generated content from 2024-12-21

oasis-open · Dec 21, 2024 · 081d813 · 081d813
1 parent c146755
commit 081d813
Show file tree

Hide file tree

Showing 89 changed files with 2,024 additions and 0 deletions.
diff --git a/mapping.csv b/mapping.csv
@@ -260792,3 +260792,91 @@ vulnerability,CVE-2020-12820,vulnerability--c348fddd-0bf1-49fb-8a26-5da43e47fb6e
 vulnerability,CVE-2020-12819,vulnerability--cc7c4e85-f83d-4e75-abde-f3faa9b5b884
 vulnerability,CVE-2020-15934,vulnerability--931c70e6-b3f6-40d8-a349-9cc7b7490ac8
 vulnerability,CVE-2020-6923,vulnerability--72f42e3c-91b3-4658-8f84-0b5497de67d3
+vulnerability,CVE-2024-51466,vulnerability--cfdc1641-ce5a-450d-aadc-3cbed4294619
+vulnerability,CVE-2024-12571,vulnerability--4746fc06-01cc-4582-9858-f1995a012577
+vulnerability,CVE-2024-12841,vulnerability--63a5e682-c36c-4d47-8767-082561d99483
+vulnerability,CVE-2024-12829,vulnerability--8f4e0928-af47-49b4-bded-a2fa9ba83508
+vulnerability,CVE-2024-12506,vulnerability--78a7d94a-da01-4148-b8ec-a6097566cd66
+vulnerability,CVE-2024-12840,vulnerability--1c93e348-ff3e-4c0d-8202-fe1b791df83d
+vulnerability,CVE-2024-12014,vulnerability--4928107a-1e5b-49d6-b9fc-97696b6170e8
+vulnerability,CVE-2024-12677,vulnerability--377ea7a6-72a5-43d8-870b-f48bbc8fec61
+vulnerability,CVE-2024-12832,vulnerability--e8c9a0a9-5bba-4046-926d-3805152f955d
+vulnerability,CVE-2024-12842,vulnerability--79daaece-09b7-45ea-a6aa-df01988edd70
+vulnerability,CVE-2024-12845,vulnerability--40bf9db1-aff2-46ca-930e-434bf0e42c90
+vulnerability,CVE-2024-12678,vulnerability--4c622d60-1516-4e5d-a130-eeb106957507
+vulnerability,CVE-2024-12830,vulnerability--180d3e05-7c99-4217-96c0-2fda86f8fabc
+vulnerability,CVE-2024-12509,vulnerability--814e9c4e-7a52-462e-8e7b-bd280eb35eaa
+vulnerability,CVE-2024-12844,vulnerability--2ca1baf6-f14f-47a1-abf6-eef42c975003
+vulnerability,CVE-2024-12867,vulnerability--06fe366d-0853-493c-95a8-259db45b0b34
+vulnerability,CVE-2024-12843,vulnerability--e131b7ab-120b-4167-b7d5-8e6c30372c74
+vulnerability,CVE-2024-12831,vulnerability--fa861f6c-6d71-4aea-87ac-e20034a75efd
+vulnerability,CVE-2024-10555,vulnerability--2c7e0ba3-b213-487f-92f0-6428a9831981
+vulnerability,CVE-2024-10706,vulnerability--45a3327b-9b15-48b7-a09f-77bb28e45502
+vulnerability,CVE-2024-10385,vulnerability--b4ef5b82-8e47-4352-ab7b-4393dc0e7077
+vulnerability,CVE-2024-9503,vulnerability--d9a3fbde-9f85-46ce-99f5-ecc732d907a1
+vulnerability,CVE-2024-9619,vulnerability--e9bf4545-2a2a-47d9-bc80-893be9d5bad0
+vulnerability,CVE-2024-7726,vulnerability--acaeaf3b-d84a-4bbc-ad16-8f62ad9c9292
+vulnerability,CVE-2024-11893,vulnerability--06df46c0-b0a2-4626-9f76-fbc4774d13cc
+vulnerability,CVE-2024-11297,vulnerability--dcd5b053-ad25-485b-b326-41edd64f2d49
+vulnerability,CVE-2024-11784,vulnerability--8a5bb0f6-2726-4f64-85ab-06ce69dff0f9
+vulnerability,CVE-2024-11108,vulnerability--6b2e0d27-90a5-4556-b7cb-51270fa9768c
+vulnerability,CVE-2024-11806,vulnerability--ee1de035-031f-4830-93bf-c0181035b2cd
+vulnerability,CVE-2024-11775,vulnerability--0e138203-279f-4fec-bf63-37f58c7ce06b
+vulnerability,CVE-2024-11878,vulnerability--2faa08a1-55ef-4703-8c93-7a5034956c40
+vulnerability,CVE-2024-11331,vulnerability--63eafba4-7b42-407d-a163-f33c4575b999
+vulnerability,CVE-2024-11411,vulnerability--6695b3a9-9f3c-416c-9b3c-f25f58e4344f
+vulnerability,CVE-2024-11774,vulnerability--045c1175-f17c-42af-8bdf-15141d44ce00
+vulnerability,CVE-2024-11811,vulnerability--66842aa4-f69a-4024-946e-7e9ca96edfd7
+vulnerability,CVE-2024-11776,vulnerability--ab07f9fe-a513-45db-bbca-09d6d91387d3
+vulnerability,CVE-2024-11812,vulnerability--b41643ea-fc3a-4521-8fc9-037377571844
+vulnerability,CVE-2024-11783,vulnerability--46bf5180-389f-4544-b09c-6f1e23626ab5
+vulnerability,CVE-2024-44223,vulnerability--b67735ed-7c2e-4eb8-beb9-66e32d10072c
+vulnerability,CVE-2024-44292,vulnerability--7fb30fc8-bb44-4a96-9e5b-25dc1dc5de45
+vulnerability,CVE-2024-44231,vulnerability--bfd529aa-94b7-4bfa-a1f4-0adf076bf015
+vulnerability,CVE-2024-44298,vulnerability--76b93c89-24c8-4640-91a5-1712d1e00a0f
+vulnerability,CVE-2024-44195,vulnerability--e99408be-a938-4320-864a-49efe8cc24a5
+vulnerability,CVE-2024-44293,vulnerability--2bf69805-212d-42ca-ace1-a7e9f52a699d
+vulnerability,CVE-2024-44211,vulnerability--39b42d5b-eb8b-4045-82fa-8a955a61f4a6
+vulnerability,CVE-2024-8968,vulnerability--bf988329-f85d-4912-a396-29040c5e6766
+vulnerability,CVE-2024-40695,vulnerability--0e288e0e-57f4-4fd7-a07f-86e445b9cbb7
+vulnerability,CVE-2024-40875,vulnerability--8f0d6635-1660-4760-98bb-64823da4dff6
+vulnerability,CVE-2024-21549,vulnerability--6b83e44a-9d2a-4e1a-aeb4-a9627cec9327
+vulnerability,CVE-2024-37758,vulnerability--182c42c8-cd30-4cec-8694-5b1697a537f4
+vulnerability,CVE-2024-54538,vulnerability--560cd092-48c0-4aa4-becb-cee309500de2
+vulnerability,CVE-2024-55341,vulnerability--b6dfe95e-3b3c-4bcc-85c5-665f93a169e4
+vulnerability,CVE-2024-55342,vulnerability--2ce6e206-cbad-433e-8859-f66c0fe71522
+vulnerability,CVE-2024-55471,vulnerability--b8f46513-3a83-4293-b7de-f6793aa00fd7
+vulnerability,CVE-2024-55470,vulnerability--feb289c6-3e0b-4294-a112-1ea447ea62de
+vulnerability,CVE-2024-55186,vulnerability--05589cac-d3b5-4c8d-9a97-52fb9942b080
+vulnerability,CVE-2024-55509,vulnerability--df07c280-e4ff-4a48-ba1a-6f594567167c
+vulnerability,CVE-2024-56333,vulnerability--86ae0c36-d518-4daf-8b19-a2b3255b8b0d
+vulnerability,CVE-2024-56348,vulnerability--8f760087-d5ee-4783-82eb-22b488b60301
+vulnerability,CVE-2024-56337,vulnerability--cc392a0d-88a6-4951-9546-65d722b3190e
+vulnerability,CVE-2024-56350,vulnerability--e98d02e7-45c0-4f3d-83ec-3eab32e71497
+vulnerability,CVE-2024-56353,vulnerability--b9049d41-a1b8-4832-a46c-13d5981e54a3
+vulnerability,CVE-2024-56329,vulnerability--d6197c61-598c-4793-bdcd-9806c5f12748
+vulnerability,CVE-2024-56335,vulnerability--42bf7855-0663-46f8-b540-97695cdb7592
+vulnerability,CVE-2024-56352,vulnerability--d3a0a301-929f-45fe-99fe-bc31c5acf301
+vulnerability,CVE-2024-56349,vulnerability--f72b0cca-d6b6-4ad6-9ee3-f3ed439d9bd4
+vulnerability,CVE-2024-56356,vulnerability--ee2970b5-6b7d-4c60-936e-583e83b80c8a
+vulnerability,CVE-2024-56330,vulnerability--9f20143a-6d42-42ee-914b-a2c8723f8a32
+vulnerability,CVE-2024-56351,vulnerability--c475dc5a-36c0-423c-bda9-a0a9e8438921
+vulnerability,CVE-2024-56354,vulnerability--16361709-49b1-44ee-b5ab-a46e7a8d750c
+vulnerability,CVE-2024-56331,vulnerability--d5ecbbc8-bd08-403f-a7b5-5b7f335252dd
+vulnerability,CVE-2024-56359,vulnerability--eff58180-822e-4e28-9953-1c4b46193995
+vulnerability,CVE-2024-56334,vulnerability--7bc66ada-0dea-471e-bc80-13deace68550
+vulnerability,CVE-2024-56355,vulnerability--a1fcefdd-6409-41be-a175-f1de4b67974f
+vulnerability,CVE-2024-56358,vulnerability--5675629e-69fa-48e8-8d19-69b684c244d5
+vulnerability,CVE-2024-56357,vulnerability--8f5de1d2-a373-4973-9d43-43deb2972357
+vulnerability,CVE-2024-28767,vulnerability--51808dd1-bb95-4f9e-bdb3-da93062edf98
+vulnerability,CVE-2024-5955,vulnerability--d5ec48e2-6e97-4deb-bc1b-78a54d7091a6
+vulnerability,CVE-2021-40959,vulnerability--50108628-5735-4e1f-9929-e97b6a02fed9
+vulnerability,CVE-2022-34159,vulnerability--637f4dd3-7e0d-4bd2-ad3b-1287d29621ac
+vulnerability,CVE-2022-32144,vulnerability--0cad7de2-6318-4453-bf44-fa26f5392a5f
+vulnerability,CVE-2022-32204,vulnerability--94102912-faf2-4f46-95bf-0bc29ea82670
+vulnerability,CVE-2022-32203,vulnerability--c05d76c2-2fac-426f-afa9-9deb1ffccee7
+vulnerability,CVE-2023-31280,vulnerability--ca35ee57-5efc-431f-92d4-7e9b42ab0cc8
+vulnerability,CVE-2023-31279,vulnerability--5916cf94-d5b7-46aa-b9ee-35f08cae6467
+vulnerability,CVE-2023-42867,vulnerability--b5c8a107-90f9-4221-913d-dca91e74292d
+vulnerability,CVE-2020-9250,vulnerability--0e5f0dd2-9398-41d1-a40b-7fb6a2522399
+vulnerability,CVE-2020-13712,vulnerability--2a4e33b1-0993-48e3-91a4-5c60729c30c1
diff --git a/objects/vulnerability/vulnerability--045c1175-f17c-42af-8bdf-15141d44ce00.json b/objects/vulnerability/vulnerability--045c1175-f17c-42af-8bdf-15141d44ce00.json
@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--759802a6-7995-498e-a947-0964286198cc",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--045c1175-f17c-42af-8bdf-15141d44ce00",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-12-21T00:20:25.989649Z",
+            "modified": "2024-12-21T00:20:25.989649Z",
+            "name": "CVE-2024-11774",
+            "description": "The Outdooractive Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'list2go' shortcode in all versions up to, and including, 1.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-11774"
+                }
+            ]
+        }
+    ]
+}
diff --git a/objects/vulnerability/vulnerability--05589cac-d3b5-4c8d-9a97-52fb9942b080.json b/objects/vulnerability/vulnerability--05589cac-d3b5-4c8d-9a97-52fb9942b080.json
@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--b0df7481-3f80-43ba-bf50-6dcb354a093e",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--05589cac-d3b5-4c8d-9a97-52fb9942b080",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-12-21T00:20:26.964137Z",
+            "modified": "2024-12-21T00:20:26.964137Z",
+            "name": "CVE-2024-55186",
+            "description": "An IDOR (Insecure Direct Object Reference) vulnerability exists in oqtane Framework 6.0.0, allowing a logged-in user to access inbox messages of other users by manipulating the notification ID in the request URL. By changing the notification ID, an attacker can view sensitive mail details belonging to other users.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-55186"
+                }
+            ]
+        }
+    ]
+}
diff --git a/objects/vulnerability/vulnerability--06df46c0-b0a2-4626-9f76-fbc4774d13cc.json b/objects/vulnerability/vulnerability--06df46c0-b0a2-4626-9f76-fbc4774d13cc.json
@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--ee6a1e2c-293f-45a7-bba0-df7be6e0b475",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--06df46c0-b0a2-4626-9f76-fbc4774d13cc",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-12-21T00:20:25.951553Z",
+            "modified": "2024-12-21T00:20:25.951553Z",
+            "name": "CVE-2024-11893",
+            "description": "The Spoki – Chat Buttons and WooCommerce Notifications plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'spoki_button' shortcode in all versions up to, and including, 2.15.14 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-11893"
+                }
+            ]
+        }
+    ]
+}
diff --git a/objects/vulnerability/vulnerability--06fe366d-0853-493c-95a8-259db45b0b34.json b/objects/vulnerability/vulnerability--06fe366d-0853-493c-95a8-259db45b0b34.json
@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--bd527809-3efc-48c0-b32f-c2074e7062fa",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--06fe366d-0853-493c-95a8-259db45b0b34",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-12-21T00:20:25.483301Z",
+            "modified": "2024-12-21T00:20:25.483301Z",
+            "name": "CVE-2024-12867",
+            "description": "Server-Side Request Forgery in URL Mapper in Arctic Security's Arctic Hub versions 3.0.1764-5.6.1877 allows an unauthenticated remote attacker to exfiltrate and modify configurations and data.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-12867"
+                }
+            ]
+        }
+    ]
+}
diff --git a/objects/vulnerability/vulnerability--0cad7de2-6318-4453-bf44-fa26f5392a5f.json b/objects/vulnerability/vulnerability--0cad7de2-6318-4453-bf44-fa26f5392a5f.json
@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--71c2e795-b619-478d-803b-992804838a1f",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--0cad7de2-6318-4453-bf44-fa26f5392a5f",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-12-21T00:20:32.94091Z",
+            "modified": "2024-12-21T00:20:32.94091Z",
+            "name": "CVE-2022-32144",
+            "description": "There is an insufficient input verification vulnerability in Huawei product. Successful exploitation of this vulnerability may lead to service abnormal. (Vulnerability ID: HWPSIRT-2022-76192)\n\nThis vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2022-32144.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2022-32144"
+                }
+            ]
+        }
+    ]
+}
diff --git a/objects/vulnerability/vulnerability--0e138203-279f-4fec-bf63-37f58c7ce06b.json b/objects/vulnerability/vulnerability--0e138203-279f-4fec-bf63-37f58c7ce06b.json
@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--b275fe28-a5f3-4d4c-90cd-514e5b97001d",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--0e138203-279f-4fec-bf63-37f58c7ce06b",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-12-21T00:20:25.97163Z",
+            "modified": "2024-12-21T00:20:25.97163Z",
+            "name": "CVE-2024-11775",
+            "description": "The Particle Background plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'particleground' shortcode in all versions up to, and including, 1.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-11775"
+                }
+            ]
+        }
+    ]
+}
diff --git a/objects/vulnerability/vulnerability--0e288e0e-57f4-4fd7-a07f-86e445b9cbb7.json b/objects/vulnerability/vulnerability--0e288e0e-57f4-4fd7-a07f-86e445b9cbb7.json
@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--51f6f069-f45e-40ff-b400-66f19fb0fe00",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--0e288e0e-57f4-4fd7-a07f-86e445b9cbb7",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-12-21T00:20:26.512232Z",
+            "modified": "2024-12-21T00:20:26.512232Z",
+            "name": "CVE-2024-40695",
+            "description": "IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and \n\n12.0.0 through 12.0.4\n\n\n\ncould be vulnerable to malicious file upload by not validating the content of the file uploaded to the web interface. Attackers can make use of this weakness and upload malicious executable files into the system, and it can be sent to victim for performing further attacks.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-40695"
+                }
+            ]
+        }
+    ]
+}
diff --git a/objects/vulnerability/vulnerability--0e5f0dd2-9398-41d1-a40b-7fb6a2522399.json b/objects/vulnerability/vulnerability--0e5f0dd2-9398-41d1-a40b-7fb6a2522399.json
@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--d2ba7358-0332-47a8-9d5d-00f2e99dee24",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--0e5f0dd2-9398-41d1-a40b-7fb6a2522399",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-12-21T00:20:40.582238Z",
+            "modified": "2024-12-21T00:20:40.582238Z",
+            "name": "CVE-2020-9250",
+            "description": "There is an insufficient authentication vulnerability in some Huawei smart phone. An unauthenticated, local attacker can crafts software package to exploit this vulnerability. Due to insufficient verification, successful exploitation may impact the service. (Vulnerability ID: HWPSIRT-2019-12302)\n\nThis vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9250.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2020-9250"
+                }
+            ]
+        }
+    ]
+}
diff --git a/objects/vulnerability/vulnerability--16361709-49b1-44ee-b5ab-a46e7a8d750c.json b/objects/vulnerability/vulnerability--16361709-49b1-44ee-b5ab-a46e7a8d750c.json
@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--4170c12f-bf25-4264-9e5d-bf254eec17c7",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--16361709-49b1-44ee-b5ab-a46e7a8d750c",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-12-21T00:20:27.181652Z",
+            "modified": "2024-12-21T00:20:27.181652Z",
+            "name": "CVE-2024-56354",
+            "description": "In JetBrains TeamCity before 2024.12 password field value were accessible to users with view settings permission",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-56354"
+                }
+            ]
+        }
+    ]
+}
diff --git a/objects/vulnerability/vulnerability--180d3e05-7c99-4217-96c0-2fda86f8fabc.json b/objects/vulnerability/vulnerability--180d3e05-7c99-4217-96c0-2fda86f8fabc.json
@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--e5bd961f-1eef-4ffc-a451-c5f423a32f66",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--180d3e05-7c99-4217-96c0-2fda86f8fabc",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-12-21T00:20:25.472419Z",
+            "modified": "2024-12-21T00:20:25.472419Z",
+            "name": "CVE-2024-12830",
+            "description": "Arista NG Firewall custom_handler Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Arista NG Firewall. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of the custom_handler method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the www-data user. Was ZDI-CAN-24019.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-12830"
+                }
+            ]
+        }
+    ]
+}
diff --git a/objects/vulnerability/vulnerability--182c42c8-cd30-4cec-8694-5b1697a537f4.json b/objects/vulnerability/vulnerability--182c42c8-cd30-4cec-8694-5b1697a537f4.json
@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--b6e58537-b7e3-491d-ba4e-d32ce3d2dc14",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--182c42c8-cd30-4cec-8694-5b1697a537f4",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-12-21T00:20:26.789485Z",
+            "modified": "2024-12-21T00:20:26.789485Z",
+            "name": "CVE-2024-37758",
+            "description": "Improper access control in the endpoint /RoleMenuMapping/AddRoleMenu of Digiteam v4.21.0.0 allows authenticated attackers to escalate privileges.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-37758"
+                }
+            ]
+        }
+    ]
+}