generated content from 2024-10-04

mapping.csv

@@ -250750,3 +250750,61 @@ vulnerability,CVE-2024-47805,vulnerability--3e6e75fc-7e14-4c8c-96bf-0895d2a5b932
 vulnerability,CVE-2024-47529,vulnerability--e0175a96-caee-4225-bf5e-a97eaae6e2a6
 vulnerability,CVE-2024-47807,vulnerability--b25f9cb7-8e08-47b9-b96a-94e71a78a0db
 vulnerability,CVE-2024-47804,vulnerability--c39d8dbe-742f-42ac-a3b5-0060c3ba7370
+vulnerability,CVE-2024-43699,vulnerability--5eec31ba-79d3-4608-adcc-d8cb6ddc6a7d
+vulnerability,CVE-2024-39755,vulnerability--b07112f6-cb66-4594-a2cf-42465117ab34
+vulnerability,CVE-2024-42504,vulnerability--ba7b54e0-1c41-4f8d-ab1e-26b6d654f853
+vulnerability,CVE-2024-42415,vulnerability--44fbf9bc-f304-48bc-a61c-34536b4e149a
+vulnerability,CVE-2024-42417,vulnerability--eccfbd03-11e6-4cbd-972d-c9cef180ee10
+vulnerability,CVE-2024-0125,vulnerability--b325c8ea-f443-42d0-a3a1-20c1feae6c1d
+vulnerability,CVE-2024-0124,vulnerability--e7c8230e-c69f-434f-9596-c0e43ec42eff
+vulnerability,CVE-2024-0123,vulnerability--286bdd6c-e650-49aa-a25b-4df7a857bb66
+vulnerability,CVE-2024-36474,vulnerability--dddd02d7-ce32-4668-a448-03feb1bb33d6
+vulnerability,CVE-2024-45870,vulnerability--cc295428-66e5-480e-a77e-13957008cad7
+vulnerability,CVE-2024-45367,vulnerability--67ca31bd-3ec6-4c58-bea5-9ddfbfdfd279
+vulnerability,CVE-2024-45871,vulnerability--995c4114-9019-4316-a975-ce35d985107d
+vulnerability,CVE-2024-45872,vulnerability--895b0834-689d-46cc-a9e9-fbaa238ced81
+vulnerability,CVE-2024-9313,vulnerability--e5e7d340-895c-4c64-9ec5-582d2b669b1d
+vulnerability,CVE-2024-9460,vulnerability--dc38eae3-f7ed-4246-9cb2-3733958bcb0d
+vulnerability,CVE-2024-9266,vulnerability--44342b33-9bcf-408a-8478-fbea52f8fe7f
+vulnerability,CVE-2024-9100,vulnerability--9ba54770-3510-4cc8-b65b-430d285f75f1
+vulnerability,CVE-2024-8352,vulnerability--141bd413-d986-4aaa-b809-f433a09c0303
+vulnerability,CVE-2024-8508,vulnerability--972c5231-2778-4bef-a2c6-6ccb29b1ab41
+vulnerability,CVE-2024-8159,vulnerability--a12be088-fa36-4abe-b161-899418a187e0
+vulnerability,CVE-2024-46658,vulnerability--69708264-4713-4dab-bd7f-9ee836d7b840
+vulnerability,CVE-2024-34535,vulnerability--05f39c1b-e829-4fb5-b17d-47355d69f282
+vulnerability,CVE-2024-25590,vulnerability--59492526-908a-49a0-9e5f-0a1c21088533
+vulnerability,CVE-2024-44207,vulnerability--b06b0cd9-c2fd-4b9b-8ca6-e6a9b1b35a03
+vulnerability,CVE-2024-44204,vulnerability--6ac18795-f93f-4ec1-9dc2-ff265d5e4b5e
+vulnerability,CVE-2024-7824,vulnerability--80eaaad4-1407-4886-8f9c-0fbe1d84072f
+vulnerability,CVE-2024-7825,vulnerability--ac979cbb-5d5f-49d0-a629-d473849d2133
+vulnerability,CVE-2024-7826,vulnerability--4143ac5c-f5e2-4b92-af46-d8e3d9af1e57
+vulnerability,CVE-2024-5803,vulnerability--9942e8f4-09c5-4497-bd2d-81cbe627964a
+vulnerability,CVE-2024-41925,vulnerability--450a0d6a-a925-4a79-9462-3fc0cbd53453
+vulnerability,CVE-2024-41595,vulnerability--3720c85a-dc79-42b1-beb3-371c4472259b
+vulnerability,CVE-2024-41988,vulnerability--8ad8800f-b6c5-4667-b18a-6f75c8aeecd6
+vulnerability,CVE-2024-41583,vulnerability--6cfe5e2f-b35a-4595-8bea-308f21f543c8
+vulnerability,CVE-2024-41596,vulnerability--12cfcad7-f17f-4ae4-b2ee-cc77d9b915dd
+vulnerability,CVE-2024-41592,vulnerability--562a3f52-bcd2-42fc-aaf5-4abd7899aaa5
+vulnerability,CVE-2024-41594,vulnerability--957255a5-68dd-441d-b68a-94fe39b6efb9
+vulnerability,CVE-2024-41588,vulnerability--243a52fe-bcb2-44d0-a80f-b5259e702141
+vulnerability,CVE-2024-41585,vulnerability--dedc0f60-102f-4864-afe0-1b57db85ee78
+vulnerability,CVE-2024-41163,vulnerability--3c9d954f-6d39-4189-8855-4f162e4f4fa6
+vulnerability,CVE-2024-41586,vulnerability--54d7aa8f-3573-47c8-8f19-32e8f4c11dd9
+vulnerability,CVE-2024-41590,vulnerability--eaa3cf78-d10d-4a94-abcf-60dc05202f87
+vulnerability,CVE-2024-41987,vulnerability--4be6bfc3-b50e-45e4-a290-50d846bf5065
+vulnerability,CVE-2024-41593,vulnerability--8bd0207d-c5d0-48d2-8117-99421cc942d3
+vulnerability,CVE-2024-41584,vulnerability--b050504d-9a19-4e88-9013-68f010c42cf8
+vulnerability,CVE-2024-41589,vulnerability--d86782cb-dc79-4d17-b746-6daf6a528689
+vulnerability,CVE-2024-41922,vulnerability--8094439b-6411-49f8-a05c-77577185a8ea
+vulnerability,CVE-2024-41591,vulnerability--28953272-6b20-4b6a-88fa-ac685dce1831
+vulnerability,CVE-2024-41587,vulnerability--5d880ebb-3448-4f8c-a45c-bd2a425930fc
+vulnerability,CVE-2024-47134,vulnerability--53242d8a-6984-40f3-8d16-e75451dc6f68
+vulnerability,CVE-2024-47762,vulnerability--a2d36a07-d1e1-45d0-98a3-187ef229258d
+vulnerability,CVE-2024-47617,vulnerability--61e9f96e-093a-48ba-96ca-4268b106ec10
+vulnerability,CVE-2024-47561,vulnerability--b02f521e-77e4-4bc0-96a0-b549ab5bae7b
+vulnerability,CVE-2024-47614,vulnerability--061b4891-bb2a-4ed0-aab5-6cf1ad5a5781
+vulnerability,CVE-2024-47135,vulnerability--125c6417-bbaf-4d22-bd31-e9c6807ec5f5
+vulnerability,CVE-2024-47618,vulnerability--a7cff793-7390-40b6-9e01-5e508ca3c545
+vulnerability,CVE-2024-47554,vulnerability--54b36a99-268b-4c3b-ae97-6e5d9c0024a5
+vulnerability,CVE-2024-47136,vulnerability--d5f010e7-b9d7-4e67-b98a-409cf970ea05
+vulnerability,CVE-2023-37822,vulnerability--283e46fe-cc1e-4dd2-afc3-62fad20ebaed

objects/vulnerability/vulnerability--05f39c1b-e829-4fb5-b17d-47355d69f282.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--2b7df036-29ba-4e11-b4b0-2f950728b4df",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--05f39c1b-e829-4fb5-b17d-47355d69f282",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-04T00:20:29.07821Z",
+            "modified": "2024-10-04T00:20:29.07821Z",
+            "name": "CVE-2024-34535",
+            "description": "In Mastodon 4.1.6, API endpoint rate limiting can be bypassed by setting a crafted HTTP request header.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-34535"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--061b4891-bb2a-4ed0-aab5-6cf1ad5a5781.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--16ab7af2-6e97-474c-a696-2e51cc09656e",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--061b4891-bb2a-4ed0-aab5-6cf1ad5a5781",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-04T00:20:30.069514Z",
+            "modified": "2024-10-04T00:20:30.069514Z",
+            "name": "CVE-2024-47614",
+            "description": "async-graphql is a GraphQL server library implemented in Rust. async-graphql before 7.0.10 does not limit the number of directives for a field. This can lead to Service Disruption, Resource Exhaustion, and User Experience Degradation. This vulnerability is fixed in 7.0.10.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-47614"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--125c6417-bbaf-4d22-bd31-e9c6807ec5f5.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--21f6afc7-886f-4d85-b65d-9da43c87723b",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--125c6417-bbaf-4d22-bd31-e9c6807ec5f5",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-04T00:20:30.07868Z",
+            "modified": "2024-10-04T00:20:30.07868Z",
+            "name": "CVE-2024-47135",
+            "description": "Stack-based buffer overflow vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.14.0 and earlier. Having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier may cause a denial-of-service (DoS) condition, arbitrary code execution, and/or information disclosure because the issues exist in parsing of KPP project files.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-47135"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--12cfcad7-f17f-4ae4-b2ee-cc77d9b915dd.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--3f8c0913-4907-478f-a551-441cb92b04cf",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--12cfcad7-f17f-4ae4-b2ee-cc77d9b915dd",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-04T00:20:29.901725Z",
+            "modified": "2024-10-04T00:20:29.901725Z",
+            "name": "CVE-2024-41596",
+            "description": "Buffer Overflow vulnerabilities exist in DrayTek Vigor310 devices through 4.3.2.6 (in the Vigor management UI) because of improper retrieval and handling of the CGI form parameters.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-41596"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--141bd413-d986-4aaa-b809-f433a09c0303.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--d1204e23-9b93-4ed7-a865-83138737e517",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--141bd413-d986-4aaa-b809-f433a09c0303",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-04T00:20:28.819127Z",
+            "modified": "2024-10-04T00:20:28.819127Z",
+            "name": "CVE-2024-8352",
+            "description": "The Social Web Suite – Social Media Auto Post, Social Media Auto Publish plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 4.1.11 via the download_log function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-8352"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--243a52fe-bcb2-44d0-a80f-b5259e702141.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--a196ab07-ae80-4704-892f-cd00a7b312cb",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--243a52fe-bcb2-44d0-a80f-b5259e702141",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-04T00:20:29.91548Z",
+            "modified": "2024-10-04T00:20:29.91548Z",
+            "name": "CVE-2024-41588",
+            "description": "The CGI endpoints v2x00.cgi and cgiwcg.cgi of DrayTek Vigor3910 devices through 4.3.2.6 are vulnerable to buffer overflows, by authenticated users, because of missing bounds checking on parameters passed through POST requests to the strncpy function.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-41588"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--283e46fe-cc1e-4dd2-afc3-62fad20ebaed.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--d9ea3bfe-c6ee-423e-8c39-ebf56699e0fa",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--283e46fe-cc1e-4dd2-afc3-62fad20ebaed",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-04T00:20:37.132133Z",
+            "modified": "2024-10-04T00:20:37.132133Z",
+            "name": "CVE-2023-37822",
+            "description": "Eufy HomeBase 2 model T8010X v3.2.8.3h was discovered to use the deprecated wireless protocol WPA2-PSK.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2023-37822"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--286bdd6c-e650-49aa-a25b-4df7a857bb66.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--bde4d6a3-dc20-44b9-8788-de396ac89a0a",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--286bdd6c-e650-49aa-a25b-4df7a857bb66",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-04T00:20:28.400809Z",
+            "modified": "2024-10-04T00:20:28.400809Z",
+            "name": "CVE-2024-0123",
+            "description": "NVIDIA CUDA toolkit for Windows and Linux contains a vulnerability in the nvdisasm command line tool where an attacker may cause an improper validation in input issue by tricking the user into running nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to denial of service.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-0123"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--28953272-6b20-4b6a-88fa-ac685dce1831.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--8e48ec83-84db-44e8-97f7-eec8146465d5",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--28953272-6b20-4b6a-88fa-ac685dce1831",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-04T00:20:29.938982Z",
+            "modified": "2024-10-04T00:20:29.938982Z",
+            "name": "CVE-2024-41591",
+            "description": "DrayTek Vigor3910 devices through 4.3.2.6 allow unauthenticated DOM-based reflected XSS.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-41591"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--3720c85a-dc79-42b1-beb3-371c4472259b.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--53c326c5-bac8-4a71-8dbc-4b5d577f84db",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--3720c85a-dc79-42b1-beb3-371c4472259b",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-04T00:20:29.884918Z",
+            "modified": "2024-10-04T00:20:29.884918Z",
+            "name": "CVE-2024-41595",
+            "description": "DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to change settings or cause a denial of service via .cgi pages because of missing bounds checks on read and write operations.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-41595"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--3c9d954f-6d39-4189-8855-4f162e4f4fa6.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--2ccb8cb7-f3ce-45e5-b8ff-0a52cf4ac3f7",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--3c9d954f-6d39-4189-8855-4f162e4f4fa6",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-04T00:20:29.920521Z",
+            "modified": "2024-10-04T00:20:29.920521Z",
+            "name": "CVE-2024-41163",
+            "description": "A directory traversal vulnerability exists in the archive download functionality of Veertu Anka Build 1.42.0. A specially crafted HTTP request can lead to a disclosure of arbitrary files. An attacker can make an unauthenticated HTTP request to exploit this vulnerability.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-41163"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--4143ac5c-f5e2-4b92-af46-d8e3d9af1e57.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--7a3041be-8d78-4aca-8ac2-77ddade6fa5f",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--4143ac5c-f5e2-4b92-af46-d8e3d9af1e57",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-04T00:20:29.611291Z",
+            "modified": "2024-10-04T00:20:29.611291Z",
+            "name": "CVE-2024-7826",
+            "description": "Improper Check for Unusual or Exceptional Conditions vulnerability in Webroot SecureAnywhere - Web Shield on Windows, ARM, 64 bit, 32 bit (wrURL.Dll modules) allows Functionality Misuse.This issue affects SecureAnywhere - Web Shield: before 2.1.2.3.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-7826"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--44342b33-9bcf-408a-8478-fbea52f8fe7f.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--83ddafc4-4183-4367-b991-17106b533633",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--44342b33-9bcf-408a-8478-fbea52f8fe7f",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-04T00:20:28.789518Z",
+            "modified": "2024-10-04T00:20:28.789518Z",
+            "name": "CVE-2024-9266",
+            "description": "URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Express. This vulnerability affects the use of the Express Response object. This issue impacts Express: from 3.4.5 before 4.0.0.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-9266"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--44fbf9bc-f304-48bc-a61c-34536b4e149a.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--6bb5e056-8600-434f-bd13-8b6b033ab70f",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--44fbf9bc-f304-48bc-a61c-34536b4e149a",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-04T00:20:28.298421Z",
+            "modified": "2024-10-04T00:20:28.298421Z",
+            "name": "CVE-2024-42415",
+            "description": "An integer overflow vulnerability exists in the Compound Document Binary File format parser of v1.14.52 of the GNOME Project G Structured File Library (libgsf). A specially crafted file can result in an integer overflow that allows for a heap-based buffer overflow when processing the sector allocation table. This can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-42415"
+                }
+            ]
+        }
+    ]
+}