{"vulnerability": "cve-2024-2728", "sightings": [{"uuid": "a71bdabe-8dd2-45e7-b8b0-dc86a2e237e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27288", "type": "seen", "source": "Telegram/LFLPvuZzRQRoOn1F_UxiZYwTQ6YBbfUdInggOWtZp80oYioq", "content": "", "creation_timestamp": "2025-02-14T10:03:10.000000Z"}, {"uuid": "f69ff11e-3678-4c1c-b851-04f799cf2f24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27280", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14628", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-27280\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A buffer-overread issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and ungetc methods on a StringIO can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value. 3.0.3 is the main fixed version; however, for Ruby 3.0 users, a fixed version is stringio 3.0.1.1, and for Ruby 3.1 users, a fixed version is stringio 3.0.1.2.\n\ud83d\udccf Published: 2024-05-08T20:51:20.388Z\n\ud83d\udccf Modified: 2025-05-02T23:02:57.276Z\n\ud83d\udd17 References:\n1. https://hackerone.com/reports/1399856\n2. https://www.ruby-lang.org/en/news/2024/03/21/buffer-overread-cve-2024-27280/", "creation_timestamp": "2025-05-02T23:17:22.000000Z"}, {"uuid": "1e5e7456-0a32-45d1-b364-9b3b9e5776b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27281", "type": "seen", "source": "https://t.me/ctinow/213444", "content": "https://ift.tt/csde61J\nInternet Bug Bounty: CVE-2024-27281: RCE vulnerability with .rdoc_options in RDoc", "creation_timestamp": "2024-03-30T01:51:12.000000Z"}, {"uuid": "2d39eb6a-84b5-4cc6-ad9e-d0dc68018361", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27287", "type": "seen", "source": "https://t.me/ctinow/201758", "content": "https://ift.tt/ZGq47Lt\nCVE-2024-27287", "creation_timestamp": "2024-03-06T20:26:47.000000Z"}, {"uuid": "8fff9117-77e9-4c6e-9967-e8b18df10dd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27285", "type": "seen", "source": "https://t.me/ctinow/195884", "content": "https://ift.tt/hg0OJAo\nCVE-2024-27285", "creation_timestamp": "2024-02-28T21:27:02.000000Z"}, {"uuid": "dfc2e9cb-d04f-4935-a29a-99a3faf087a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27283", "type": "seen", "source": "https://t.me/ctinow/190451", "content": "https://ift.tt/oNq43jn\nCVE-2024-27283", "creation_timestamp": "2024-02-22T06:26:49.000000Z"}, {"uuid": "94735b9b-694f-4977-9c61-0d2cdd5b3d08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27283", "type": "seen", "source": "https://t.me/ctinow/190461", "content": "https://ift.tt/oNq43jn\nCVE-2024-27283", "creation_timestamp": "2024-02-22T06:27:05.000000Z"}, {"uuid": "9898aedf-b9dd-4651-ac82-9e341926a10d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27289", "type": "seen", "source": "https://t.me/ctinow/202686", "content": "https://ift.tt/Yvf3z05\nCVE-2024-27289", "creation_timestamp": "2024-03-07T19:17:07.000000Z"}, {"uuid": "d24ea0c9-46e8-4d7e-bdb8-f83ae5823145", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27280", "type": "seen", "source": "https://gist.github.com/Darkcrai86/eab514179e35f9b7c85e65f86f245ffe", "content": "", "creation_timestamp": "2025-09-04T07:09:54.000000Z"}, {"uuid": "e82e9052-3e9e-43d5-a363-2567d4304eca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27280", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3lxypufufp42a", "content": "", "creation_timestamp": "2025-09-04T08:24:56.187880Z"}, {"uuid": "c7662516-ca68-4fd4-9757-0513ce9e48ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27280", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3lxypug2e6n2m", "content": "", "creation_timestamp": "2025-09-04T08:24:56.711931Z"}, {"uuid": "aa0ad5b2-2a24-41cc-8b74-b99b9bcded6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27282", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7631", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aThis project is intended to serve as a proof of concept to demonstrate exploiting the vulnerability in the PDF.js (pdfjs-dist) library reported in CVE-2024-4367\nURL\uff1ahttps://github.com/Abo5/CVE-2024-27282\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-12T23:57:02.000000Z"}, {"uuid": "eec46ff8-6175-4246-98ad-011bfaa5ea85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27285", "type": "seen", "source": "Telegram/vIV9PPO6Am2zmE2Ef3XN_srB_1fvDP2jMdpYYvAxR-tC_qVm", "content": "", "creation_timestamp": "2025-02-14T21:08:30.000000Z"}, {"uuid": "3c45552e-1500-4993-b7a3-d8c6b2ceeecc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27289", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18197", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-27289\n\ud83d\udd25 CVSS Score: 8.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: pgx is a PostgreSQL driver and toolkit for Go. Prior to version 4.18.2, SQL injection can occur when all of the following conditions are met: the non-default simple protocol is used; a placeholder for a numeric value must be immediately preceded by a minus; there must be a second placeholder for a string value after the first placeholder; both must be on the same line; and both parameter values must be user-controlled. The problem is resolved in v4.18.2. As a workaround, do not use the simple protocol or do not place a minus directly before a placeholder.\n\n\ud83d\udccf Published: 2024-03-06T18:28:12.291Z\n\ud83d\udccf Modified: 2025-06-12T15:45:56.361Z\n\ud83d\udd17 References:\n1. https://github.com/jackc/pgx/security/advisories/GHSA-m7wr-2xf7-cm9p\n2. https://github.com/jackc/pgx/commit/f94eb0e2f96782042c96801b5ac448f44f0a81df", "creation_timestamp": "2025-06-12T16:34:39.000000Z"}, {"uuid": "085c7273-a083-4163-acd1-1728b4575d3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27287", "type": "seen", "source": "https://t.me/arpsyndicate/4624", "content": "#ExploitObserverAlert\n\nCVE-2024-29019\n\nDESCRIPTION: Exploit Observer has 4 entries in 2 file formats related to CVE-2024-29019. ESPHome is a system to control microcontrollers remotely through Home Automation systems. API endpoints in dashboard component of ESPHome version 2023.12.9 (command line installation) are vulnerable to Cross-Site Request Forgery (CSRF) allowing remote attackers to carry out attacks against a logged user of the dashboard to perform operations on configuration files (create, edit, delete). It is possible for a malicious actor to create a specifically crafted web page that triggers a cross site request against ESPHome, this allows bypassing the authentication for API calls on the platform. This vulnerability allows bypassing authentication on API calls accessing configuration file operations on the behalf of a logged user. In order to trigger the vulnerability, the victim must visit a weaponized page. In addition to this, it is possible to chain this vulnerability with GHSA-9p43-hj5j-96h5/ CVE-2024-27287 to obtain a complete takeover of the user account. Version 2024.3.0 contains a patch for this issue.\n\nFIRST-EPSS: 0.000430000\nARPS-EXPLOITABILITY: 0.6145687", "creation_timestamp": "2024-04-13T01:34:54.000000Z"}, {"uuid": "048bdb92-f521-40f9-96e7-b3671774311c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27280", "type": "seen", "source": "https://t.me/breachdetector/498859", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"CVE-2024-27280: Buffer Overread Vulnerability in StringIO ~ Ruby\", \n  \"author\": \" (Bunjo)\",\n  \"Detection Date\": \"17 Apr 2024\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2024-04-17T23:34:58.000000Z"}, {"uuid": "0ebf66bf-6561-4562-aaa4-4244b5d94f9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27289", "type": "seen", "source": "https://t.me/ctinow/201760", "content": "https://ift.tt/rVREAxK\nCVE-2024-27289", "creation_timestamp": "2024-03-06T20:26:49.000000Z"}, {"uuid": "6600d9bf-0aeb-4d65-b2e8-7587dc7fd20e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27288", "type": "seen", "source": "https://t.me/ctinow/201759", "content": "https://ift.tt/u2AJQpx\nCVE-2024-27288", "creation_timestamp": "2024-03-06T20:26:48.000000Z"}, {"uuid": "ceb5e076-cbce-4003-a3cc-8b1b904a90e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27289", "type": "seen", "source": "https://t.me/ctinow/201781", "content": "https://ift.tt/rVREAxK\nCVE-2024-27289", "creation_timestamp": "2024-03-06T20:36:19.000000Z"}, {"uuid": "dc7d1d96-3b0d-4507-9ecc-6b269ac78377", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27288", "type": "seen", "source": "https://t.me/ctinow/201780", "content": "https://ift.tt/u2AJQpx\nCVE-2024-27288", "creation_timestamp": "2024-03-06T20:36:18.000000Z"}, {"uuid": "8d3ddfe5-ec50-4038-8eee-a984cb948f20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27287", "type": "seen", "source": "https://t.me/ctinow/201779", "content": "https://ift.tt/ZGq47Lt\nCVE-2024-27287", "creation_timestamp": "2024-03-06T20:36:17.000000Z"}]}