{"vulnerability": "cve-2024-4505", "sightings": [{"uuid": "873f8802-6376-4839-a286-da54b5b4f6a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45054", "type": "seen", "source": "https://t.me/cvedetector/4350", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45054 - Hwameistor Cluster Ethnic Role Escalation\", \n  \"Content\": \"CVE ID : CVE-2024-45054 \nPublished : Aug. 28, 2024, 8:15 p.m. | 22\u00a0minutes ago \nDescription : Hwameistor is an HA local storage system for cloud-native stateful workloads. This ClusterRole has * verbs of * resources. If a malicious user can access the worker node which has hwameistor's deployment, he/she can abuse these excessive permissions to do whatever he/she likes to the whole cluster, resulting in a cluster-level privilege escalation. This issue has been patched in version 0.14.6. All users are advised to upgrade. Users unable to upgrade should update and limit the ClusterRole using security-role. \nSeverity: 2.8 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-28T22:39:23.000000Z"}, {"uuid": "bf6cc2c8-b160-484b-9d54-9ac8d6c389b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45059", "type": "seen", "source": "https://t.me/cvedetector/4358", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45059 - i-Educar SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-45059 \nPublished : Aug. 28, 2024, 9:15 p.m. | 42\u00a0minutes ago \nDescription : i-Educar is free, completely online school management software that allows school secretaries, teachers, coordinators and area managers. In affected versions Creating a SQL query from a concatenation of a user-controlled GET parameter allows an attacker to manipulate the query. Successful exploitation of this flaw allows an attacker to have complete and unrestricted access to the database, with a web user with minimal permissions. This may involve obtaining user information, such as emails, password hashes, etc. This issue has not yet been patched. Users are advised to contact the developer and to coordinate an update schedule. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-29T00:19:46.000000Z"}, {"uuid": "0c25cf14-ec01-436b-9253-a226d0fdcf45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45057", "type": "seen", "source": "https://t.me/cvedetector/4357", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45057 - i-Educar XSS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45057 \nPublished : Aug. 28, 2024, 9:15 p.m. | 42\u00a0minutes ago \nDescription : i-Educar is free, completely online school management software that allows school secretaries, teachers, coordinators and area managers. The lack of sanitization of user-controlled parameters for generating HTML field values \u200b\u200bdynamically leads to XSS (Cross-Site Scripting) attacks. The dynamic generation of HTML fields in the ieducar/intranet/include/clsCampos.inc.php file does not perform the correct validation or sanitization, reflecting the user-controlled values \u200b\u200bto be shown in the page's HTML. This allows an attacker to inject a specific XSS payload into a parameter. Successful exploitation of this flaw allows an attacker to trick the victim into clicking a vulnerable URL, enabling JavaScript scripts to be executed in the browser. Due to the configuration of session cookies, with the HttpOnly and SameSite=Lax flags being defined, there is little an attacker can do to steal the session or force the victim to perform actions within the application. This issue hast been patched but a new release has not yet been made. Users are advised to contact the developer and to coordinate an update schedule. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-29T00:19:45.000000Z"}, {"uuid": "83f9f99a-b998-410a-9c93-75e9d014d6be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45058", "type": "seen", "source": "https://t.me/cvedetector/4356", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45058 - i-Educar Unvalidated User Permissions Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45058 \nPublished : Aug. 28, 2024, 9:15 p.m. | 42\u00a0minutes ago \nDescription : i-Educar is free, completely online school management software that allows school secretaries, teachers, coordinators and area managers. An attacker with only minimal viewing privileges in the settings section is able to change their user type to Administrator (or another type with super-permissions). Any user is capable of becoming an administrator, which can lead to account theft, changing administrative tasks, etc. The failure occurs in the file located in ieducar/intranet/educar_usuario_cad.php on line 446 , which does not perform checks on the user's current permission level to make changes.  This issue has not yet been patched. Users are advised to contact the developer and to coordinate an update schedule. \nSeverity: 8.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-29T00:19:44.000000Z"}, {"uuid": "06e04f75-a332-4b63-b423-400a0d7fc830", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45052", "type": "seen", "source": "https://t.me/cvedetector/4809", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45052 - Fides Timing-Based Username Enumeration Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45052 \nPublished : Sept. 4, 2024, 4:15 p.m. | 44\u00a0minutes ago \nDescription : Fides is an open-source privacy engineering platform. Prior to version 2.44.0, a timing-based username enumeration vulnerability exists in Fides Webserver authentication. This vulnerability allows an unauthenticated attacker to determine the existence of valid usernames by analyzing the time it takes for the server to respond to login requests. The discrepancy in response times between valid and invalid usernames can be leveraged to enumerate users on the system. This vulnerability enables a timing-based username enumeration attack. An attacker can systematically guess and verify which usernames are valid by measuring the server's response time to authentication requests. This information can be used to conduct further attacks on authentication such as password brute-forcing and credential stuffing. The vulnerability has been patched in Fides version `2.44.0`. Users are advised to upgrade to this version or later to secure their systems against this threat. There are no workarounds. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-04T19:25:27.000000Z"}, {"uuid": "3eaf09c2-9a91-47e5-816c-9d6df65f2cff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45053", "type": "seen", "source": "https://t.me/cvedetector/4813", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45053 - Fides Jinja2 Server-Side Template Injection Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45053 \nPublished : Sept. 4, 2024, 4:15 p.m. | 44\u00a0minutes ago \nDescription : Fides is an open-source privacy engineering platform. Starting in version 2.19.0 and prior to version 2.44.0, the Email Templating feature uses Jinja2 without proper input sanitization or rendering environment restrictions, allowing for Server-Side Template Injection that grants Remote Code Execution to privileged users. A privileged user refers to an Admin UI user with the default `Owner` or `Contributor` role, who can escalate their access and execute code on the underlying Fides Webserver container where the Jinja template rendering function is executed. The vulnerability has been patched in Fides version `2.44.0`. Users are advised to upgrade to this version or later to secure their systems against this threat. There are no workarounds. \nSeverity: 9.1 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-04T19:25:33.000000Z"}, {"uuid": "0468255b-4a1a-4012-b575-a9bd22f25074", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45050", "type": "seen", "source": "https://t.me/cvedetector/4811", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45050 - \"Ringer Server Unauthenticated Conversation Access\"\", \n  \"Content\": \"CVE ID : CVE-2024-45050 \nPublished : Sept. 4, 2024, 4:15 p.m. | 44\u00a0minutes ago \nDescription : Ringer server is the server code for the Ringer messaging app. Prior to version 1.3.1, there is an issue with the messages loading route where Ringer Server does not check to ensure that the user loading the conversation is actually a member of that conversation. This allows any user with a Lif Account to load any conversation between two users without permission. This issue had been patched in version 1.3.1. There is no action required for users. Lif Platforms will update their servers with the patch. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-04T19:25:31.000000Z"}, {"uuid": "2fe5faa9-a871-4d38-bb76-d58a81bbd0bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45058", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8418", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPoC for CVE-2024-45058 Broken Access Control, allowing any user with view permission in the user configuration section to become an administrator. \nURL\uff1ahttps://github.com/0xbhsu/CVE-2024-45058\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-08-30T18:47:28.000000Z"}, {"uuid": "14634ed3-e1b8-46e7-bb2f-8a85b86cd208", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45051", "type": "seen", "source": "https://t.me/cvedetector/7285", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45051 - Discourse Email Domain Spoofing Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45051 \nPublished : Oct. 7, 2024, 9:15 p.m. | 36\u00a0minutes ago \nDescription : Discourse is an open source platform for community discussion. A maliciously crafted email address could allow an attacker to bypass domain-based restrictions and gain access to private sites, categories and/or groups. This issue has been patched in the latest stable, beta and tests-passed version of Discourse. All users area are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 8.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-08T00:19:50.000000Z"}, {"uuid": "c3e0dbfc-8420-4891-b752-92e405823566", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45056", "type": "seen", "source": "https://t.me/cvedetector/4429", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45056 - ZKsync Solidity Compiler (xor) Overflow\", \n  \"Content\": \"CVE ID : CVE-2024-45056 \nPublished : Aug. 29, 2024, 5:15 p.m. | 44\u00a0minutes ago \nDescription : zksolc is a Solidity compiler for ZKsync. All LLVM versions since 2015 fold `(xor (shl 1, x), -1)` to `(rotl ~1, x)` if run with optimizations enabled. Here `~1` is generated as an unsigned 64 bits number (`2^64-1`). This number is zero-extended to 256 bits on EraVM target while it should have been sign-extended. Thus instead of producing `roti 2^256 - 1, x` the compiler produces `rotl 2^64 - 1, x`. Analysis has shown that no contracts were affected by the date of publishing this advisory. This issue has been addressed in version 1.5.3. Users are advised to upgrade and redeploy all contracts. There are no known workarounds for this vulnerability. \nSeverity: 5.9 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-29T20:24:24.000000Z"}]}