-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
gitadvisor
committed
Jan 24, 2025
1 parent
a4f6874
commit ec34940
Showing
12 changed files
with
253 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
22 changes: 22 additions & 0 deletions
22
objects/vulnerability/vulnerability--2c88cb78-7acb-4eb8-902f-68a950e5fef0.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| { | ||
| "type": "bundle", | ||
| "id": "bundle--b6196fa4-13ac-4867-8d4a-0639b0899ff3", | ||
| "objects": [ | ||
| { | ||
| "type": "vulnerability", | ||
| "spec_version": "2.1", | ||
| "id": "vulnerability--2c88cb78-7acb-4eb8-902f-68a950e5fef0", | ||
| "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", | ||
| "created": "2025-01-24T15:19:47.361728Z", | ||
| "modified": "2025-01-24T15:19:47.361728Z", | ||
| "name": "CVE-2024-9492", | ||
| "description": "DLL hijacking vulnerabilities, caused by an uncontrolled search path in Flash Programming Utility installer can lead to privilege escalation and arbitrary code execution when running the impacted installer.", | ||
| "external_references": [ | ||
| { | ||
| "source_name": "cve", | ||
| "external_id": "CVE-2024-9492" | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| } |
22 changes: 22 additions & 0 deletions
22
objects/vulnerability/vulnerability--381fe63d-67e7-49f9-8c06-79f40f8e8a72.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| { | ||
| "type": "bundle", | ||
| "id": "bundle--34926965-b6bd-4b92-910b-16633df2474f", | ||
| "objects": [ | ||
| { | ||
| "type": "vulnerability", | ||
| "spec_version": "2.1", | ||
| "id": "vulnerability--381fe63d-67e7-49f9-8c06-79f40f8e8a72", | ||
| "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", | ||
| "created": "2025-01-24T15:19:47.372641Z", | ||
| "modified": "2025-01-24T15:19:47.372641Z", | ||
| "name": "CVE-2024-9493", | ||
| "description": "DLL hijacking vulnerabilities, caused by an uncontrolled search path in the \n\nToolStick\n\n installer can lead to privilege escalation and arbitrary code execution when running the impacted installer.", | ||
| "external_references": [ | ||
| { | ||
| "source_name": "cve", | ||
| "external_id": "CVE-2024-9493" | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| } |
22 changes: 22 additions & 0 deletions
22
objects/vulnerability/vulnerability--65e73e70-436d-4543-8884-ca30de640ce1.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| { | ||
| "type": "bundle", | ||
| "id": "bundle--c3d6c1f5-2c77-4bc1-98bc-471acf45312d", | ||
| "objects": [ | ||
| { | ||
| "type": "vulnerability", | ||
| "spec_version": "2.1", | ||
| "id": "vulnerability--65e73e70-436d-4543-8884-ca30de640ce1", | ||
| "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", | ||
| "created": "2025-01-24T15:19:47.352087Z", | ||
| "modified": "2025-01-24T15:19:47.352087Z", | ||
| "name": "CVE-2024-9496", | ||
| "description": "DLL hijacking vulnerabilities, caused by an uncontrolled search path in the USBXpress Dev Kit\n\n \n\n\n\n installer can lead to privilege escalation and arbitrary code execution when running the impacted installer.", | ||
| "external_references": [ | ||
| { | ||
| "source_name": "cve", | ||
| "external_id": "CVE-2024-9496" | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| } |
22 changes: 22 additions & 0 deletions
22
objects/vulnerability/vulnerability--94c6523e-3f52-410c-9af4-edf99e7678d9.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| { | ||
| "type": "bundle", | ||
| "id": "bundle--0fbe6d95-dff2-498b-9288-ff1115661753", | ||
| "objects": [ | ||
| { | ||
| "type": "vulnerability", | ||
| "spec_version": "2.1", | ||
| "id": "vulnerability--94c6523e-3f52-410c-9af4-edf99e7678d9", | ||
| "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", | ||
| "created": "2025-01-24T15:19:47.384477Z", | ||
| "modified": "2025-01-24T15:19:47.384477Z", | ||
| "name": "CVE-2024-9497", | ||
| "description": "DLL hijacking vulnerabilities, caused by an uncontrolled search path in the USBXpress 4 SDK\n\n \n\n\n\n installer can lead to privilege escalation and arbitrary code execution when running the impacted installer.", | ||
| "external_references": [ | ||
| { | ||
| "source_name": "cve", | ||
| "external_id": "CVE-2024-9497" | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| } |
22 changes: 22 additions & 0 deletions
22
objects/vulnerability/vulnerability--97c17393-bda2-4761-993a-b979f6ced4c9.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| { | ||
| "type": "bundle", | ||
| "id": "bundle--276533bd-6730-43eb-9091-10e28fa7e7bb", | ||
| "objects": [ | ||
| { | ||
| "type": "vulnerability", | ||
| "spec_version": "2.1", | ||
| "id": "vulnerability--97c17393-bda2-4761-993a-b979f6ced4c9", | ||
| "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", | ||
| "created": "2025-01-24T15:19:56.508762Z", | ||
| "modified": "2025-01-24T15:19:56.508762Z", | ||
| "name": "CVE-2025-22605", | ||
| "description": "Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Starting in version 4.0.0-beta.18 and prior to 4.0.0-beta.253, a vulnerability in the execution of commands on remote servers allows an authenticated user to execute arbitrary code on the local Coolify container, gaining access to data and private keys or tokens of other users/teams. The ability to inject malicious commands into the Coolify container gives authenticated attackers the ability to fully retrieve and control the data and availability of the software. Centrally hosted Coolify instances (open registration and/or multiple teams with potentially untrustworthy users) are especially at risk, as sensitive data of all users and connected servers can be leaked by any user. Additionally, attackers are able to modify the running software, potentially deploying malicious images to remote nodes or generally changing its behavior. Version 4.0.0-beta.253 patches this issue.", | ||
| "external_references": [ | ||
| { | ||
| "source_name": "cve", | ||
| "external_id": "CVE-2025-22605" | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| } |
22 changes: 22 additions & 0 deletions
22
objects/vulnerability/vulnerability--bfac8151-4f07-4c5f-a56b-06bbaeee49b0.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| { | ||
| "type": "bundle", | ||
| "id": "bundle--edd8b09a-f18a-41c1-8aad-bb7c3d8cd731", | ||
| "objects": [ | ||
| { | ||
| "type": "vulnerability", | ||
| "spec_version": "2.1", | ||
| "id": "vulnerability--bfac8151-4f07-4c5f-a56b-06bbaeee49b0", | ||
| "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", | ||
| "created": "2025-01-24T15:19:47.371319Z", | ||
| "modified": "2025-01-24T15:19:47.371319Z", | ||
| "name": "CVE-2024-9491", | ||
| "description": "DLL hijacking vulnerabilities, caused by an uncontrolled search path in Configuration Wizard 2 installer can lead to privilege escalation and arbitrary code execution when running the impacted installer.", | ||
| "external_references": [ | ||
| { | ||
| "source_name": "cve", | ||
| "external_id": "CVE-2024-9491" | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| } |
22 changes: 22 additions & 0 deletions
22
objects/vulnerability/vulnerability--bfb517fa-dc8b-41a5-a26a-00d31b1e248c.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| { | ||
| "type": "bundle", | ||
| "id": "bundle--8f6c2fed-727a-4c05-a3e5-536563d1e88c", | ||
| "objects": [ | ||
| { | ||
| "type": "vulnerability", | ||
| "spec_version": "2.1", | ||
| "id": "vulnerability--bfb517fa-dc8b-41a5-a26a-00d31b1e248c", | ||
| "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", | ||
| "created": "2025-01-24T15:19:47.358714Z", | ||
| "modified": "2025-01-24T15:19:47.358714Z", | ||
| "name": "CVE-2024-9499", | ||
| "description": "DLL hijacking vulnerabilities, caused by an uncontrolled search path in the USBXpress Win 98SE Dev Kit installer can lead to privilege escalation and arbitrary code execution when running the impacted installer.", | ||
| "external_references": [ | ||
| { | ||
| "source_name": "cve", | ||
| "external_id": "CVE-2024-9499" | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| } |
22 changes: 22 additions & 0 deletions
22
objects/vulnerability/vulnerability--c08c52aa-7e1d-4aaa-8eee-30199f4b303a.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| { | ||
| "type": "bundle", | ||
| "id": "bundle--96456a22-4894-4632-8a82-b8e1612591d3", | ||
| "objects": [ | ||
| { | ||
| "type": "vulnerability", | ||
| "spec_version": "2.1", | ||
| "id": "vulnerability--c08c52aa-7e1d-4aaa-8eee-30199f4b303a", | ||
| "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", | ||
| "created": "2025-01-24T15:19:47.329237Z", | ||
| "modified": "2025-01-24T15:19:47.329237Z", | ||
| "name": "CVE-2024-9495", | ||
| "description": "DLL hijacking vulnerabilities, caused by an uncontrolled search path in the CP210x VCP Windows \n\n\n\n installer can lead to privilege escalation and arbitrary code execution when running the impacted installer.", | ||
| "external_references": [ | ||
| { | ||
| "source_name": "cve", | ||
| "external_id": "CVE-2024-9495" | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| } |
22 changes: 22 additions & 0 deletions
22
objects/vulnerability/vulnerability--dc54cbe4-cb89-47a5-956d-92e51972fe37.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| { | ||
| "type": "bundle", | ||
| "id": "bundle--f5619aa7-e083-4da9-84d7-6b1e15ed9cdb", | ||
| "objects": [ | ||
| { | ||
| "type": "vulnerability", | ||
| "spec_version": "2.1", | ||
| "id": "vulnerability--dc54cbe4-cb89-47a5-956d-92e51972fe37", | ||
| "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", | ||
| "created": "2025-01-24T15:19:47.375768Z", | ||
| "modified": "2025-01-24T15:19:47.375768Z", | ||
| "name": "CVE-2024-9490", | ||
| "description": "DLL hijacking vulnerabilities, caused by an uncontrolled search path in Silicon Labs (8-bit) IDE installer can lead to privilege escalation and arbitrary code execution when running the impacted installer.", | ||
| "external_references": [ | ||
| { | ||
| "source_name": "cve", | ||
| "external_id": "CVE-2024-9490" | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| } |
22 changes: 22 additions & 0 deletions
22
objects/vulnerability/vulnerability--dec3080a-5495-4e86-a519-ce6cfff6aa1a.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| { | ||
| "type": "bundle", | ||
| "id": "bundle--6eab9208-739b-4ccb-9484-b42c877d2fcb", | ||
| "objects": [ | ||
| { | ||
| "type": "vulnerability", | ||
| "spec_version": "2.1", | ||
| "id": "vulnerability--dec3080a-5495-4e86-a519-ce6cfff6aa1a", | ||
| "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", | ||
| "created": "2025-01-24T15:19:47.34625Z", | ||
| "modified": "2025-01-24T15:19:47.34625Z", | ||
| "name": "CVE-2024-9498", | ||
| "description": "DLL hijacking vulnerabilities, caused by an uncontrolled search path in the USBXpress SDK\n\n \n\n\n\n installer can lead to privilege escalation and arbitrary code execution when running the impacted installer.", | ||
| "external_references": [ | ||
| { | ||
| "source_name": "cve", | ||
| "external_id": "CVE-2024-9498" | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| } |
22 changes: 22 additions & 0 deletions
22
objects/vulnerability/vulnerability--e2a789d3-0f40-47e5-b239-783bf4b9be96.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| { | ||
| "type": "bundle", | ||
| "id": "bundle--b082454f-c5a7-4e7f-a74b-f99c907b6265", | ||
| "objects": [ | ||
| { | ||
| "type": "vulnerability", | ||
| "spec_version": "2.1", | ||
| "id": "vulnerability--e2a789d3-0f40-47e5-b239-783bf4b9be96", | ||
| "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", | ||
| "created": "2025-01-24T15:19:47.354164Z", | ||
| "modified": "2025-01-24T15:19:47.354164Z", | ||
| "name": "CVE-2024-9494", | ||
| "description": "DLL hijacking vulnerabilities, caused by an uncontrolled search path in the \n\n\n\nCP210 VCP Win 2k\n\n\n\n installer can lead to privilege escalation and arbitrary code execution when running the impacted installer.", | ||
| "external_references": [ | ||
| { | ||
| "source_name": "cve", | ||
| "external_id": "CVE-2024-9494" | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| } |