generated content from 2025-01-18

mapping.csv

@@ -264267,3 +264267,9 @@ vulnerability,CVE-2024-13375,vulnerability--906e8bab-7a31-4488-97fe-04742f4d6fb1
 vulnerability,CVE-2025-0557,vulnerability--b50e2a89-eefd-47b0-9d12-455312f5fbb4
 vulnerability,CVE-2025-0558,vulnerability--1310e7d6-1c52-439a-8f9f-65767e4ddd7e
 vulnerability,CVE-2025-0559,vulnerability--9ca5459c-9b61-4909-acdb-93fc15f3f567
+vulnerability,CVE-2024-49354,vulnerability--caeb5cc9-784b-48f5-86f9-1dce345260e7
+vulnerability,CVE-2024-49824,vulnerability--c32c9589-b8be-4a1e-bf8c-c72aad3ae352
+vulnerability,CVE-2024-49338,vulnerability--14e4a3a0-5e7c-4632-8736-d3d6c66cf3f5
+vulnerability,CVE-2024-47113,vulnerability--e6e66a44-8bca-4703-961b-51344909e493
+vulnerability,CVE-2024-51448,vulnerability--15e43ab0-bba6-4963-93ad-b5afe9f5f12d
+vulnerability,CVE-2025-0560,vulnerability--034bff74-aebd-4b12-8ddc-cca5083ae3e4

objects/vulnerability/vulnerability--034bff74-aebd-4b12-8ddc-cca5083ae3e4.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--da5dde4c-1d73-48c8-87f8-9835ed4efe69",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--034bff74-aebd-4b12-8ddc-cca5083ae3e4",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-18T16:21:08.222849Z",
+            "modified": "2025-01-18T16:21:08.222849Z",
+            "name": "CVE-2025-0560",
+            "description": "A vulnerability, which was classified as problematic, was found in CampCodes School Management Software 1.0. Affected is an unknown function of the file /photo-gallery of the component Photo Gallery Page. The manipulation of the argument Description leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2025-0560"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--14e4a3a0-5e7c-4632-8736-d3d6c66cf3f5.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--c11390d4-1ec5-4c37-a4bf-d4806a658eff",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--14e4a3a0-5e7c-4632-8736-d3d6c66cf3f5",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-18T16:21:02.034685Z",
+            "modified": "2025-01-18T16:21:02.034685Z",
+            "name": "CVE-2024-49338",
+            "description": "IBM App Connect Enterprise 12.0.1.0 through 12.0.7.0and 13.0.1.0 under certain configurations could allow a privileged user to obtain JMS credentials.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-49338"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--15e43ab0-bba6-4963-93ad-b5afe9f5f12d.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--cd0baa1b-ffcb-49d3-844c-fa03eb125f60",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--15e43ab0-bba6-4963-93ad-b5afe9f5f12d",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-18T16:21:03.712944Z",
+            "modified": "2025-01-18T16:21:03.712944Z",
+            "name": "CVE-2024-51448",
+            "description": "IBM Robotic Process Automation 21.0.0 through 21.0.7.17 and 23.0.0 through 23.0.18 could allow a local user to escalate their privileges. All files in the install inherit the file permissions of the parent directory and therefore a non-privileged user can substitute any executable for the nssm.exe service. A subsequent service or server restart will then run that binary with administrator privilege.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-51448"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--c32c9589-b8be-4a1e-bf8c-c72aad3ae352.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--4f9939c7-9d19-44dc-b8aa-5d9f9473312c",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--c32c9589-b8be-4a1e-bf8c-c72aad3ae352",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-18T16:21:02.027693Z",
+            "modified": "2025-01-18T16:21:02.027693Z",
+            "name": "CVE-2024-49824",
+            "description": "IBM Robotic Process Automation 21.0.0 through 21.0.7.18 and 23.0.0 through 23.0.18 and \n\nIBM Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.18 and 23.0.0 through 23.0.18\n\ncould allow an authenticated user to perform unauthorized actions as a privileged user due to improper validation of client-side security enforcement.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-49824"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--caeb5cc9-784b-48f5-86f9-1dce345260e7.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--c1f18894-65b2-4a6f-bd6b-0b02b1735741",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--caeb5cc9-784b-48f5-86f9-1dce345260e7",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-18T16:21:02.001349Z",
+            "modified": "2025-01-18T16:21:02.001349Z",
+            "name": "CVE-2024-49354",
+            "description": "IBM Concert 1.0.0, 1.0.1, and 1.0.2 is vulnerable to sensitive information disclosure through specially crafted API Calls.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-49354"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--e6e66a44-8bca-4703-961b-51344909e493.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--79e1cd4a-fe54-4914-a779-346af293a040",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--e6e66a44-8bca-4703-961b-51344909e493",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-18T16:21:03.287637Z",
+            "modified": "2025-01-18T16:21:03.287637Z",
+            "name": "CVE-2024-47113",
+            "description": "IBM ICP - Voice Gateway 1.0.2, 1.0.2.4, 1.0.3, 1.0.4, 1.0.5, 1.0.6. 1.0.7, 1.0.7.1, and 1.0.8 could allow remote attacker to send specially crafted XML statements, which would allow them to attacker to view or modify information in the XML document.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-47113"
+                }
+            ]
+        }
+    ]
+}