{"vulnerability": "CVE-2024-1149", "sightings": [{"uuid": "ee4a9729-833d-4d01-9301-3162eedaf663", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11491", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113516356461218025", "content": "", "creation_timestamp": "2024-11-20T17:02:18.925151Z"}, {"uuid": "ee7b73f1-728e-484d-9568-3738bfae3097", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11495", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113515362328706229", "content": "", "creation_timestamp": "2024-11-20T12:49:29.635676Z"}, {"uuid": "ffd696ff-66bd-4a12-8edd-4796a2b68348", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11494", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113514635529972519", "content": "", "creation_timestamp": "2024-11-20T09:44:39.580227Z"}, {"uuid": "3ca385f7-9333-43a7-8710-c30e269fbaca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11492", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113516545689275805", "content": "", "creation_timestamp": "2024-11-20T17:50:26.277902Z"}, {"uuid": "e8b76d2d-75e3-4378-9d99-4671a86385ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11493", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113516545703538426", "content": "", "creation_timestamp": "2024-11-20T17:50:26.495588Z"}, {"uuid": "f411d804-bfb5-4904-97fe-01adb4dfb80f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11494", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113514621049816861", "content": "", "creation_timestamp": "2024-11-20T09:40:58.758285Z"}, {"uuid": "61fc2c59-a921-4f09-a985-78cd0a57e473", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11490", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113516356446890569", "content": "", "creation_timestamp": "2024-11-20T17:02:18.573216Z"}, {"uuid": "dd271ea7-8784-4121-ab8c-6e38f92c8242", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11498", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113543793913457247", "content": "", "creation_timestamp": "2024-11-25T13:20:01.223980Z"}, {"uuid": "2504226a-ae2d-482e-bf07-8ad1ce237197", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11497", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113827256805546583", "content": "", "creation_timestamp": "2025-01-14T14:48:22.261523Z"}, {"uuid": "1b687f20-f23a-4b45-8555-10436f82f9b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11496", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf4vfon2yu22", "content": "", "creation_timestamp": "2025-01-07T05:16:02.165671Z"}, {"uuid": "d48c28fd-99a8-4247-8a2e-e276392517b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11497", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113827057718514387", "content": "", "creation_timestamp": "2025-01-14T13:57:43.785217Z"}, {"uuid": "31ed7cda-fecb-41f1-aa36-44d3af7474fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11497", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpgue36r42j", "content": "", "creation_timestamp": "2025-01-14T14:16:23.318388Z"}, {"uuid": "0f7a6489-267a-4e3e-85d3-994fc312d38e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11499", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-093-01", "content": "", "creation_timestamp": "2025-04-03T10:00:00.000000Z"}, {"uuid": "30fe7cd5-dcb1-48fb-a2c7-1ef5595c69dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11499", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8644", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-11499\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/R:A)\n\ud83d\udd39 Description: A vulnerability exists in RTU500 IEC 60870-4-104 controlled station functionality, that allows an authenticated and authorized attacker to perform a CMU restart. The vulnerability can be triggered if certificates are updated while in use on active connections.\n\nThe affected CMU will automatically recover itself if an attacker successfully exploits this vulnerability.\n\ud83d\udccf Published: 2025-03-25T12:30:42.034Z\n\ud83d\udccf Modified: 2025-03-25T13:11:58.573Z\n\ud83d\udd17 References:\n1. https://publisher.hitachienergy.com/preview?DocumentId=8DBD000207&languageCode=en&Preview=true", "creation_timestamp": "2025-03-25T13:23:50.000000Z"}, {"uuid": "d32d9005-511c-4b2e-8175-6e6a2c71fe08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11496", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/308", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-11496\n\ud83d\udd39 Description: The Infility Global plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the infility_global_ajax function in all versions up to, and including, 2.9.8. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update plugin options and potentially break the site.\n\ud83d\udccf Published: 2025-01-07T04:22:20.164Z\n\ud83d\udccf Modified: 2025-01-07T04:22:20.164Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/d0fd1c19-b752-4562-9365-165d709b91b2?source=cve\n2. https://plugins.trac.wordpress.org/browser/infility-global/trunk/infility_global.php#L121\n3. https://plugins.trac.wordpress.org/browser/infility-global/trunk/include/class/action.class.php#L80", "creation_timestamp": "2025-01-07T04:37:09.000000Z"}, {"uuid": "705881b6-905f-4493-aec1-e73db262774c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11497", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1478", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-11497\n\ud83d\udd39 Description: An authenticated attacker can use this vulnerability to perform a privilege escalation to gain root access.\n\ud83d\udccf Published: 2025-01-14T13:55:57.890Z\n\ud83d\udccf Modified: 2025-01-14T13:55:57.890Z\n\ud83d\udd17 References:\n1. https://cert.vde.com/en/advisories/VDE-2024-070", "creation_timestamp": "2025-01-14T14:10:27.000000Z"}, {"uuid": "e0c551b4-e256-4f4f-84a3-0e52fea7b243", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11490", "type": "seen", "source": "https://t.me/cvedetector/11629", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11490 - 115cms Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-11490 \nPublished : Nov. 20, 2024, 5:15 p.m. | 25\u00a0minutes ago \nDescription : A vulnerability was found in 115cms up to 20240807. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /index.php/admin/web/set.html. The manipulation of the argument type leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 3.5 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-20T18:45:51.000000Z"}, {"uuid": "7d3ee382-af7f-4d7e-8ebb-03f43b6a4a9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11499", "type": "seen", "source": "https://t.me/cvedetector/21097", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11499 - RTU500 IEC 60870-4-104 Certificate Update Restart Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-11499 \nPublished : March 25, 2025, 1:15 p.m. | 42\u00a0minutes ago \nDescription : A vulnerability exists in RTU500 IEC 60870-4-104 controlled station functionality, that allows an authenticated and authorized attacker to perform a CMU restart. The vulnerability can be triggered if certificates are updated while in use on active connections.  \n  \nThe affected CMU will automatically recover itself if an attacker successfully exploits this vulnerability. \nSeverity: 4.9 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-25T15:18:54.000000Z"}, {"uuid": "8ef4fe9a-6cc9-44ef-899d-97eb65d50ae7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11491", "type": "seen", "source": "https://t.me/cvedetector/11628", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11491 - \"Aximmetry 115cms Cross-Site Scripting Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-11491 \nPublished : Nov. 20, 2024, 5:15 p.m. | 25\u00a0minutes ago \nDescription : A vulnerability was found in 115cms up to 20240807. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /index.php/admin/web/useradmin.html. The manipulation of the argument ks leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 3.5 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-20T18:45:51.000000Z"}, {"uuid": "9cea188b-dced-46b4-b52c-0562e4f009be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11494", "type": "seen", "source": "https://t.me/cvedetector/11576", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11494 - Zyxel P-6101C Unauthenticated Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-11494 \nPublished : Nov. 20, 2024, 10:15 a.m. | 38\u00a0minutes ago \nDescription : **UNSUPPORTED WHEN ASSIGNED** The improper authentication vulnerability in the Zyxel P-6101C ADSL modem firmware version P-6101CSA6AP_20140331 could allow an unauthenticated attacker to read some device information via a crafted HTTP HEAD method. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-20T12:03:58.000000Z"}, {"uuid": "fef1ce0a-9511-4982-abcf-71ad3db3631c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11495", "type": "seen", "source": "https://t.me/cvedetector/11603", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11495 - OllyDbg Buffer Overflow Arbitrary Code Execution\", \n  \"Content\": \"CVE ID : CVE-2024-11495 \nPublished : Nov. 20, 2024, 1:15 p.m. | 19\u00a0minutes ago \nDescription : Buffer overflow vulnerability in OllyDbg, version 1.10, which could allow a local attacker to execute arbitrary code due to lack of proper bounds checking. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-20T14:34:51.000000Z"}, {"uuid": "f3b43f9c-7a2a-4aa2-a625-ae36570b4314", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1149", "type": "seen", "source": "https://t.me/ctinow/198311", "content": "https://ift.tt/Ez2XPig\nCVE-2024-1149 | Snow Inventory Agent up to 6.7.2/6.12.0/6.14.5 on macOS signature verification", "creation_timestamp": "2024-03-02T10:41:20.000000Z"}, {"uuid": "2c41453d-35f4-4906-bc5d-044452bf0b2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11493", "type": "seen", "source": "https://t.me/cvedetector/11637", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11493 - \"River Float Router Cross-site Scripting Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-11493 \nPublished : Nov. 20, 2024, 6:15 p.m. | 16\u00a0minutes ago \nDescription : A vulnerability classified as problematic was found in 115cms up to 20240807. This vulnerability affects unknown code of the file /index.php/setpage/admin/pageAE.html. The manipulation of the argument tid leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 3.5 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-20T19:36:10.000000Z"}, {"uuid": "de60c5ec-20f6-4705-b69b-f8621c6193b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11492", "type": "seen", "source": "https://t.me/cvedetector/11636", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11492 - \"115cms Cross-Site Scripting Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-11492 \nPublished : Nov. 20, 2024, 6:15 p.m. | 16\u00a0minutes ago \nDescription : A vulnerability classified as problematic has been found in 115cms up to 20240807. This affects an unknown part of the file /index.php/admin/web/appurladd.html. The manipulation of the argument tid leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 3.5 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-20T19:36:09.000000Z"}, {"uuid": "0bf49de2-5846-4822-9ce1-e9c476eb4234", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1149", "type": "seen", "source": "https://t.me/ctinow/181386", "content": "https://ift.tt/BFNHzkJ\nCVE-2024-1149", "creation_timestamp": "2024-02-08T14:21:54.000000Z"}]}