{"vulnerability": "cve-2024-5631", "sightings": [{"uuid": "426c045f-022a-4539-b8f4-67c529b5b269", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56310", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8056", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-56310\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: REDCap through 14.9.6 has a security flaw in the Project Dashboards name, exposing users to a Cross-Site Request Forgery (CSRF) attack. An attacker can exploit this by luring users into clicking on a Project Dashboards name that contains the malicious payload, which triggers a logout request and terminates their session. This vulnerability stems from the absence of CSRF protections on the logout functionality, allowing malicious actions to be executed without user consent.\n\ud83d\udccf Published: 2024-12-22T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-19T13:51:20.367Z\n\ud83d\udd17 References:\n1. https://www.evms.edu/research/resources_services/redcap/redcap_change_log/\n2. https://github.com/ping-oui-no/Vulnerability-Research-CVESS/tree/main/RedCap", "creation_timestamp": "2025-03-19T14:16:51.000000Z"}, {"uuid": "01f8379b-58e6-4dc1-a560-501de10bac04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56316", "type": "seen", "source": "https://t.me/cvedetector/16553", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56316 - AXESS ACS TR069 Permanent Denial of Service Remote Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-56316 \nPublished : Jan. 27, 2025, 11:15 p.m. | 1\u00a0hour, 45\u00a0minutes ago \nDescription : In AXESS ACS (Auto Configuration Server) through 5.2.0, unsanitized user input in the TR069 API allows remote unauthenticated attackers to cause a permanent Denial of Service via crafted TR069 requests on TCP port 9675 or 7547. Rebooting does not resolve the permanent Denial of Service. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-28T02:04:11.000000Z"}, {"uuid": "f436800f-ef52-49e4-ad82-00658bdfbb82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56312", "type": "seen", "source": "https://t.me/cvedetector/13517", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56312 - REDCap Cross-Site Scripting (XSS) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-56312 \nPublished : Dec. 22, 2024, 10:15 p.m. | 40\u00a0minutes ago \nDescription : A stored cross-site scripting (XSS) vulnerability in the Project Dashboard name of REDCap through 15.0.0 allows authenticated users to inject malicious scripts into the name field of a Project Dashboard. When a user clicks on the project Dashboard name, the crafted payload is executed, potentially enabling the execution of arbitrary web scripts. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-22T23:56:34.000000Z"}, {"uuid": "87190158-0c58-4ed1-827c-a15ca3e98016", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56313", "type": "seen", "source": "https://t.me/cvedetector/13516", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56313 - \"REDCap Calendar Stored XSS\"\", \n  \"Content\": \"CVE ID : CVE-2024-56313 \nPublished : Dec. 22, 2024, 10:15 p.m. | 40\u00a0minutes ago \nDescription : A stored cross-site scripting (XSS) vulnerability in the Calendar feature of REDCap through 15.0.0 allows authenticated users to inject malicious scripts into the Notes field of a calendar event. When the event is viewed, the crafted payload is executed, potentially enabling the execution of arbitrary web scripts. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-22T23:56:33.000000Z"}, {"uuid": "3df829d7-b829-4f57-8679-7d2559dd02ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56314", "type": "seen", "source": "https://t.me/cvedetector/13515", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56314 - REDCap Stored XSS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-56314 \nPublished : Dec. 22, 2024, 10:15 p.m. | 40\u00a0minutes ago \nDescription : A stored cross-site scripting (XSS) vulnerability in the Project name of REDCap through 15.0.0 allows authenticated users to inject malicious scripts into the name field of a Project. When a user clicks on the project name to access it, the crafted payload is executed, potentially enabling the execution of arbitrary web scripts. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-22T23:56:32.000000Z"}, {"uuid": "821026a2-13a4-408c-af43-50045d8dbbcb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56311", "type": "seen", "source": "https://t.me/cvedetector/13514", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56311 - REDCap CSRF Logout Weakness\", \n  \"Content\": \"CVE ID : CVE-2024-56311 \nPublished : Dec. 22, 2024, 9:15 p.m. | 41\u00a0minutes ago \nDescription : REDCap through 15.0.0 has a security flaw in the Notes section of calendar events, exposing users to a Cross-Site Request Forgery (CSRF) attack. An attacker can exploit this by luring users into accessing a calendar event's notes, which triggers a logout request and terminates their session. This vulnerability stems from the absence of CSRF protections on the logout functionality, allowing malicious actions to be executed without user consent. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-22T23:06:22.000000Z"}, {"uuid": "f82fce5a-1a96-40f8-8d8d-d0571c8badcc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56310", "type": "seen", "source": "https://t.me/cvedetector/13513", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56310 - REDCap CSRF Logout Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-56310 \nPublished : Dec. 22, 2024, 9:15 p.m. | 41\u00a0minutes ago \nDescription : REDCap through 15.0.0 has a security flaw in the Project Dashboards name, exposing users to a Cross-Site Request Forgery (CSRF) attack. An attacker can exploit this by luring users into clicking on a Project Dashboards name that contains the malicious payload, which triggers a logout request and terminates their session. This vulnerability stems from the absence of CSRF protections on the logout functionality, allowing malicious actions to be executed without user consent. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-22T23:06:21.000000Z"}, {"uuid": "00f409ae-0409-485a-afae-d1dab1868551", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5631", "type": "seen", "source": "https://t.me/cvedetector/310", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-5631 - Longse NVR (Network Video Recorder) model\u00a0NVR3608P\", \n  \"Content\": \"CVE ID : CVE-2024-5631 \nPublished : July 9, 2024, 11:15 a.m. | 35\u00a0minutes ago \nDescription : Longse NVR (Network Video Recorder) model\u00a0NVR3608PGE2W, as well as products based on this device, are transmitting user's login and password to a remote control service without using any encryption. This enables an on-path attacker to eavesdrop the credentials and subsequently obtain access to the video stream.\u00a0  \nThe credentials are being sent when a user decides to change his password in router's portal. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-09T13:55:52.000000Z"}, {"uuid": "7814f050-c42d-4429-9a02-1fe33f1ea64c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56316", "type": "seen", "source": "Telegram/cYUWpb4F90EM4EhMEWu7zxiicZd91JOOF2_P98mKY-HPgUaC", "content": "", "creation_timestamp": "2025-01-28T03:22:55.000000Z"}, {"uuid": "088ba8fa-9876-4186-a298-c03ce427cd74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56311", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113698522251929073", "content": "", "creation_timestamp": "2024-12-22T21:09:28.415198Z"}, {"uuid": "586bd5ce-6f01-47cb-8449-a621bec5967d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56312", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113698558712644437", "content": "", "creation_timestamp": "2024-12-22T21:18:44.553838Z"}, {"uuid": "ddace4f9-4c0c-49b8-8d68-733b8a42b0b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56312", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldwgvv64lg2i", "content": "", "creation_timestamp": "2024-12-22T22:15:34.803526Z"}, {"uuid": "8d1d1efa-3301-4e23-b133-22d53d41c7f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56313", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldwgvxzb4d22", "content": "", "creation_timestamp": "2024-12-22T22:15:38.374598Z"}, {"uuid": "c41020cd-f53c-4abc-97ec-cb9f79dce3a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56314", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldwgw42jfw2e", "content": "", "creation_timestamp": "2024-12-22T22:15:43.173391Z"}, {"uuid": "52cd303c-8905-4686-ae47-9bd296ac911b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56316", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgr32gozak2i", "content": "", "creation_timestamp": "2025-01-27T23:15:33.712543Z"}, {"uuid": "92c26a5f-ceab-40ff-b999-a64359731440", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56317", "type": "seen", "source": "MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f", "content": "", "creation_timestamp": "2025-09-15T13:28:32.000000Z"}, {"uuid": "e894ec10-21cd-4276-9a3d-cbf8aa9b1f63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56313", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1121", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-56313\n\ud83d\udd39 Description: A stored cross-site scripting (XSS) vulnerability in the Calendar feature of REDCap through 14.9.6 allows authenticated users to inject malicious scripts into the Notes field of a calendar event. When the event is viewed, the crafted payload is executed, potentially enabling the execution of arbitrary web scripts.\n\ud83d\udccf Published: 2024-12-22T00:00:00\n\ud83d\udccf Modified: 2025-01-10T10:49:55.591358Z\n\ud83d\udd17 References:\n1. https://www.evms.edu/research/resources_services/redcap/redcap_change_log/\n2. https://github.com/ping-oui-no/Vulnerability-Research-CVESS/tree/main/RedCap", "creation_timestamp": "2025-01-10T11:06:04.000000Z"}, {"uuid": "ca35c37a-074a-4232-a311-44360976be84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56314", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1120", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-56314\n\ud83d\udd39 Description: A stored cross-site scripting (XSS) vulnerability in the Project name of REDCap through 14.9.6 allows authenticated users to inject malicious scripts into the name field of a Project. When a user clicks on the project name to access it, the crafted payload is executed, potentially enabling the execution of arbitrary web scripts.\n\ud83d\udccf Published: 2024-12-22T00:00:00\n\ud83d\udccf Modified: 2025-01-10T10:50:29.016453Z\n\ud83d\udd17 References:\n1. https://www.evms.edu/research/resources_services/redcap/redcap_change_log/\n2. https://github.com/ping-oui-no/Vulnerability-Research-CVESS/tree/main/RedCap", "creation_timestamp": "2025-01-10T11:06:00.000000Z"}, {"uuid": "b180c12d-d9ab-474a-9df6-1567e2550b60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56310", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1124", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-56310\n\ud83d\udd39 Description: REDCap through 14.9.6 has a security flaw in the Project Dashboards name, exposing users to a Cross-Site Request Forgery (CSRF) attack. An attacker can exploit this by luring users into clicking on a Project Dashboards name that contains the malicious payload, which triggers a logout request and terminates their session. This vulnerability stems from the absence of CSRF protections on the logout functionality, allowing malicious actions to be executed without user consent.\n\ud83d\udccf Published: 2024-12-22T00:00:00\n\ud83d\udccf Modified: 2025-01-10T10:48:01.411479Z\n\ud83d\udd17 References:\n1. https://www.evms.edu/research/resources_services/redcap/redcap_change_log/\n2. https://github.com/ping-oui-no/Vulnerability-Research-CVESS/tree/main/RedCap", "creation_timestamp": "2025-01-10T11:06:14.000000Z"}, {"uuid": "6a78672f-f78b-4741-be8e-7bbda2d6262d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56312", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1122", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-56312\n\ud83d\udd39 Description: A stored cross-site scripting (XSS) vulnerability in the Project Dashboard name of REDCap through 14.9.6 allows authenticated users to inject malicious scripts into the name field of a Project Dashboard. When a user clicks on the project Dashboard name, the crafted payload is executed, potentially enabling the execution of arbitrary web scripts.\n\ud83d\udccf Published: 2024-12-22T00:00:00\n\ud83d\udccf Modified: 2025-01-10T10:49:22.009672Z\n\ud83d\udd17 References:\n1. https://www.evms.edu/research/resources_services/redcap/redcap_change_log/\n2. https://github.com/ping-oui-no/Vulnerability-Research-CVESS/tree/main/RedCap", "creation_timestamp": "2025-01-10T11:06:09.000000Z"}, {"uuid": "ecfb9590-d45a-405f-b48e-d50a58479bee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56311", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1123", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-56311\n\ud83d\udd39 Description: REDCap through 14.9.6 has a security flaw in the Notes section of calendar events, exposing users to a Cross-Site Request Forgery (CSRF) attack. An attacker can exploit this by luring users into accessing a calendar event's notes, which triggers a logout request and terminates their session. This vulnerability stems from the absence of CSRF protections on the logout functionality, allowing malicious actions to be executed without user consent.\n\ud83d\udccf Published: 2024-12-22T00:00:00\n\ud83d\udccf Modified: 2025-01-10T10:48:44.723190Z\n\ud83d\udd17 References:\n1. https://www.evms.edu/research/resources_services/redcap/redcap_change_log/\n2. https://github.com/ping-oui-no/Vulnerability-Research-CVESS/tree/main/RedCap", "creation_timestamp": "2025-01-10T11:06:12.000000Z"}, {"uuid": "b83ba8fa-9dff-42a3-a930-7dc7088d2744", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56316", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3183", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-56316\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In AXESS ACS (Auto Configuration Server) through 5.2.0, unsanitized user input in the TR069 API allows remote unauthenticated attackers to cause a permanent Denial of Service via crafted TR069 requests on TCP port 9675 or 7547. Rebooting does not resolve the permanent Denial of Service.\n\ud83d\udccf Published: 2025-01-28T00:32:15Z\n\ud83d\udccf Modified: 2025-01-28T00:32:15Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-56316\n2. https://www.y-security.de/news-en/axess-auto-configuration-server-denial-of-service-cve-2024-56316", "creation_timestamp": "2025-01-28T01:08:07.000000Z"}, {"uuid": "d7e9e5f9-fff6-4436-9bb7-60324e7181e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56318", "type": "seen", "source": "https://t.me/cvedetector/13263", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56318 - Matter TCP NULL Pointer Dereference DoS\", \n  \"Content\": \"CVE ID : CVE-2024-56318 \nPublished : Dec. 18, 2024, 11:15 p.m. | 39\u00a0minutes ago \nDescription : In raw\\TCP.cpp in Matter (aka connectedhomeip or Project CHIP) through 1.4.0.0 before 27ca6ec, there is a NULL pointer dereference in TCPBase::ProcessSingleMessage via TCP packets with zero messageSize, leading to denial of service. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-19T01:24:48.000000Z"}, {"uuid": "d0645b35-a6bb-4452-ab64-dd376269f00f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56317", "type": "seen", "source": "https://t.me/cvedetector/13262", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56317 - Matter Denial of Service (DoS) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-56317 \nPublished : Dec. 18, 2024, 11:15 p.m. | 39\u00a0minutes ago \nDescription : In Matter (aka connectedhomeip or Project CHIP) through 1.4.0.0, the WriteAcl function deletes all existing ACL entries first, and then attempts to recreate them based on user input. If input validation fails during decoding, the process stops, and no entries are restored by access-control-server.cpp, i.e., a denial of service. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-19T01:24:47.000000Z"}, {"uuid": "ac73b014-c13f-47c3-959f-10326275b539", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56319", "type": "seen", "source": "https://t.me/cvedetector/13264", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56319 - \"Vulnerability in Matter's Userlabel Feature Leads to Denial of Service\"\", \n  \"Content\": \"CVE ID : CVE-2024-56319 \nPublished : Dec. 18, 2024, 11:15 p.m. | 39\u00a0minutes ago \nDescription : In Matter (aka connectedhomeip or Project CHIP) through 1.4.0.0 before e3277eb, unlimited user label appends in a userlabel cluster can lead to a denial of service (resource exhaustion). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-19T01:24:49.000000Z"}, {"uuid": "2870b8a7-be5e-41b5-972d-420644110952", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56319", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113676327184356713", "content": "", "creation_timestamp": "2024-12-18T23:04:58.436349Z"}, {"uuid": "533965b8-db27-47f0-9671-bc1f6786baa4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56317", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113676361747232532", "content": "", "creation_timestamp": "2024-12-18T23:13:46.045073Z"}, {"uuid": "e2ab7221-0ced-43bf-8089-8c3941508c2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56318", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113676361761669229", "content": "", "creation_timestamp": "2024-12-18T23:13:46.136330Z"}, {"uuid": "03070ef1-619f-46df-94f5-30e381667169", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56311", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldwdknocxx2e", "content": "", "creation_timestamp": "2024-12-22T21:15:32.510322Z"}, {"uuid": "21db971e-c183-4470-802f-33980c8e1e76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56314", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113698558742273521", "content": "", "creation_timestamp": "2024-12-22T21:18:45.038307Z"}, {"uuid": "312b45e7-d425-4f70-b136-b8fd52d54952", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56310", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113698522236702228", "content": "", "creation_timestamp": "2024-12-22T21:09:28.063088Z"}, {"uuid": "78a9f9ba-dd14-4af1-9513-44f22dcf4dcc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2024-56316", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113902768249990714", "content": "", "creation_timestamp": "2025-01-27T22:51:54.936637Z"}, {"uuid": "6b60e980-db24-49e6-bd54-ca0f47be611b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56310", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldwdkku5lm22", "content": "", "creation_timestamp": "2024-12-22T21:15:28.837236Z"}, {"uuid": "e1193060-82b5-48ff-b10e-0091a80d217e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56313", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113698558727317418", "content": "", "creation_timestamp": "2024-12-22T21:18:44.801403Z"}, {"uuid": "357e142c-45cc-4566-9257-d10c492c1068", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56317", "type": "seen", "source": "MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f", "content": "", "creation_timestamp": "2025-09-16T03:45:04.000000Z"}, {"uuid": "8431caa0-9eb3-4fc4-941d-a0ebfe0141c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56316", "type": "seen", "source": "MISP/d0bda5d9-8cbc-4c6c-8803-a5e3150f9ec2", "content": "", "creation_timestamp": "2025-09-01T19:03:02.000000Z"}]}