{"vulnerability": "CVE-2024-4524", "sightings": [{"uuid": "eb2ff789-f31c-4894-a27e-b8c655f89b3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45242", "type": "seen", "source": "https://t.me/cvedetector/8847", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45242 - EnGenius ENH1350EXT OS Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45242 \nPublished : Oct. 24, 2024, 8:15 p.m. | 15\u00a0minutes ago \nDescription : EnGenius ENH1350EXT A8J-ENH1350EXT devices through 3.9.3.2_c1.9.51 allow (blind) OS Command Injection via shell metacharacters to the Ping or Speed Test utility. During the time of initial setup, the device creates an open unsecured network whose admin panel is configured with the default credentials of admin/admin. An unauthorized attacker in proximity to the Wi-Fi network can exploit this window of time to execute arbitrary OS commands with root-level permissions. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-24T22:41:05.000000Z"}, {"uuid": "66f18dcd-76b7-4645-871d-110cb773af14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45240", "type": "seen", "source": "https://t.me/cvedetector/4067", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45240 - TikTok WebView Lynxview JavaScript Interface Takeover Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45240 \nPublished : Aug. 24, 2024, 11:15 p.m. | 22\u00a0minutes ago \nDescription : The TikTok (aka com.zhiliaoapp.musically) application before 34.5.5 for Android allows the takeover of Lynxview JavaScript interfaces via deeplink traversal (in the application's exposed WebView). (On Android 12 and later, this is only exploitable by third-party applications.) \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-25T01:44:46.000000Z"}, {"uuid": "d8942118-9f80-4f56-b032-47063e0254dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45244", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8397", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aChaincode for blockchain Hyperledger Fabric provides accurate time to other chaincodes. Thus solving the security problem associated with transaction time manipulation (CVE-2024-45244).\nURL\uff1ahttps://github.com/shanker-sec/hlf-time-oracle\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-08-28T15:26:11.000000Z"}, {"uuid": "180821c4-b0d3-4d7b-b390-8a36244d98fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45246", "type": "seen", "source": "https://t.me/cvedetector/7159", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45246 - Diebold Nixdorf LDAP Injection\", \n  \"Content\": \"CVE ID : CVE-2024-45246 \nPublished : Oct. 6, 2024, 12:15 p.m. | 29\u00a0minutes ago \nDescription : Diebold Nixdorf \u2013 CWE-427: Uncontrolled Search Path Element \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-06T14:52:56.000000Z"}, {"uuid": "2227a9cd-59b9-4dd3-9ac8-d5e5b8768568", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45247", "type": "seen", "source": "https://t.me/cvedetector/7156", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45247 - Sonarr Untrusted Site Open Redirect\", \n  \"Content\": \"CVE ID : CVE-2024-45247 \nPublished : Oct. 6, 2024, 12:15 p.m. | 29\u00a0minutes ago \nDescription : Sonarr \u2013 CWE-601: URL Redirection to Untrusted Site ('Open Redirect') \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-06T14:52:54.000000Z"}, {"uuid": "2143adea-0670-41f0-9ac3-e06d0878eb45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45245", "type": "seen", "source": "https://t.me/cvedetector/7114", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45245 - Diebold Nixdorf Information Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45245 \nPublished : Oct. 6, 2024, 8:15 a.m. | 16\u00a0minutes ago \nDescription : Diebold Nixdorf \u2013 CWE-200: Exposure of Sensitive Information to an Unauthorized Actor \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-06T10:41:30.000000Z"}, {"uuid": "0dd6b1b3-05f6-4547-aec1-1b0a314e8bcb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45241", "type": "seen", "source": "https://t.me/cvedetector/4102", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45241 - CentralSquare CryWolf Path Traversal Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-45241 \nPublished : Aug. 26, 2024, 7:15 a.m. | 16\u00a0minutes ago \nDescription : A traversal vulnerability in GeneralDocs.aspx in CentralSquare CryWolf (False Alarm Management) through 2024-08-09 allows unauthenticated attackers to read files outside of the working web directory via the rpt parameter, leading to the disclosure of sensitive information. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-26T09:31:39.000000Z"}, {"uuid": "d6ece11e-3f5f-4ada-aa80-bcd0eedd0d52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45244", "type": "seen", "source": "https://t.me/cvedetector/4078", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45244 - Hyperledger Fabric Timestamp Verification Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45244 \nPublished : Aug. 25, 2024, 2:15 a.m. | 36\u00a0minutes ago \nDescription : Hyperledger Fabric through 2.5.9 does not verify that a request has a timestamp within the expected time window. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-25T05:05:35.000000Z"}, {"uuid": "239e9fdf-c696-4f63-b0ff-2f881b04cc06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-4524", "type": "seen", "source": "Telegram/ntF7NSBjFY-QZfu2LcP4II1zSb8yv7osGSaWJg-8ATpUO7wL", "content": "", "creation_timestamp": "2025-02-19T19:13:57.000000Z"}, {"uuid": "ec3f5ff8-15c3-4e8c-a54e-307a9ff8a3e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45241", "type": "seen", "source": "https://t.me/arvinclub1/1139", "content": "CVE-2024-45241\n\ud83d\udccd A traversal vulnerability in GeneralDocs.aspx in CentralSquare CryWolf (False Alarm Management) through 2024-08-09 allows unauthenticated attackers to read files outside of the working web directory via the rpt parameter, leading to the disclosure of sensitive information.", "creation_timestamp": "2024-08-26T14:23:38.000000Z"}, {"uuid": "225d12c2-86c4-43a8-bce4-3236f5c56906", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45249", "type": "seen", "source": "https://t.me/cvedetector/7171", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45249 - Cavok SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-45249 \nPublished : Oct. 6, 2024, 1:15 p.m. | 18\u00a0minutes ago \nDescription : Cavok \u2013 CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-06T15:43:18.000000Z"}, {"uuid": "a37749aa-0212-4d9c-be1b-988e1e2fd3c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45248", "type": "seen", "source": "https://t.me/cvedetector/7170", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45248 - CentOS Apache Remote File Inclusion\", \n  \"Content\": \"CVE ID : CVE-2024-45248 \nPublished : Oct. 6, 2024, 1:15 p.m. | 18\u00a0minutes ago \nDescription : Multi-DNC \u2013 CWE-35: Path Traversal: '.../...//' \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-06T15:43:14.000000Z"}]}