callback+0x20/0x20\n ? kmem_cache_free+0xa1/0x500\n ? do_sys_openat2+0x258/0x460\n full_proxy_read+0x8f/0xc0\n vfs_read+0xc6/0x260\n ksys_read+0xb9/0x150\n ? vfs_write+0x3d0/0x3d0\n ? fpregs_assert_state_consistent+0x55/0x60\n ? exit_to_user_mode_prepare+0x39/0x1e0\n do_syscall_64+0x35/0x80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7fbc080d92fd\nCode: ce 20 00 00 75 10 b8 00 00 00 00 0f 05 48 3d 01 f0 ff ff 73 31 c3 48 83 1\nRSP: 002b:00007fbb95ff9cb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000000\nRAX: ffffffffffffffda RBX: 00007fbb95ff9dc0 RCX: 00007fbc080d92fd\nRDX: 0000000000000100 RSI: 00007fbb95ff9cc0 RDI: 0000000000000045\nRBP: 0000000000000045 R08: 0000000000406299 R09: 00000000fffffffd\nR10: 000000000153afa0 R11: 0000000000000293 R12: 00007fbb780008c0\nR13: 00007fbb78000938 R14: 0000000000608b30 R15: 00007fbb780029c8\n \n\nAllocated by task 1050:\n kasan_save_stack+0x1e/0x40\n __kasan_kmalloc+0x81/0xa0\n do_blk_trace_setup+0xcb/0x410\n __blk_trace_setup+0xac/0x130\n blk_trace_ioctl+0xe9/0x1c0\n blkdev_ioctl+0xf1/0x390\n __x64_sys_ioctl+0xa5/0xe0\n do_syscall_64+0x35/0x80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nFreed by task 1050:\n kasan_save_stack+0x1e/0x40\n kasan_set_track+0x21/0x30\n kasan_set_free_info+0x20/0x30\n __kasan_slab_free+0x103/0x180\n kfree+0x9a/0x4c0\n __blk_trace_remove+0x53/0x70\n blk_trace_ioctl+0x199/0x1c0\n blkdev_common_ioctl+0x5e9/0xb30\n blkdev_ioctl+0x1a5/0x390\n __x64_sys_ioctl+0xa5/0xe0\n do_syscall_64+0x35/0x80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nThe buggy address belongs to the object at ffff88816912f380\n which belongs to the cache kmalloc-96 of size 96\nThe buggy address is located 88 bytes inside of\n 96-byte region [ffff88816912f380, ffff88816912f3e0)\nThe buggy address belongs to the page:\npage:000000009a1b4e7c refcount:1 mapcount:0 mapping:0000000000000000 index:0x0f\nflags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)\nraw: 0017ffffc0000200 ffffea00044f1100 dead000000000002 ffff88810004c780\nraw: 0000000000000000 0000000000200020 00000001ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\n\nMemory state around the buggy address:\n ffff88816912f280: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc\n ffff88816912f300: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc\n>ffff88816912f380: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc\n ^\n ffff88816912f400: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc\n ffff88816912f480: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc\n==================================================================", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48913" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--81ecb962-58de-4369-a53c-5117561af26c.json b/objects/vulnerability/vulnerability--81ecb962-58de-4369-a53c-5117561af26c.json new file mode 100644 index 00000000000..e16683ad832 --- /dev/null +++ b/objects/vulnerability/vulnerability--81ecb962-58de-4369-a53c-5117561af26c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c3896d8a-d313-422e-99cf-9e5d39030220", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--81ecb962-58de-4369-a53c-5117561af26c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.98662Z", + "modified": "2024-08-23T00:18:38.98662Z", + "name": "CVE-2024-8080", + "description": "A vulnerability classified as critical has been found in SourceCodester Online Health Care System 1.0. Affected is an unknown function of the file search.php. The manipulation of the argument f_name with the input 1%' or 1=1 ) UNION SELECT 1,2,3,4,5,database(),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23# as part of string leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-8080" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--875b8b0e-2096-4b41-832e-94d8d2454b58.json b/objects/vulnerability/vulnerability--875b8b0e-2096-4b41-832e-94d8d2454b58.json new file mode 100644 index 00000000000..f0bcf2dbfd6 --- /dev/null +++ b/objects/vulnerability/vulnerability--875b8b0e-2096-4b41-832e-94d8d2454b58.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--7b328793-bde3-4a44-b26e-69b6af7094c5", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--875b8b0e-2096-4b41-832e-94d8d2454b58", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.569994Z", + "modified": "2024-08-23T00:18:38.569994Z", + "name": "CVE-2024-43785", + "description": "gitoxide An idiomatic, lean, fast & safe pure Rust implementation of Git. gitoxide-core, which provides most underlying functionality of the gix and ein commands, does not neutralize newlines, backspaces, or control characters—including those that form ANSI escape sequences—that appear in a repository's paths, author and committer names, commit messages, or other metadata. Such text may be written as part of the output of a command, as well as appearing in error messages when an operation fails. This sometimes allows an untrusted repository to misrepresent its contents and to alter or concoct error messages.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-43785" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8a371200-14e1-42c0-9d2f-274f97968db3.json b/objects/vulnerability/vulnerability--8a371200-14e1-42c0-9d2f-274f97968db3.json new file mode 100644 index 00000000000..e8c51e63d4c --- /dev/null +++ b/objects/vulnerability/vulnerability--8a371200-14e1-42c0-9d2f-274f97968db3.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--5a7a30ba-3c6f-4bbd-89bc-c37b930cf43c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8a371200-14e1-42c0-9d2f-274f97968db3", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.239165Z", + "modified": "2024-08-23T00:18:25.239165Z", + "name": "CVE-2022-48940", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix crash due to incorrect copy_map_value\n\nWhen both bpf_spin_lock and bpf_timer are present in a BPF map value,\ncopy_map_value needs to skirt both objects when copying a value into and\nout of the map. However, the current code does not set both s_off and\nt_off in copy_map_value, which leads to a crash when e.g. bpf_spin_lock\nis placed in map value with bpf_timer, as bpf_map_update_elem call will\nbe able to overwrite the other timer object.\n\nWhen the issue is not fixed, an overwriting can produce the following\nsplat:\n\n[root@(none) bpf]# ./test_progs -t timer_crash\n[ 15.930339] bpf_testmod: loading out-of-tree module taints kernel.\n[ 16.037849] ==================================================================\n[ 16.038458] BUG: KASAN: user-memory-access in __pv_queued_spin_lock_slowpath+0x32b/0x520\n[ 16.038944] Write of size 8 at addr 0000000000043ec0 by task test_progs/325\n[ 16.039399]\n[ 16.039514] CPU: 0 PID: 325 Comm: test_progs Tainted: G OE 5.16.0+ #278\n[ 16.039983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ArchLinux 1.15.0-1 04/01/2014\n[ 16.040485] Call Trace:\n[ 16.040645] \n[ 16.040805] dump_stack_lvl+0x59/0x73\n[ 16.041069] ? __pv_queued_spin_lock_slowpath+0x32b/0x520\n[ 16.041427] kasan_report.cold+0x116/0x11b\n[ 16.041673] ? __pv_queued_spin_lock_slowpath+0x32b/0x520\n[ 16.042040] __pv_queued_spin_lock_slowpath+0x32b/0x520\n[ 16.042328] ? memcpy+0x39/0x60\n[ 16.042552] ? pv_hash+0xd0/0xd0\n[ 16.042785] ? lockdep_hardirqs_off+0x95/0xd0\n[ 16.043079] __bpf_spin_lock_irqsave+0xdf/0xf0\n[ 16.043366] ? bpf_get_current_comm+0x50/0x50\n[ 16.043608] ? jhash+0x11a/0x270\n[ 16.043848] bpf_timer_cancel+0x34/0xe0\n[ 16.044119] bpf_prog_c4ea1c0f7449940d_sys_enter+0x7c/0x81\n[ 16.044500] bpf_trampoline_6442477838_0+0x36/0x1000\n[ 16.044836] __x64_sys_nanosleep+0x5/0x140\n[ 16.045119] do_syscall_64+0x59/0x80\n[ 16.045377] ? lock_is_held_type+0xe4/0x140\n[ 16.045670] ? irqentry_exit_to_user_mode+0xa/0x40\n[ 16.046001] ? mark_held_locks+0x24/0x90\n[ 16.046287] ? asm_exc_page_fault+0x1e/0x30\n[ 16.046569] ? asm_exc_page_fault+0x8/0x30\n[ 16.046851] ? lockdep_hardirqs_on+0x7e/0x100\n[ 16.047137] entry_SYSCALL_64_after_hwframe+0x44/0xae\n[ 16.047405] RIP: 0033:0x7f9e4831718d\n[ 16.047602] Code: b4 0c 00 0f 05 eb a9 66 0f 1f 44 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b3 6c 0c 00 f7 d8 64 89 01 48\n[ 16.048764] RSP: 002b:00007fff488086b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000023\n[ 16.049275] RAX: ffffffffffffffda RBX: 00007f9e48683740 RCX: 00007f9e4831718d\n[ 16.049747] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007fff488086d0\n[ 16.050225] RBP: 00007fff488086f0 R08: 00007fff488085d7 R09: 00007f9e4cb594a0\n[ 16.050648] R10: 0000000000000000 R11: 0000000000000206 R12: 00007f9e484cde30\n[ 16.051124] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n[ 16.051608] \n[ 16.051762] ==================================================================", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48940" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8b579734-49e8-41d9-8c6e-5d885b8adb0c.json b/objects/vulnerability/vulnerability--8b579734-49e8-41d9-8c6e-5d885b8adb0c.json new file mode 100644 index 00000000000..c34d8e8d203 --- /dev/null +++ b/objects/vulnerability/vulnerability--8b579734-49e8-41d9-8c6e-5d885b8adb0c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--efa37894-26bc-471e-bad3-d30adaccd75a", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8b579734-49e8-41d9-8c6e-5d885b8adb0c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.257163Z", + "modified": "2024-08-23T00:18:25.257163Z", + "name": "CVE-2022-48932", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: DR, Fix slab-out-of-bounds in mlx5_cmd_dr_create_fte\n\nWhen adding a rule with 32 destinations, we hit the following out-of-band\naccess issue:\n\n BUG: KASAN: slab-out-of-bounds in mlx5_cmd_dr_create_fte+0x18ee/0x1e70\n\nThis patch fixes the issue by both increasing the allocated buffers to\naccommodate for the needed actions and by checking the number of actions\nto prevent this issue when a rule with too many actions is provided.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48932" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8b8abc33-830a-442e-b520-85673ff49513.json b/objects/vulnerability/vulnerability--8b8abc33-830a-442e-b520-85673ff49513.json new file mode 100644 index 00000000000..e4a1b93b8de --- /dev/null +++ b/objects/vulnerability/vulnerability--8b8abc33-830a-442e-b520-85673ff49513.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--1ad3d4ab-bb53-4c4d-87a0-406de46938f3", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8b8abc33-830a-442e-b520-85673ff49513", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.200384Z", + "modified": "2024-08-23T00:18:25.200384Z", + "name": "CVE-2022-48907", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nauxdisplay: lcd2s: Fix memory leak in ->remove()\n\nOnce allocated the struct lcd2s_data is never freed.\nFix the memory leak by switching to devm_kzalloc().", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48907" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8c6d7e53-6f06-4403-b8c1-489a07c3d978.json b/objects/vulnerability/vulnerability--8c6d7e53-6f06-4403-b8c1-489a07c3d978.json new file mode 100644 index 00000000000..3ce29fe4d91 --- /dev/null +++ b/objects/vulnerability/vulnerability--8c6d7e53-6f06-4403-b8c1-489a07c3d978.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b3b20ce0-fc41-4559-84bf-39a1f02177b9", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8c6d7e53-6f06-4403-b8c1-489a07c3d978", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.232318Z", + "modified": "2024-08-23T00:18:25.232318Z", + "name": "CVE-2022-48935", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: unregister flowtable hooks on netns exit\n\nUnregister flowtable hooks before they are releases via\nnf_tables_flowtable_destroy() otherwise hook core reports UAF.\n\nBUG: KASAN: use-after-free in nf_hook_entries_grow+0x5a7/0x700 net/netfilter/core.c:142 net/netfilter/core.c:142\nRead of size 4 at addr ffff8880736f7438 by task syz-executor579/3666\n\nCPU: 0 PID: 3666 Comm: syz-executor579 Not tainted 5.16.0-rc5-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nCall Trace:\n \n __dump_stack lib/dump_stack.c:88 [inline]\n __dump_stack lib/dump_stack.c:88 [inline] lib/dump_stack.c:106\n dump_stack_lvl+0x1dc/0x2d8 lib/dump_stack.c:106 lib/dump_stack.c:106\n print_address_description+0x65/0x380 mm/kasan/report.c:247 mm/kasan/report.c:247\n __kasan_report mm/kasan/report.c:433 [inline]\n __kasan_report mm/kasan/report.c:433 [inline] mm/kasan/report.c:450\n kasan_report+0x19a/0x1f0 mm/kasan/report.c:450 mm/kasan/report.c:450\n nf_hook_entries_grow+0x5a7/0x700 net/netfilter/core.c:142 net/netfilter/core.c:142\n __nf_register_net_hook+0x27e/0x8d0 net/netfilter/core.c:429 net/netfilter/core.c:429\n nf_register_net_hook+0xaa/0x180 net/netfilter/core.c:571 net/netfilter/core.c:571\n nft_register_flowtable_net_hooks+0x3c5/0x730 net/netfilter/nf_tables_api.c:7232 net/netfilter/nf_tables_api.c:7232\n nf_tables_newflowtable+0x2022/0x2cf0 net/netfilter/nf_tables_api.c:7430 net/netfilter/nf_tables_api.c:7430\n nfnetlink_rcv_batch net/netfilter/nfnetlink.c:513 [inline]\n nfnetlink_rcv_skb_batch net/netfilter/nfnetlink.c:634 [inline]\n nfnetlink_rcv_batch net/netfilter/nfnetlink.c:513 [inline] net/netfilter/nfnetlink.c:652\n nfnetlink_rcv_skb_batch net/netfilter/nfnetlink.c:634 [inline] net/netfilter/nfnetlink.c:652\n nfnetlink_rcv+0x10e6/0x2550 net/netfilter/nfnetlink.c:652 net/netfilter/nfnetlink.c:652\n\n__nft_release_hook() calls nft_unregister_flowtable_net_hooks() which\nonly unregisters the hooks, then after RCU grace period, it is\nguaranteed that no packets add new entries to the flowtable (no flow\noffload rules and flowtable hooks are reachable from packet path), so it\nis safe to call nf_flow_table_free() which cleans up the remaining\nentries from the flowtable (both software and hardware) and it unbinds\nthe flow_block.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48935" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8d8358a7-1dff-4179-92e7-2d74cddcb8f4.json b/objects/vulnerability/vulnerability--8d8358a7-1dff-4179-92e7-2d74cddcb8f4.json new file mode 100644 index 00000000000..862cb1d280b --- /dev/null +++ b/objects/vulnerability/vulnerability--8d8358a7-1dff-4179-92e7-2d74cddcb8f4.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--1df15989-0fdb-4a69-b60e-477c5b8e3d80", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8d8358a7-1dff-4179-92e7-2d74cddcb8f4", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.223962Z", + "modified": "2024-08-23T00:18:25.223962Z", + "name": "CVE-2022-48905", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nibmvnic: free reset-work-item when flushing\n\nFix a tiny memory leak when flushing the reset work queue.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48905" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8e4f89e6-aa88-47fe-96a9-2f033acdcbbb.json b/objects/vulnerability/vulnerability--8e4f89e6-aa88-47fe-96a9-2f033acdcbbb.json new file mode 100644 index 00000000000..afbf37339ee --- /dev/null +++ b/objects/vulnerability/vulnerability--8e4f89e6-aa88-47fe-96a9-2f033acdcbbb.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--5c4d26b3-9927-477f-a3e6-5029a179dd0c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8e4f89e6-aa88-47fe-96a9-2f033acdcbbb", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:37.997963Z", + "modified": "2024-08-23T00:18:37.997963Z", + "name": "CVE-2024-38210", + "description": "Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-38210" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8e94a15f-a103-4659-a3dd-d75fbefc2685.json b/objects/vulnerability/vulnerability--8e94a15f-a103-4659-a3dd-d75fbefc2685.json new file mode 100644 index 00000000000..8bef49b74d8 --- /dev/null +++ b/objects/vulnerability/vulnerability--8e94a15f-a103-4659-a3dd-d75fbefc2685.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--245775dd-34b7-4461-a856-975b20d8a5d8", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8e94a15f-a103-4659-a3dd-d75fbefc2685", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.383528Z", + "modified": "2024-08-23T00:18:38.383528Z", + "name": "CVE-2024-39745", + "description": "IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-39745" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8eb05bec-e87f-4247-b348-d2a3faaf3542.json b/objects/vulnerability/vulnerability--8eb05bec-e87f-4247-b348-d2a3faaf3542.json new file mode 100644 index 00000000000..f10572f1e05 --- /dev/null +++ b/objects/vulnerability/vulnerability--8eb05bec-e87f-4247-b348-d2a3faaf3542.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--5b49718a-f530-4163-ab2f-d97f1125037f", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8eb05bec-e87f-4247-b348-d2a3faaf3542", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:37.888258Z", + "modified": "2024-08-23T00:18:37.888258Z", + "name": "CVE-2024-42774", + "description": "An Incorrect Access Control vulnerability was found in /admin/delete_room.php in Kashipara Hotel Management System v1.0, which allows an unauthenticated attacker to delete valid hotel room entries in the administrator section.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-42774" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8fa1f79c-251a-4ce8-88cf-526dca65cb3e.json b/objects/vulnerability/vulnerability--8fa1f79c-251a-4ce8-88cf-526dca65cb3e.json new file mode 100644 index 00000000000..3d5e12e5743 --- /dev/null +++ b/objects/vulnerability/vulnerability--8fa1f79c-251a-4ce8-88cf-526dca65cb3e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--bc751e23-bd9c-4f05-8fc0-68d5f02ecdb1", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8fa1f79c-251a-4ce8-88cf-526dca65cb3e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.113303Z", + "modified": "2024-08-23T00:18:38.113303Z", + "name": "CVE-2024-36440", + "description": "An issue was discovered on Swissphone DiCal-RED 4009 devices. An attacker with access to the file /etc/deviceconfig may recover the administrative device password via password-cracking methods, because unsalted MD5 is used.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-36440" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--903c12bb-128a-4e4b-ab35-c69213a2f502.json b/objects/vulnerability/vulnerability--903c12bb-128a-4e4b-ab35-c69213a2f502.json new file mode 100644 index 00000000000..4fd3dc60e47 --- /dev/null +++ b/objects/vulnerability/vulnerability--903c12bb-128a-4e4b-ab35-c69213a2f502.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--57bdb15b-4291-4413-9849-a6d70094f3ba", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--903c12bb-128a-4e4b-ab35-c69213a2f502", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:37.807827Z", + "modified": "2024-08-23T00:18:37.807827Z", + "name": "CVE-2024-40886", + "description": "Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.x <= 9.10.0, 9.8.x <= 9.8.2 fail to sanitize user inputs in the frontend that are used for redirection which allows for a one-click client-side path traversal that is leading to CSRF in User Management page of the system console.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-40886" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--917ff001-170a-48cc-b2ab-80d8d4b7b51e.json b/objects/vulnerability/vulnerability--917ff001-170a-48cc-b2ab-80d8d4b7b51e.json new file mode 100644 index 00000000000..1ab8d13cc4d --- /dev/null +++ b/objects/vulnerability/vulnerability--917ff001-170a-48cc-b2ab-80d8d4b7b51e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ad4ec10e-acea-4fa3-adbd-b5c768af0fbf", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--917ff001-170a-48cc-b2ab-80d8d4b7b51e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:36.79907Z", + "modified": "2024-08-23T00:18:36.79907Z", + "name": "CVE-2021-4441", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: spi-zynq-qspi: Fix a NULL pointer dereference in zynq_qspi_exec_mem_op()\n\nIn zynq_qspi_exec_mem_op(), kzalloc() is directly used in memset(),\nwhich could lead to a NULL pointer dereference on failure of\nkzalloc().\n\nFix this bug by adding a check of tmpbuf.\n\nThis bug was found by a static analyzer. The analysis employs\ndifferential checking to identify inconsistent security operations\n(e.g., checks or kfrees) between two code paths and confirms that the\ninconsistent operations are not recovered in the current function or\nthe callers, so they constitute bugs.\n\nNote that, as a bug found by static analysis, it can be a false\npositive or hard to trigger. Multiple researchers have cross-reviewed\nthe bug.\n\nBuilds with CONFIG_SPI_ZYNQ_QSPI=m show no new warnings,\nand our static analyzer no longer warns about this code.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2021-4441" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--93ea1dae-be38-443f-8d45-b471d1adfa3a.json b/objects/vulnerability/vulnerability--93ea1dae-be38-443f-8d45-b471d1adfa3a.json new file mode 100644 index 00000000000..95059a4a4be --- /dev/null +++ b/objects/vulnerability/vulnerability--93ea1dae-be38-443f-8d45-b471d1adfa3a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--aca911ef-ac41-4137-a214-d343c47f6125", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--93ea1dae-be38-443f-8d45-b471d1adfa3a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.982499Z", + "modified": "2024-08-23T00:18:38.982499Z", + "name": "CVE-2024-8041", + "description": "A Denial of Service (DoS) issue has been discovered in GitLab CE/EE affecting all versions prior to 17.1.6, 17.2 prior to 17.2.4, and 17.3 prior to 17.3.1. A denial of service could occur upon importing a maliciously crafted repository using the GitHub importer.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-8041" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--97b3c281-bd85-48df-a89e-e2161e658950.json b/objects/vulnerability/vulnerability--97b3c281-bd85-48df-a89e-e2161e658950.json new file mode 100644 index 00000000000..c9bcbb2e78b --- /dev/null +++ b/objects/vulnerability/vulnerability--97b3c281-bd85-48df-a89e-e2161e658950.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--1388ba2d-c720-4b2e-8e20-0589cf284adc", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--97b3c281-bd85-48df-a89e-e2161e658950", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:40.269957Z", + "modified": "2024-08-23T00:18:40.269957Z", + "name": "CVE-2023-7260", + "description": "Path Traversal vulnerability discovered in OpenText™ CX-E Voice, \n\naffecting all version through 22.4. The vulnerability could allow arbitrarily access files on the system.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-7260" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--99730eb5-4968-443e-9bf8-93d436cf7c4e.json b/objects/vulnerability/vulnerability--99730eb5-4968-443e-9bf8-93d436cf7c4e.json new file mode 100644 index 00000000000..38439179195 --- /dev/null +++ b/objects/vulnerability/vulnerability--99730eb5-4968-443e-9bf8-93d436cf7c4e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--8adf2501-1bd0-4c9c-8a0b-5e6a2d4cdc44", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--99730eb5-4968-443e-9bf8-93d436cf7c4e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.560425Z", + "modified": "2024-08-23T00:18:38.560425Z", + "name": "CVE-2024-43331", + "description": "Missing Authorization vulnerability in VeronaLabs WP SMS.This issue affects WP SMS: from n/a through 6.9.3.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-43331" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--99fc773d-0557-4e02-9a15-cbd1ca4be4f4.json b/objects/vulnerability/vulnerability--99fc773d-0557-4e02-9a15-cbd1ca4be4f4.json new file mode 100644 index 00000000000..f48961ad716 --- /dev/null +++ b/objects/vulnerability/vulnerability--99fc773d-0557-4e02-9a15-cbd1ca4be4f4.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a5a6e2c5-53a0-43d4-a7c3-7a8e53926eda", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--99fc773d-0557-4e02-9a15-cbd1ca4be4f4", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.572208Z", + "modified": "2024-08-23T00:18:38.572208Z", + "name": "CVE-2024-43813", + "description": "Mattermost versions 9.5.x <= 9.5.7, 9.10.x <= 9.10.0 fail to enforce proper access controls which allows any authenticated user, including guests, to mark any channel inside any team as read for any user.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-43813" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--9b1abf86-4327-4641-866a-17e0c6a9560c.json b/objects/vulnerability/vulnerability--9b1abf86-4327-4641-866a-17e0c6a9560c.json new file mode 100644 index 00000000000..8c9e9b7c6d2 --- /dev/null +++ b/objects/vulnerability/vulnerability--9b1abf86-4327-4641-866a-17e0c6a9560c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a72fb0bf-5f96-4be3-86f7-1283eb7e1942", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--9b1abf86-4327-4641-866a-17e0c6a9560c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:39.058824Z", + "modified": "2024-08-23T00:18:39.058824Z", + "name": "CVE-2024-45167", + "description": "An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Due to improper input validation, improper deserialization, and improper restriction of operations within the bounds of a memory buffer, IDOL2 is vulnerable to Denial-of-Service (DoS) attacks and possibly remote code execution. A certain XmlMessage document causes 100% CPU consumption.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-45167" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--9c6e462a-8125-4ef5-9447-a56f11ac0e41.json b/objects/vulnerability/vulnerability--9c6e462a-8125-4ef5-9447-a56f11ac0e41.json new file mode 100644 index 00000000000..1c4069904b0 --- /dev/null +++ b/objects/vulnerability/vulnerability--9c6e462a-8125-4ef5-9447-a56f11ac0e41.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ce58448e-dfc1-4d75-8bbe-4ac4f6d58d2d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--9c6e462a-8125-4ef5-9447-a56f11ac0e41", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:37.870035Z", + "modified": "2024-08-23T00:18:37.870035Z", + "name": "CVE-2024-42599", + "description": "SeaCMS 13.0 has a remote code execution vulnerability. The reason for this vulnerability is that although admin_files.php imposes restrictions on edited files, attackers can still bypass these restrictions and write code, allowing authenticated attackers to exploit the vulnerability to execute arbitrary commands and gain system privileges.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-42599" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--a5e9daef-8593-4df3-93e4-263bc6777535.json b/objects/vulnerability/vulnerability--a5e9daef-8593-4df3-93e4-263bc6777535.json new file mode 100644 index 00000000000..73d0296b964 --- /dev/null +++ b/objects/vulnerability/vulnerability--a5e9daef-8593-4df3-93e4-263bc6777535.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--6f5573aa-a78f-4b4f-98b1-135b8c6ce187", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--a5e9daef-8593-4df3-93e4-263bc6777535", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.380311Z", + "modified": "2024-08-23T00:18:38.380311Z", + "name": "CVE-2024-39836", + "description": "Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.x <= 9.10.0 and 9.8.x <= 9.8.2 fail to ensure that remote/synthetic users cannot create sessions or reset passwords, which allows the munged email addresses, created by shared channels, to be used to receive email notifications and to reset passwords, when they are valid, functional emails.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-39836" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--a889e09c-4295-477e-81f8-d61622cbb6db.json b/objects/vulnerability/vulnerability--a889e09c-4295-477e-81f8-d61622cbb6db.json new file mode 100644 index 00000000000..2c622007006 --- /dev/null +++ b/objects/vulnerability/vulnerability--a889e09c-4295-477e-81f8-d61622cbb6db.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--1849eaf8-e75f-4796-842c-b99fb7ba2961", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--a889e09c-4295-477e-81f8-d61622cbb6db", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.01106Z", + "modified": "2024-08-23T00:18:38.01106Z", + "name": "CVE-2024-38208", + "description": "Microsoft Edge for Android Spoofing Vulnerability", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-38208" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--ab9d904e-b351-4ccc-83fa-f999a978c0e7.json b/objects/vulnerability/vulnerability--ab9d904e-b351-4ccc-83fa-f999a978c0e7.json new file mode 100644 index 00000000000..6457aaa6877 --- /dev/null +++ b/objects/vulnerability/vulnerability--ab9d904e-b351-4ccc-83fa-f999a978c0e7.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d9e783d9-028e-4c3a-a47f-564f3a7416ff", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--ab9d904e-b351-4ccc-83fa-f999a978c0e7", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.283514Z", + "modified": "2024-08-23T00:18:38.283514Z", + "name": "CVE-2024-7634", + "description": "NGINX Agent's \"config_dirs\" restriction feature allows a highly privileged attacker to gain the ability to write/overwrite files outside of the designated secure directory.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-7634" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--adc110f3-d5f7-4e9f-8da0-0b110a911a0c.json b/objects/vulnerability/vulnerability--adc110f3-d5f7-4e9f-8da0-0b110a911a0c.json new file mode 100644 index 00000000000..09f8f2443d8 --- /dev/null +++ b/objects/vulnerability/vulnerability--adc110f3-d5f7-4e9f-8da0-0b110a911a0c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--6da1c64d-6a72-4702-9afd-6b1b68a0c406", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--adc110f3-d5f7-4e9f-8da0-0b110a911a0c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:37.882337Z", + "modified": "2024-08-23T00:18:37.882337Z", + "name": "CVE-2024-42776", + "description": "Kashipara Hotel Management System v1.0 is vulnerable to Incorrect Access Control via /admin/users.php.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-42776" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--b22084f2-c34b-4e02-ab4a-46a949843aae.json b/objects/vulnerability/vulnerability--b22084f2-c34b-4e02-ab4a-46a949843aae.json new file mode 100644 index 00000000000..2fe35573c35 --- /dev/null +++ b/objects/vulnerability/vulnerability--b22084f2-c34b-4e02-ab4a-46a949843aae.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--e3e1c3f7-2db9-42b9-896d-ddf10ad2c575", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--b22084f2-c34b-4e02-ab4a-46a949843aae", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.101294Z", + "modified": "2024-08-23T00:18:38.101294Z", + "name": "CVE-2024-36445", + "description": "Swissphone DiCal-RED 4009 devices allow a remote attacker to gain a root shell via TELNET without authentication.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-36445" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--b4a900a8-cfc5-4274-9ef1-bc419e623eea.json b/objects/vulnerability/vulnerability--b4a900a8-cfc5-4274-9ef1-bc419e623eea.json new file mode 100644 index 00000000000..41c6aa34abd --- /dev/null +++ b/objects/vulnerability/vulnerability--b4a900a8-cfc5-4274-9ef1-bc419e623eea.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--8714ed4d-af3c-458d-bf37-e7ffdce77ee1", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--b4a900a8-cfc5-4274-9ef1-bc419e623eea", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:37.84428Z", + "modified": "2024-08-23T00:18:37.84428Z", + "name": "CVE-2024-42767", + "description": "Kashipara Hotel Management System v1.0 is vulnerable to Unrestricted File Upload RCE via /admin/add_room_controller.php.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-42767" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--b6ff0c13-9ca1-4cef-9092-09ce3ef86968.json b/objects/vulnerability/vulnerability--b6ff0c13-9ca1-4cef-9092-09ce3ef86968.json new file mode 100644 index 00000000000..094c8e3d0b7 --- /dev/null +++ b/objects/vulnerability/vulnerability--b6ff0c13-9ca1-4cef-9092-09ce3ef86968.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--342ed071-7877-4c9c-aed9-8787a99a5064", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--b6ff0c13-9ca1-4cef-9092-09ce3ef86968", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:39.148308Z", + "modified": "2024-08-23T00:18:39.148308Z", + "name": "CVE-2024-35151", + "description": "IBM OpenPages with Watson 8.3 and 9.0 could allow authenticated users access to sensitive information through improper authorization controls on APIs.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-35151" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--be153ac3-5bb9-465f-b93c-16e833048160.json b/objects/vulnerability/vulnerability--be153ac3-5bb9-465f-b93c-16e833048160.json new file mode 100644 index 00000000000..9a20ac3dde3 --- /dev/null +++ b/objects/vulnerability/vulnerability--be153ac3-5bb9-465f-b93c-16e833048160.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--34d7cf88-a1c4-489a-a76e-ae664201c5d4", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--be153ac3-5bb9-465f-b93c-16e833048160", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.178499Z", + "modified": "2024-08-23T00:18:25.178499Z", + "name": "CVE-2022-48923", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: prevent copying too big compressed lzo segment\n\nCompressed length can be corrupted to be a lot larger than memory\nwe have allocated for buffer.\nThis will cause memcpy in copy_compressed_segment to write outside\nof allocated memory.\n\nThis mostly results in stuck read syscall but sometimes when using\nbtrfs send can get #GP\n\n kernel: general protection fault, probably for non-canonical address 0x841551d5c1000: 0000 [#1] PREEMPT SMP NOPTI\n kernel: CPU: 17 PID: 264 Comm: kworker/u256:7 Tainted: P OE 5.17.0-rc2-1 #12\n kernel: Workqueue: btrfs-endio btrfs_work_helper [btrfs]\n kernel: RIP: 0010:lzo_decompress_bio (./include/linux/fortify-string.h:225 fs/btrfs/lzo.c:322 fs/btrfs/lzo.c:394) btrfs\n Code starting with the faulting instruction\n ===========================================\n 0:* 48 8b 06 mov (%rsi),%rax <-- trapping instruction\n 3: 48 8d 79 08 lea 0x8(%rcx),%rdi\n 7: 48 83 e7 f8 and $0xfffffffffffffff8,%rdi\n b: 48 89 01 mov %rax,(%rcx)\n e: 44 89 f0 mov %r14d,%eax\n 11: 48 8b 54 06 f8 mov -0x8(%rsi,%rax,1),%rdx\n kernel: RSP: 0018:ffffb110812efd50 EFLAGS: 00010212\n kernel: RAX: 0000000000001000 RBX: 000000009ca264c8 RCX: ffff98996e6d8ff8\n kernel: RDX: 0000000000000064 RSI: 000841551d5c1000 RDI: ffffffff9500435d\n kernel: RBP: ffff989a3be856c0 R08: 0000000000000000 R09: 0000000000000000\n kernel: R10: 0000000000000000 R11: 0000000000001000 R12: ffff98996e6d8000\n kernel: R13: 0000000000000008 R14: 0000000000001000 R15: 000841551d5c1000\n kernel: FS: 0000000000000000(0000) GS:ffff98a09d640000(0000) knlGS:0000000000000000\n kernel: CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n kernel: CR2: 00001e9f984d9ea8 CR3: 000000014971a000 CR4: 00000000003506e0\n kernel: Call Trace:\n kernel: \n kernel: end_compressed_bio_read (fs/btrfs/compression.c:104 fs/btrfs/compression.c:1363 fs/btrfs/compression.c:323) btrfs\n kernel: end_workqueue_fn (fs/btrfs/disk-io.c:1923) btrfs\n kernel: btrfs_work_helper (fs/btrfs/async-thread.c:326) btrfs\n kernel: process_one_work (./arch/x86/include/asm/jump_label.h:27 ./include/linux/jump_label.h:212 ./include/trace/events/workqueue.h:108 kernel/workqueue.c:2312)\n kernel: worker_thread (./include/linux/list.h:292 kernel/workqueue.c:2455)\n kernel: ? process_one_work (kernel/workqueue.c:2397)\n kernel: kthread (kernel/kthread.c:377)\n kernel: ? kthread_complete_and_exit (kernel/kthread.c:332)\n kernel: ret_from_fork (arch/x86/entry/entry_64.S:301)\n kernel: ", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48923" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--c0e57f27-76e7-49b9-9166-ead06ca559fb.json b/objects/vulnerability/vulnerability--c0e57f27-76e7-49b9-9166-ead06ca559fb.json new file mode 100644 index 00000000000..976a3287daf --- /dev/null +++ b/objects/vulnerability/vulnerability--c0e57f27-76e7-49b9-9166-ead06ca559fb.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--85f34a41-8964-4cef-a947-d137c83fcfc3", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--c0e57f27-76e7-49b9-9166-ead06ca559fb", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.979419Z", + "modified": "2024-08-23T00:18:38.979419Z", + "name": "CVE-2024-8075", + "description": "A vulnerability has been found in TOTOLINK AC1200 T8 4.1.5cu.862_B20230228 and classified as critical. Affected by this vulnerability is the function setDiagnosisCfg. The manipulation leads to os command injection. The attack can be launched remotely. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-8075" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--c1405b6e-ea21-4c08-975d-6582dd8e5b4d.json b/objects/vulnerability/vulnerability--c1405b6e-ea21-4c08-975d-6582dd8e5b4d.json new file mode 100644 index 00000000000..b6316b8b073 --- /dev/null +++ b/objects/vulnerability/vulnerability--c1405b6e-ea21-4c08-975d-6582dd8e5b4d.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--90d3975a-7448-4cce-90c7-5afad39188a7", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--c1405b6e-ea21-4c08-975d-6582dd8e5b4d", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.987606Z", + "modified": "2024-08-23T00:18:38.987606Z", + "name": "CVE-2024-8089", + "description": "A vulnerability was found in SourceCodester E-Commerce System 1.0. It has been classified as critical. Affected is an unknown function of the file /ecommerce/admin/products/controller.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-8089" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--c630221d-7bdd-4cec-963a-7eef68f1ed21.json b/objects/vulnerability/vulnerability--c630221d-7bdd-4cec-963a-7eef68f1ed21.json new file mode 100644 index 00000000000..27341cc996e --- /dev/null +++ b/objects/vulnerability/vulnerability--c630221d-7bdd-4cec-963a-7eef68f1ed21.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ab9e4d14-8910-49d4-adbe-1c1ba2c5f81c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--c630221d-7bdd-4cec-963a-7eef68f1ed21", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:39.126532Z", + "modified": "2024-08-23T00:18:39.126532Z", + "name": "CVE-2024-6502", + "description": "An issue was discovered in GitLab CE/EE affecting all versions starting from 8.2 prior to 17.1.6 starting from 17.2 prior to 17.2.4, and starting from 17.3 prior to 17.3.1, which allows an attacker to create a branch with the same name as a deleted tag.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-6502" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--c841e569-db73-49c0-95ed-71899f7c9abf.json b/objects/vulnerability/vulnerability--c841e569-db73-49c0-95ed-71899f7c9abf.json new file mode 100644 index 00000000000..a8f5406fa3c --- /dev/null +++ b/objects/vulnerability/vulnerability--c841e569-db73-49c0-95ed-71899f7c9abf.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ca1269f2-23d3-4a26-b8af-2feb27e1d6a0", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--c841e569-db73-49c0-95ed-71899f7c9abf", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:39.055805Z", + "modified": "2024-08-23T00:18:39.055805Z", + "name": "CVE-2024-45168", + "description": "An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Data is transferred over a raw socket without any authentication mechanism. Thus, communication endpoints are not verifiable.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-45168" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--c8bc9354-2eb7-4de5-b603-1914816f7b0a.json b/objects/vulnerability/vulnerability--c8bc9354-2eb7-4de5-b603-1914816f7b0a.json new file mode 100644 index 00000000000..44ca39c8d08 --- /dev/null +++ b/objects/vulnerability/vulnerability--c8bc9354-2eb7-4de5-b603-1914816f7b0a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--68c238c1-f0e1-4fd3-8903-d994c7ee5c87", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--c8bc9354-2eb7-4de5-b603-1914816f7b0a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.551764Z", + "modified": "2024-08-23T00:18:38.551764Z", + "name": "CVE-2024-43398", + "description": "REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have same local name attributes. If you need to parse untrusted XMLs with tree parser API like REXML::Document.new, you may be impacted to this vulnerability. If you use other parser APIs such as stream parser API and SAX2 parser API, this vulnerability is not affected. The REXML gem 3.3.6 or later include the patch to fix the vulnerability.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-43398" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--c9b3ac91-c31d-4fd2-b0e2-1f9f3314495d.json b/objects/vulnerability/vulnerability--c9b3ac91-c31d-4fd2-b0e2-1f9f3314495d.json new file mode 100644 index 00000000000..2479208d25b --- /dev/null +++ b/objects/vulnerability/vulnerability--c9b3ac91-c31d-4fd2-b0e2-1f9f3314495d.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--af60de5d-f5aa-4dc2-872f-dcf3e303e1ab", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--c9b3ac91-c31d-4fd2-b0e2-1f9f3314495d", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:37.877017Z", + "modified": "2024-08-23T00:18:37.877017Z", + "name": "CVE-2024-42762", + "description": "A Stored Cross Site Scripting (XSS) vulnerability was found in \"/history.php\" in Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via the Name, Phone, and Email parameter fields.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-42762" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--ca4905b2-8713-4531-a66b-cdb7c4f3f9b0.json b/objects/vulnerability/vulnerability--ca4905b2-8713-4531-a66b-cdb7c4f3f9b0.json new file mode 100644 index 00000000000..970173982b3 --- /dev/null +++ b/objects/vulnerability/vulnerability--ca4905b2-8713-4531-a66b-cdb7c4f3f9b0.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--afd0d9ef-18fb-4e50-8bf1-d1750d646535", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--ca4905b2-8713-4531-a66b-cdb7c4f3f9b0", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:39.070154Z", + "modified": "2024-08-23T00:18:39.070154Z", + "name": "CVE-2024-45169", + "description": "An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Due to improper input validation, improper deserialization, and improper restriction of operations within the bounds of a memory buffer, IDOL2 is vulnerable to Denial-of-Service (DoS) attacks and possibly remote code execution via the \\xB0\\x00\\x3c byte sequence.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-45169" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--cd7e5653-5e8e-43b9-853a-60140dc86b4e.json b/objects/vulnerability/vulnerability--cd7e5653-5e8e-43b9-853a-60140dc86b4e.json new file mode 100644 index 00000000000..8a7c451933d --- /dev/null +++ b/objects/vulnerability/vulnerability--cd7e5653-5e8e-43b9-853a-60140dc86b4e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--46a36820-50ce-41df-8272-81096808463f", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--cd7e5653-5e8e-43b9-853a-60140dc86b4e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.195062Z", + "modified": "2024-08-23T00:18:25.195062Z", + "name": "CVE-2022-48917", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: ops: Shift tested values in snd_soc_put_volsw() by +min\n\nWhile the $val/$val2 values passed in from userspace are always >= 0\nintegers, the limits of the control can be signed integers and the $min\ncan be non-zero and less than zero. To correctly validate $val/$val2\nagainst platform_max, add the $min offset to val first.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48917" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--cec4adfa-d5bf-4a3e-bc4f-0b81a8a14174.json b/objects/vulnerability/vulnerability--cec4adfa-d5bf-4a3e-bc4f-0b81a8a14174.json new file mode 100644 index 00000000000..f42f866ff24 --- /dev/null +++ b/objects/vulnerability/vulnerability--cec4adfa-d5bf-4a3e-bc4f-0b81a8a14174.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--95a494ec-8c52-494b-b5ec-e40acaff810c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--cec4adfa-d5bf-4a3e-bc4f-0b81a8a14174", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.988987Z", + "modified": "2024-08-23T00:18:38.988987Z", + "name": "CVE-2024-8079", + "description": "A vulnerability was found in TOTOLINK AC1200 T8 4.1.5cu.862_B20230228. It has been rated as critical. This issue affects the function exportOvpn. The manipulation leads to buffer overflow. The attack may be initiated remotely. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-8079" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--cf48250d-709b-4cac-8876-dbd569c8fba1.json b/objects/vulnerability/vulnerability--cf48250d-709b-4cac-8876-dbd569c8fba1.json new file mode 100644 index 00000000000..a56452e058f --- /dev/null +++ b/objects/vulnerability/vulnerability--cf48250d-709b-4cac-8876-dbd569c8fba1.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--875155fb-042e-4bc5-a0c2-69f5a5d88409", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--cf48250d-709b-4cac-8876-dbd569c8fba1", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.990664Z", + "modified": "2024-08-23T00:18:38.990664Z", + "name": "CVE-2024-8084", + "description": "A vulnerability, which was classified as problematic, was found in SourceCodester Online Computer and Laptop Store 1.0. This affects an unknown part of the file /php-ocls/classes/SystemSettings.php?f=update_settings of the component Setting Handler. The manipulation of the argument System Name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-8084" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d08a29eb-bc1c-40fe-a7fb-e0adc05a087c.json b/objects/vulnerability/vulnerability--d08a29eb-bc1c-40fe-a7fb-e0adc05a087c.json new file mode 100644 index 00000000000..d9dd302ec49 --- /dev/null +++ b/objects/vulnerability/vulnerability--d08a29eb-bc1c-40fe-a7fb-e0adc05a087c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--42d1dcfb-28b6-459e-98e6-b95f0db44812", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d08a29eb-bc1c-40fe-a7fb-e0adc05a087c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:37.83959Z", + "modified": "2024-08-23T00:18:37.83959Z", + "name": "CVE-2024-42056", + "description": "Retool (self-hosted enterprise) through 3.40.0 inserts resource authentication credentials into sent data. Credentials for users with \"Use\" permissions can be discovered (by an authenticated attacker) via the /api/resources endpoint. The earliest affected version is 3.18.1.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-42056" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d0abe792-fd68-444b-aa11-e9fc2ab43d84.json b/objects/vulnerability/vulnerability--d0abe792-fd68-444b-aa11-e9fc2ab43d84.json new file mode 100644 index 00000000000..e4452def2ef --- /dev/null +++ b/objects/vulnerability/vulnerability--d0abe792-fd68-444b-aa11-e9fc2ab43d84.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c5372a64-85e8-47dc-9ffa-2fcbf1d17608", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d0abe792-fd68-444b-aa11-e9fc2ab43d84", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:39.063709Z", + "modified": "2024-08-23T00:18:39.063709Z", + "name": "CVE-2024-45166", + "description": "An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Due to improper input validation, improper deserialization, and improper restriction of operations within the bounds of a memory buffer, IDOL2 is vulnerable to Denial-of-Service (DoS) attacks and possibly remote code execution. There is an access violation and EIP overwrite after five logins.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-45166" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d1aefbd4-6810-477d-bd6e-98b05fd1d0c2.json b/objects/vulnerability/vulnerability--d1aefbd4-6810-477d-bd6e-98b05fd1d0c2.json new file mode 100644 index 00000000000..0bf9ae950d7 --- /dev/null +++ b/objects/vulnerability/vulnerability--d1aefbd4-6810-477d-bd6e-98b05fd1d0c2.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--5d9e4808-ca2c-4a3d-b644-6d62e7e17c0c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d1aefbd4-6810-477d-bd6e-98b05fd1d0c2", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.196647Z", + "modified": "2024-08-23T00:18:25.196647Z", + "name": "CVE-2022-48908", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: arcnet: com20020: Fix null-ptr-deref in com20020pci_probe()\n\nDuring driver initialization, the pointer of card info, i.e. the\nvariable 'ci' is required. However, the definition of\n'com20020pci_id_table' reveals that this field is empty for some\ndevices, which will cause null pointer dereference when initializing\nthese devices.\n\nThe following log reveals it:\n\n[ 3.973806] KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f]\n[ 3.973819] RIP: 0010:com20020pci_probe+0x18d/0x13e0 [com20020_pci]\n[ 3.975181] Call Trace:\n[ 3.976208] local_pci_probe+0x13f/0x210\n[ 3.977248] pci_device_probe+0x34c/0x6d0\n[ 3.977255] ? pci_uevent+0x470/0x470\n[ 3.978265] really_probe+0x24c/0x8d0\n[ 3.978273] __driver_probe_device+0x1b3/0x280\n[ 3.979288] driver_probe_device+0x50/0x370\n\nFix this by checking whether the 'ci' is a null pointer first.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48908" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d391b022-d892-4774-8ec7-df8d5abf29a6.json b/objects/vulnerability/vulnerability--d391b022-d892-4774-8ec7-df8d5abf29a6.json new file mode 100644 index 00000000000..5e0a4e308d9 --- /dev/null +++ b/objects/vulnerability/vulnerability--d391b022-d892-4774-8ec7-df8d5abf29a6.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--e7c5ecb8-60b0-46a5-8a41-09c3c6ed66cf", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d391b022-d892-4774-8ec7-df8d5abf29a6", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:37.86844Z", + "modified": "2024-08-23T00:18:37.86844Z", + "name": "CVE-2024-42772", + "description": "An Incorrect Access Control vulnerability was found in /admin/rooms.php in Kashipara Hotel Management System v1.0, which allows an unauthenticated attacker to view valid hotel room entries in administrator section.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-42772" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d5fe5564-e56e-4c37-aa3c-8e599b6df59c.json b/objects/vulnerability/vulnerability--d5fe5564-e56e-4c37-aa3c-8e599b6df59c.json new file mode 100644 index 00000000000..2866e9d6053 --- /dev/null +++ b/objects/vulnerability/vulnerability--d5fe5564-e56e-4c37-aa3c-8e599b6df59c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d12577d9-0321-41dd-9555-7b774819c1dd", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d5fe5564-e56e-4c37-aa3c-8e599b6df59c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.199033Z", + "modified": "2024-08-23T00:18:25.199033Z", + "name": "CVE-2022-48925", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/cma: Do not change route.addr.src_addr outside state checks\n\nIf the state is not idle then resolve_prepare_src() should immediately\nfail and no change to global state should happen. However, it\nunconditionally overwrites the src_addr trying to build a temporary any\naddress.\n\nFor instance if the state is already RDMA_CM_LISTEN then this will corrupt\nthe src_addr and would cause the test in cma_cancel_operation():\n\n if (cma_any_addr(cma_src_addr(id_priv)) && !id_priv->cma_dev)\n\nWhich would manifest as this trace from syzkaller:\n\n BUG: KASAN: use-after-free in __list_add_valid+0x93/0xa0 lib/list_debug.c:26\n Read of size 8 at addr ffff8881546491e0 by task syz-executor.1/32204\n\n CPU: 1 PID: 32204 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller #0\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\n Call Trace:\n __dump_stack lib/dump_stack.c:79 [inline]\n dump_stack+0x141/0x1d7 lib/dump_stack.c:120\n print_address_description.constprop.0.cold+0x5b/0x2f8 mm/kasan/report.c:232\n __kasan_report mm/kasan/report.c:399 [inline]\n kasan_report.cold+0x7c/0xd8 mm/kasan/report.c:416\n __list_add_valid+0x93/0xa0 lib/list_debug.c:26\n __list_add include/linux/list.h:67 [inline]\n list_add_tail include/linux/list.h:100 [inline]\n cma_listen_on_all drivers/infiniband/core/cma.c:2557 [inline]\n rdma_listen+0x787/0xe00 drivers/infiniband/core/cma.c:3751\n ucma_listen+0x16a/0x210 drivers/infiniband/core/ucma.c:1102\n ucma_write+0x259/0x350 drivers/infiniband/core/ucma.c:1732\n vfs_write+0x28e/0xa30 fs/read_write.c:603\n ksys_write+0x1ee/0x250 fs/read_write.c:658\n do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nThis is indicating that an rdma_id_private was destroyed without doing\ncma_cancel_listens().\n\nInstead of trying to re-use the src_addr memory to indirectly create an\nany address derived from the dst build one explicitly on the stack and\nbind to that as any other normal flow would do. rdma_bind_addr() will copy\nit over the src_addr once it knows the state is valid.\n\nThis is similar to commit bc0bdc5afaa7 (\"RDMA/cma: Do not change\nroute.addr.src_addr.ss_family\")", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48925" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e043c330-90b7-47ca-a2d2-22b76d86b11e.json b/objects/vulnerability/vulnerability--e043c330-90b7-47ca-a2d2-22b76d86b11e.json new file mode 100644 index 00000000000..a785e855298 --- /dev/null +++ b/objects/vulnerability/vulnerability--e043c330-90b7-47ca-a2d2-22b76d86b11e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--4ab16431-9d92-4edd-ba55-9f358911e56b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e043c330-90b7-47ca-a2d2-22b76d86b11e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.210562Z", + "modified": "2024-08-23T00:18:25.210562Z", + "name": "CVE-2022-48909", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: fix connection leak\n\nThere's a potential leak issue under following execution sequence :\n\nsmc_release \t\t\t\tsmc_connect_work\nif (sk->sk_state == SMC_INIT)\n\t\t\t\t\tsend_clc_confirim\n\ttcp_abort();\n\t\t\t\t\t...\n\t\t\t\t\tsk.sk_state = SMC_ACTIVE\nsmc_close_active\nswitch(sk->sk_state) {\n...\ncase SMC_ACTIVE:\n\tsmc_close_final()\n\t// then wait peer closed\n\nUnfortunately, tcp_abort() may discard CLC CONFIRM messages that are\nstill in the tcp send buffer, in which case our connection token cannot\nbe delivered to the server side, which means that we cannot get a\npassive close message at all. Therefore, it is impossible for the to be\ndisconnected at all.\n\nThis patch tries a very simple way to avoid this issue, once the state\nhas changed to SMC_ACTIVE after tcp_abort(), we can actively abort the\nsmc connection, considering that the state is SMC_INIT before\ntcp_abort(), abandoning the complete disconnection process should not\ncause too much problem.\n\nIn fact, this problem may exist as long as the CLC CONFIRM message is\nnot received by the server. Whether a timer should be added after\nsmc_close_final() needs to be discussed in the future. But even so, this\npatch provides a faster release for connection in above case, it should\nalso be valuable.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48909" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e0bf2853-d977-4c16-978b-acf708e7949e.json b/objects/vulnerability/vulnerability--e0bf2853-d977-4c16-978b-acf708e7949e.json new file mode 100644 index 00000000000..0cad07cb732 --- /dev/null +++ b/objects/vulnerability/vulnerability--e0bf2853-d977-4c16-978b-acf708e7949e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--58cfcc63-2fc5-4cdb-afd8-342d75ec537d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e0bf2853-d977-4c16-978b-acf708e7949e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:37.873468Z", + "modified": "2024-08-23T00:18:37.873468Z", + "name": "CVE-2024-42411", + "description": "Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.x <= 9.10.0, 9.8.x <= 9.8.2 fail to restrict the input in POST /api/v4/users which allows a user to manipulate the creation date in POST /api/v4/users tricking the admin into believing their account is much older.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-42411" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e1a3ed61-b949-4986-92d5-3b1bdce4d81f.json b/objects/vulnerability/vulnerability--e1a3ed61-b949-4986-92d5-3b1bdce4d81f.json new file mode 100644 index 00000000000..17953c9958e --- /dev/null +++ b/objects/vulnerability/vulnerability--e1a3ed61-b949-4986-92d5-3b1bdce4d81f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--19907257-b85e-4771-b941-76c3c21f5101", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e1a3ed61-b949-4986-92d5-3b1bdce4d81f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.08416Z", + "modified": "2024-08-23T00:18:38.08416Z", + "name": "CVE-2024-36444", + "description": "cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an unauthenticated attacker to gain access to device logs.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-36444" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e1f16696-65bd-40df-a00e-def731e574d9.json b/objects/vulnerability/vulnerability--e1f16696-65bd-40df-a00e-def731e574d9.json new file mode 100644 index 00000000000..acda1b453c7 --- /dev/null +++ b/objects/vulnerability/vulnerability--e1f16696-65bd-40df-a00e-def731e574d9.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--e9cd8054-e949-4576-ac20-ebae13cdd215", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e1f16696-65bd-40df-a00e-def731e574d9", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.165684Z", + "modified": "2024-08-23T00:18:25.165684Z", + "name": "CVE-2022-48930", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/ib_srp: Fix a deadlock\n\nRemove the flush_workqueue(system_long_wq) call since flushing\nsystem_long_wq is deadlock-prone and since that call is redundant with a\npreceding cancel_work_sync()", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48930" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e282c348-7485-414b-aaf9-67df01c887ec.json b/objects/vulnerability/vulnerability--e282c348-7485-414b-aaf9-67df01c887ec.json new file mode 100644 index 00000000000..44db6c7a9c3 --- /dev/null +++ b/objects/vulnerability/vulnerability--e282c348-7485-414b-aaf9-67df01c887ec.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--567683eb-6606-497e-8e90-6affc88435bc", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e282c348-7485-414b-aaf9-67df01c887ec", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:39.065337Z", + "modified": "2024-08-23T00:18:39.065337Z", + "name": "CVE-2024-45165", + "description": "An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Data is sent between client and server with encryption. However, the key is derived from the string \"(c)2007 UCI Software GmbH B.Boll\" (without quotes). The key is both static and hardcoded. With access to messages, this results in message decryption and encryption by an attacker. Thus, it enables passive and active man-in-the-middle attacks.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-45165" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e2e4511d-e048-45d3-b2a4-47be0a96bb2a.json b/objects/vulnerability/vulnerability--e2e4511d-e048-45d3-b2a4-47be0a96bb2a.json new file mode 100644 index 00000000000..97d7c398c93 --- /dev/null +++ b/objects/vulnerability/vulnerability--e2e4511d-e048-45d3-b2a4-47be0a96bb2a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--7c2e53dc-b51a-404f-934f-e6a118aae21b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e2e4511d-e048-45d3-b2a4-47be0a96bb2a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.993255Z", + "modified": "2024-08-23T00:18:38.993255Z", + "name": "CVE-2024-8076", + "description": "A vulnerability was found in TOTOLINK AC1200 T8 4.1.5cu.862_B20230228 and classified as critical. Affected by this issue is the function setDiagnosisCfg. The manipulation leads to buffer overflow. The attack may be launched remotely. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-8076" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e3b5239b-0b45-4a29-a850-7cd294db8ed6.json b/objects/vulnerability/vulnerability--e3b5239b-0b45-4a29-a850-7cd294db8ed6.json new file mode 100644 index 00000000000..44d2c0c222d --- /dev/null +++ b/objects/vulnerability/vulnerability--e3b5239b-0b45-4a29-a850-7cd294db8ed6.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--e25122ab-347a-4cef-b209-a87b1542c189", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e3b5239b-0b45-4a29-a850-7cd294db8ed6", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:39.05982Z", + "modified": "2024-08-23T00:18:39.05982Z", + "name": "CVE-2024-45201", + "description": "An issue was discovered in llama_index before 0.10.38. download/integration.py includes an exec call for import {cls_name}.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-45201" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e3b8511d-bbd1-44b1-938e-c7f42ceff138.json b/objects/vulnerability/vulnerability--e3b8511d-bbd1-44b1-938e-c7f42ceff138.json new file mode 100644 index 00000000000..3fa5401a85a --- /dev/null +++ b/objects/vulnerability/vulnerability--e3b8511d-bbd1-44b1-938e-c7f42ceff138.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a04e899a-761e-4c6d-b02b-e8adda19cc08", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e3b8511d-bbd1-44b1-938e-c7f42ceff138", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.975895Z", + "modified": "2024-08-23T00:18:38.975895Z", + "name": "CVE-2024-8072", + "description": "Mage AI allows remote unauthenticated attackers to leak the terminal server command history of arbitrary users", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-8072" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e4c76dc9-6fa9-4594-84cf-9bdd88efd43b.json b/objects/vulnerability/vulnerability--e4c76dc9-6fa9-4594-84cf-9bdd88efd43b.json new file mode 100644 index 00000000000..2ab09cc21f2 --- /dev/null +++ b/objects/vulnerability/vulnerability--e4c76dc9-6fa9-4594-84cf-9bdd88efd43b.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--e63cb5ad-f6ce-4946-9297-5059081fae5c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e4c76dc9-6fa9-4594-84cf-9bdd88efd43b", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.575152Z", + "modified": "2024-08-23T00:18:38.575152Z", + "name": "CVE-2024-43787", + "description": "Hono is a Web application framework that provides support for any JavaScript runtime. Hono CSRF middleware can be bypassed using crafted Content-Type header. MIME types are case insensitive, but isRequestedByFormElementRe only matches lower-case. As a result, attacker can bypass csrf middleware using upper-case form-like MIME type. This vulnerability is fixed in 4.5.8.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-43787" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e6d37994-6cb9-4176-9a53-dec3a4a6ef60.json b/objects/vulnerability/vulnerability--e6d37994-6cb9-4176-9a53-dec3a4a6ef60.json new file mode 100644 index 00000000000..b6019604d37 --- /dev/null +++ b/objects/vulnerability/vulnerability--e6d37994-6cb9-4176-9a53-dec3a4a6ef60.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--3f24cf88-64be-4878-beff-a620759d33e4", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e6d37994-6cb9-4176-9a53-dec3a4a6ef60", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:37.977405Z", + "modified": "2024-08-23T00:18:37.977405Z", + "name": "CVE-2024-38209", + "description": "Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-38209" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e8865892-9a50-4e4a-ad53-46e0bdd5d63e.json b/objects/vulnerability/vulnerability--e8865892-9a50-4e4a-ad53-46e0bdd5d63e.json new file mode 100644 index 00000000000..0371a726f99 --- /dev/null +++ b/objects/vulnerability/vulnerability--e8865892-9a50-4e4a-ad53-46e0bdd5d63e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--5bcfc4ca-4624-40b5-b593-3d4e32ac138a", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e8865892-9a50-4e4a-ad53-46e0bdd5d63e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.544811Z", + "modified": "2024-08-23T00:18:38.544811Z", + "name": "CVE-2024-43033", + "description": "JPress through 5.1.1 on Windows has an arbitrary file upload vulnerability that could cause arbitrary code execution via ::$DATA to AttachmentController, such as a .jsp::$DATA file to io.jpress.web.commons.controller.AttachmentController#upload. NOTE: this is unrelated to the attack vector for CVE-2024-32358.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-43033" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e8915762-5996-4e35-a6dc-6b6971099ebd.json b/objects/vulnerability/vulnerability--e8915762-5996-4e35-a6dc-6b6971099ebd.json new file mode 100644 index 00000000000..b1ee2031b45 --- /dev/null +++ b/objects/vulnerability/vulnerability--e8915762-5996-4e35-a6dc-6b6971099ebd.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--0dc22f16-cb4f-4205-96a8-b3d9e0ec807a", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e8915762-5996-4e35-a6dc-6b6971099ebd", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:37.842773Z", + "modified": "2024-08-23T00:18:37.842773Z", + "name": "CVE-2024-42418", + "description": "Avtec Outpost uses a default cryptographic key that can be used to decrypt sensitive information.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-42418" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e8b7f343-73fe-446d-9345-2cf395d7388f.json b/objects/vulnerability/vulnerability--e8b7f343-73fe-446d-9345-2cf395d7388f.json new file mode 100644 index 00000000000..4427a91be0e --- /dev/null +++ b/objects/vulnerability/vulnerability--e8b7f343-73fe-446d-9345-2cf395d7388f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--fd215892-5322-484c-93f4-5e1afa4cd257", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e8b7f343-73fe-446d-9345-2cf395d7388f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:37.88505Z", + "modified": "2024-08-23T00:18:37.88505Z", + "name": "CVE-2024-42763", + "description": "A Reflected Cross Site Scripting (XSS) vulnerability was found in the \"/schedule.php\" page of the Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via the \"bookingdate\" parameter.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-42763" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e9377a72-1787-4ca3-aa8a-1f5168d5f71f.json b/objects/vulnerability/vulnerability--e9377a72-1787-4ca3-aa8a-1f5168d5f71f.json new file mode 100644 index 00000000000..ef3e958d0fd --- /dev/null +++ b/objects/vulnerability/vulnerability--e9377a72-1787-4ca3-aa8a-1f5168d5f71f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--dd777f68-f2f2-482e-8f59-bb9c755c3f06", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e9377a72-1787-4ca3-aa8a-1f5168d5f71f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.236838Z", + "modified": "2024-08-23T00:18:25.236838Z", + "name": "CVE-2022-48943", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86/mmu: make apf token non-zero to fix bug\n\nIn current async pagefault logic, when a page is ready, KVM relies on\nkvm_arch_can_dequeue_async_page_present() to determine whether to deliver\na READY event to the Guest. This function test token value of struct\nkvm_vcpu_pv_apf_data, which must be reset to zero by Guest kernel when a\nREADY event is finished by Guest. If value is zero meaning that a READY\nevent is done, so the KVM can deliver another.\nBut the kvm_arch_setup_async_pf() may produce a valid token with zero\nvalue, which is confused with previous mention and may lead the loss of\nthis READY event.\n\nThis bug may cause task blocked forever in Guest:\n INFO: task stress:7532 blocked for more than 1254 seconds.\n Not tainted 5.10.0 #16\n \"echo 0 > /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n task:stress state:D stack: 0 pid: 7532 ppid: 1409\n flags:0x00000080\n Call Trace:\n __schedule+0x1e7/0x650\n schedule+0x46/0xb0\n kvm_async_pf_task_wait_schedule+0xad/0xe0\n ? exit_to_user_mode_prepare+0x60/0x70\n __kvm_handle_async_pf+0x4f/0xb0\n ? asm_exc_page_fault+0x8/0x30\n exc_page_fault+0x6f/0x110\n ? asm_exc_page_fault+0x8/0x30\n asm_exc_page_fault+0x1e/0x30\n RIP: 0033:0x402d00\n RSP: 002b:00007ffd31912500 EFLAGS: 00010206\n RAX: 0000000000071000 RBX: ffffffffffffffff RCX: 00000000021a32b0\n RDX: 000000000007d011 RSI: 000000000007d000 RDI: 00000000021262b0\n RBP: 00000000021262b0 R08: 0000000000000003 R09: 0000000000000086\n R10: 00000000000000eb R11: 00007fefbdf2baa0 R12: 0000000000000000\n R13: 0000000000000002 R14: 000000000007d000 R15: 0000000000001000", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48943" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e99f706c-f2b5-4583-aef7-1b9ad4aa8bb3.json b/objects/vulnerability/vulnerability--e99f706c-f2b5-4583-aef7-1b9ad4aa8bb3.json new file mode 100644 index 00000000000..542cbd8ac50 --- /dev/null +++ b/objects/vulnerability/vulnerability--e99f706c-f2b5-4583-aef7-1b9ad4aa8bb3.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c600b586-eb10-4aca-b6e7-9a5f9c84862f", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e99f706c-f2b5-4583-aef7-1b9ad4aa8bb3", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.978195Z", + "modified": "2024-08-23T00:18:38.978195Z", + "name": "CVE-2024-8081", + "description": "A vulnerability classified as critical was found in itsourcecode Payroll Management System 1.0. Affected by this vulnerability is an unknown functionality of the file login.php. The manipulation of the argument username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-8081" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e9ebefcb-7aee-4905-9d61-3315f96fa3b8.json b/objects/vulnerability/vulnerability--e9ebefcb-7aee-4905-9d61-3315f96fa3b8.json new file mode 100644 index 00000000000..364c661c8c2 --- /dev/null +++ b/objects/vulnerability/vulnerability--e9ebefcb-7aee-4905-9d61-3315f96fa3b8.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--8864deb9-e147-467d-8dba-909ee66d5730", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e9ebefcb-7aee-4905-9d61-3315f96fa3b8", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:39.057304Z", + "modified": "2024-08-23T00:18:39.057304Z", + "name": "CVE-2024-45191", + "description": "** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in Matrix libolm (aka Olm) through 3.2.16. The AES implementation is vulnerable to cache-timing attacks due to use of S-boxes. This is related to software that uses a lookup table for the SubWord step. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-45191" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--ed6a5881-e4db-48ab-a6e0-801f2eda6539.json b/objects/vulnerability/vulnerability--ed6a5881-e4db-48ab-a6e0-801f2eda6539.json new file mode 100644 index 00000000000..168833b1e1b --- /dev/null +++ b/objects/vulnerability/vulnerability--ed6a5881-e4db-48ab-a6e0-801f2eda6539.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ea49cf74-671b-4e14-8a2a-6b97fcbc558d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--ed6a5881-e4db-48ab-a6e0-801f2eda6539", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.262935Z", + "modified": "2024-08-23T00:18:25.262935Z", + "name": "CVE-2022-48924", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: int340x: fix memory leak in int3400_notify()\n\nIt is easy to hit the below memory leaks in my TigerLake platform:\n\nunreferenced object 0xffff927c8b91dbc0 (size 32):\n comm \"kworker/0:2\", pid 112, jiffies 4294893323 (age 83.604s)\n hex dump (first 32 bytes):\n 4e 41 4d 45 3d 49 4e 54 33 34 30 30 20 54 68 65 NAME=INT3400 The\n 72 6d 61 6c 00 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b a5 rmal.kkkkkkkkkk.\n backtrace:\n [] __kmalloc_track_caller+0x2fe/0x4a0\n [] kvasprintf+0x65/0xd0\n [] kasprintf+0x4e/0x70\n [] int3400_notify+0x82/0x120 [int3400_thermal]\n [] acpi_ev_notify_dispatch+0x54/0x71\n [] acpi_os_execute_deferred+0x17/0x30\n [] process_one_work+0x21a/0x3f0\n [] worker_thread+0x4a/0x3b0\n [] kthread+0xfd/0x130\n [] ret_from_fork+0x1f/0x30\n\nFix it by calling kfree() accordingly.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48924" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--ee0f4931-5113-46bd-98bb-3224a4c044aa.json b/objects/vulnerability/vulnerability--ee0f4931-5113-46bd-98bb-3224a4c044aa.json new file mode 100644 index 00000000000..9e6a27c5035 --- /dev/null +++ b/objects/vulnerability/vulnerability--ee0f4931-5113-46bd-98bb-3224a4c044aa.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--765fc8a1-5ed0-4e78-b9f4-2653f74f60a1", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--ee0f4931-5113-46bd-98bb-3224a4c044aa", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.392765Z", + "modified": "2024-08-23T00:18:38.392765Z", + "name": "CVE-2024-39744", + "description": "IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-39744" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f2ed860e-3195-47dc-aef0-a3bed5bc5028.json b/objects/vulnerability/vulnerability--f2ed860e-3195-47dc-aef0-a3bed5bc5028.json new file mode 100644 index 00000000000..8bb83ce7f47 --- /dev/null +++ b/objects/vulnerability/vulnerability--f2ed860e-3195-47dc-aef0-a3bed5bc5028.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--dedfc711-7ba9-4f74-86a1-72a5d12b3097", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f2ed860e-3195-47dc-aef0-a3bed5bc5028", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:39.069068Z", + "modified": "2024-08-23T00:18:39.069068Z", + "name": "CVE-2024-45192", + "description": "** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in Matrix libolm (aka Olm) through 3.2.16. Cache-timing attacks can occur due to use of base64 when decoding group session keys. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-45192" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f3dc84cf-493f-4d9e-990c-bb01a85be0fc.json b/objects/vulnerability/vulnerability--f3dc84cf-493f-4d9e-990c-bb01a85be0fc.json new file mode 100644 index 00000000000..b9da3b77088 --- /dev/null +++ b/objects/vulnerability/vulnerability--f3dc84cf-493f-4d9e-990c-bb01a85be0fc.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f275ed2b-0338-48a2-9f25-82d6adab132d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f3dc84cf-493f-4d9e-990c-bb01a85be0fc", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:37.895088Z", + "modified": "2024-08-23T00:18:37.895088Z", + "name": "CVE-2024-42771", + "description": "A Stored Cross Site Scripting (XSS) vulnerability was found in \" /admin/edit_room_controller.php\" of the Kashipara Hotel Management System v1.0, which allows remote attackers to execute arbitrary code via \"room_name\" parameter.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-42771" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f48ea6f6-b5a5-4b6f-9849-fdc3da2c379b.json b/objects/vulnerability/vulnerability--f48ea6f6-b5a5-4b6f-9849-fdc3da2c379b.json new file mode 100644 index 00000000000..c80b6f1362f --- /dev/null +++ b/objects/vulnerability/vulnerability--f48ea6f6-b5a5-4b6f-9849-fdc3da2c379b.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--23454863-fadc-4dcf-817f-0d60e8cb7c89", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f48ea6f6-b5a5-4b6f-9849-fdc3da2c379b", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:25.185906Z", + "modified": "2024-08-23T00:18:25.185906Z", + "name": "CVE-2022-48927", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: adc: tsc2046: fix memory corruption by preventing array overflow\n\nOn one side we have indio_dev->num_channels includes all physical channels +\ntimestamp channel. On other side we have an array allocated only for\nphysical channels. So, fix memory corruption by ARRAY_SIZE() instead of\nnum_channels variable.\n\nNote the first case is a cleanup rather than a fix as the software\ntimestamp channel bit in active_scanmask is never set by the IIO core.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48927" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--fdae7072-5c1e-4cee-8f22-acd734acfda5.json b/objects/vulnerability/vulnerability--fdae7072-5c1e-4cee-8f22-acd734acfda5.json new file mode 100644 index 00000000000..9cccb6eaa86 --- /dev/null +++ b/objects/vulnerability/vulnerability--fdae7072-5c1e-4cee-8f22-acd734acfda5.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--fab7f767-2130-485d-aed9-7c38e8bec86f", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--fdae7072-5c1e-4cee-8f22-acd734acfda5", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:38.977104Z", + "modified": "2024-08-23T00:18:38.977104Z", + "name": "CVE-2024-8071", + "description": "Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.x <= 9.10.0 and 9.8.x <= 9.8.2 fail to restrict which roles can promote a user as system admin which allows a System Role with edit access to the permissions section of system console to update their role (e.g. member) to include the `manage_system` permission, effectively becoming a System Admin.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-8071" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--fdf66df1-cd78-4228-b95d-248cacdacfbb.json b/objects/vulnerability/vulnerability--fdf66df1-cd78-4228-b95d-248cacdacfbb.json new file mode 100644 index 00000000000..3967e9be0d8 --- /dev/null +++ b/objects/vulnerability/vulnerability--fdf66df1-cd78-4228-b95d-248cacdacfbb.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--30e6a27b-6e35-4708-a9a6-c86bca251b0e", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--fdf66df1-cd78-4228-b95d-248cacdacfbb", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2024-08-23T00:18:37.879408Z", + "modified": "2024-08-23T00:18:37.879408Z", + "name": "CVE-2024-42775", + "description": "An Incorrect Access Control vulnerability was found in /admin/add_room_controller.php in Kashipara Hotel Management System v1.0, which allows an unauthenticated attacker to add the valid hotel room entries in the administrator section via the direct URL access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-42775" + } + ] + } + ] +} \ No newline at end of file