{"vulnerability": "CVE-2024-4503", "sightings": [{"uuid": "6bf53e23-5669-4192-9df0-ec598e59c6ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45031", "type": "seen", "source": "https://t.me/cvedetector/8803", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45031 - Apache Syncope Stored Cross-Site Scripting (XSS) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45031 \nPublished : Oct. 24, 2024, 3:15 p.m. | 19\u00a0minutes ago \nDescription : When editing objects in the Syncope Console, incomplete HTML tags could be used to bypass HTML sanitization. This made it possible to inject stored XSS payloads which would trigger for other users during ordinary usage of the application.  \nXSS payloads could also be injected in Syncope Enduser when editing \u201cPersonal Information\u201d or \u201cUser Requests\u201d: such payloads would trigger for administrators in Syncope Console, thus enabling session hijacking.  \n  \nUsers are recommended to upgrade to version 3.0.9, which fixes this issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-24T17:39:16.000000Z"}, {"uuid": "a960cce9-61ce-4f77-87cc-03a0c2780818", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45037", "type": "seen", "source": "https://t.me/cvedetector/4273", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45037 - AWS CDK Cognito User Pool Authorizer Access Control Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-45037 \nPublished : Aug. 27, 2024, 7:15 p.m. | 43\u00a0minutes ago \nDescription : The AWS Cloud Development Kit (CDK) is an open-source framework for defining cloud infrastructure using code. Customers use it to create their own applications which are converted to AWS CloudFormation templates during deployment to a customer\u2019s AWS account. CDK contains pre-built components called \"constructs\" that are higher-level abstractions providing defaults and best practices. This approach enables developers to use familiar programming languages to define complex cloud infrastructure more efficiently than writing raw CloudFormation templates. We identified an issue in AWS Cloud Development Kit (CDK) which, under certain conditions, can result in granting authenticated Amazon Cognito users broader than intended access. Specifically, if a CDK application uses the \"RestApi\" construct with \"CognitoUserPoolAuthorizer\" as the authorizer and uses authorization scopes to limit access. This issue does not affect the availability of the specific API resources. Authenticated Cognito users may gain unintended access to protected API resources or methods, leading to potential data disclosure, and modification issues.  Impacted versions: >=2.142.0;=2.148.1. Users are advised to upgrade their AWS CDK version to 2.148.1 or newer and re-deploy their application(s) to address this issue. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-27T22:24:53.000000Z"}, {"uuid": "ba3880c5-6f45-44c2-aafc-7c2025541bf1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45032", "type": "seen", "source": "https://t.me/cvedetector/5207", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45032 - Industrial Edge Management Device Token Impersonation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45032 \nPublished : Sept. 10, 2024, 10:15 a.m. | 39\u00a0minutes ago \nDescription : A vulnerability has been identified in Industrial Edge Management Pro (All versions Severity: 10.0 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-10T13:23:45.000000Z"}, {"uuid": "d581d9cc-3dff-4f51-a061-94a8d2bf0563", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45033", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lf7yqhc2km2k", "content": "", "creation_timestamp": "2025-01-08T10:53:44.005273Z"}, {"uuid": "25335a05-c2c0-44a8-a5e9-fc8f583b953b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45033", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lfaj3hdb4p25", "content": "", "creation_timestamp": "2025-01-08T15:46:13.324355Z"}, {"uuid": "c12a36a9-240c-4dd0-8f9d-337dcd729fba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45033", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113791870409998283", "content": "", "creation_timestamp": "2025-01-08T08:49:08.107904Z"}, {"uuid": "81e48291-6db2-4e69-9fbb-39ef9163a654", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45033", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf7tba3pni22", "content": "", "creation_timestamp": "2025-01-08T09:15:44.370026Z"}, {"uuid": "ce80500f-41cf-4dc3-873d-056707f962ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45030", "type": "seen", "source": "https://t.me/cvedetector/5372", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45030 - Intel igb Linux Kernel Fragment Corruption Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45030 \nPublished : Sept. 11, 2024, 4:15 p.m. | 16\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nigb: cope with large MAX_SKB_FRAGS  \n  \nSabrina reports that the igb driver does not cope well with large  \nMAX_SKB_FRAG values: setting MAX_SKB_FRAG to 45 causes payload  \ncorruption on TX.  \n  \nAn easy reproducer is to run ssh to connect to the machine.  With  \nMAX_SKB_FRAGS=17 it works, with MAX_SKB_FRAGS=45 it fails.  This has  \nbeen reported originally in  \n  \n  \nThe root cause of the issue is that the driver does not take into  \naccount properly the (possibly large) shared info size when selecting  \nthe ring layout, and will try to fit two packets inside the same 4K  \npage even when the 1st fraglist will trump over the 2nd head.  \n  \nAddress the issue by checking if 2K buffers are insufficient. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-11T18:41:27.000000Z"}, {"uuid": "4392a8ab-68b8-4e0d-bf12-295683696a69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45038", "type": "seen", "source": "https://t.me/cvedetector/4281", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45038 - Meshtastic Device Firmware MQTT Denial of Service Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45038 \nPublished : Aug. 27, 2024, 9:15 p.m. | 34\u00a0minutes ago \nDescription : Meshtastic device firmware is a firmware for meshtastic devices to run an open source, off-grid, decentralized, mesh network built to run on affordable, low-power devices. Meshtastic device firmware is subject to a denial of serivce vulnerability in MQTT handling, fixed in version 2.4.1 of the Meshtastic firmware and on the Meshtastic public MQTT Broker. It's strongly suggested that all users of Meshtastic, particularly those that connect to a privately hosted MQTT server, update to this or a more recent stable version right away. There are no known workarounds for this vulnerability. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-28T00:05:13.000000Z"}, {"uuid": "5a70d6e2-dc36-424b-a0a6-ff5ecb563bdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45034", "type": "seen", "source": "https://t.me/cvedetector/5013", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45034 - Apache Airflow Path Traversal Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45034 \nPublished : Sept. 7, 2024, 8:15 a.m. | 34\u00a0minutes ago \nDescription : Apache Airflow versions before 2.10.1 have a vulnerability that allows\u00a0DAG authors to add local settings to the DAG folder and get it executed by the scheduler, where the scheduler is not supposed to execute code submitted by the DAG author.   \nUsers are advised to upgrade to version 2.10.1 or later, which has fixed the vulnerability. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-07T10:59:09.000000Z"}, {"uuid": "ae5a2402-55b4-49d5-aee4-577a6602761b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45039", "type": "seen", "source": "https://t.me/cvedetector/4964", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45039 - Gnark Multiple Commitment Soundness Issue\", \n  \"Content\": \"CVE ID : CVE-2024-45039 \nPublished : Sept. 6, 2024, 1:15 p.m. | 23\u00a0minutes ago \nDescription : gnark is a fast zk-SNARK library that offers a high-level API to design circuits. Versions prior to 0.11.0 have a soundness issue - in case of multiple commitments used inside the circuit the prover is able to choose all but the last commitment. As gnark uses the commitments for optimized non-native multiplication, lookup checks etc. as random challenges, then it could impact the soundness of the whole circuit. However, using multiple commitments has been discouraged due to the additional cost to the verifier and it has not been supported in the recursive in-circuit Groth16 verifier and Solidity verifier. gnark's maintainers expect the impact of the issue be very small - only for the users who have implemented the native Groth16 verifier or are using it with multiple commitments. We do not have information of such users. The issue has been patched in version 0.11.0. As a workaround, users should follow gnark maintainers' recommendation to use only a single commitment and then derive in-circuit commitments as needed using the `std/multicommit` package. \nSeverity: 6.2 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-06T15:46:02.000000Z"}, {"uuid": "2c6e05cb-1432-4162-ac03-b1f70470d615", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45036", "type": "seen", "source": "https://t.me/cvedetector/4224", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45036 - Tophat Improper Access Control Token Exposure\", \n  \"Content\": \"CVE ID : CVE-2024-45036 \nPublished : Aug. 26, 2024, 11:15 p.m. | 46\u00a0minutes ago \nDescription : Tophat is a mobile applications testing harness. An Improper Access Control vulnerability can expose the `TOPHAT_APP_TOKEN` token stored in `~/.tophatrc` through use of a malicious Tophat URL controlled by the attacker. The vulnerability allows Tophat to send this token to the attacker's server without any checks to ensure that the server is trusted. This token can then be used to access internal build artifacts, for mobile applications, not intended to be public. The issue has been patched as of version 1.10.0.  The ability to request artifacts using a Tophat API has been deprecated as this flow was inherently insecure.  Systems that have implemented this kind of endpoint should cease use and invalidate the token immediately. There are no workarounds and all users should update as soon as possible. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-27T02:21:33.000000Z"}, {"uuid": "2726bd71-81c2-4d30-8816-f21d0a5fc928", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45033", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/679", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-45033\n\ud83d\udd39 Description: Insufficient Session Expiration vulnerability in Apache Airflow Fab Provider.\n\nThis issue affects Apache Airflow Fab Provider: before 1.5.2.\n\nWhen user password has been changed with admin CLI, the sessions for that user have not been cleared, leading to insufficient session expiration, thus logged users could continue to be logged in even after the password was changed. This only happened when the password was changed with CLI. The problem does not happen in case change was done with webserver thus this is different from\u00a0 CVE-2023-40273 https://github.com/advisories/GHSA-pm87-24wq-r8w9 \u00a0which was addressed in Apache-Airflow 2.7.0\n\n\nUsers are recommended to upgrade to version 1.5.2, which fixes the issue.\n\ud83d\udccf Published: 2025-01-08T08:41:39.579Z\n\ud83d\udccf Modified: 2025-01-08T08:41:39.579Z\n\ud83d\udd17 References:\n1. https://github.com/apache/airflow/pull/45139\n2. https://lists.apache.org/thread/yw535346rk766ybzpqtvrl36sjj789st", "creation_timestamp": "2025-01-08T09:12:24.000000Z"}, {"uuid": "13018462-c14f-47bd-a8b6-25f97d5d7260", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45033", "type": "seen", "source": "https://t.me/cvedetector/14673", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45033 - Apache Airflow Fab Provider Insufficient Session Expiration Remote Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-45033 \nPublished : Jan. 8, 2025, 9:15 a.m. | 30\u00a0minutes ago \nDescription : Insufficient Session Expiration vulnerability in Apache Airflow Fab Provider.  \n  \nThis issue affects Apache Airflow Fab Provider: before 1.5.2.  \n  \nWhen user password has been changed with admin CLI, the sessions for that user have not been cleared, leading to insufficient session expiration, thus logged users could continue to be logged in even after the password was changed. This only happened when the password was changed with CLI. The problem does not happen in case change was done with webserver thus this is different from\u00a0 CVE-2023-40273  \u00a0which was addressed in Apache-Airflow 2.7.0  \n  \n  \nUsers are recommended to upgrade to version 1.5.2, which fixes the issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-08T10:47:49.000000Z"}, {"uuid": "58f5b2c2-700c-4c52-9e8f-b50132975407", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45031", "type": "seen", "source": "https://t.me/HackerArsenal/625", "content": "\u203c\ufe0f CVE-2024-45031 \u203c\ufe0f\n\nWhen editing objects in the Syncope Console, incomplete HTML tags could be used to bypass HTML sanitization. This made it possible to inject stored XSS payloads which would trigger for other users during ordinary usage of the application. XSS payloads could also be injected in Syncope Enduser when editing Personal Information or User Requests such payloads would trigger for administrators in Syncope Console, thus enabling session hijacking.  Users are recommended to upgrade to version 3.0.9, which fixes this issue.\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"National Vulnerability Database\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity_CVEs", "creation_timestamp": "2024-10-24T20:06:50.000000Z"}, {"uuid": "95a4f653-5de5-491a-b33a-4ec2c816d49f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45033", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113793283502587294", "content": "", "creation_timestamp": "2025-01-08T14:48:30.929165Z"}]}