https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sun, 28 Jun 2026 10:50:20 +0000 https://vulnerability.circl.lu/sighting/c9cf9d3a-899e-4461-91d5-da44549201ea/export {"uuid": "c9cf9d3a-899e-4461-91d5-da44549201ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36435", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/1004", "content": "Target = \"https://{ip_address}/cgi/login.cgi\"\ncommand = \"touch /tmp/BRLY\"\n\nlibc = 0x76283000 # we try to guess\ngadget1 = 0x000D8874 # pop {r0, r1, r2, r3, fp, pc};\ngadget2 = 0x001026D4 # mov r0, sp; blx r3;\nsystem = 0x0003C4D4\n\nhttps://github.com/binarly-io/ToolsAndPoCs/blob/master/Posix/Supermicro/CVE-2024-36435.py\n\n#CyberDilara", "creation_timestamp": "2024-09-30T07:30:50.000000Z"} {"uuid": "c9cf9d3a-899e-4461-91d5-da44549201ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36435", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/1004", "content": "Target = \"https://{ip_address}/cgi/login.cgi\"\ncommand = \"touch /tmp/BRLY\"\n\nlibc = 0x76283000 # we try to guess\ngadget1 = 0x000D8874 # pop {r0, r1, r2, r3, fp, pc};\ngadget2 = 0x001026D4 # mov r0, sp; blx r3;\nsystem = 0x0003C4D4\n\nhttps://github.com/binarly-io/ToolsAndPoCs/blob/master/Posix/Supermicro/CVE-2024-36435.py\n\n#CyberDilara", "creation_timestamp": "2024-09-30T07:30:50.000000Z"} https://vulnerability.circl.lu/sighting/c9cf9d3a-899e-4461-91d5-da44549201ea/export Mon, 30 Sep 2024 07:30:50 +0000 https://vulnerability.circl.lu/sighting/35582d35-da04-4943-a667-6d9aa65e9510/export {"uuid": "35582d35-da04-4943-a667-6d9aa65e9510", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36435", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2284", "content": "CVE-2024-36435\n*\nRCE Flaw in Supermicro BMC IPMI Firmware\n*\nWriteUp\n*\nPOC exploit\n\n#servers #ipmi #rce", "creation_timestamp": "2024-10-02T07:31:40.000000Z"} {"uuid": "35582d35-da04-4943-a667-6d9aa65e9510", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36435", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2284", "content": "CVE-2024-36435\n*\nRCE Flaw in Supermicro BMC IPMI Firmware\n*\nWriteUp\n*\nPOC exploit\n\n#servers #ipmi #rce", "creation_timestamp": "2024-10-02T07:31:40.000000Z"} https://vulnerability.circl.lu/sighting/35582d35-da04-4943-a667-6d9aa65e9510/export Wed, 02 Oct 2024 07:31:40 +0000 https://vulnerability.circl.lu/sighting/e7cb8970-46b0-4e2d-9823-e0b1350b6357/export {"uuid": "e7cb8970-46b0-4e2d-9823-e0b1350b6357", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36435", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/4910", "content": "#exploit\n1. CVE-2024-9014:\npgAdmin4 Sensitive Information Exposure\nhttps://github.com/EQSTLab/CVE-2024-9014\n\n2. CVE-2024-36435:\nBuffer overflow in Supermicro BMC IPMI\nhttps://github.com/binarly-io/ToolsAndPoCs/blob/master/Posix/Supermicro/CVE-2024-36435.py\n]-> https://www.binarly.io/blog/cve-2024-36435-deep-dive-the-years-most-critical-bmc-security-flaw", "creation_timestamp": "2024-10-02T16:38:48.000000Z"} {"uuid": "e7cb8970-46b0-4e2d-9823-e0b1350b6357", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36435", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/4910", "content": "#exploit\n1. CVE-2024-9014:\npgAdmin4 Sensitive Information Exposure\nhttps://github.com/EQSTLab/CVE-2024-9014\n\n2. CVE-2024-36435:\nBuffer overflow in Supermicro BMC IPMI\nhttps://github.com/binarly-io/ToolsAndPoCs/blob/master/Posix/Supermicro/CVE-2024-36435.py\n]-> https://www.binarly.io/blog/cve-2024-36435-deep-dive-the-years-most-critical-bmc-security-flaw", "creation_timestamp": "2024-10-02T16:38:48.000000Z"} https://vulnerability.circl.lu/sighting/e7cb8970-46b0-4e2d-9823-e0b1350b6357/export Wed, 02 Oct 2024 16:38:48 +0000 https://vulnerability.circl.lu/sighting/ab58e7d1-2853-4b26-9c61-c0de8b374b22/export {"uuid": "ab58e7d1-2853-4b26-9c61-c0de8b374b22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36435", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/1588", "content": "#exploit\n1. CVE-2024-9014:\npgAdmin4 Sensitive Information Exposure\nhttps://github.com/EQSTLab/CVE-2024-9014\n\n2. CVE-2024-36435:\nBuffer overflow in Supermicro BMC IPMI\nhttps://github.com/binarly-io/ToolsAndPoCs/blob/master/Posix/Supermicro/CVE-2024-36435.py\n]-> https://www.binarly.io/blog/cve-2024-36435-deep-dive-the-years-most-critical-bmc-security-flaw", "creation_timestamp": "2024-10-02T16:38:49.000000Z"} {"uuid": "ab58e7d1-2853-4b26-9c61-c0de8b374b22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36435", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/1588", "content": "#exploit\n1. CVE-2024-9014:\npgAdmin4 Sensitive Information Exposure\nhttps://github.com/EQSTLab/CVE-2024-9014\n\n2. CVE-2024-36435:\nBuffer overflow in Supermicro BMC IPMI\nhttps://github.com/binarly-io/ToolsAndPoCs/blob/master/Posix/Supermicro/CVE-2024-36435.py\n]-> https://www.binarly.io/blog/cve-2024-36435-deep-dive-the-years-most-critical-bmc-security-flaw", "creation_timestamp": "2024-10-02T16:38:49.000000Z"} https://vulnerability.circl.lu/sighting/ab58e7d1-2853-4b26-9c61-c0de8b374b22/export Wed, 02 Oct 2024 16:38:49 +0000 https://vulnerability.circl.lu/sighting/2a4ccf03-3099-46a2-b449-cc52729ca432/export {"uuid": "2a4ccf03-3099-46a2-b449-cc52729ca432", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36435", "type": "published-proof-of-concept", "source": "https://t.me/ZeroDay_TM/881", "content": "\u2022 RCE Flaw (CVE-2024-36435) in Supermicro BMC IPMI Firmware\n\nSecurity vulnerability in the Baseboard Management Controller (BMC) firmware \u2014 a critical component of modern data center infrastructure. Unauthenticated user can remotely trigger the code flow with a simple post request and cause the arbitrary code execution over classical stack overflow.\n\nPOC: https://github.com/binarly-io/ToolsAndPoCs/blob/789fdb481ed3a9d6da71dee0d7d3bbdde6c1b5dd/Posix/Supermicro/CVE-2024-36435.py\n\n#exploit #writeup #pentest\n- - - - - - - - -\n\u2022 @Old_Unclee\n\u2022 @ZeroDay_TM", "creation_timestamp": "2024-10-02T21:07:43.000000Z"} {"uuid": "2a4ccf03-3099-46a2-b449-cc52729ca432", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36435", "type": "published-proof-of-concept", "source": "https://t.me/ZeroDay_TM/881", "content": "\u2022 RCE Flaw (CVE-2024-36435) in Supermicro BMC IPMI Firmware\n\nSecurity vulnerability in the Baseboard Management Controller (BMC) firmware \u2014 a critical component of modern data center infrastructure. Unauthenticated user can remotely trigger the code flow with a simple post request and cause the arbitrary code execution over classical stack overflow.\n\nPOC: https://github.com/binarly-io/ToolsAndPoCs/blob/789fdb481ed3a9d6da71dee0d7d3bbdde6c1b5dd/Posix/Supermicro/CVE-2024-36435.py\n\n#exploit #writeup #pentest\n- - - - - - - - -\n\u2022 @Old_Unclee\n\u2022 @ZeroDay_TM", "creation_timestamp": "2024-10-02T21:07:43.000000Z"} https://vulnerability.circl.lu/sighting/2a4ccf03-3099-46a2-b449-cc52729ca432/export Wed, 02 Oct 2024 21:07:43 +0000 https://vulnerability.circl.lu/sighting/6cf53d35-eea0-42dd-8c09-e33fe65e5b79/export {"uuid": "6cf53d35-eea0-42dd-8c09-e33fe65e5b79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36435", "type": "published-proof-of-concept", "source": "Telegram/o7VlsrAVA1DWBTlZl46rIoutlNqMKHpc5zbmztPssQicDZc", "content": "", "creation_timestamp": "2024-10-03T16:56:46.000000Z"} {"uuid": "6cf53d35-eea0-42dd-8c09-e33fe65e5b79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36435", "type": "published-proof-of-concept", "source": "Telegram/o7VlsrAVA1DWBTlZl46rIoutlNqMKHpc5zbmztPssQicDZc", "content": "", "creation_timestamp": "2024-10-03T16:56:46.000000Z"} https://vulnerability.circl.lu/sighting/6cf53d35-eea0-42dd-8c09-e33fe65e5b79/export Thu, 03 Oct 2024 16:56:46 +0000 https://vulnerability.circl.lu/sighting/4a03039d-2126-481d-912a-235cccdf741c/export {"uuid": "4a03039d-2126-481d-912a-235cccdf741c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36435", "type": "seen", "source": "https://t.me/kasraone_com/717", "content": "\u0645\u0634\u06a9\u0644 \u0627\u0645\u0646\u06cc\u062a\u06cc RCE (CVE-2024-36435) \u062f\u0631 \u06a9\u0646\u062a\u0631\u0644\u200c\u06af\u0631 \u0645\u062f\u06cc\u0631\u06cc\u062a \u0628\u0631\u062f \u0627\u0635\u0644\u06cc (BMC) \u0633\u0648\u067e\u0631 \u0645\u06cc\u06a9\u0631\u0648 \ud83d\udea8\n\n\u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u26a0\ufe0f \u062f\u0631 \u0633\u06cc\u0633\u062a\u0645\u200c\u0639\u0627\u0645\u0644 \u06a9\u0646\u062a\u0631\u0644\u200c\u06af\u0631 \u0645\u062f\u06cc\u0631\u06cc\u062a \u0628\u0631\u062f \u0627\u0635\u0644\u06cc (BMC) \ud83d\udda5\ufe0f \u06a9\u0647 \u062c\u0632\u0626\u06cc \u062d\u06cc\u0627\u062a\u06cc \u0627\u0632 \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u200c\u0647\u0627\u06cc \u0645\u062f\u0631\u0646 \u0645\u0631\u0627\u06a9\u0632 \u062f\u0627\u062f\u0647 \ud83c\udfe2 \u0627\u0633\u062a\u060c \u06a9\u0634\u0641 \u0634\u062f\u0647 \u0627\u0633\u062a. \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u0647 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \ud83e\uddb9\u200d\u2642\ufe0f \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc\u200c\u062f\u0647\u062f \u062a\u0627 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \ud83c\udf10 \u0648 \u0628\u062f\u0648\u0646 \u0646\u06cc\u0627\u0632 \u0628\u0647 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \ud83d\udeab\u060c \u06a9\u062f \u062f\u0644\u062e\u0648\u0627\u0647 \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u0646\u062f \ud83d\udcbb. \n\n\u0628\u0647 \u0632\u0628\u0627\u0646 \u0633\u0627\u062f\u0647\u200c\u062a\u0631\u060c \u0647\u0631 \u06a9\u0633\u06cc \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0627 \u0627\u0631\u0633\u0627\u0644 \u06cc\u06a9 \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0633\u0627\u062f\u0647 \u2709\ufe0f\u060c \u06a9\u0646\u062a\u0631\u0644 \u0633\u06cc\u0633\u062a\u0645 \ud83c\udf9b\ufe0f \u0631\u0627 \u062f\u0631 \u062f\u0633\u062a \u0628\u06af\u06cc\u0631\u062f \u0648 \u06a9\u062f\u0647\u0627\u06cc \u0645\u062e\u0631\u0628 \ud83e\udda0 \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f. \u0627\u06cc\u0646 \u062d\u0645\u0644\u0647 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u06cc\u06a9 \u0646\u0642\u0635 \ud83d\udc1e \u062f\u0631 \u0646\u062d\u0648\u0647 \u0645\u062f\u06cc\u0631\u06cc\u062a \u067e\u0634\u062a\u0647 (Stack Overflow) \ud83d\udca5 \u0627\u0646\u062c\u0627\u0645 \u0645\u06cc\u200c\u0634\u0648\u062f.\n\n\u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0628\u06cc\u0634\u062a\u0631:\n\n* \u06a9\u062f \u0627\u062b\u0628\u0627\u062a \u0645\u0641\u0647\u0648\u0645 (POC): [\u0644\u06cc\u0646\u06a9] \ud83d\udd17\n\n\n\n\n\u00a0\u00a0\u00a0\u00a0\u00a0 \u00a0\u00a0 \u2661 \u2800\u2800 \u3007\u2800\u00a0 \u2800 \u2399\u2800\u200c\u00a0 \u200c \u2332\u2063 \n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 \u02e1\u2071\u1d4f\u1d49\u00a0 \u1d9c\u1d52\u1d50\u1d50\u1d49\u207f\u1d57\u00a0\u00a0 \u02e2\u1d43\u1d5b\u1d49\u00a0 \u02e2\u02b0\u1d43\u02b3\u1d49\n\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 K1\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 kasraone", "creation_timestamp": "2024-10-11T05:02:04.000000Z"} {"uuid": "4a03039d-2126-481d-912a-235cccdf741c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36435", "type": "seen", "source": "https://t.me/kasraone_com/717", "content": "\u0645\u0634\u06a9\u0644 \u0627\u0645\u0646\u06cc\u062a\u06cc RCE (CVE-2024-36435) \u062f\u0631 \u06a9\u0646\u062a\u0631\u0644\u200c\u06af\u0631 \u0645\u062f\u06cc\u0631\u06cc\u062a \u0628\u0631\u062f \u0627\u0635\u0644\u06cc (BMC) \u0633\u0648\u067e\u0631 \u0645\u06cc\u06a9\u0631\u0648 \ud83d\udea8\n\n\u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u26a0\ufe0f \u062f\u0631 \u0633\u06cc\u0633\u062a\u0645\u200c\u0639\u0627\u0645\u0644 \u06a9\u0646\u062a\u0631\u0644\u200c\u06af\u0631 \u0645\u062f\u06cc\u0631\u06cc\u062a \u0628\u0631\u062f \u0627\u0635\u0644\u06cc (BMC) \ud83d\udda5\ufe0f \u06a9\u0647 \u062c\u0632\u0626\u06cc \u062d\u06cc\u0627\u062a\u06cc \u0627\u0632 \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u200c\u0647\u0627\u06cc \u0645\u062f\u0631\u0646 \u0645\u0631\u0627\u06a9\u0632 \u062f\u0627\u062f\u0647 \ud83c\udfe2 \u0627\u0633\u062a\u060c \u06a9\u0634\u0641 \u0634\u062f\u0647 \u0627\u0633\u062a. \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u0647 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \ud83e\uddb9\u200d\u2642\ufe0f \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc\u200c\u062f\u0647\u062f \u062a\u0627 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \ud83c\udf10 \u0648 \u0628\u062f\u0648\u0646 \u0646\u06cc\u0627\u0632 \u0628\u0647 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \ud83d\udeab\u060c \u06a9\u062f \u062f\u0644\u062e\u0648\u0627\u0647 \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u0646\u062f \ud83d\udcbb. \n\n\u0628\u0647 \u0632\u0628\u0627\u0646 \u0633\u0627\u062f\u0647\u200c\u062a\u0631\u060c \u0647\u0631 \u06a9\u0633\u06cc \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0627 \u0627\u0631\u0633\u0627\u0644 \u06cc\u06a9 \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0633\u0627\u062f\u0647 \u2709\ufe0f\u060c \u06a9\u0646\u062a\u0631\u0644 \u0633\u06cc\u0633\u062a\u0645 \ud83c\udf9b\ufe0f \u0631\u0627 \u062f\u0631 \u062f\u0633\u062a \u0628\u06af\u06cc\u0631\u062f \u0648 \u06a9\u062f\u0647\u0627\u06cc \u0645\u062e\u0631\u0628 \ud83e\udda0 \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f. \u0627\u06cc\u0646 \u062d\u0645\u0644\u0647 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u06cc\u06a9 \u0646\u0642\u0635 \ud83d\udc1e \u062f\u0631 \u0646\u062d\u0648\u0647 \u0645\u062f\u06cc\u0631\u06cc\u062a \u067e\u0634\u062a\u0647 (Stack Overflow) \ud83d\udca5 \u0627\u0646\u062c\u0627\u0645 \u0645\u06cc\u200c\u0634\u0648\u062f.\n\n\u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0628\u06cc\u0634\u062a\u0631:\n\n* \u06a9\u062f \u0627\u062b\u0628\u0627\u062a \u0645\u0641\u0647\u0648\u0645 (POC): [\u0644\u06cc\u0646\u06a9] \ud83d\udd17\n\n\n\n\n\u00a0\u00a0\u00a0\u00a0\u00a0 \u00a0\u00a0 \u2661 \u2800\u2800 \u3007\u2800\u00a0 \u2800 \u2399\u2800\u200c\u00a0 \u200c \u2332\u2063 \n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 \u02e1\u2071\u1d4f\u1d49\u00a0 \u1d9c\u1d52\u1d50\u1d50\u1d49\u207f\u1d57\u00a0\u00a0 \u02e2\u1d43\u1d5b\u1d49\u00a0 \u02e2\u02b0\u1d43\u02b3\u1d49\n\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 K1\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 kasraone", "creation_timestamp": "2024-10-11T05:02:04.000000Z"} https://vulnerability.circl.lu/sighting/4a03039d-2126-481d-912a-235cccdf741c/export Fri, 11 Oct 2024 05:02:04 +0000 https://vulnerability.circl.lu/sighting/74923109-3a0a-48c7-a2ae-9d7572426d4b/export {"uuid": "74923109-3a0a-48c7-a2ae-9d7572426d4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36435", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11208", "content": "#exploit\n1. CVE-2024-9014:\npgAdmin4 Sensitive Information Exposure\nhttps://github.com/EQSTLab/CVE-2024-9014\n\n2. CVE-2024-41110:\nDocker AuthZ plugins Security Checker\nhttps://github.com/vvpoglazov/cve-2024-41110-checker\n\n3. CVE-2024-36435:\nBuffer overflow in Supermicro BMC IPMI\nhttps://github.com/binarly-io/ToolsAndPoCs/blob/master/Posix/Supermicro/CVE-2024-36435.py\n]-> https://www.binarly.io/blog/cve-2024-36435-deep-dive-the-years-most-critical-bmc-security-flaw", "creation_timestamp": "2024-11-01T03:17:48.000000Z"} {"uuid": "74923109-3a0a-48c7-a2ae-9d7572426d4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36435", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11208", "content": "#exploit\n1. CVE-2024-9014:\npgAdmin4 Sensitive Information Exposure\nhttps://github.com/EQSTLab/CVE-2024-9014\n\n2. CVE-2024-41110:\nDocker AuthZ plugins Security Checker\nhttps://github.com/vvpoglazov/cve-2024-41110-checker\n\n3. CVE-2024-36435:\nBuffer overflow in Supermicro BMC IPMI\nhttps://github.com/binarly-io/ToolsAndPoCs/blob/master/Posix/Supermicro/CVE-2024-36435.py\n]-> https://www.binarly.io/blog/cve-2024-36435-deep-dive-the-years-most-critical-bmc-security-flaw", "creation_timestamp": "2024-11-01T03:17:48.000000Z"} https://vulnerability.circl.lu/sighting/74923109-3a0a-48c7-a2ae-9d7572426d4b/export Fri, 01 Nov 2024 03:17:48 +0000 https://vulnerability.circl.lu/sighting/36eef5d1-4b11-4189-8eb6-33e6a34c7f10/export {"uuid": "36eef5d1-4b11-4189-8eb6-33e6a34c7f10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36437", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhc5kz5xjj2b", "content": "", "creation_timestamp": "2025-02-03T18:15:53.115586Z"} {"uuid": "36eef5d1-4b11-4189-8eb6-33e6a34c7f10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36437", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhc5kz5xjj2b", "content": "", "creation_timestamp": "2025-02-03T18:15:53.115586Z"} https://vulnerability.circl.lu/sighting/36eef5d1-4b11-4189-8eb6-33e6a34c7f10/export Mon, 03 Feb 2025 18:15:53 +0000 https://vulnerability.circl.lu/sighting/0826127e-557f-4037-a889-b4856db792ff/export {"uuid": "0826127e-557f-4037-a889-b4856db792ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36437", "type": "seen", "source": "https://t.me/cvedetector/17088", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-36437 - TextNow Android Vulnerability - Unauthorized Call Hijacking\", \n \"Content\": \"CVE ID : CVE-2024-36437 \nPublished : Feb. 3, 2025, 6:15 p.m. | 22\u00a0minutes ago \nDescription : The com.enflick.android.TextNow (aka TextNow: Call + Text Unlimited) application 24.17.0.2 for Android enables any installed application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.enflick.android.TextNow.activities.DialerActivity component. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"03 Feb 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-03T20:19:20.000000Z"} {"uuid": "0826127e-557f-4037-a889-b4856db792ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36437", "type": "seen", "source": "https://t.me/cvedetector/17088", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-36437 - TextNow Android Vulnerability - Unauthorized Call Hijacking\", \n \"Content\": \"CVE ID : CVE-2024-36437 \nPublished : Feb. 3, 2025, 6:15 p.m. | 22\u00a0minutes ago \nDescription : The com.enflick.android.TextNow (aka TextNow: Call + Text Unlimited) application 24.17.0.2 for Android enables any installed application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.enflick.android.TextNow.activities.DialerActivity component. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"03 Feb 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-03T20:19:20.000000Z"} https://vulnerability.circl.lu/sighting/0826127e-557f-4037-a889-b4856db792ff/export Mon, 03 Feb 2025 20:19:20 +0000