{"vulnerability": "cve-2024-3553", "sightings": [{"uuid": "f7a0a153-0250-4bc4-a956-410ea0c6a6f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-35532", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf6hot2bwk25", "content": "", "creation_timestamp": "2025-01-07T20:15:55.778573Z"}, {"uuid": "1feab1a9-e2e7-42c1-bc49-09c476d37bd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-35532", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lf6jr24lsq2k", "content": "", "creation_timestamp": "2025-01-07T20:53:00.643293Z"}, {"uuid": "eaf17ead-7534-4ba4-92e4-19789cf63c4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-3553", "type": "published-proof-of-concept", "source": "Telegram/qhPRrHWn8CTwbXoQMLYYNZP_eAjB5dIioFkbQ0tlG1td8WQ", "content": "", "creation_timestamp": "2025-12-26T21:00:04.000000Z"}, {"uuid": "bc12d068-2cf6-4e06-935b-2f1522174d4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-35532", "type": "seen", "source": "https://t.me/cvedetector/14604", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-35532 - Intersec Geosafe-ea XML External Entity (XXE) Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-35532 \nPublished : Jan. 7, 2025, 8:15 p.m. | 42\u00a0minutes ago \nDescription : An XML External Entity (XXE) injection vulnerability in Intersec Geosafe-ea 2022.12, 2022.13, and 2022.14 allows attackers to perform arbitrary file reading under the privileges of the running process, make SSRF requests, or cause a Denial of Service (DoS) via unspecified vectors. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-07T22:15:02.000000Z"}, {"uuid": "48f395a4-81fd-4413-966a-423031f226ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-35539", "type": "seen", "source": "https://t.me/cvedetector/3567", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-35539 - Typecho Commenting Function Race Condition Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-35539 \nPublished : Aug. 19, 2024, 9:15 p.m. | 15\u00a0minutes ago \nDescription : Typecho v1.3.0 was discovered to contain a race condition vulnerability in the post commenting function. This vulnerability allows attackers to post several comments before the spam protection checks if the comments are posted too frequently. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-19T23:33:45.000000Z"}, {"uuid": "346f019b-6018-4f05-88dd-653275e0c2e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-35538", "type": "seen", "source": "https://t.me/cvedetector/3566", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-35538 - Typecho Client IP Spoofing Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-35538 \nPublished : Aug. 19, 2024, 9:15 p.m. | 15\u00a0minutes ago \nDescription : Typecho v1.3.0 was discovered to contain a Client IP Spoofing vulnerability, which allows attackers to falsify their IP addresses by specifying an arbitrary IP as value of X-Forwarded-For or Client-Ip headers while performing HTTP requests. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-19T23:33:43.000000Z"}, {"uuid": "7cb09e71-3899-4e2e-ad46-42eb0b339034", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-35532", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113793519852928809", "content": "", "creation_timestamp": "2025-01-08T15:48:36.853303Z"}, {"uuid": "ad634264-98aa-473a-8494-f7423e093225", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-35532", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113788814842504305", "content": "", "creation_timestamp": "2025-01-07T19:52:03.840815Z"}, {"uuid": "07a1f535-9c99-4d56-8a56-fce958439614", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-35539", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lmkw4bpc4f2a", "content": "", "creation_timestamp": "2025-04-11T21:02:20.420120Z"}, {"uuid": "4b6407f1-5c53-4210-9251-b9e67af04661", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-35532", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/558", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-35532\n\ud83d\udd39 Description: An XML External Entity (XXE) injection vulnerability in Intersec Geosafe-ea 2022.12, 2022.13, and 2022.14 allows attackers to perform arbitrary file reading under the privileges of the running process, make SSRF requests, or cause a Denial of Service (DoS) via unspecified vectors.\n\ud83d\udccf Published: 2025-01-07T00:00:00\n\ud83d\udccf Modified: 2025-01-07T19:45:17.255061\n\ud83d\udd17 References:\n1. https://github.com/post-cyberlabs/CVE-Advisory/blob/main/CVE-2024-35532.pdf\n2. https://intersec.com/public-safety", "creation_timestamp": "2025-01-07T20:39:46.000000Z"}, {"uuid": "500dae64-3209-4a19-8b0a-7905754e7512", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-35539", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8295", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aExploits for Typecho CVE-2024-35538, CVE-2024-35539 and CVE-2024-35540\nURL\uff1ahttps://github.com/cyberaz0r/Typecho-Multiple-Vulnerabilities\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-09-10T04:24:15.000000Z"}, {"uuid": "00bbd773-8e13-422b-9cc3-a762e1892a0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-35538", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8295", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aExploits for Typecho CVE-2024-35538, CVE-2024-35539 and CVE-2024-35540\nURL\uff1ahttps://github.com/cyberaz0r/Typecho-Multiple-Vulnerabilities\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-09-10T04:24:15.000000Z"}]}