{"vulnerability": "CVE-2024-4775", "sightings": [{"uuid": "b657c095-1c5a-48db-9bce-4b474a4a8f80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47758", "type": "seen", "source": "https://t.me/cvedetector/12637", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-47758 - GLPI Privilege Escalationliable\", \n \"Content\": \"CVE ID : CVE-2024-47758 \nPublished : Dec. 11, 2024, 4:15 p.m. | 25\u00a0minutes ago \nDescription : GLPI is a free asset and IT management software package. Starting in version 9.3.0 and prior to version 10.0.17, an authenticated user can use the API to take control of any user that have the same or a lower level of privileges. Version 10.0.17 contains a patch. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"11 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-11T17:44:48.000000Z"}, {"uuid": "3938309f-8ebf-4f02-85b9-726f93d4ce5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47759", "type": "seen", "source": "https://t.me/cvedetector/11141", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-47759 - GLPI SVG Malicious Script Execution\", \n \"Content\": \"CVE ID : CVE-2024-47759 \nPublished : Nov. 15, 2024, 6:15 p.m. | 42\u00a0minutes ago \nDescription : GLPI is a free Asset and IT management software package. An technician can upload a SVG containing a malicious script. The script will then be executed when any user will try to see the document contents. Upgrade to 10.0.17. \nSeverity: 0.0 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"15 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-15T19:58:19.000000Z"}, {"uuid": "393acc85-367f-488d-93ff-161f97be4174", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47756", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "637820a2-7e60-40ea-bc11-fa2e331ecced", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47757", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "8816df21-5f3b-4a00-ac60-9f46380c248d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47754", "type": "seen", "source": "https://t.me/cvedetector/8489", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-47754 - Mediatek Media Linux.kernel Kernel Panic\", \n \"Content\": \"CVE ID : CVE-2024-47754 \nPublished : Oct. 21, 2024, 1:15 p.m. | 41\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nmedia: mediatek: vcodec: Fix H264 multi stateless decoder smatch warning \n \nFix a smatch static checker warning on vdec_h264_req_multi_if.c. \nWhich leads to a kernel crash when fb is NULL. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"21 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-21T16:01:01.000000Z"}, {"uuid": "84af862c-b2f9-496f-babe-10e811acb308", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47753", "type": "seen", "source": "https://t.me/cvedetector/8488", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-47753 - Mediatek Media VP8 Decoder Kernel Null Pointer Dereference\", \n \"Content\": \"CVE ID : CVE-2024-47753 \nPublished : Oct. 21, 2024, 1:15 p.m. | 41\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nmedia: mediatek: vcodec: Fix VP8 stateless decoder smatch warning \n \nFix a smatch static checker warning on vdec_vp8_req_if.c. \nWhich leads to a kernel crash when fb is NULL. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"21 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-21T16:01:00.000000Z"}, {"uuid": "abc61ce3-3c2c-4667-9733-22f54d02b044", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47751", "type": "seen", "source": "https://t.me/cvedetector/8496", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-47751 - Linux Kernel PCI Driver Buffer Overflow\", \n \"Content\": \"CVE ID : CVE-2024-47751 \nPublished : Oct. 21, 2024, 1:15 p.m. | 41\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nPCI: kirin: Fix buffer overflow in kirin_pcie_parse_port() \n \nWithin kirin_pcie_parse_port(), the pcie->num_slots is compared to \npcie->gpio_id_reset size (MAX_PCI_SLOTS) which is correct and would lead \nto an overflow. \n \nThus, fix condition to pcie->num_slots + 1 >= MAX_PCI_SLOTS and move \npcie->num_slots increment below the if-statement to avoid out-of-bounds \narray access. \n \nFound by Linux Verification Center (linuxtesting.org) with SVACE. \n \n[kwilczynski: commit log] \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"21 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-21T16:01:10.000000Z"}, {"uuid": "21093063-23b3-4855-a289-77cecc941a12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47752", "type": "seen", "source": "https://t.me/cvedetector/8495", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-47752 - Mediatek Linux Kernel Cross-Site Request Forgery (CSRF)\", \n \"Content\": \"CVE ID : CVE-2024-47752 \nPublished : Oct. 21, 2024, 1:15 p.m. | 41\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nmedia: mediatek: vcodec: Fix H264 stateless decoder smatch warning \n \nFix a smatch static checker warning on vdec_h264_req_if.c. \nWhich leads to a kernel crash when fb is NULL. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"21 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-21T16:01:09.000000Z"}, {"uuid": "ff1d2cbe-2aed-45be-8bae-76d48e286322", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47750", "type": "seen", "source": "https://t.me/cvedetector/8494", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-47750 - Huawei RDMA Use-After-Free Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-47750 \nPublished : Oct. 21, 2024, 1:15 p.m. | 42\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nRDMA/hns: Fix Use-After-Free of rsv_qp on HIP08 \n \nCurrently rsv_qp is freed before ib_unregister_device() is called \non HIP08. During the time interval, users can still dereg MR and \nrsv_qp will be used in this process, leading to a UAF. Move the \nrelease of rsv_qp after calling ib_unregister_device() to fix it. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"21 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-21T16:01:08.000000Z"}, {"uuid": "014d749c-a384-49c1-a04f-55a15ac5743d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47757", "type": "seen", "source": "https://t.me/cvedetector/8492", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-47757 - Linux Kernel Nilfs2 Out of Bounds Read Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-47757 \nPublished : Oct. 21, 2024, 1:15 p.m. | 41\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nnilfs2: fix potential oob read in nilfs_btree_check_delete() \n \nThe function nilfs_btree_check_delete(), which checks whether degeneration \nto direct mapping occurs before deleting a b-tree entry, causes memory \naccess outside the block buffer when retrieving the maximum key if the \nroot node has no entries. \n \nThis does not usually happen because b-tree mappings with 0 child nodes \nare never created by mkfs.nilfs2 or nilfs2 itself. However, it can happen \nif the b-tree root node read from a device is configured that way, so fix \nthis potential issue by adding a check for that case. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"21 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-21T16:01:04.000000Z"}, {"uuid": "c2cda03f-d673-43ae-8c03-356cf6640976", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47756", "type": "seen", "source": "https://t.me/cvedetector/8491", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-47756 - Linux PCI Keystone NULL Pointer Dereference Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-47756 \nPublished : Oct. 21, 2024, 1:15 p.m. | 41\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nPCI: keystone: Fix if-statement expression in ks_pcie_quirk() \n \nThis code accidentally uses && where || was intended. It potentially \nresults in a NULL dereference. \n \nThus, fix the if-statement expression to use the correct condition. \n \n[kwilczynski: commit log] \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"21 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-21T16:01:03.000000Z"}, {"uuid": "e088e791-79fa-4217-94a3-da6c083c98af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47755", "type": "seen", "source": "https://t.me/cvedetector/8490", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-47755 - Linux NVDIMM Memory Leak Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-47755 \nPublished : Oct. 21, 2024, 1:15 p.m. | 41\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nnvdimm: Fix devs leaks in scan_labels() \n \nscan_labels() leaks memory when label scanning fails and it falls back \nto just creating a default \"seed\" namespace for userspace to configure. \nRoot can force the kernel to leak memory. \n \nAllocate the minimum resources unconditionally and release them when \nunneeded to avoid the memory leak. \n \nA kmemleak reports: \nunreferenced object 0xffff88800dda1980 (size 16): \n comm \"kworker/u10:5\", pid 69, jiffies 4294671781 \n hex dump (first 16 bytes): \n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ \n backtrace (crc 0): \n [<00000000c5dea560] __kmalloc+0x32c/0x470 \n [<000000009ed43c83] nd_region_register_namespaces+0x6fb/0x1120 [libnvdimm] \n [<000000000e07a65c] nd_region_probe+0xfe/0x210 [libnvdimm] \n [<000000007b79ce5f] nvdimm_bus_probe+0x7a/0x1e0 [libnvdimm] \n [<00000000a5f3da2e] really_probe+0xc6/0x390 \n [<00000000129e2a69] __driver_probe_device+0x78/0x150 \n [<000000002dfed28b] driver_probe_device+0x1e/0x90 \n [<00000000e7048de2] __device_attach_driver+0x85/0x110 \n [<0000000032dca295] bus_for_each_drv+0x85/0xe0 \n [<00000000391c5a7d] __device_attach+0xbe/0x1e0 \n [<0000000026dabec0] bus_probe_device+0x94/0xb0 \n [<00000000c590d936] device_add+0x656/0x870 \n [<000000003d69bfaa] nd_async_device_register+0xe/0x50 [libnvdimm] \n [<000000003f4c52a4] async_run_entry_fn+0x2e/0x110 \n [<00000000e201f4b0] process_one_work+0x1ee/0x600 \n [<000000006d90d5a9] worker_thread+0x183/0x350 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"21 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-21T16:01:02.000000Z"}, {"uuid": "5b569ce7-d829-4362-8b92-a59468947492", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47758", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113635001277155546", "content": "", "creation_timestamp": "2024-12-11T15:55:15.418042Z"}]}