{"vulnerability": "CVE-2024-1049", "sightings": [{"uuid": "b2ffe4ed-9cb7-4709-9306-a51e092e9f3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10492", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113542463875418232", "content": "", "creation_timestamp": "2024-11-25T07:41:46.694503Z"}, {"uuid": "bf316ac3-0fc4-4831-b08a-7f9e9c84174d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10490", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113582372182445014", "content": "", "creation_timestamp": "2024-12-02T08:50:58.896919Z"}, {"uuid": "cf4e28a2-eabd-4073-845c-2f6f80a91bec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10493", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113559074260417301", "content": "", "creation_timestamp": "2024-11-28T06:06:00.829813Z"}, {"uuid": "6156fedf-04cf-41bb-a7d8-7dec1fe8f2f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10494", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113629340021174577", "content": "", "creation_timestamp": "2024-12-10T15:55:31.133668Z"}, {"uuid": "cdd562c4-80e4-4c79-a6b4-ff0ebe9c6f03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10495", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113629340037244956", "content": "", "creation_timestamp": "2024-12-10T15:55:31.676065Z"}, {"uuid": "7ed7c9e6-e572-4043-8778-1cebcaf50157", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10496", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113629363345570825", "content": "", "creation_timestamp": "2024-12-10T16:01:27.080353Z"}, {"uuid": "b700f2a7-8702-4497-92a5-b0f3efa97e88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10494", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-345-04", "content": "", "creation_timestamp": "2024-12-10T11:00:00.000000Z"}, {"uuid": "0b8ee24e-2b82-4261-81ce-8e0de6ede641", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10495", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-345-04", "content": "", "creation_timestamp": "2024-12-10T11:00:00.000000Z"}, {"uuid": "26915fcc-8c17-4083-abcf-a565cac6ea22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10496", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-345-04", "content": "", "creation_timestamp": "2024-12-10T11:00:00.000000Z"}, {"uuid": "3653221e-9212-4b5c-9b6b-1a63bf6b6fc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10497", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113843241275511437", "content": "", "creation_timestamp": "2025-01-17T10:33:25.369281Z"}, {"uuid": "68f2fbea-639b-4b6a-a15a-6797ea31970d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10498", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113843241291825195", "content": "", "creation_timestamp": "2025-01-17T10:33:25.576924Z"}, {"uuid": "31bb6db8-0a40-4edc-89a7-0e4814fe1692", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10497", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfwo5fd5fe2r", "content": "", "creation_timestamp": "2025-01-17T11:15:21.273514Z"}, {"uuid": "350087d7-3fef-40e6-9a41-daa09951975c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10498", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfwo5hvqzr2r", "content": "", "creation_timestamp": "2025-01-17T11:15:23.756760Z"}, {"uuid": "c2264c1e-dd31-4115-aac2-25f52afe196b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10497", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113843536763361168", "content": "", "creation_timestamp": "2025-01-17T11:48:34.351946Z"}, {"uuid": "15d3c8e9-dbba-4e71-887a-4cea29083807", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10497", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfwpzqxx3s2k", "content": "", "creation_timestamp": "2025-01-17T11:49:06.806670Z"}, {"uuid": "1da76363-7a73-4afd-89f7-3e0e7b0841ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10498", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfwpzrce3l2g", "content": "", "creation_timestamp": "2025-01-17T11:49:07.500697Z"}, {"uuid": "e5cd7e7f-c06e-4907-9fbb-ea2123f771a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10497", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfwpzrrhlm2k", "content": "", "creation_timestamp": "2025-01-17T11:49:09.777998Z"}, {"uuid": "7d32c256-48f8-444b-a16b-2a503ede2f18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10497", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/113843982218783924", "content": "", "creation_timestamp": "2025-01-17T13:41:51.899053Z"}, {"uuid": "341a4faa-3078-4c97-bc35-a9f0858a4420", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10498", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/113843982218783924", "content": "", "creation_timestamp": "2025-01-17T13:41:51.944844Z"}, {"uuid": "9b7307c2-33a2-48d1-ba99-35b5c4c16448", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10497", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-028-02", "content": "", "creation_timestamp": "2025-01-28T11:00:00.000000Z"}, {"uuid": "0589d9b6-9c9a-4c28-942b-22e899d26882", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10498", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-028-02", "content": "", "creation_timestamp": "2025-01-28T11:00:00.000000Z"}, {"uuid": "172de46a-eb9e-41bd-a58c-cd4d5d3200bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10498", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2116", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-10498\n\ud83d\udd39 Description: CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that\ncould allow an unauthorized attacker to modify configuration values outside of the normal range when the\nattacker sends specific Modbus write packets to the device which could result in invalid data or loss of web\ninterface functionality.\n\ud83d\udccf Published: 2025-01-17T10:30:21.046Z\n\ud83d\udccf Modified: 2025-01-17T10:30:21.046Z\n\ud83d\udd17 References:\n1. https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-014-08&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2025-014-08.pdf", "creation_timestamp": "2025-01-17T10:57:01.000000Z"}, {"uuid": "52734b7c-f835-4059-8210-1f7b4de453bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-10492", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/6dcc559a-77e3-4a18-986f-df02f894221c", "content": "", "creation_timestamp": "2024-11-22T09:53:24.398477Z"}, {"uuid": "7664435a-9b2d-4b58-b704-243b28b2cf51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1049", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4274", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-1049\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2024-03-23T04:15:08.190\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3049222%40vimeography&new=3049222%40vimeography&sfp_email=&sfph_mail=\n2. https://www.wordfence.com/threat-intel/vulnerabilities/id/56d1d152-946f-47c9-b0d5-76513370677f?source=cve\n3. https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3049222%40vimeography&new=3049222%40vimeography&sfp_email=&sfph_mail=\n4. https://www.wordfence.com/threat-intel/vulnerabilities/id/56d1d152-946f-47c9-b0d5-76513370677f?source=cve", "creation_timestamp": "2025-02-13T17:10:55.000000Z"}, {"uuid": "a76d69b2-1b0f-4706-a5b9-fc4da340432f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10497", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2117", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-10497\n\ud83d\udd39 Description: CWE-639: Authorization Bypass Through User-Controlled Key vulnerability exists that could allow an\nauthorized attacker to modify values outside those defined by their privileges (Elevation of Privileges) when the\nattacker sends modified HTTPS requests to the device.\n\ud83d\udccf Published: 2025-01-17T10:27:52.954Z\n\ud83d\udccf Modified: 2025-01-17T10:27:52.954Z\n\ud83d\udd17 References:\n1. https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-014-08&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2025-014-08.pdf", "creation_timestamp": "2025-01-17T10:57:02.000000Z"}, {"uuid": "8f80205d-e87a-4f73-bda7-df817b877004", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10496", "type": "seen", "source": "https://t.me/cvedetector/12519", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10496 - NI LabVIEW Out-of-Bounds Read/Specially Crafted VI Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-10496 \nPublished : Dec. 10, 2024, 4:15 p.m. | 44\u00a0minutes ago \nDescription : An out of bounds read due to improper input validation in BuildFontMap in fontmgr.cpp in NI LabVIEW may disclose information or result in arbitrary code execution.  Successful exploitation requires an attacker to provide a user with a specially crafted VI.  This vulnerability affects LabVIEW 2024 Q3 and prior versions. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-10T18:18:40.000000Z"}, {"uuid": "ea55cb15-727f-4d1e-92ec-07e8bb4fe1bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10492", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5457", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-10492\n\ud83d\udd25 CVSS Score: 2.7 (cvssV3_0, Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: A vulnerability was found in Keycloak. A user with high privileges could read sensitive information from a Vault file that is not within the expected context. This attacker must have previous high access to the Keycloak server in order to perform resource creation, for example, an LDAP provider configuration and set up a Vault read file, which will only inform whether that file exists or not.\n\ud83d\udccf Published: 2024-11-25T07:37:30.572Z\n\ud83d\udccf Modified: 2025-02-26T04:23:59.830Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/errata/RHSA-2024:10175\n2. https://access.redhat.com/errata/RHSA-2024:10176\n3. https://access.redhat.com/errata/RHSA-2024:10177\n4. https://access.redhat.com/errata/RHSA-2024:10178\n5. https://access.redhat.com/security/cve/CVE-2024-10492\n6. https://bugzilla.redhat.com/show_bug.cgi?id=2322447", "creation_timestamp": "2025-02-26T05:26:43.000000Z"}, {"uuid": "c9ce514e-62c1-46f3-ac10-05336cd62093", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10497", "type": "seen", "source": "https://t.me/cvedetector/15702", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10497 - Apache Device Authorization Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-10497 \nPublished : Jan. 17, 2025, 11:15 a.m. | 19\u00a0minutes ago \nDescription : CWE-639: Authorization Bypass Through User-Controlled Key vulnerability exists that could allow an  \nauthorized attacker to modify values outside those defined by their privileges (Elevation of Privileges) when the  \nattacker sends modified HTTPS requests to the device. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-17T12:36:40.000000Z"}, {"uuid": "f8a3ac39-5eeb-4d02-b7c3-49458a1de57e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10498", "type": "seen", "source": "https://t.me/cvedetector/15699", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10498 - Schneider Electric Modbus Buffer Overflow\", \n  \"Content\": \"CVE ID : CVE-2024-10498 \nPublished : Jan. 17, 2025, 11:15 a.m. | 19\u00a0minutes ago \nDescription : CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that  \ncould allow an unauthorized attacker to modify configuration values outside of the normal range when the  \nattacker sends specific Modbus write packets to the device which could result in invalid data or loss of web  \ninterface functionality. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-17T12:36:37.000000Z"}, {"uuid": "cb54899d-2d16-41e9-9256-5107564c0a0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10494", "type": "seen", "source": "https://t.me/cvedetector/12520", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10494 - LabVIEW Heap-Based Buffer Overflow\", \n  \"Content\": \"CVE ID : CVE-2024-10494 \nPublished : Dec. 10, 2024, 4:15 p.m. | 44\u00a0minutes ago \nDescription : An out of bounds read due to improper input validation in HeapObjMapImpl.cpp in NI LabVIEW may disclose information or result in arbitrary code execution.  Successful exploitation requires an attacker to provide a user with a specially crafted VI.  This vulnerability affects LabVIEW 2024 Q3 and prior versions. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-10T18:18:41.000000Z"}, {"uuid": "00ef7261-bc57-460f-af1f-1e12aa853e71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10495", "type": "seen", "source": "https://t.me/cvedetector/12518", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10495 - NI LabVIEW Fontmgr Denial of Service/Code Execution\", \n  \"Content\": \"CVE ID : CVE-2024-10495 \nPublished : Dec. 10, 2024, 4:15 p.m. | 44\u00a0minutes ago \nDescription : An out of bounds read due to improper input validation when loading the font table in fontmgr.cpp in NI LabVIEW may disclose information or result in arbitrary code execution.  Successful exploitation requires an attacker to provide a user with a specially crafted VI.  This vulnerability affects LabVIEW 2024 Q3 and prior versions. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-10T18:18:39.000000Z"}, {"uuid": "6f8bfa71-a7fe-4c43-b156-af9557c7ef25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10490", "type": "seen", "source": "https://t.me/cvedetector/11752", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10490 - B&R mapp Cockpit, View, Services, Motion, Vision OPC UA Server Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-10490 \nPublished : Dec. 2, 2024, 9:15 a.m. | 36\u00a0minutes ago \nDescription : An \u201cAuthentication Bypass Using an Alternate Path or Channel\u201d vulnerability in the OPC UA Server configuration required for B&R mapp Cockpit before 6.0, B&R mapp View before 6.0, B&R mapp Services before 6.0, B&R mapp Motion before 6.0 and B&R mapp Vision before 6.0 may be used by an unauthenticated network-based attacker to cause information disclosure, unintended change of data, or denial of service conditions.  \nB&R mapp Services is only affected, when mpUserX or mpCodeBox are used in the Automation Studio project. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-02T11:13:25.000000Z"}, {"uuid": "9e735f12-50b1-49af-8904-88f7f894e35c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10499", "type": "seen", "source": "https://t.me/cvedetector/12744", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10499 - \"WordPress AI Engine RESP SQL Injection Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-10499 \nPublished : Dec. 12, 2024, 6:15 a.m. | 42\u00a0minutes ago \nDescription : The AI Engine WordPress plugin before 2.6.5 does not sanitize and escape a parameter from one of its RESP API endpoint before using it in a SQL statement, allowing admins to perform SQL injection attacks \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-12T07:58:46.000000Z"}, {"uuid": "71de831e-84af-4724-9a78-c3e3134622dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10491", "type": "seen", "source": "https://t.me/cvedetector/9352", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10491 - Apache Express arbitrary resource injection vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-10491 \nPublished : Oct. 29, 2024, 5:15 p.m. | 39\u00a0minutes ago \nDescription : A vulnerability has been identified in the Express response.links\u00a0function, allowing for arbitrary resource injection in the Link\u00a0header when unsanitized data is used.  \n  \nThe issue arises from improper sanitization in `Link` header values, which can allow a combination of characters like `,`, `;`, and `` to preload malicious resources.  \n  \nThis vulnerability is especially relevant for dynamic parameters. \nSeverity: 4.0 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-29T18:57:47.000000Z"}]}