{"vulnerability": "CVE-2024-5591", "sightings": [{"uuid": "81f9ec77-6989-4f6e-b9c0-feebde4b087d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55912", "type": "seen", "source": "https://t.me/cvedetector/24304", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-55912 - IBM Concert Software Cryptographic Weakness\", \n  \"Content\": \"CVE ID : CVE-2024-55912 \nPublished : May 2, 2025, 1:15 a.m. | 1\u00a0hour, 33\u00a0minutes ago \nDescription : IBM Concert Software 1.0.0 through 1.0.5 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. \nSeverity: 5.9 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-02T05:04:05.000000Z"}, {"uuid": "c94f7321-56fa-43af-8fb8-fe63b540b38e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55913", "type": "seen", "source": "https://t.me/cvedetector/24305", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-55913 - IBM Concert Software Directory Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-55913 \nPublished : May 2, 2025, 1:15 a.m. | 1\u00a0hour, 33\u00a0minutes ago \nDescription : IBM Concert Software 1.0.0 through 1.0.5 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing \"dot dot\" sequences (/../) to view arbitrary files on the system. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-02T05:04:06.000000Z"}, {"uuid": "52f1090c-3ff0-4b00-96ee-4da41da0a6c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55917", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-004/", "content": "", "creation_timestamp": "2025-01-08T05:00:00.000000Z"}, {"uuid": "8a8a0bc0-b05e-46aa-aee2-3308d4b3e521", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5591", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113764946126676292", "content": "", "creation_timestamp": "2025-01-03T14:41:56.245531Z"}, {"uuid": "e49e6f14-9648-4bda-8c6f-1f509a66359f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5591", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3letv22wbam22", "content": "", "creation_timestamp": "2025-01-03T15:15:36.478044Z"}, {"uuid": "08acb099-883a-4f6c-afd8-a196fde1b35b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5591", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3letx3qbsmj2g", "content": "", "creation_timestamp": "2025-01-03T15:52:53.502590Z"}, {"uuid": "3f854b0a-084d-48c8-baff-ef191b5baf79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55910", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lo5q5b4t2y2o", "content": "", "creation_timestamp": "2025-05-02T02:01:17.972403Z"}, {"uuid": "dc363788-7512-4e91-ae14-a6f7ce68c5a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55912", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lo5q5bhkgj2h", "content": "", "creation_timestamp": "2025-05-02T02:01:20.002613Z"}, {"uuid": "eeeecbd9-b50a-488c-b2d3-442f1e686587", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55913", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lo5q5bl6hk24", "content": "", "creation_timestamp": "2025-05-02T02:01:20.646735Z"}, {"uuid": "b1aa2c50-13b8-41fa-9308-7e531a72a9cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55912", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14479", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-55912\n\ud83d\udd25 CVSS Score: 5.9 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: IBM Concert Software 1.0.0 through 1.0.5 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.\n\ud83d\udccf Published: 2025-05-02T00:36:49.658Z\n\ud83d\udccf Modified: 2025-05-02T12:23:53.452Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/7232169", "creation_timestamp": "2025-05-02T13:15:51.000000Z"}, {"uuid": "09878fd9-1246-4612-a1c3-786c92ba764b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5591", "type": "seen", "source": "https://t.me/cvedetector/14221", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-5591 - IBM Jazz Foundation Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-5591 \nPublished : Jan. 3, 2025, 3:15 p.m. | 36\u00a0minutes ago \nDescription : IBM Jazz Foundation 7.0.2, 7.0.3, and 7.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-03T17:01:19.000000Z"}, {"uuid": "c1d3eda0-f220-4a88-b827-47f036d985e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55918", "type": "seen", "source": "https://t.me/cvedetector/12838", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-55918 - Apache Graphics ColorNames Perl CSS Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-55918 \nPublished : Dec. 13, 2024, 7:15 a.m. | 39\u00a0minutes ago \nDescription : An issue was discovered in the Graphics::ColorNames package before 3.2.0 for Perl. There is an ambiguity between modules and filenames that can lead to HTML injection by an attacker who can create a file in the current working directory. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-13T09:04:47.000000Z"}, {"uuid": "ea713ab4-667f-40f8-8ecd-55863ff9c404", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55910", "type": "seen", "source": "https://t.me/cvedetector/24309", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-55910 - IBM Concert Software SSRF Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-55910 \nPublished : May 2, 2025, 1:15 a.m. | 1\u00a0hour, 33\u00a0minutes ago \nDescription : IBM Concert Software 1.0.0 through 1.0.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-02T05:04:12.000000Z"}, {"uuid": "4e154fcd-073e-4c56-b248-d96aed340385", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55917", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/113748484629722836", "content": "", "creation_timestamp": "2024-12-31T16:55:33.544229Z"}, {"uuid": "dcf12ed0-c0b6-4512-a637-0cc86e883aab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55917", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lemkdsexas2l", "content": "", "creation_timestamp": "2024-12-31T17:15:34.345815Z"}, {"uuid": "9e09e957-ba5d-4fd4-ba78-4c32abc971e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55916", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfhs5tyorp2a", "content": "", "creation_timestamp": "2025-01-11T13:17:15.191823Z"}, {"uuid": "3167a171-73df-41fb-a0bb-753587eb22e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55910", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/114439343528897250", "content": "", "creation_timestamp": "2025-05-02T17:10:03.742611Z"}, {"uuid": "bf8a6786-6673-46ca-bbc6-4469e71da24e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55910", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14483", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-55910\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\ud83d\udd39 Description: IBM Concert Software 1.0.0 through 1.0.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.\n\ud83d\udccf Published: 2025-05-02T00:39:09.289Z\n\ud83d\udccf Modified: 2025-05-02T12:19:21.744Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/7232169", "creation_timestamp": "2025-05-02T13:15:58.000000Z"}, {"uuid": "4775d283-0de1-4d40-a58a-508ddccc2280", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55913", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14481", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-55913\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: IBM Concert Software 1.0.0 through 1.0.5 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing \"dot dot\" sequences (/../) to view arbitrary files on the system.\n\ud83d\udccf Published: 2025-05-02T00:38:03.219Z\n\ud83d\udccf Modified: 2025-05-02T12:22:43.017Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/7232169", "creation_timestamp": "2025-05-02T13:15:53.000000Z"}, {"uuid": "65497d63-04c3-4c18-b287-b89e2275f432", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55916", "type": "published-proof-of-concept", "source": "https://t.me/cvedetector/15069", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-55916 - Hyper-V Drivers: Buffer Not Initialized Yet NULL Pointer Dereference Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-55916 \nPublished : Jan. 11, 2025, 1:15 p.m. | 35\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nDrivers: hv: util: Avoid accessing a ringbuffer not initialized yet  \n  \nIf the KVP (or VSS) daemon starts before the VMBus channel's ringbuffer is  \nfully initialized, we can hit the panic below:  \n  \nhv_utils: Registering HyperV Utility Driver  \nhv_vmbus: registering driver hv_utils  \n...  \nBUG: kernel NULL pointer dereference, address: 0000000000000000  \nCPU: 44 UID: 0 PID: 2552 Comm: hv_kvp_daemon Tainted: G E 6.11.0-rc3+ #1  \nRIP: 0010:hv_pkt_iter_first+0x12/0xd0  \nCall Trace:  \n...  \n vmbus_recvpacket  \n hv_kvp_onchannelcallback  \n vmbus_on_event  \n tasklet_action_common  \n tasklet_action  \n handle_softirqs  \n irq_exit_rcu  \n sysvec_hyperv_stimer0  \n   \n   \n asm_sysvec_hyperv_stimer0  \n...  \n kvp_register_done  \n hvt_op_read  \n vfs_read  \n ksys_read  \n __x64_sys_read  \n  \nThis can happen because the KVP/VSS channel callback can be invoked  \neven before the channel is fully opened:  \n1) as soon as hv_kvp_init() -> hvutil_transport_init() creates  \n/dev/vmbus/hv_kvp, the kvp daemon can open the device file immediately and  \nregister itself to the driver by writing a message KVP_OP_REGISTER1 to the  \nfile (which is handled by kvp_on_msg() ->kvp_handle_handshake()) and  \nreading the file for the driver's response, which is handled by  \nhvt_op_read(), which calls hvt->on_read(), i.e. kvp_register_done().  \n  \n2) the problem with kvp_register_done() is that it can cause the  \nchannel callback to be called even before the channel is fully opened,  \nand when the channel callback is starting to run, util_probe()->  \nvmbus_open() may have not initialized the ringbuffer yet, so the  \ncallback can hit the panic of NULL pointer dereference.  \n  \nTo reproduce the panic consistently, we can add a \"ssleep(10)\" for KVP in  \n__vmbus_open(), just before the first hv_ringbuffer_init(), and then we  \nunload and reload the driver hv_utils, and run the daemon manually within  \nthe 10 seconds.  \n  \nFix the panic by reordering the steps in util_probe() so the char dev  \nentry used by the KVP or VSS daemon is not created until after  \nvmbus_open() has completed. This reordering prevents the race condition  \nfrom happening. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-11T14:55:23.000000Z"}, {"uuid": "bc64efed-8068-4973-8790-c6c5c694e69a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55917", "type": "seen", "source": "https://t.me/cvedetector/14050", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-55917 - Trend Micro Apex One Elevation of Privilege Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-55917 \nPublished : Dec. 31, 2024, 5:15 p.m. | 25\u00a0minutes ago \nDescription : An origin validation error vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations.  \n  \nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-31T18:44:00.000000Z"}]}