{"vulnerability": "CVE-2024-4952", "sightings": [{"uuid": "f5b37454-361d-49fa-9481-7dd9901326a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49522", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113431437007904327", "content": "", "creation_timestamp": "2024-11-05T17:06:10.740917Z"}, {"uuid": "b83bb2b4-b72c-4cfd-ac86-1cf4779f7f5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49526", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113470887853011677", "content": "", "creation_timestamp": "2024-11-12T16:19:03.619828Z"}, {"uuid": "e83bd3a0-53c8-47f7-9712-8b2b21331cf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49528", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113470946869396068", "content": "", "creation_timestamp": "2024-11-12T16:34:03.361889Z"}, {"uuid": "f29841cc-1551-4aac-82a0-5c90a246bdcb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49529", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-24-1605/", "content": "", "creation_timestamp": "2024-11-21T05:00:00.000000Z"}, {"uuid": "eba00233-f194-46e2-aa71-0b2ee3f96b55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49527", "type": "seen", "source": "https://t.me/cvedetector/10663", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49527 - Animate Out-of-Bounds Read Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49527 \nPublished : Nov. 12, 2024, 5:15 p.m. | 33\u00a0minutes ago \nDescription : Animate versions 23.0.7, 24.0.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-12T18:53:45.000000Z"}, {"uuid": "336b27e4-24a8-4e31-ac0a-c9ea53fa2445", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49521", "type": "seen", "source": "https://t.me/cvedetector/10669", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49521 - Adobe Commerce SSRF\", \n  \"Content\": \"CVE ID : CVE-2024-49521 \nPublished : Nov. 12, 2024, 5:15 p.m. | 33\u00a0minutes ago \nDescription : Adobe Commerce versions 3.2.5 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to a security feature bypass. A low privileged attacker could exploit this vulnerability to send crafted requests from the vulnerable server to internal systems, which could result in the bypassing of security measures such as firewalls. Exploitation of this issue does not require user interaction. \nSeverity: 7.7 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-12T18:53:53.000000Z"}, {"uuid": "412122bc-c33a-4ad1-91b2-5c4efc77a385", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49525", "type": "seen", "source": "https://t.me/cvedetector/10716", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49525 - Substance3D Painter Heap-based Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49525 \nPublished : Nov. 12, 2024, 8:15 p.m. | 45\u00a0minutes ago \nDescription : Substance3D - Painter versions 10.1.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-12T22:15:21.000000Z"}, {"uuid": "042d020d-14f5-4ca7-acdd-d98eaf588471", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49523", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113443839058157320", "content": "", "creation_timestamp": "2024-11-07T21:40:12.224367Z"}, {"uuid": "0273b912-6371-4e3f-a3f8-6a5b6d2b304f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49524", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113443839072368968", "content": "", "creation_timestamp": "2024-11-07T21:40:12.437730Z"}, {"uuid": "f0253c31-e8f1-4ec9-b40f-7123dd7da7bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49527", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113470946854264197", "content": "", "creation_timestamp": "2024-11-12T16:34:03.201018Z"}, {"uuid": "9884d14a-ee7f-4f09-b84d-494ed7cfd494", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-4952", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhultnecqo2i", "content": "", "creation_timestamp": "2025-02-11T02:19:10.163940Z"}, {"uuid": "d8189587-d6d5-4f99-a0ae-c4a502f2361e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49520", "type": "seen", "source": "https://t.me/cvedetector/10719", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49520 - Substance3D Painter Content Spoofing Out-of-Bounds Write Vuln\", \n  \"Content\": \"CVE ID : CVE-2024-49520 \nPublished : Nov. 12, 2024, 8:15 p.m. | 45\u00a0minutes ago \nDescription : Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-12T22:15:24.000000Z"}, {"uuid": "1f051ab4-4aef-4ea2-bee6-136474a81cfe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49528", "type": "seen", "source": "https://t.me/cvedetector/10664", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49528 - Animate Out-of-Bounds Write Arbitrary Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49528 \nPublished : Nov. 12, 2024, 5:15 p.m. | 33\u00a0minutes ago \nDescription : Animate versions 23.0.7, 24.0.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-12T18:53:46.000000Z"}, {"uuid": "86cbf6f3-58b1-45ef-ade0-6f68b1e862dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49526", "type": "seen", "source": "https://t.me/cvedetector/10662", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49526 - Animate Use After Free Arbitrary Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49526 \nPublished : Nov. 12, 2024, 5:15 p.m. | 33\u00a0minutes ago \nDescription : Animate versions 23.0.7, 24.0.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-12T18:53:44.000000Z"}, {"uuid": "d56a3032-1b6a-4a1d-83c9-ba4b8c1e077f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49522", "type": "seen", "source": "https://t.me/cvedetector/9911", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49522 - Substance3D Painter Out-of-Bounds Write RCE Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49522 \nPublished : Nov. 5, 2024, 5:15 p.m. | 32\u00a0minutes ago \nDescription : Substance3D - Painter versions 10.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-05T18:54:01.000000Z"}, {"uuid": "fde1caa1-bdff-4397-9dbc-ee870e929826", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49529", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113521919604451904", "content": "", "creation_timestamp": "2024-11-21T16:37:05.851104Z"}, {"uuid": "c1aa60ab-25f9-4d1d-89d0-015fba32760e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49529", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113524033745422644", "content": "", "creation_timestamp": "2024-11-22T01:34:45.040281Z"}, {"uuid": "e58e1544-7c13-4eb5-a44c-316c661bbd5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49523", "type": "seen", "source": "https://t.me/cvedetector/10146", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49523 - Adobe Experience Manager Stored Cross-Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2024-49523 \nPublished : Nov. 7, 2024, 10:15 p.m. | 22\u00a0minutes ago \nDescription : Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-07T23:38:06.000000Z"}, {"uuid": "f3d68f8a-6b84-4382-b69b-3c160129d5c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49524", "type": "seen", "source": "https://t.me/cvedetector/10136", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49524 - Adobe Experience Manager DOM-based Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-49524 \nPublished : Nov. 7, 2024, 10:15 p.m. | 22\u00a0minutes ago \nDescription : Adobe Experience Manager versions 6.5.20 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session. By manipulating a DOM element through a crafted URL or user input, the attacker can inject malicious scripts that run when the page is rendered. This type of attack requires user interaction, as the victim would need to access a manipulated URL or provide specific input to trigger the vulnerability. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-07T23:37:52.000000Z"}]}