generated content from 2025-01-28

mapping.csv

@@ -265541,3 +265541,9 @@ vulnerability,CVE-2024-55968,vulnerability--24389d58-05fa-4d06-b4ee-96848077bc7e
 vulnerability,CVE-2024-29869,vulnerability--f11b368f-9a4a-4a6e-b5e0-678b7c28d1c7
 vulnerability,CVE-2025-22917,vulnerability--159f26ee-7b37-4282-952b-84a64e5e4f24
 vulnerability,CVE-2025-0785,vulnerability--e62cb8f7-157f-40a9-b6d8-e2beec693f0a
+vulnerability,CVE-2024-57519,vulnerability--6f6bfcf8-4b1e-4314-9d7c-03fde8062c44
+vulnerability,CVE-2024-56529,vulnerability--e3ddb09c-1545-41d2-a102-989e5bc67b66
+vulnerability,CVE-2024-48310,vulnerability--e776a3b4-481e-43d7-943f-f99936aa612a
+vulnerability,CVE-2025-0788,vulnerability--87021678-44aa-430f-9eca-70318fce6383
+vulnerability,CVE-2025-0787,vulnerability--6042112b-8663-4f5b-91d4-e256e31ef50b
+vulnerability,CVE-2025-0786,vulnerability--b554b260-3d8f-43bc-a3c3-f0a91aa8154f

objects/vulnerability/vulnerability--6042112b-8663-4f5b-91d4-e256e31ef50b.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--8af286ec-136f-45c4-8032-036a80ef416b",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--6042112b-8663-4f5b-91d4-e256e31ef50b",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-28T23:17:50.610167Z",
+            "modified": "2025-01-28T23:17:50.610167Z",
+            "name": "CVE-2025-0787",
+            "description": "A vulnerability was found in ESAFENET CDG V5. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /appDetail.jsp. The manipulation of the argument curpage leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2025-0787"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--6f6bfcf8-4b1e-4314-9d7c-03fde8062c44.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--7d676489-5877-44a6-b751-37a21764c0d3",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--6f6bfcf8-4b1e-4314-9d7c-03fde8062c44",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-28T23:17:40.495194Z",
+            "modified": "2025-01-28T23:17:40.495194Z",
+            "name": "CVE-2024-57519",
+            "description": "An issue in Open5GS v.2.7.2 allows a remote attacker to cause a denial of service via the ogs_dbi_auth_info function in lib/dbi/subscription.c file.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-57519"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--87021678-44aa-430f-9eca-70318fce6383.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--c077a618-8ed6-4c9e-b9c0-e311377a4e3b",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--87021678-44aa-430f-9eca-70318fce6383",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-28T23:17:50.600448Z",
+            "modified": "2025-01-28T23:17:50.600448Z",
+            "name": "CVE-2025-0788",
+            "description": "A vulnerability was found in ESAFENET CDG V5. It has been rated as critical. Affected by this issue is some unknown functionality of the file /content_top.jsp. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2025-0788"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--b554b260-3d8f-43bc-a3c3-f0a91aa8154f.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--51d6870b-c912-4c34-bc74-4a6d39d26ff6",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--b554b260-3d8f-43bc-a3c3-f0a91aa8154f",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-28T23:17:50.628025Z",
+            "modified": "2025-01-28T23:17:50.628025Z",
+            "name": "CVE-2025-0786",
+            "description": "A vulnerability was found in ESAFENET CDG V5. It has been classified as critical. Affected is an unknown function of the file /appDetail.jsp. The manipulation of the argument flowId leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2025-0786"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--e3ddb09c-1545-41d2-a102-989e5bc67b66.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--e6d58204-a5ec-40f9-8481-b76dacf185c6",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--e3ddb09c-1545-41d2-a102-989e5bc67b66",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-28T23:17:40.975448Z",
+            "modified": "2025-01-28T23:17:40.975448Z",
+            "name": "CVE-2024-56529",
+            "description": "Mailcow through 2024-11b has a session fixation vulnerability in the web panel. It allows remote attackers to set a session identifier when HSTS is disabled on a victim's browser. After a user logs in, they are authenticated and the session identifier is valid. Then, a remote attacker can access the victim's web panel with the same session identifier.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-56529"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--e776a3b4-481e-43d7-943f-f99936aa612a.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--8e39f75f-5791-4142-b6bb-067a3e37c966",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--e776a3b4-481e-43d7-943f-f99936aa612a",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-28T23:17:41.709843Z",
+            "modified": "2025-01-28T23:17:41.709843Z",
+            "name": "CVE-2024-48310",
+            "description": "AutoLib Software Systems OPAC v20.10 was discovered to have multiple API keys exposed within the source code. Attackers may use these keys to access the backend API or other sensitive information.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-48310"
+                }
+            ]
+        }
+    ]
+}