{"vulnerability": "CVE-2024-1118", "sightings": [{"uuid": "25b3a5f2-2796-4638-aa4b-5b2057160211", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-1118", "type": "seen", "source": "https://t.me/ctinow/180659", "content": "https://ift.tt/aWi4jY0\nCVE-2024-1118", "creation_timestamp": "2024-02-07T12:21:58.000000Z"}, {"uuid": "947721b2-bd11-4742-abbf-52b3682d31f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11187", "type": "seen", "source": "https://t.me/suboxone_chatroom/7383", "content": "CVE-2024-11187, -12705: Vulnerabilities in BIND DNS Software, 7.5 rating\u2757\ufe0f\n\nTwo vulnerabilities in BIND allow DoS against DNS servers, which can be a preparatory step before the main attacks.\n\nSearch at Netlas.io:\n\ud83d\udc49 Link: https://nt.ls/bGSFv\n\ud83d\udc49 Dork: dns.banner:\"BIND\" OR dns_tcp.banner:\"BIND\"\n\nRead more: https://kb.isc.org/docs/cve-2024-12705", "creation_timestamp": "2025-04-01T12:36:25.000000Z"}, {"uuid": "972f247f-3f23-4a35-875e-7234cf15a1cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11182", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113486567128857878", "content": "", "creation_timestamp": "2024-11-15T10:46:29.767537Z"}, {"uuid": "47802224-fde7-4c70-a3e0-ea0a205caa75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11181", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113638525167006782", "content": "", "creation_timestamp": "2024-12-12T06:51:26.664645Z"}, {"uuid": "adc7a142-a413-4e17-8acc-bf319ef4bebc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11184", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3leqgf3aoma2f", "content": "", "creation_timestamp": "2025-01-02T06:15:19.185727Z"}, {"uuid": "2e833df5-6296-408f-8ceb-a434aea01aac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11184", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3leqi6bxakx2g", "content": "", "creation_timestamp": "2025-01-02T06:47:19.219650Z"}, {"uuid": "7e2759ea-e6e4-470d-8388-eb7b2902e6a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11187", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lgz3kjbihc2b", "content": "", "creation_timestamp": "2025-01-31T03:45:54.194579Z"}, {"uuid": "68d587cd-8ec5-4819-b2d3-00aab4d18ed3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11180", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/114246060126102811", "content": "", "creation_timestamp": "2025-03-29T13:55:33.296298Z"}, {"uuid": "47253287-cce5-4b9c-81e5-4ad4e90c2381", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11180", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/114246060126102811", "content": "", "creation_timestamp": "2025-03-29T13:55:33.300652Z"}, {"uuid": "dbc0acbf-4af9-4a26-a1c9-f3bf43f4afbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11182", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lpk5nte5dl2w", "content": "", "creation_timestamp": "2025-05-19T18:00:19.224563Z"}, {"uuid": "15499268-c65a-4750-a404-3e2b959c9b10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11182", "type": "seen", "source": "https://bsky.app/profile/buherator.bsky.social/post/3lpk67oz5od2h", "content": "", "creation_timestamp": "2025-05-19T18:10:17.860320Z"}, {"uuid": "80a9b802-97c5-4840-abe7-c75ddf45fb42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11182", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/4040097", "content": "", "creation_timestamp": "2025-05-19T19:56:21.114525Z"}, {"uuid": "337501e9-db30-4f53-a126-2f9655071daa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11182", "type": "seen", "source": "https://bsky.app/profile/basefortify.bsky.social/post/3lplnkflv4c2w", "content": "", "creation_timestamp": "2025-05-20T08:17:33.859693Z"}, {"uuid": "09a5779d-0837-4495-91db-9a0a958eb9d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11186", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114473898879191172", "content": "", "creation_timestamp": "2025-05-08T19:37:56.657702Z"}, {"uuid": "82aaeea9-5c85-4450-ae89-09142d462ea7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11186", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3looojykg7xb2", "content": "", "creation_timestamp": "2025-05-08T19:48:29.369662Z"}, {"uuid": "25120dea-6354-4ba7-b0c4-439b3defb033", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11182", "type": "seen", "source": "https://bsky.app/profile/esetresearch.bsky.social/post/3lp6ywkdgbc24", "content": "", "creation_timestamp": "2025-05-15T07:36:30.381214Z"}, {"uuid": "0bb3b567-9b3b-4a02-a72a-1fbbba5e573e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11182", "type": "seen", "source": "https://bsky.app/profile/esetresearch.bsky.social/post/3lp6ywmaxyk24", "content": "", "creation_timestamp": "2025-05-15T07:36:30.928167Z"}, {"uuid": "002157f3-306e-4f5c-9079-f20d388e7659", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11182", "type": "seen", "source": "https://bsky.app/profile/esetresearch.bsky.social/post/3lp6ywmb2wc24", "content": "", "creation_timestamp": "2025-05-15T07:36:31.467680Z"}, {"uuid": "e84c6d5f-f336-43e2-810f-06f84f2a6873", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11182", "type": "seen", "source": "https://bsky.app/profile/esetresearch.bsky.social/post/3lp6ywnethc24", "content": "", "creation_timestamp": "2025-05-15T07:36:32.005840Z"}, {"uuid": "b825e835-649d-4bfb-b544-56ddddc9986b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11182", "type": "seen", "source": "https://bsky.app/profile/esetresearch.bsky.social/post/3lp6ywod47c24", "content": "", "creation_timestamp": "2025-05-15T07:36:32.529407Z"}, {"uuid": "5ce067c8-7c16-4a78-a39a-6c193b7607ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11182", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-09-28T08:23:31.000000Z"}, {"uuid": "3a159789-77f3-417a-80dc-f096ba7ed18c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11187", "type": "seen", "source": "Telegram/PgL0U7uw19gLbevrRrwZhFszH5sky7kCWeQUnWjk0CYyA9bN", "content": "", "creation_timestamp": "2025-02-14T10:03:16.000000Z"}, {"uuid": "6fd19a7b-07af-4724-be61-65abaad7f068", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11184", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/212", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-11184\n\ud83d\udd39 Description: The wp-enable-svg WordPress plugin through 0.7 does not sanitize SVG files when uploaded, allowing for authors and above to upload SVGs containing malicious scripts\n\ud83d\udccf Published: 2025-01-02T06:00:04.587Z\n\ud83d\udccf Modified: 2025-01-06T20:30:08.869Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/fc982bcb-9974-481f-aef4-580ae9edc3c8/", "creation_timestamp": "2025-01-06T20:48:15.000000Z"}, {"uuid": "fdce05de-0dc5-4c1e-a3a4-01c407b04009", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11187", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3427", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-11187\n\ud83d\udd25 CVSS Score: 7.5 (CVSS_V3)\n\ud83d\udd39 Description: It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An attacker sending many such queries can cause either the authoritative server itself or an independent resolver to use disproportionate resources processing the queries. Zones will usually need to have been deliberately crafted to attack this exposure.\nThis issue affects BIND 9 versions 9.11.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.32-S1.\n\ud83d\udccf Published: 2025-01-30T00:31:03Z\n\ud83d\udccf Modified: 2025-01-30T00:31:03Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-11187\n2. https://kb.isc.org/docs/cve-2024-11187", "creation_timestamp": "2025-01-30T01:12:08.000000Z"}, {"uuid": "b6c3ca80-677a-4659-9d3c-2c3fb752904b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11186", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15598", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-11186\n\ud83d\udd25 CVSS Score: 10 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: On affected versions of the CloudVision Portal, improper access controls could enable a malicious authenticated user to take broader actions on managed EOS devices than intended. This advisory impacts the Arista CloudVision Portal products when run on-premise. It does not impact CloudVision as-a-Service.\n\ud83d\udccf Published: 2025-05-08T18:47:52.859Z\n\ud83d\udccf Modified: 2025-05-08T19:01:23.429Z\n\ud83d\udd17 References:\n1. https://www.arista.com/en/support/advisories-notices/security-advisory/21314-security-advisory-0114", "creation_timestamp": "2025-05-08T19:24:19.000000Z"}, {"uuid": "8596b868-3805-45a6-92df-376e10793fe4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11182", "type": "exploited", "source": "https://t.me/itsec_news/5886", "content": "\ud83e\udd12 \u0420\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0430\u044f APT28 \u0432\u0437\u043b\u043e\u043c\u0430\u043b\u0430 \u043f\u043e\u0447\u0442\u0443 \u0447\u0435\u0440\u0435\u0437 0-day \u0432 MDaemon. \u041f\u0440\u043e\u0441\u0442\u043e \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0448\u044c \u043f\u0438\u0441\u044c\u043c\u043e \u2014 \u0438 \u0432\u0441\u0451, \u043f\u0440\u0438\u0432\u0435\u0442, \u041a\u0440\u0435\u043c\u043b\u044c.\n\nESET \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430 \u0441\u0432\u0435\u0436\u0443\u044e \u043a\u0438\u0431\u0435\u0440\u0448\u043f\u0438\u043e\u043d\u0441\u043a\u0443\u044e \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u044e \u0433\u0440\u0443\u043f\u043f\u044b APT28 (aka Fancy Bear). \u041d\u0430\u0437\u0432\u0430\u043b\u0438 \u0435\u0451 Operation RoundPress, \u0438 \u044d\u0442\u043e \u043d\u0435 \u043f\u0440\u043e\u0441\u0442\u043e \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 \u0444\u0438\u0448\u0438\u043d\u0433, \u0430 \u0432\u044b\u0441\u043e\u043a\u043e\u0442\u043e\u0447\u043d\u0430\u044f \u0430\u0442\u0430\u043a\u0430 \u043d\u0430 \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u044b \u2014 Roundcube, Horde, Zimbra \u0438 MDaemon.\n\n\u041a\u043b\u044e\u0447\u0435\u0432\u043e\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u2014 0-day-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-11182 \u0432 MDaemon. \u0414\u043e \u043d\u043e\u044f\u0431\u0440\u044f 2024 \u043e\u043d\u0430 \u0431\u044b\u043b\u0430 \u043d\u0438\u043a\u043e\u043c\u0443 \u043d\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430. \u0418 \u0442\u0443\u0442 \u043d\u0430\u0447\u0438\u043d\u0430\u0435\u0442\u0441\u044f \u0432\u0435\u0441\u0435\u043b\u044c\u0435.\n\n\u0416\u0435\u0440\u0442\u0432\u0435 \u043f\u0440\u0438\u0445\u043e\u0434\u0438\u043b\u043e \u043f\u0438\u0441\u044c\u043c\u043e \u0441 \u043d\u0435\u0432\u0438\u043d\u043d\u044b\u043c \u0432\u0438\u0434\u043e\u043c. \u041d\u043e \u0432 \u0442\u0435\u043b\u0435 \u2014 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 JavaScript. \u041d\u0438\u043a\u0430\u043a\u0438\u0445 \u0441\u0441\u044b\u043b\u043e\u043a. \u041d\u0438\u043a\u0430\u043a\u0438\u0445 \u0432\u043b\u043e\u0436\u0435\u043d\u0438\u0439. \u041f\u0440\u043e\u0441\u0442\u043e \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0448\u044c \u043f\u0438\u0441\u044c\u043c\u043e \u2014 \u0438 \u0441\u043a\u0440\u0438\u043f\u0442 \u043d\u0430\u0447\u0438\u043d\u0430\u0435\u0442 \u0432\u043e\u0440\u043e\u0432\u0430\u0442\u044c:\n\u25fc\ufe0f\u043f\u0438\u0441\u044c\u043c\u0430, \u043b\u043e\u0433\u0438\u043d\u044b, \u043a\u043e\u043d\u0442\u0430\u043a\u0442\u044b, \u043a\u043e\u0434\u044b 2FA, \u0438\u0441\u0442\u043e\u0440\u0438\u044e \u0432\u0445\u043e\u0434\u043e\u0432;\n\u25fc\ufe0f\u0430 \u043f\u043e\u0442\u043e\u043c \u0441\u043e\u0437\u0434\u0430\u0451\u0442 \u0444\u0438\u043b\u044c\u0442\u0440, \u0447\u0442\u043e\u0431\u044b \u0432\u0441\u0451 \u043d\u043e\u0432\u043e\u0435 \u0443\u0445\u043e\u0434\u0438\u043b\u043e \u043f\u0440\u044f\u043c\u0438\u043a\u043e\u043c \u0432 \u0440\u0443\u043a\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432 \u2014 \u0434\u0430\u0436\u0435 \u0435\u0441\u043b\u0438 \u0441\u0430\u043c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441 \u0443\u0436\u0435 \u043d\u0435 \u0430\u043a\u0442\u0438\u0432\u0435\u043d.\n\n\u041a\u043e\u0433\u043e \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u043b\u0438?\n\u25fc\ufe0f\u0443\u043a\u0440\u0430\u0438\u043d\u0441\u043a\u0438\u0435 \u0433\u043e\u0441\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b,\n\u25fc\ufe0f\u043e\u0431\u043e\u0440\u043e\u043d\u043d\u044b\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0432 \u0411\u043e\u043b\u0433\u0430\u0440\u0438\u0438 \u0438 \u0420\u0443\u043c\u044b\u043d\u0438\u0438 (\u0442\u0435, \u0447\u0442\u043e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u044f\u0442/\u0447\u0438\u043d\u044f\u0442 \u0441\u043e\u0432\u0435\u0442\u0441\u043a\u043e\u0435 \u043e\u0440\u0443\u0436\u0438\u0435),\n\u25fc\ufe0f\u0433\u043e\u0441\u043e\u0440\u0433\u0430\u043d\u044b \u0432 \u0421\u0435\u0440\u0431\u0438\u0438, \u0413\u0440\u0435\u0446\u0438\u0438, \u042d\u043a\u0432\u0430\u0434\u043e\u0440\u0435, \u041a\u0430\u043c\u0435\u0440\u0443\u043d\u0435, \u043d\u0430 \u041a\u0438\u043f\u0440\u0435.\n\n\u041f\u043e\u0447\u0435\u043c\u0443 \u044d\u0442\u043e \u0430\u0434\u0441\u043a\u0438 \u043e\u043f\u0430\u0441\u043d\u043e?\n\u25fc\ufe0f0-day, \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0438\u0439 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439: \u043f\u0440\u043e\u0441\u0442\u043e \u043e\u0442\u043a\u0440\u044b\u043b \u043f\u0438\u0441\u044c\u043c\u043e.\n\u25fc\ufe0f\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u0444\u0438\u043b\u044c\u0442\u0440\u043e\u0432 \u0438 \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442 \u0432\u0441\u0435\u0445 \u0431\u0443\u0434\u0443\u0449\u0438\u0445 \u043f\u0438\u0441\u0435\u043c.\n\u25fc\ufe0f\u0412\u043e\u0440\u043e\u0432\u0441\u0442\u0432\u043e \u043f\u0430\u0440\u043e\u043b\u0435\u0439, \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u044b\u0445 app-\u043f\u0430\u0440\u043e\u043b\u0435\u0439 \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0434\u0430\u0436\u0435 \u043f\u043e\u0441\u043b\u0435 \u0441\u043c\u0435\u043d\u044b \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0433\u043e.\n\n\ud83e\udd12 \u0415\u0441\u043b\u0438 \u0432\u044b \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442\u0435 \u0441 MDaemon, Roundcube, Zimbra \u2014 \u0441\u0440\u043e\u0447\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0439\u0442\u0435\u0441\u044c.\n\ud83e\udd12 \u041f\u0440\u043e\u0432\u0435\u0440\u044f\u0439\u0442\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u043f\u0435\u0440\u0435\u0441\u044b\u043b\u043a\u0438 \u0438 \u0444\u0438\u043b\u044c\u0442\u0440\u044b.\n\ud83e\udd12 \u0412\u043a\u043b\u044e\u0447\u0430\u0439\u0442\u0435 2FA \u0438 \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u044c\u0442\u0435 \u0430\u043d\u043e\u043c\u0430\u043b\u0438\u0438 \u0432\u0445\u043e\u0434\u0430.\n\ud83e\udd12 \u0418 \u043d\u0435 \u043d\u0430\u0434\u043e \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0442\u044c \u043f\u0438\u0441\u044c\u043c\u0430, \u0434\u0430\u0436\u0435 \u0435\u0441\u043b\u0438 \u043e\u043d\u0438 \u0432\u044b\u0433\u043b\u044f\u0434\u044f\u0442 \u043a\u0430\u043a \u043f\u0440\u0438\u0433\u043b\u0430\u0448\u0435\u043d\u0438\u0435 \u043d\u0430 \u043a\u043e\u0444\u0435 \u0441 \u041c\u0438\u043d\u043e\u0431\u043e\u0440\u043e\u043d\u044b.\n\nAPT28 \u0441\u043d\u043e\u0432\u0430 \u043d\u0430\u043f\u043e\u043c\u043d\u0438\u043b\u0438, \u0447\u0442\u043e \u0438\u043d\u043e\u0433\u0434\u0430 \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u043d\u0435 \u043d\u0443\u0436\u043d\u043e \u043d\u0438\u0447\u0435\u0433\u043e\u2026 \u043a\u0440\u043e\u043c\u0435 \u0433\u043b\u0430\u0437, \u0440\u0435\u0448\u0438\u0432\u0448\u0438\u0445 \u043f\u0440\u043e\u0447\u0438\u0442\u0430\u0442\u044c \u043f\u0438\u0441\u044c\u043c\u043e.\n\nITsec NEWS", "creation_timestamp": "2025-05-15T12:54:58.000000Z"}, {"uuid": "5ceba78b-d389-4100-89ea-938c48ae03d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11182", "type": "seen", "source": "https://t.me/cvedetector/11056", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11182 - \"MDaemon Email Server Cross-Site Scripting Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-11182 \nPublished : Nov. 15, 2024, 11:15 a.m. | 36\u00a0minutes ago \nDescription : An XSS issue was discovered in   \n  \nMDaemon Email Server before version\u00a024.5.1c. An attacker can send an HTML e-mail message   \nwith   \nJavaScript in an img tag. This could  \n allow a remote attacker  \n  \nto load arbitrary JavaScript code in the context of a webmail user's browser window. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-15T13:15:28.000000Z"}, {"uuid": "b49ec701-bd2d-4f17-ac65-27cf56824b08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-1118", "type": "seen", "source": "https://t.me/ctinow/197787", "content": "https://ift.tt/ls0cNur\nCVE-2024-1118 | Podlove Subscribe Button Plugin up to 1.3.10 on WordPress sql injection", "creation_timestamp": "2024-03-01T16:52:11.000000Z"}, {"uuid": "e04d22a7-8633-4aae-8e4b-5231581c68de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11188", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113530674729047709", "content": "", "creation_timestamp": "2024-11-23T05:43:41.284767Z"}, {"uuid": "445bf27d-45e0-4ab2-a9a5-e72205e43e5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11183", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113610033719727946", "content": "", "creation_timestamp": "2024-12-07T06:05:40.345182Z"}, {"uuid": "3e169f33-414a-4aeb-8a2c-9f50f1c3e0c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11187", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lgyh4awrss25", "content": "", "creation_timestamp": "2025-01-30T21:39:58.442637Z"}, {"uuid": "219a8eee-7b2a-43d9-ba11-b029cb39797a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11187", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lgyh6dooh225", "content": "", "creation_timestamp": "2025-01-30T21:41:12.517290Z"}, {"uuid": "0135187b-065a-414f-b413-15f995a557c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11187", "type": "seen", "source": "https://bsky.app/profile/omo.bsky.social/post/3lgvqzltfak2o", "content": "", "creation_timestamp": "2025-01-29T19:59:31.449936Z"}, {"uuid": "d173c078-332e-4eaf-a03f-b9200019e866", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11187", "type": "seen", "source": "https://bsky.app/profile/omo.bsky.social/post/3lgvr6otxvs2o", "content": "", "creation_timestamp": "2025-01-29T20:02:19.259422Z"}, {"uuid": "45e82a6f-16ae-4512-91c8-7614845d5511", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11187", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgvynlyfpc2h", "content": "", "creation_timestamp": "2025-01-29T22:15:54.134792Z"}, {"uuid": "7e82c9cb-c5df-4833-b76a-2606ab9c5bcd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11182", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lpbskygcp72h", "content": "", "creation_timestamp": "2025-05-16T10:20:34.847128Z"}, {"uuid": "36e7b87f-a6aa-4fea-aee1-6a6265618bc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11182", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lpcwgirgwl2m", "content": "", "creation_timestamp": "2025-05-16T21:02:19.255469Z"}, {"uuid": "7b7a61d4-a48b-401e-be77-6dd418685b52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11182", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lpmyc6ajun2r", "content": "", "creation_timestamp": "2025-05-20T21:02:20.771446Z"}, {"uuid": "b6abd10f-4f03-40b1-a89d-2f712b8cbbb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11182", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-09-29T03:12:14.000000Z"}, {"uuid": "b0536251-833d-4340-803f-493d7595bcff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11187", "type": "seen", "source": "MISP/ca7dfd4e-d0b5-4d10-8982-36d9f6e53c8e", "content": "", "creation_timestamp": "2025-09-01T13:53:38.000000Z"}, {"uuid": "8720ec77-97e4-4529-9859-519854ecc84f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11184", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/3827", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-11184\n\ud83d\udd25 CVSS Score: 4.2 (CVSS_V3)\n\ud83d\udd39 Description: The wp-enable-svg WordPress plugin through 0.2 does not sanitize SVG files when uploaded, allowing for authors and above to upload SVGs containing malicious scripts\n\ud83d\udccf Published: 2025-01-02T06:30:47Z\n\ud83d\udccf Modified: 2025-02-07T20:56:19Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-11184\n2. https://github.com/MWDelaney/wp-enable-svg\n3. https://wpscan.com/vulnerability/fc982bcb-9974-481f-aef4-580ae9edc3c8", "creation_timestamp": "2025-02-07T21:03:00.000000Z"}, {"uuid": "2ae5b498-aacd-42ed-8a86-17a0cb84bef2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11187", "type": "seen", "source": "https://t.me/cvedetector/16726", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11187 - BIND Denial of Service (DoS) via Resource Exhaustion\", \n  \"Content\": \"CVE ID : CVE-2024-11187 \nPublished : Jan. 29, 2025, 10:15 p.m. | 2\u00a0hours, 11\u00a0minutes ago \nDescription : It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An attacker sending many such queries can cause either the authoritative server itself or an independent resolver to use disproportionate resources processing the queries. Zones will usually need to have been deliberately crafted to attack this exposure.  \nThis issue affects BIND 9 versions 9.11.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.32-S1. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-30T01:43:35.000000Z"}, {"uuid": "bf98ed8f-a736-478a-9635-f81465290c89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11186", "type": "seen", "source": "https://t.me/cvedetector/24847", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11186 - Arista CloudVision Portal Elevated Privilege Access Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-11186 \nPublished : May 8, 2025, 7:15 p.m. | 17\u00a0minutes ago \nDescription : On affected versions of the CloudVision Portal, improper access controls could enable a malicious authenticated user to take broader actions on managed EOS devices than intended. This advisory impacts the Arista CloudVision Portal products when run on-premise. It does not impact CloudVision as-a-Service. \nSeverity: 10.0 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-08T21:48:14.000000Z"}, {"uuid": "4d14248b-d55d-4164-a64d-1cddea9901eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11180", "type": "seen", "source": "https://t.me/cvedetector/21502", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11180 - \"ElementsKit Elementor Addons WordPress Stored Cross-Site Scripting Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-11180 \nPublished : March 29, 2025, 8:15 a.m. | 1\u00a0hour, 2\u00a0minutes ago \nDescription : The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown Timer Widget ekit_countdown_timer_title parameter in all versions up to, and including, 3.4.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-29T10:28:54.000000Z"}, {"uuid": "689018e5-31a4-4abf-928a-e283d1b24651", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11184", "type": "seen", "source": "https://t.me/cvedetector/14096", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11184 - WordPress wp-enable-svg SVG Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-11184 \nPublished : Jan. 2, 2025, 6:15 a.m. | 41\u00a0minutes ago \nDescription : The wp-enable-svg WordPress plugin through 0.7 does not sanitize SVG files when uploaded, allowing for authors and above to upload SVGs containing malicious scripts \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-02T08:23:28.000000Z"}, {"uuid": "0aa4a706-f046-4fe6-a6ea-cbb399b500e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11187", "type": "seen", "source": "https://bsky.app/profile/isc.org/post/3lgvayr3plk2q", "content": "", "creation_timestamp": "2025-01-29T15:12:38.823444Z"}, {"uuid": "82453499-abec-4b17-965a-b434e6a8df55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11187", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3lhbqxeycuq2g", "content": "", "creation_timestamp": "2025-02-03T14:30:16.709220Z"}, {"uuid": "870a9a13-b896-4d47-968d-6dee4e5a71a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11187", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lgvivgj2r52m", "content": "", "creation_timestamp": "2025-01-29T17:33:56.889953Z"}, {"uuid": "67ce3862-c447-44ef-b9bd-44d460eec297", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11187", "type": "seen", "source": "https://bsky.app/profile/tmjintel.bsky.social/post/3lh2qnldlzw24", "content": "", "creation_timestamp": "2025-01-31T19:36:03.068168Z"}, {"uuid": "f6f5c8a8-4bd5-422f-bc27-bc1e2700d84b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11187", "type": "seen", "source": "https://bsky.app/profile/gothburz.bsky.social/post/3lgxk7cqbdp2k", "content": "", "creation_timestamp": "2025-01-30T13:02:42.042999Z"}, {"uuid": "91c8daa4-1bd1-46ac-a506-bf4e647a8b28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11182", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114536099967876264", "content": "", "creation_timestamp": "2025-05-19T19:16:30.399237Z"}, {"uuid": "a8c8aed0-4c12-4f6c-b5c4-cb93aafab0c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11182", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lpkdajaahb2r", "content": "", "creation_timestamp": "2025-05-19T19:40:14.150566Z"}, {"uuid": "cfbc506c-1e16-433d-b003-3dec3b59eeea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11182", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lpkjttci2c2j", "content": "", "creation_timestamp": "2025-05-19T21:38:25.156834Z"}, {"uuid": "3b1729d6-d5a1-4ba2-9b7d-9abe691ee0ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11182", "type": "seen", "source": "https://bsky.app/profile/basefortify.bsky.social/post/3lplnk5is3s2w", "content": "", "creation_timestamp": "2025-05-20T08:17:30.854518Z"}, {"uuid": "5476a35a-0674-4225-88c8-686412dfcb5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11182", "type": "seen", "source": "https://bsky.app/profile/basefortify.bsky.social/post/3lplnkafeyc2w", "content": "", "creation_timestamp": "2025-05-20T08:17:32.402091Z"}, {"uuid": "2e074742-e2c3-4d08-bd8d-7078eb22d59e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11182", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-887b81fb-d3ea0e1ba8258ecc", "content": "", "creation_timestamp": "2025-06-01T02:57:47.121289Z"}, {"uuid": "77d7aab3-e49f-4c06-b518-d4b0687eb024", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11185", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lq7bcp7nqp2m", "content": "", "creation_timestamp": "2025-05-28T03:31:34.423398Z"}, {"uuid": "a296d525-cc56-4a25-93df-2bd7c4fbbf92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11187", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3lym3ug5ym22r", "content": "", "creation_timestamp": "2025-09-12T01:20:16.112708Z"}, {"uuid": "8525eef5-ee7a-4ce0-b876-2de6eaabb84c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11187", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3lym3uinbpe2z", "content": "", "creation_timestamp": "2025-09-12T01:20:18.634138Z"}, {"uuid": "6fc0e4d1-bc1e-499f-a4b8-1914ee11336c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-11187", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "2c435a11-0cfb-49cf-9b5d-854f5c79efd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11182", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/4df6a5b1-fbb7-48b5-b261-d77a9c601017", "content": "", "creation_timestamp": "2026-02-02T12:26:00.760089Z"}, {"uuid": "21b00bdc-c775-46db-b1cd-d8255a320c1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11182", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/4df6a5b1-fbb7-48b5-b261-d77a9c601017", "content": "", "creation_timestamp": "2026-02-02T12:26:00.760089Z"}, {"uuid": "5d324845-4cf7-4a93-9a32-f8ed148e4a23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11180", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9541", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-11180\n\ud83d\udd25 CVSS Score: 6.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown Timer Widget ekit_countdown_timer_title parameter in all versions up to, and including, 3.4.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.\n\ud83d\udccf Published: 2025-03-29T07:23:45.196Z\n\ud83d\udccf Modified: 2025-03-29T07:23:45.196Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/35969379-e668-4045-8de7-696f196ba5b0?source=cve\n2. https://plugins.trac.wordpress.org/changeset/3190501/elementskit-lite/trunk/widgets/countdown-timer/countdown-timer.php\n3. https://plugins.trac.wordpress.org/changeset/3262976/elementskit-lite/trunk/widgets/init/assets/js/elementor.js", "creation_timestamp": "2025-03-29T08:29:03.000000Z"}, {"uuid": "474893f2-29ea-41b1-9a2f-679444c7f7c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11182", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16945", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-11182\n\ud83d\udd25 CVSS Score: 5.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N)\n\ud83d\udd39 Description: An XSS issue was discovered in \n\nMDaemon Email Server before version\u00a024.5.1c. An attacker can send an HTML e-mail message \nwith \nJavaScript in an img tag. This could\n allow a remote attacker\n\nto load arbitrary JavaScript code in the context of a webmail user's browser window.\n\ud83d\udccf Published: 2024-11-15T10:43:10.960Z\n\ud83d\udccf Modified: 2025-05-19T22:20:23.676Z\n\ud83d\udd17 References:\n1. https://files.mdaemon.com/mdaemon/beta/RelNotes_en.html", "creation_timestamp": "2025-05-19T22:39:44.000000Z"}, {"uuid": "a9f25cd1-62bc-4080-9309-a9795ea2c007", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11183", "type": "seen", "source": "https://t.me/cvedetector/12313", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11183 - WordPress Simple Side Tab Stored Cross-Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2024-11183 \nPublished : Dec. 7, 2024, 6:15 a.m. | 39\u00a0minutes ago \nDescription : The Simple Side Tab WordPress plugin before 2.2.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-07T08:21:24.000000Z"}, {"uuid": "d47d5d77-f826-4a26-9365-f78c9ced94b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11181", "type": "seen", "source": "https://t.me/cvedetector/12749", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11181 - Greenshift WordPress Plugin Information Exposure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-11181 \nPublished : Dec. 12, 2024, 7:15 a.m. | 33\u00a0minutes ago \nDescription : The Greenshift \u2013 animation and page builder blocks plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 9.9.9.3 via the 'wp_reusable_render' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from password protected, private, or draft posts that they should not have access to. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-12T08:48:52.000000Z"}]}