{"vulnerability": "CVE-2024-4996", "sightings": [{"uuid": "7b6336af-80c8-4c91-9be9-0be6e16ef9fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-4996", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113673628984567092", "content": "", "creation_timestamp": "2024-12-18T11:38:47.182719Z"}, {"uuid": "dcb697b5-81d5-41c2-8796-32e2318d3179", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49969", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "476f45f8-7040-4f5d-9ca0-9ab8c23ffce2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49968", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities_20260408", "content": "", "creation_timestamp": "2026-04-07T18:00:00.000000Z"}, {"uuid": "3a77cad5-3cdd-438d-96bb-83719e95b631", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49969", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16650", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-49969\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix index out of bounds in DCN30 color transformation\n\nThis commit addresses a potential index out of bounds issue in the\n`cm3_helper_translate_curve_to_hw_format` function in the DCN30 color\nmanagement module. The issue could occur when the index 'i' exceeds the\nnumber of transfer function points (TRANSFER_FUNC_POINTS).\n\nThe fix adds a check to ensure 'i' is within bounds before accessing the\ntransfer function points. If 'i' is out of bounds, the function returns\nfalse to indicate an error.\n\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn30/dcn30_cm_common.c:180 cm3_helper_translate_curve_to_hw_format() error: buffer overflow 'output_tf->tf_pts.red' 1025 <= s32max\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn30/dcn30_cm_common.c:181 cm3_helper_translate_curve_to_hw_format() error: buffer overflow 'output_tf->tf_pts.green' 1025 <= s32max\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn30/dcn30_cm_common.c:182 cm3_helper_translate_curve_to_hw_format() error: buffer overflow 'output_tf->tf_pts.blue' 1025 <= s32max\n\ud83d\udccf Published: 2024-10-21T18:02:19.044Z\n\ud83d\udccf Modified: 2025-05-16T07:25:05.887Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/7ab69af56a23859b647dee69fa1052c689343621\n2. https://git.kernel.org/stable/c/c13f9c62015c56a938304cef6d507227ea3e0039\n3. https://git.kernel.org/stable/c/0f1e222a4b41d77c442901d166fbdca967af0d86\n4. https://git.kernel.org/stable/c/929506d5671419cffd8d01e9a7f5eae53682a838\n5. https://git.kernel.org/stable/c/578422ddae3d13362b64e77ef9bab98780641631\n6. https://git.kernel.org/stable/c/b9d8b94ec7e67f0cae228c054f77b73967c389a3\n7. https://git.kernel.org/stable/c/d81873f9e715b72d4f8d391c8eb243946f784dfc", "creation_timestamp": "2025-05-16T07:34:04.000000Z"}, {"uuid": "1a799dcf-c1c5-4015-83b8-df412bd4b0a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49966", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "1e617da5-2d3f-4c5e-8ecf-82d88689e16b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49967", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "e2c206be-1746-4482-aab5-3f1e502cbb1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49962", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "3dd8ce1c-cc1f-4a71-9761-afd28ed3de4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49963", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "38431427-b643-47a8-94ca-ad213cb7ec8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49965", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "f718338e-b909-4656-a6e8-e8e2be632d9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-4996", "type": "seen", "source": "https://t.me/cvedetector/13194", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-4996 - Wapro ERP Hard-Coded Database Administrator Password Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-4996 \nPublished : Dec. 18, 2024, 12:15 p.m. | 23\u00a0minutes ago \nDescription : Use of a hard-coded password for a database administrator account created during Wapro ERP\u00a0installation allows an attacker to retrieve embedded sensitive data stored in the database. The password is same among all Wapro ERP\u00a0installations.\u00a0This issue affects Wapro ERP Desktop versions before 8.90.0. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-18T13:41:49.000000Z"}, {"uuid": "f62e3bf1-c0ab-49e5-a2d8-506533044491", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-49968", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "3b60b8b4-d163-4a2c-ae38-50159a2cab47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49968", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "d7c0ae58-ad5a-4d7c-a5bd-2499ae5f1af4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49968", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0397/", "content": "", "creation_timestamp": "2026-04-02T17:00:00.000000Z"}, {"uuid": "970944cc-d6b0-47e0-a5cc-b62426a966aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49960", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16652", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-49960\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix timer use-after-free on failed mount\n\nSyzbot has found an ODEBUG bug in ext4_fill_super\n\nThe del_timer_sync function cancels the s_err_report timer,\nwhich reminds about filesystem errors daily. We should\nguarantee the timer is no longer active before kfree(sbi).\n\nWhen filesystem mounting fails, the flow goes to failed_mount3,\nwhere an error occurs when ext4_stop_mmpd is called, causing\na read I/O failure. This triggers the ext4_handle_error function\nthat ultimately re-arms the timer,\nleaving the s_err_report timer active before kfree(sbi) is called.\n\nFix the issue by canceling the s_err_report timer after calling ext4_stop_mmpd.\n\ud83d\udccf Published: 2024-10-21T18:02:13.119Z\n\ud83d\udccf Modified: 2025-05-16T07:25:03.573Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/7aac0c17a8cdf4a3236991c1e60435c6a984076c\n2. https://git.kernel.org/stable/c/22e9b83f0f33bc5a7a3181769d1dccbf021f5b04\n3. https://git.kernel.org/stable/c/cf3196e5e2f36cd80dab91ffae402e13935724bc\n4. https://git.kernel.org/stable/c/9203817ba46ebba7c865c8de2aba399537b6e891\n5. https://git.kernel.org/stable/c/fa78fb51d396f4f2f80f8e96a3b1516f394258be\n6. https://git.kernel.org/stable/c/b85569585d0154d4db1e4f9e3e6a4731d407feb0\n7. https://git.kernel.org/stable/c/0ce160c5bdb67081a62293028dc85758a8efb22a", "creation_timestamp": "2025-05-16T07:34:06.000000Z"}, {"uuid": "def8b82b-1f91-4af7-9bb4-9169747623e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49962", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16651", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-49962\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nACPICA: check null return of ACPI_ALLOCATE_ZEROED() in acpi_db_convert_to_package()\n\nACPICA commit 4d4547cf13cca820ff7e0f859ba83e1a610b9fd0\n\nACPI_ALLOCATE_ZEROED() may fail, elements might be NULL and will cause\nNULL pointer dereference later.\n\n[ rjw: Subject and changelog edits ]\n\ud83d\udccf Published: 2024-10-21T18:02:14.418Z\n\ud83d\udccf Modified: 2025-05-16T07:25:04.727Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/4669da66ebc5b09881487f30669b0fcdb462188e\n2. https://git.kernel.org/stable/c/402b4c6b7500c7cca6972d2456a4a422801035b5\n3. https://git.kernel.org/stable/c/cbb67e245dacd02b5e1d82733892647df1523982\n4. https://git.kernel.org/stable/c/1c9b8775062f8d854a80caf186af57fc617d454c\n5. https://git.kernel.org/stable/c/f282db38953ad71dd4f3f8877a4e1d37e580e30a\n6. https://git.kernel.org/stable/c/4588ea78d3904bebb613b0bb025669e75800f546\n7. https://git.kernel.org/stable/c/a907c113a8b66972f15f084d7dff960207b1f71d\n8. https://git.kernel.org/stable/c/ae5d4c7e76ba393d20366dfea1f39f24560ffb1d\n9. https://git.kernel.org/stable/c/a5242874488eba2b9062985bf13743c029821330", "creation_timestamp": "2025-05-16T07:34:05.000000Z"}]}