{"vulnerability": "cve-2024-4781", "sightings": [{"uuid": "e63683db-c69e-4221-8ee9-1f1fe49c486d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47810", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113674653378844954", "content": "", "creation_timestamp": "2024-12-18T15:59:18.192703Z"}, {"uuid": "c7a345c5-5120-4ebb-8c39-2fe6354bc1d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47814", "type": "seen", "source": "https://gist.github.com/jamincollins/eeeaa5b5a021f181d02cd557edf76515", "content": "", "creation_timestamp": "2025-07-09T21:28:20.000000Z"}, {"uuid": "cbb7af7f-de36-436a-83ba-70d478bf6029", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47819", "type": "seen", "source": "https://t.me/cvedetector/8622", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-47819 - Umbraco Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-47819 \nPublished : Oct. 22, 2024, 4:15 p.m. | 32\u00a0minutes ago \nDescription : Umbraco, a free and open source .NET content management system, has a cross-site scripting vulnerability starting in version 14.0.0 and prior to versions 14.3.1 and 15.0.0. This can be leveraged to gain access to higher-privilege endpoints, e.g. if you get a user with admin privileges to run the code, you can potentially elevate all users and grant them admin privileges or access protected content. Versions 14.3.1 and 15.0.0 contain a patch. As a workaround, ensure that access to the Dictionary section is only granted to trusted users. \nSeverity: 4.2 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-22T18:48:05.000000Z"}, {"uuid": "78787eee-1613-466b-83a9-9352e1e075fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47817", "type": "seen", "source": "https://t.me/cvedetector/7297", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-47817 - Lara-Zeus Artemis XSS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-47817 \nPublished : Oct. 7, 2024, 10:15 p.m. | 40\u00a0minutes ago \nDescription : Lara-zeus Dynamic Dashboard simple way to manage widgets for your website landing page, and filament dashboard and Lara-zeus artemis is a collection of themes for the lara-zeus ecosystem. If values passed to a paragraph widget are not valid and contain a specific set of characters, applications are vulnerable to XSS attack against a user who opens a page on which a paragraph widget is rendered. Users are advised to upgrade to the appropriate fix versions detailed in the advisory metadata. There are no known workarounds for this vulnerability. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-08T01:10:08.000000Z"}, {"uuid": "e0856147-2527-4c0c-a695-81bb11839f7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47814", "type": "seen", "source": "https://t.me/cvedetector/7296", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-47814 - \"Vim Use-After-Free Buffer Crash Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-47814 \nPublished : Oct. 7, 2024, 10:15 p.m. | 40\u00a0minutes ago \nDescription : Vim is an open source, command line text editor. A use-after-free was found in Vim < 9.1.0764. When closing a buffer (visible in a window) a BufWinLeave auto command can cause an use-after-free if this auto command happens to re-open the same buffer in a new split window. Impact is low since the user must have intentionally set up such a strange auto command and run some buffer unload commands. However this may lead to a crash. This issue has been addressed in version 9.1.0764 and all users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 3.9 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-08T01:10:08.000000Z"}, {"uuid": "fbe85b06-d08c-4bb3-b043-100768a54456", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47818", "type": "seen", "source": "https://t.me/cvedetector/7290", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-47818 - Saltcorn Filesystem Deletion Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-47818 \nPublished : Oct. 7, 2024, 10:15 p.m. | 40\u00a0minutes ago \nDescription : Saltcorn is an extensible, open source, no-code database application builder. A logged-in user with any role can delete arbitrary files on the filesystem by calling the `sync/clean_sync_dir` endpoint. The `dir_name` POST parameter is not validated/sanitized and is used to construct the `syncDir` that is deleted by calling `fs.rm`. This issue has been addressed in release version 1.0.0-beta16 and all users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-08T01:10:00.000000Z"}, {"uuid": "7260cb4d-6fec-4150-8193-81d5d9ac11e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47812", "type": "seen", "source": "https://t.me/cvedetector/7526", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-47812 - mediawiki XSSunga Extension\", \n  \"Content\": \"CVE ID : CVE-2024-47812 \nPublished : Oct. 9, 2024, 7:15 p.m. | 35\u00a0minutes ago \nDescription : ImportDump is an extension for mediawiki designed to automate user import requests. Anyone who can edit the interface strings of a wiki (typically administrators and interface admins) can embed XSS payloads in the messages for dates, and thus XSS anyone who views Special:RequestImportQueue. This issue has been patched in commit `d054b95` and all users are advised to apply this commit to their branch. Users unable to upgrade may either Prevent access to Special:RequestImportQueue on all wikis, except for the global wiki; and If an interface administrator (or equivalent) level protection is available (which is not provided by default) on the global wiki, protect the affected messages up to that level. This causes the XSS to be virtually useless as users with those rights can already edit Javascript pages. Or Prevent access to Special:RequestImportQueue altogether. \nSeverity: 6.0 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-09T22:21:06.000000Z"}, {"uuid": "e890858b-c556-4bc5-b645-caf869d911ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47813", "type": "seen", "source": "https://t.me/cvedetector/7517", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-47813 - Wasmtime Concurrent Type Registry Corruption Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-47813 \nPublished : Oct. 9, 2024, 6:15 p.m. | 18\u00a0minutes ago \nDescription : Wasmtime is an open source runtime for WebAssembly. Under certain concurrent event orderings, a `wasmtime::Engine`'s internal type registry was susceptible to double-unregistration bugs due to a race condition, leading to panics and potentially type registry corruption. That registry corruption could, following an additional and particular sequence of concurrent events, lead to violations of WebAssembly's control-flow integrity (CFI) and type safety. Users that do not use `wasmtime::Engine` across multiple threads are not affected. Users that only create new modules across threads over time are additionally not affected. Reproducing this bug requires creating and dropping multiple type instances (such as `wasmtime::FuncType` or `wasmtime::ArrayType`) concurrently on multiple threads, where all types are associated with the same `wasmtime::Engine`. **Wasm guests cannot trigger this bug.** See the \"References\" section below for a list of Wasmtime types-related APIs that are affected. Wasmtime maintains an internal registry of types within a `wasmtime::Engine` and an engine is shareable across threads. Types can be created and referenced through creation of a `wasmtime::Module`, creation of `wasmtime::FuncType`, or a number of other APIs where the host creates a function (see \"References\" below). Each of these cases interacts with an engine to deduplicate type information and manage type indices that are used to implement type checks in WebAssembly's `call_indirect` function, for example. This bug is a race condition in this management where the internal type registry could be corrupted to trigger an assert or contain invalid state. Wasmtime's internal representation of a type has individual types (e.g. one-per-host-function) maintain a registration count of how many time it's been used. Types additionally have state within an engine behind a read-write lock such as lookup/deduplication information. The race here is a time-of-check versus time-of-use (TOCTOU) bug where one thread atomically decrements a type entry's registration count, observes zero registrations, and then acquires a lock in order to unregister that entry. However, between when this first thread observed the zero-registration count and when it acquires that lock, another thread could perform the following sequence of events: re-register another copy of the type, which deduplicates to that same entry, resurrecting it and incrementing its registration count; then drop the type and decrement its registration count; observe that the registration count is now zero; acquire the type registry lock; and finally unregister the type. Now, when the original thread finally acquires the lock and unregisters the entry, it is the second time this entry has been unregistered. This bug was originally introduced in Wasmtime 19's development of the WebAssembly GC proposal. This bug affects users who are not using the GC proposal, however, and affects Wasmtime in its default configuration even when the GC proposal is disabled. Wasmtime users using 19.0.0 and after are all affected by this issue. We have released the following Wasmtime versions, all of which have a fix for this bug: * 21.0.2 * 22.0.1 * 23.0.3 * 24.0.1 * 25.0.2. If your application creates and drops Wasmtime types on multiple threads concurrently, there are no known workarounds. Users are encouraged to upgrade to a patched release. \nSeverity: 2.9 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-09T20:40:38.000000Z"}, {"uuid": "08fc99e0-1bd4-4fb2-b0cb-c3656e365746", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47816", "type": "published-proof-of-concept", "source": "https://t.me/cvedetector/7520", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-47816 - MediaWiki ImportDump Actor ID Spoofing Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-47816 \nPublished : Oct. 9, 2024, 7:15 p.m. | 35\u00a0minutes ago \nDescription : ImportDump is a mediawiki extension designed to automate user import requests. A user's local actor ID is stored in the database to tell who made what requests. Therefore, if a user on another wiki happens to have the same actor ID as someone on the central wiki, the user on the other wiki can act as if they're the original wiki requester. This can be abused to create new comments, edit the request, and view the request if it's marked private. This issue has been addressed in commit `5c91dfc` and all users are advised to update. Users unable to update may disable the special page outside of their global wiki. See `miraheze/mw-config@e566499` for details on that. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-09T22:20:59.000000Z"}, {"uuid": "5bf6f4d7-9e01-4ab1-8ba4-0457ee25dc88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47815", "type": "seen", "source": "https://t.me/cvedetector/7519", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-47815 - MediaWiki IncidentReporting Cross-site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-47815 \nPublished : Oct. 9, 2024, 7:15 p.m. | 35\u00a0minutes ago \nDescription : IncidentReporting is a MediaWiki extension for moving incident reports from wikitext to database tables. There are a variety of Cross-site Scripting issues, though all of them require elevated permissions. Some are available to anyone who has the `editincidents` right, some are available to those who can edit interface messages (typically administrators and interface admins), and one is available to those who can edit LocalSettings.php. These issues have been addressed in commit `43896a4` and all users are advised to upgrade. Users unable to upgrade should prevent access to the Special:IncidentReports page. \nSeverity: 6.0 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-09T22:20:58.000000Z"}, {"uuid": "9ec44023-8a57-4211-a32d-c792b49b47a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47810", "type": "seen", "source": "https://t.me/CyberBulletin/26868", "content": "\u26a1\ufe0fCVE-2024-49576 and CVE-2024-47810: Foxit Addresses Remote Code Execution Flaws.\n\n#CyberBulletin", "creation_timestamp": "2024-12-20T16:20:05.000000Z"}, {"uuid": "7a77da23-4968-4c45-b5dd-414e8a1011e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47810", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3ldq37hqcsv2b", "content": "", "creation_timestamp": "2024-12-20T09:30:08.623259Z"}, {"uuid": "4560af39-a606-4ed1-a8f0-c86984efeef5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47810", "type": "seen", "source": "https://t.me/cvedetector/13207", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-47810 - Foxit Reader Use-After-Free Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-47810 \nPublished : Dec. 18, 2024, 4:15 p.m. | 36\u00a0minutes ago \nDescription : A use-after-free vulnerability exists in the way Foxit Reader 2024.3.0.26795 handles a 3D page object. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-18T17:52:38.000000Z"}, {"uuid": "5bcd887e-c6b2-47bc-83d8-f9f8a1b4f802", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2024-47810", "type": "seen", "source": "https://bsky.app/profile/kyosuke-tanaka.bsky.social/post/3ldpon4kwqk24", "content": "", "creation_timestamp": "2024-12-20T05:45:07.671517Z"}, {"uuid": "685df6f1-5b31-4e1e-8030-ee202ce5fd91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47810", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3ldpw7sx65222", "content": "", "creation_timestamp": "2024-12-20T08:00:56.726534Z"}, {"uuid": "9caefaa1-749c-4769-bb0d-cfc1fac88fbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47810", "type": "seen", "source": "https://t.me/CyberBulletin/1792", "content": "\u26a1\ufe0fCVE-2024-49576 and CVE-2024-47810: Foxit Addresses Remote Code Execution Flaws.\n\n#CyberBulletin", "creation_timestamp": "2024-12-20T16:20:05.000000Z"}, {"uuid": "1429ae95-961b-4213-8a56-e185c9059aab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-4781", "type": "seen", "source": "https://t.me/cvedetector/3343", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-4781 - Lenovo Printers Denial-of-Service (DoS)\", \n  \"Content\": \"CVE ID : CVE-2024-4781 \nPublished : Aug. 16, 2024, 3:15 p.m. | 34\u00a0minutes ago \nDescription : A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to crash printer communications until the system is rebooted. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-16T17:54:04.000000Z"}]}