{"vulnerability": "CVE-2024-4340", "sightings": [{"uuid": "906a1027-d746-472a-89fb-2a9edfdbc6bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43403", "type": "seen", "source": "https://t.me/Rootsec_2/4225", "content": "#exploit\n1. CVE-2024-41660:\nVulnerability in OpenBMC\nhttps://tetrelsec.com/posts/cve-2024-41660-slpd-lite\n\n2. CVE-2024-43403:\nKanister Vulnerability\nhttps://github.com/kanisterio/kanister/security/advisories/GHSA-h27c-6xm3-mcqp", "creation_timestamp": "2024-08-24T20:12:36.000000Z"}, {"uuid": "83bc311b-5036-45fb-91ed-f31b254731bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43405", "type": "published-proof-of-concept", "source": "https://t.me/ckeArsenal/318", "content": "https://www.wiz.io/blog/nuclei-signature-verification-bypass\n\nBreaking the Chain: Wiz Uncovers a Signature Verification Bypass in Nuclei, the Popular Vulnerability Scanner (CVE-2024-43405)\n#\u5206\u6790 #exploit", "creation_timestamp": "2025-01-08T10:08:08.000000Z"}, {"uuid": "0c4423e3-52c0-4460-84bf-f0b7b6cdffb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43405", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lfp5wqog7o2w", "content": "", "creation_timestamp": "2025-01-14T11:36:40.204019Z"}, {"uuid": "c8f66311-d638-4861-b7dc-9a454a0ed1c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43405", "type": "seen", "source": "https://bsky.app/profile/cyberbrainers.com/post/3lg5vfdp6bd2w", "content": "", "creation_timestamp": "2025-01-20T08:13:43.366860Z"}, {"uuid": "f26da7df-d9b6-419a-9011-5614b12f65ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43405", "type": "seen", "source": "https://bsky.app/profile/pabloyglesias.com/post/3lg67dlw5b32a", "content": "", "creation_timestamp": "2025-01-20T11:11:41.543609Z"}, {"uuid": "684869c9-0e19-4789-987c-4ddcf5e5bc42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43405", "type": "seen", "source": "https://t.me/thehackernews/6114", "content": "\ud83d\udea8 A severe flaw in Nuclei (CVE-2024-43405) could let attackers bypass signature checks and inject malicious code. This impacts all versions after 3.0.0\u2014scoring a 7.4 CVSS. \n \nRead the analysis and secure your systems \ud83d\udc49https://thehackernews.com/2025/01/researchers-uncover-nuclei.html", "creation_timestamp": "2025-01-04T15:33:18.000000Z"}, {"uuid": "cb3fd6ec-2229-4940-a9a8-c9c419e6d6c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43405", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11654", "content": "#exploit\n1. CVE-2024-43405:\nNuclei Signature Verification Bypass\nhttps://www.wiz.io/blog/nuclei-signature-verification-bypass\n\n2. CVE-2024-6387:\nRegreSSHion Code Execution Vulnerability\nhttps://cybersecuritynews.com/regresshion-code-execution-vulnerability\n\n3. RustPotato\nhttps://github.com/safedv/RustPotato", "creation_timestamp": "2025-01-08T05:41:48.000000Z"}, {"uuid": "c1af704a-d5e3-4d9c-92ca-158276774061", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43403", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11030", "content": "#exploit\n1. CVE-2024-41660:\nVulnerability in OpenBMC\nhttps://tetrelsec.com/posts/cve-2024-41660-slpd-lite\n\n2. CVE-2024-43403:\nKanister Vulnerability\nhttps://github.com/kanisterio/kanister/security/advisories/GHSA-h27c-6xm3-mcqp", "creation_timestamp": "2024-08-25T00:15:33.000000Z"}, {"uuid": "97547879-2d3a-457c-95c5-c3e93b597b22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43405", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3lffn7pi2yu2s", "content": "", "creation_timestamp": "2025-01-10T16:43:30.498508Z"}, {"uuid": "2367a2cd-ca91-43a5-bda6-6d60a6740c2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43405", "type": "published-proof-of-concept", "source": "https://t.me/purple_medved/326", "content": "CVE-2024-43405 - Nuclei's template signature verification bypass\n\n\u041d\u0430\u0447\u043d\u0435\u043c \u043f\u0435\u0440\u0432\u044b\u0439 \u0440\u0430\u0431\u043e\u0447\u0438\u0439 \u0434\u0435\u043d\u044c \u0441 \u043e\u0431\u0437\u043e\u0440\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-43405 (\u043e\u0446\u0435\u043d\u043a\u0430 \u043f\u043e CVSS=7.8) \u0432 Nuclei, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a RCE \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0441\u043a\u0430\u043d\u0435\u0440\u0430. \u0421 \u0432\u0435\u0440\u0441\u0438\u0438 Nuclei 3.0 \u043f\u043e\u044f\u0432\u0438\u043b\u0430\u0441\u044c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u043d\u0430 \u0445\u043e\u0441\u0442\u043e\u0432\u043e\u0439 \u041e\u0421 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e code protocol, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0448\u0430\u0431\u043b\u043e\u043d\u044b \u0441 \u0431\u043e\u043b\u0435\u0435 \u0441\u043b\u043e\u0436\u043d\u043e\u0439 \u043b\u043e\u0433\u0438\u043a\u043e\u0439 \u0438 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0440\u0430\u0441\u0448\u0438\u0440\u044f\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0441\u043a\u0430\u043d\u0435\u0440\u0430. \u0412 \u044d\u0442\u043e\u043c \u0436\u0435 \u0440\u0435\u043b\u0438\u0437\u0435 \u0431\u044b\u043b\u0430 \u0430\u043d\u043e\u043d\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043f\u043e\u0434\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0442\u044c \u0442\u0435\u043c\u043f\u043b\u0435\u0439\u0442\u044b. \u0421\u0443\u0442\u044c \u0434\u0430\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u044d\u0442\u043e\u0433\u043e \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0430 \u0434\u043b\u044f \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0438 \u0435\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0438 \u0438\u0437 \u043f\u043e\u0434\u043f\u0438\u0441\u0430\u043d\u043d\u043e\u0433\u043e \u0448\u0430\u0431\u043b\u043e\u043d\u0430. \n\n\u041e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0434\u0435\u0442\u0430\u043b\u0435\u0439, \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0432 \u0431\u043b\u043e\u0433\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438\u0437 Wiz, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442 \u0438\u0437-\u0437\u0430 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0442\u0435\u0440\u043f\u0440\u0435\u0442\u0430\u0446\u0438\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0445 \u0441\u0438\u043c\u0432\u043e\u043b\u043e\u0432 \\r\\n \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u043c\u0438 \u043f\u0430\u0440\u0441\u0435\u0440\u0430\u043c\u0438. \u0414\u043b\u044f \u043f\u0430\u0440\u0441\u0438\u043d\u0433\u0430 YAML \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u0433\u043e \u0442\u0435\u043c\u043f\u043b\u0435\u0439\u0442\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0430 gopkg.in/yaml.v2, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u043d\u0442\u0435\u0440\u043f\u0440\u0435\u0442\u0438\u0440\u0443\u0435\u0442  x0A (\\n), x0D (\\r) \u0438\u043b\u0438 \u043a\u043e\u043c\u0431\u0438\u043d\u0430\u0446\u0438\u044e (\\r\\n) \u043a\u0430\u043a \u043a\u043e\u043d\u0435\u0446 \u0441\u0442\u0440\u043e\u043a\u0438. \u0410 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u0434\u043f\u0438\u0441\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 regex (?m)^#\\\\sdigest:\\s.+$  \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u0434\u043f\u0438\u0441\u0438 \u043f\u043e\u0441\u043b\u0435 # digest:\n\n\u0410 \u0442\u0430\u043a \u043a\u0430\u043a \u043b\u043e\u0433\u0438\u043a\u0430 \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u0434\u043f\u0438\u0441\u0438 \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442, \u0447\u0442\u043e \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u0442\u0441\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u0435\u0440\u0432\u043e\u0435 \u0432\u0445\u043e\u0436\u0434\u0435\u043d\u0438\u0435 \u0438 \u0441\u0438\u043c\u0432\u043e\u043b\u044b \\\\r \u0431\u0443\u0434\u0443\u0442 \u0438\u043d\u0442\u0435\u0440\u043f\u0440\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f regex \u043f\u0430\u0440\u0441\u0435\u0440\u043e\u043c \u043a\u0430\u043a \u0447\u0430\u0441\u0442\u044c \u0441\u0442\u0440\u043e\u043a\u0438, \u0430 YAML \u043f\u0430\u0440\u0441\u0435\u0440 \u0431\u0443\u0434\u0435\u0442 \u0441\u0447\u0438\u0442\u0430\u0442\u044c \u0438\u0445 \u0443\u043a\u0430\u0437\u0430\u043d\u0438\u0435\u043c \u043d\u0430 \u043f\u0435\u0440\u0435\u043d\u043e\u0441 \u0441\u0442\u0440\u043e\u043a\u0438\ud83d\ude48 \u0430 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u0435\u0440\u0435\u0434 \u043f\u043e\u0434\u0441\u0447\u0435\u0442\u043e\u043c \u0445\u0435\u0448\u0430 \u0443\u0434\u0430\u043b\u044f\u0435\u0442 \u0432\u0441\u0435 \u0441\u0442\u0440\u043e\u043a\u0438 \u0441 # digest: \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u043c\u043e\u0436\u043d\u043e \u0432\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432\u043e \u0432\u0442\u043e\u0440\u043e\u0435 \u0432\u0445\u043e\u0436\u0434\u0435\u043d\u0438\u0435 \u0438 \u043e\u043d \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u043f\u0440\u043e\u0439\u0434\u0435\u0442 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u0438 \u0431\u0443\u0434\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d:\n\n# digest: \n# digest: \\rcode:\\r\\r  engine:\\r    - sh\\r  source: |\\r    echo \"This is injected and executed!\" &gt; /tmp/payload.txt\n\n\u0422\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0435\u043c\u0441\u044f \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 Nuclei 3.3.2 \u0438 \u0432\u044b\u0448\u0435, \u0430 \u043b\u0443\u0447\u0448\u0435 \u0432\u043e\u043e\u0431\u0449\u0435 \u043d\u0438\u043a\u043e\u0433\u0434\u0430 \u043d\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c \u0447\u0443\u0436\u0438\u0435 \u0442\u0435\u043c\u043f\u043b\u0435\u0439\u0442\u044b \u0431\u0435\u0437 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0432\u0435\u0440\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u0433\u043e, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0435\u0441\u043b\u0438 \u044d\u0442\u043e \u0432\u0441\u044f\u043a\u0438\u0435 \u0430\u0433\u0440\u0435\u0433\u0430\u0442\u043e\u0440\u044b \u0441ommunity \u0442\u0435\u043c\u043f\u043b\u0435\u0439\u0442\u043e\u0432\ud83d\ude01", "creation_timestamp": "2025-01-09T07:17:41.000000Z"}, {"uuid": "db846bfb-67fc-4a95-8d74-4b08dd916fc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43405", "type": "published-proof-of-concept", "source": "Telegram/S8xRhdRdfT1KwVRORYx0vvZjx5Uo2g1EXC-v41jnDf5H7Q", "content": "", "creation_timestamp": "2025-01-05T17:37:25.000000Z"}, {"uuid": "5e0df543-fdc0-4042-ac8a-02716fae651a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43402", "type": "seen", "source": "https://t.me/cvedetector/4816", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43402 - \"Rust std::process::Command Windows Batch File Escaping Bypass\"\", \n  \"Content\": \"CVE ID : CVE-2024-43402 \nPublished : Sept. 4, 2024, 4:15 p.m. | 44\u00a0minutes ago \nDescription : Rust is a programming language. The fix for CVE-2024-24576, where `std::process::Command` incorrectly escaped arguments when invoking batch files on Windows, was incomplete. Prior to Rust version 1.81.0, it was possible to bypass the fix when the batch file name had trailing whitespace or periods (which are ignored and stripped by Windows). To determine whether to apply the `cmd.exe` escaping rules, the original fix for the vulnerability checked whether the command name ended with `.bat` or `.cmd`. At the time that seemed enough, as we refuse to invoke batch scripts with no file extension. Windows removes trailing whitespace and periods when parsing file paths. For example, `.bat. .` is interpreted by Windows as `.bat`, but the original fix didn't check for that. Affected users who are using Rust 1.77.2 or greater can remove the trailing whitespace (ASCII 0x20) and trailing periods (ASCII 0x2E) from the batch file name to bypass the incomplete fix and enable the mitigations. Users are affected if their code or one of their dependencies invoke a batch script on Windows with trailing whitespace or trailing periods in the name, and pass untrusted arguments to it. Rust 1.81.0 will update the standard library to apply the CVE-2024-24576 mitigations to all batch files invocations, regardless of the trailing chars in the file name. \nSeverity: 8.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-04T19:25:39.000000Z"}, {"uuid": "0354fcc4-1a67-429b-9a6d-367f9aa597c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43405", "type": "seen", "source": "https://t.me/cvedetector/4815", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43405 - Nuclei Newline Injection Signature Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-43405 \nPublished : Sept. 4, 2024, 4:15 p.m. | 44\u00a0minutes ago \nDescription : Nuclei is a vulnerability scanner powered by YAML based templates. Starting in version 3.0.0 and prior to version 3.3.2, a vulnerability in Nuclei's template signature verification system could allow an attacker to bypass the signature check and possibly execute malicious code via custom code template. The vulnerability is present in the template signature verification process, specifically in the `signer` package. The vulnerability stems from a discrepancy between how the signature verification process and the YAML parser handle newline characters, combined with the way multiple signatures are processed. This allows an attacker to inject malicious content into a template while maintaining a valid signature for the benign part of the template. CLI users are affected if they execute custom code templates from unverified sources. This includes templates authored by third parties or obtained from unverified repositories. SDK Users are affected if they are developers integrating Nuclei into their platforms, particularly if they permit the execution of custom code templates by end-users. The vulnerability is addressed in Nuclei v3.3.2. Users are strongly recommended to update to this version to mitigate the security risk. As an interim measure, users should refrain from using custom templates if unable to upgrade immediately. Only trusted, verified templates should be executed. Those who are unable to upgrade Nuclei should disable running custom code templates as a workaround. \nSeverity: 7.4 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-04T19:25:35.000000Z"}, {"uuid": "931d9ea8-b8f2-48ff-bd6a-f3d4ffe488bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43401", "type": "seen", "source": "https://t.me/cvedetector/3527", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43401 - XWiki Platform XSS Through WYSIWYG Editor\", \n  \"Content\": \"CVE ID : CVE-2024-43401 \nPublished : Aug. 19, 2024, 5:15 p.m. | 40\u00a0minutes ago \nDescription : XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A user without script/programming right can trick a user with elevated rights to edit a content with a malicious payload using a WYSIWYG editor. The user with elevated rights is not warned beforehand that they are going to edit possibly dangerous content. The payload is executed at edit time. This vulnerability has been patched in XWiki 15.10RC1. \nSeverity: 9.0 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-19T20:12:25.000000Z"}, {"uuid": "0389f893-38ac-490b-a8aa-0f529d58b3c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43400", "type": "seen", "source": "https://t.me/cvedetector/3526", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43400 - XWiki Platform JavaScript Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-43400 \nPublished : Aug. 19, 2024, 5:15 p.m. | 40\u00a0minutes ago \nDescription : XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It is possible for a user without Script or Programming rights to craft a URL pointing to a page with arbitrary JavaScript. This requires social engineer to trick a user to follow the URL. This has been patched in XWiki 14.10.21, 15.5.5, 15.10.6 and 16.0.0. \nSeverity: 9.0 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-19T20:12:23.000000Z"}, {"uuid": "d98d87e7-1fda-4780-b7cc-eaffda3356fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43403", "type": "seen", "source": "https://t.me/cvedetector/3692", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43403 - Kanister Default-Kanister-Operator Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-43403 \nPublished : Aug. 20, 2024, 10:15 p.m. | 22\u00a0minutes ago \nDescription : Kanister is a data protection workflow management tool. The kanister has a deployment called default-kanister-operator, which is bound with a ClusterRole called edit via ClusterRoleBinding. The \"edit\" ClusterRole is one of Kubernetes default-created ClusterRole, and it has the create/patch/udpate verbs of daemonset resources, create verb of serviceaccount/token resources, and impersonate verb of serviceaccounts resources. A malicious user can leverage access the worker node which has this component to make a cluster-level privilege escalation. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-21T00:39:47.000000Z"}, {"uuid": "95982e6a-c456-40f0-a52b-fb001ba99ebb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43404", "type": "seen", "source": "https://t.me/cvedetector/3650", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43404 - Discord MEGABOT Math Command Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-43404 \nPublished : Aug. 20, 2024, 3:15 p.m. | 42\u00a0minutes ago \nDescription : MEGABOT is a fully customized Discord bot for learning and fun. The `/math` command and functionality of MEGABOT versions Severity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-20T17:58:17.000000Z"}, {"uuid": "75d845ea-08b4-4b54-b875-c9db8a971fcd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43408", "type": "seen", "source": "https://t.me/cvedetector/3672", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43408 - Discourse CSRF Stored XSS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-43408 \nPublished : Aug. 20, 2024, 5:15 p.m. | 23\u00a0minutes ago \nDescription : Discourse Placeholder Forms will let you build dynamic documentation. Unsanitized and stored user input was injected in the html of the post. The vulnerability is fixed in commit a62f711d5600e4e5d86f342d52932cb6221672e7. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-20T19:39:01.000000Z"}, {"uuid": "e05cb487-f48c-477c-bbf9-00cc5a6897d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43409", "type": "seen", "source": "https://t.me/cvedetector/3647", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43409 - Ghost Node.js Unauthenticated Member Access Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-43409 \nPublished : Aug. 20, 2024, 3:15 p.m. | 42\u00a0minutes ago \nDescription : Ghost is a Node.js content management system. Improper authentication on some endpoints used for member actions would allow an attacker to perform member-only actions, and read member information. This security vulnerability is present in Ghost v4.46.0-v5.89.4. v5.89.5 contains a fix for this issue. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-20T17:58:14.000000Z"}, {"uuid": "d60750d6-6189-4aa6-9aab-62791198e55c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43406", "type": "seen", "source": "https://t.me/cvedetector/3646", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43406 - LF Edge eKuiper SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-43406 \nPublished : Aug. 20, 2024, 3:15 p.m. | 42\u00a0minutes ago \nDescription : LF Edge eKuiper is a lightweight IoT data analytics and stream processing engine running on resource-constraint edge devices. A user could utilize and exploit SQL Injection to allow the execution of malicious SQL query via Get method in sqlKvStore. This vulnerability is fixed in 1.14.2. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-20T17:58:14.000000Z"}, {"uuid": "296538c8-3891-494e-9ee4-2e9a849562f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43405", "type": "published-proof-of-concept", "source": "Telegram/2AqCnprDXEkBMijrttG74WOAa6yoIjWWIk4iK4culV972Q", "content": "", "creation_timestamp": "2025-01-04T16:44:38.000000Z"}, {"uuid": "38049022-6094-419f-9098-f8b49615a69d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43405", "type": "published-proof-of-concept", "source": "https://t.me/ZeroDay_ru/371", "content": "#exploit\n1. CVE-2024-43405:\nNuclei Signature Verification Bypass\nhttps://www.wiz.io/blog/nuclei-signature-verification-bypass\n\n2. CVE-2024-6387:\nRegreSSHion Code Execution Vulnerability\nhttps://cybersecuritynews.com/regresshion-code-execution-vulnerability", "creation_timestamp": "2025-01-07T11:00:18.000000Z"}, {"uuid": "a6e595b0-e138-404d-816e-d8f289495d5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43405", "type": "seen", "source": "https://bsky.app/profile/wizsecurity.bsky.social/post/3letvtvrric2i", "content": "", "creation_timestamp": "2025-01-03T15:30:05.695433Z"}, {"uuid": "66a3c0fa-dbb2-473c-b8a1-efd8e5a2d9cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43405", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113765200463760436", "content": "", "creation_timestamp": "2025-01-03T15:46:37.398056Z"}, {"uuid": "16d876de-8c8f-4a37-97a4-2a7af0a12e9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43405", "type": "seen", "source": "https://thehackernews.com/2025/01/researchers-uncover-nuclei.html", "content": "", "creation_timestamp": "2025-01-04T13:29:00.000000Z"}, {"uuid": "443248e2-483a-40c3-a8b3-ae81555e1b65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43405", "type": "seen", "source": "https://infosec.exchange/users/DarkWebInformer/statuses/113772580097112974", "content": "", "creation_timestamp": "2025-01-04T23:03:21.345145Z"}, {"uuid": "258494cf-9251-4332-95b1-c98ad03af24e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43405", "type": "seen", "source": "https://bsky.app/profile/gothburz.bsky.social/post/3lexdfhjfqf2p", "content": "", "creation_timestamp": "2025-01-05T00:10:29.284705Z"}, {"uuid": "67d7f932-5a9f-4bbc-8837-3df236a248bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43405", "type": "seen", "source": "https://bsky.app/profile/gothburz.bsky.social/post/3lexea2qfar2n", "content": "", "creation_timestamp": "2025-01-05T00:25:21.367497Z"}, {"uuid": "e3b0495c-45c9-40c1-8f8d-839a05492863", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43405", "type": "seen", "source": "https://bsky.app/profile/gothburz.bsky.social/post/3lexea2xdvn2p", "content": "", "creation_timestamp": "2025-01-05T00:25:22.421083Z"}, {"uuid": "bfec7d6a-c654-406a-80ff-0b2ba4077c2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43405", "type": "seen", "source": "https://bsky.app/profile/wiretor.bsky.social/post/3lezb2s4mjs22", "content": "", "creation_timestamp": "2025-01-05T18:34:09.749515Z"}, {"uuid": "29b3656c-4af1-48eb-9bd7-2664cf5dcf61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43405", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lf2572wycs23", "content": "", "creation_timestamp": "2025-01-06T02:57:31.605398Z"}, {"uuid": "36623faa-c9ba-4fe5-994b-45f5b7653610", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43402", "type": "seen", "source": "https://bsky.app/profile/puretech.news/post/3ludjb5mh4y2w", "content": "", "creation_timestamp": "2025-07-19T17:45:18.597780Z"}, {"uuid": "af615c8a-c1bb-4a34-aca0-7a4c6dd09ae7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43402", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3luglqb4k7k2a", "content": "", "creation_timestamp": "2025-07-20T23:07:32.222155Z"}, {"uuid": "98e797de-59d8-41c8-af6d-467ca1091118", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43400", "type": "published-proof-of-concept", "source": "Telegram/9rrZvfszAHZD2Hy5bgM2y6D8Ak30deFhbRog-CCMeIQg31E", "content": "", "creation_timestamp": "2025-12-15T21:00:05.000000Z"}, {"uuid": "ee978714-dd85-4ea4-82ab-8080bdab6bc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43403", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/206", "content": "#exploit\n1. CVE-2024-41660:\nVulnerability in OpenBMC\nhttps://tetrelsec.com/posts/cve-2024-41660-slpd-lite\n\n2. CVE-2024-43403:\nKanister Vulnerability\nhttps://github.com/kanisterio/kanister/security/advisories/GHSA-h27c-6xm3-mcqp", "creation_timestamp": "2024-08-25T04:20:02.000000Z"}, {"uuid": "d5d14c27-f7ca-41b4-b827-bce6728c8add", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43405", "type": "seen", "source": "Telegram/DY1mOfCmszcdwfipZJ--x-ii3_QVIJZdIvMGviJ9viGTpg", "content": "", "creation_timestamp": "2025-01-05T17:47:49.000000Z"}, {"uuid": "5d1b0c82-a3a5-4d01-bf60-aceb4bcbfe07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43407", "type": "seen", "source": "https://t.me/cvedetector/3773", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43407 - CKEditor4 GeSHi Plugin Reflected Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-43407 \nPublished : Aug. 21, 2024, 3:15 p.m. | 37\u00a0minutes ago \nDescription : CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A potential vulnerability has been discovered in CKEditor 4 Code Snippet GeSHi plugin. The vulnerability allowed a reflected XSS attack by exploiting a flaw in the GeSHi syntax highlighter library hosted by the victim. The GeSHi library was included as a vendor dependency in CKEditor 4 source files. In a specific scenario, an attacker could craft a malicious script that could be executed by sending a request to the GeSHi library hosted on a PHP web server. The GeSHi library is no longer actively maintained. Due to the lack of ongoing support and updates, potential security vulnerabilities have been identified with its continued use. To mitigate these risks and enhance the overall security of the CKEditor 4, we have decided to completely remove the GeSHi library as a dependency. This change aims to maintain a secure environment and reduce the risk of any security incidents related to outdated or unsupported software. The fix is be available in version 4.25.0-lts. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-21T18:14:46.000000Z"}, {"uuid": "d4c8f8a7-13ca-4f2a-9b55-5644248d8eb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43403", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/208", "content": "#exploit\n1. CVE-2024-41660:\nVulnerability in OpenBMC\nhttps://tetrelsec.com/posts/cve-2024-41660-slpd-lite\n\n2. CVE-2024-43403:\nKanister Vulnerability\nhttps://github.com/kanisterio/kanister/security/advisories/GHSA-h27c-6xm3-mcqp", "creation_timestamp": "2024-08-25T20:54:36.000000Z"}, {"uuid": "93e4579a-4cd6-43f7-9d93-d4666dbcab77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43403", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/10921", "content": "\u200aCVE-2024-43403: Kanister Vulnerability Opens Door to Cluster-Level Privilege Escalation\n\nhttps://securityonline.info/cve-2024-43403-kanister-vulnerability-opens-door-to-cluster-level-privilege-escalation/", "creation_timestamp": "2024-08-22T12:21:40.000000Z"}]}