{"vulnerability": "CVE-2024-1305", "sightings": [{"uuid": "ab592ade-824c-405f-93fc-83ee13de8ab8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13050", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113743800907443432", "content": "", "creation_timestamp": "2024-12-30T21:04:25.777312Z"}, {"uuid": "4627bf4f-cc2c-47c3-9ccc-cfd476ec1631", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13051", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113743800921784443", "content": "", "creation_timestamp": "2024-12-30T21:04:25.966148Z"}, {"uuid": "68221a43-8738-4d77-8c46-1adc5e247c9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13058", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113744060768180912", "content": "", "creation_timestamp": "2024-12-30T22:10:30.903436Z"}, {"uuid": "1beaf358-7fe8-46bf-9766-b8460865a707", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13051", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-24-1735/", "content": "", "creation_timestamp": "2024-12-30T05:00:00.000000Z"}, {"uuid": "591fe043-5a0f-464e-98e1-51ffd3085c4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13050", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-24-1734/", "content": "", "creation_timestamp": "2024-12-30T05:00:00.000000Z"}, {"uuid": "17d8aa80-be92-432c-b056-bce30f15c9fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13052", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgpc3apqip2b", "content": "", "creation_timestamp": "2025-01-27T06:15:57.609073Z"}, {"uuid": "117cbe4b-c6ef-44f2-a203-aac707f92642", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13055", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgpc3dca6c2f", "content": "", "creation_timestamp": "2025-01-27T06:16:00.468135Z"}, {"uuid": "dff21f03-c106-4399-b018-d90df1120d92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13056", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgpc3gpxvc2f", "content": "", "creation_timestamp": "2025-01-27T06:16:04.096408Z"}, {"uuid": "efdf76e0-5d3e-4067-a70a-d7f3fa833f3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13057", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgpc3jgyif2n", "content": "", "creation_timestamp": "2025-01-27T06:16:07.066026Z"}, {"uuid": "e683a60d-9ba5-49d8-8a1b-b65c8c947303", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13052", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113898874772413393", "content": "", "creation_timestamp": "2025-01-27T06:21:45.199194Z"}, {"uuid": "831f78d5-072c-4772-ae7d-a9b8e6b359f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13055", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113898874786931336", "content": "", "creation_timestamp": "2025-01-27T06:21:45.805436Z"}, {"uuid": "67118841-b195-486f-8a84-7fd7963fbc23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13056", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113898874801491464", "content": "", "creation_timestamp": "2025-01-27T06:21:46.031089Z"}, {"uuid": "7e1c6784-f3f9-4dbe-a961-e7de0c0d78d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13057", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113898933804480541", "content": "", "creation_timestamp": "2025-01-27T06:36:46.082541Z"}, {"uuid": "5a139444-47b0-4965-b2ed-3788f90948f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13055", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgpdxhyhdx2w", "content": "", "creation_timestamp": "2025-01-27T06:49:38.360155Z"}, {"uuid": "7f438815-c8c0-4941-84fc-581dc0ca7601", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13057", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgpdxibnlg2g", "content": "", "creation_timestamp": "2025-01-27T06:49:39.045412Z"}, {"uuid": "c40183fd-c060-4afd-a7cd-26ca5e892143", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13056", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgpdxiixsr2h", "content": "", "creation_timestamp": "2025-01-27T06:49:40.683141Z"}, {"uuid": "9f69bc86-6e6d-4020-b05e-ed78b7eefd25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13052", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgpdxja4kz2b", "content": "", "creation_timestamp": "2025-01-27T06:49:44.066395Z"}, {"uuid": "5634a7de-18a0-49a5-98b7-8673cce37691", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-13059", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114359274731523643", "content": "", "creation_timestamp": "2025-04-18T13:47:31.117413Z"}, {"uuid": "d9156025-882f-4eb0-8bf3-06c30e715d19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13059", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113981105511208498", "content": "", "creation_timestamp": "2025-02-10T18:54:08.623049Z"}, {"uuid": "8d97484b-33e7-4d51-a690-b663433e9f41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13059", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113981122733283417", "content": "", "creation_timestamp": "2025-02-10T18:58:29.499629Z"}, {"uuid": "91db9a5a-3f05-494d-8372-b52b4048bf5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1305", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-072-10", "content": "", "creation_timestamp": "2025-03-13T11:00:00.000000Z"}, {"uuid": "1f72c043-197f-4365-82ed-8111c33d1c0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13059", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhtu6x43ls2h", "content": "", "creation_timestamp": "2025-02-10T19:16:00.065718Z"}, {"uuid": "74302f25-554a-4a87-8d6c-03664171b83a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13059", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhu5wi3jzh2a", "content": "", "creation_timestamp": "2025-02-10T22:10:16.706107Z"}, {"uuid": "d35e763e-a3b5-4617-b98d-4369f6541fc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13055", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3meovcdeeb52k", "content": "", "creation_timestamp": "2026-02-12T21:03:17.996503Z"}, {"uuid": "fcaac735-4df2-402c-9492-6e84c6a827c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13059", "type": "seen", "source": "MISP/abd2a650-703d-4a2f-9f73-3051c1672e27", "content": "", "creation_timestamp": "2025-08-11T18:47:39.000000Z"}, {"uuid": "d9e7d514-097d-4936-bfab-ca8c02f70437", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13059", "type": "seen", "source": "MISP/abd2a650-703d-4a2f-9f73-3051c1672e27", "content": "", "creation_timestamp": "2025-08-09T13:26:56.000000Z"}, {"uuid": "a7e01f55-5104-463e-a858-68a1fb0e71aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13054", "type": "seen", "source": "MISP/682bdba3-46b7-4a8f-b7be-c6bf4b4f9868", "content": "", "creation_timestamp": "2025-08-13T13:26:34.000000Z"}, {"uuid": "fcfe9388-c155-447e-aca2-dd81e0af7797", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13055", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3167", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: GHSA-c33j-w5w4-w9q4\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Dyn Business Panel WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.\n\ud83d\udccf Published: 2025-01-27T06:30:26Z\n\ud83d\udccf Modified: 2025-01-27T06:30:26Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-13055\n2. https://wpscan.com/vulnerability/91178272-ed7e-412c-a187-e360a1313004", "creation_timestamp": "2025-01-27T07:07:56.000000Z"}, {"uuid": "796b6306-d947-43dc-b136-9969e79c7593", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13054", "type": "seen", "source": "https://t.me/cvedetector/20196", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13054 - GitLab Denial of Service Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13054 \nPublished : March 13, 2025, 6:15 a.m. | 1\u00a0hour, 20\u00a0minutes ago \nDescription : An issue was discovered in GitLab CE/EE affecting all versions before 17.7.7, 17.8 prior to 17.8.5, and 17.9 prior to 17.9.2. where a denial of service vulnerability could allow an attacker to cause a system reboot under certain conditions. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-13T08:55:45.000000Z"}, {"uuid": "48ef994b-effa-4039-9e73-c410e9a6d662", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13059", "type": "seen", "source": "https://t.me/cvedetector/17597", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13059 - Apache Anything-LLM Path Traversal RCE\", \n  \"Content\": \"CVE ID : CVE-2024-13059 \nPublished : Feb. 10, 2025, 7:15 p.m. | 27\u00a0minutes ago \nDescription : A vulnerability in mintplex-labs/anything-llm prior to version 1.3.1 allows for path traversal due to improper handling of non-ASCII filenames in the multer library. This vulnerability can lead to arbitrary file write, which can subsequently result in remote code execution. The issue arises when the filename transformation introduces '../' sequences, which are not sanitized by multer, allowing attackers with manager or admin roles to write files to arbitrary locations on the server. \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-10T21:16:47.000000Z"}, {"uuid": "599ccf08-1ae5-4a02-a94f-8b4a43d2edb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13052", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3169", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: GHSA-9grv-p46v-p3fp\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Dental Optimizer Patient Generator App WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.\n\ud83d\udccf Published: 2025-01-27T06:30:26Z\n\ud83d\udccf Modified: 2025-01-27T06:30:26Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-13052\n2. https://wpscan.com/vulnerability/671d5eef-c496-4047-9d01-8ab8a94cdc72", "creation_timestamp": "2025-01-27T07:08:00.000000Z"}, {"uuid": "1e6e77a7-671e-4726-a352-1f2a66b7ab35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13059", "type": "seen", "source": "Telegram/YK_wf-F-_IVLv0FYD56MqqSLRHFIO3oQsZpuhtxc3P6uosxH", "content": "", "creation_timestamp": "2025-02-14T10:01:38.000000Z"}, {"uuid": "2ebbe64f-6dc9-41b2-9b91-fa2706b37256", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13057", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3164", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: GHSA-f5ph-j9m6-qjqc\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Dyn Business Panel WordPress plugin through 1.0.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack.\n\ud83d\udccf Published: 2025-01-27T06:30:26Z\n\ud83d\udccf Modified: 2025-01-27T06:30:26Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-13057\n2. https://wpscan.com/vulnerability/6f869a3d-1ac1-4d31-8fe5-9b9795b15b5b", "creation_timestamp": "2025-01-27T07:07:53.000000Z"}, {"uuid": "6e5d7365-4900-482b-90b8-bcf2bd190844", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13057", "type": "seen", "source": "https://t.me/cvedetector/16435", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13057 - Dyn Business Panel Stored XSS CSRF\", \n  \"Content\": \"CVE ID : CVE-2024-13057 \nPublished : Jan. 27, 2025, 6:15 a.m. | 2\u00a0hours, 12\u00a0minutes ago \nDescription : The Dyn Business Panel WordPress plugin through 1.0.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-27T10:08:15.000000Z"}, {"uuid": "f95df2bf-9188-48c5-b2a5-27ddfa3a439b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13056", "type": "seen", "source": "https://t.me/cvedetector/16434", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13056 - Dyn Business Panel WordPress Plugin Stored XSS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13056 \nPublished : Jan. 27, 2025, 6:15 a.m. | 2\u00a0hours, 12\u00a0minutes ago \nDescription : The Dyn Business Panel WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-27T10:08:11.000000Z"}, {"uuid": "5d94507c-3ebf-4dd8-9381-e31f8779332a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13055", "type": "seen", "source": "https://t.me/cvedetector/16433", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13055 - Dyn Business Panel WordPress Reflected Cross-Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2024-13055 \nPublished : Jan. 27, 2025, 6:15 a.m. | 2\u00a0hours, 12\u00a0minutes ago \nDescription : The Dyn Business Panel WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-27T10:08:11.000000Z"}, {"uuid": "6f75d47a-ae74-4576-8f7e-45c2031ac17e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13052", "type": "seen", "source": "https://t.me/cvedetector/16443", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13052 - \"WordPress Dental Optimizer Patient Generator App Reflected Cross-Site Scripting Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-13052 \nPublished : Jan. 27, 2025, 6:15 a.m. | 2\u00a0hours, 12\u00a0minutes ago \nDescription : The Dental Optimizer Patient Generator App WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-27T10:08:24.000000Z"}, {"uuid": "b1e8993a-00d6-4b42-a781-31cd36c3aac6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13058", "type": "seen", "source": "https://t.me/cvedetector/13966", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13058 - SoftIron HyperCloud Elevated User Privilege sdStorage Subsystem Vuln\", \n  \"Content\": \"CVE ID : CVE-2024-13058 \nPublished : Dec. 30, 2024, 10:15 p.m. | 42\u00a0minutes ago \nDescription : An issue exists in SoftIron HyperCloud  \n where authenticated, but non-admin users can create data pools, which could potentially impact the performance and availability of the backend software-defined storage subsystem.  \n  \nThis issue only impacts SoftIron HyperCloud and related software products (such as VM Squared) software versions 2.3.0 to before 2.5.0. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-31T00:19:40.000000Z"}, {"uuid": "8298d1f2-d32e-4b44-bc43-108df7cac39c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13051", "type": "seen", "source": "https://t.me/cvedetector/13956", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13051 - Ashlar-Vellum Graphite VC6 File Parsing Heap Overflow Remote Code Execution\", \n  \"Content\": \"CVE ID : CVE-2024-13051 \nPublished : Dec. 30, 2024, 9:15 p.m. | 20\u00a0minutes ago \nDescription : Ashlar-Vellum Graphite VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.  \n  \nThe specific flaw exists within the parsing of VC6 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24977. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-30T22:39:15.000000Z"}, {"uuid": "1490e126-54e9-49c0-ae52-61bc32748f58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13050", "type": "seen", "source": "https://t.me/cvedetector/13955", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13050 - Ashlar-Vellum Graphite VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13050 \nPublished : Dec. 30, 2024, 9:15 p.m. | 20\u00a0minutes ago \nDescription : Ashlar-Vellum Graphite VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.  \n  \nThe specific flaw exists within the parsing of VC6 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24976. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-30T22:39:11.000000Z"}, {"uuid": "3b422724-fc29-4015-b642-1e4955405b08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1305", "type": "seen", "source": "https://t.me/cvedetector/213", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-1305 - tap-windows6 driver version 9.26 and earlier does\", \n  \"Content\": \"CVE ID : CVE-2024-1305 \nPublished : July 8, 2024, 6:15 p.m. | 26\u00a0minutes ago \nDescription : tap-windows6 driver version 9.26 and earlier does not properly   \ncheck the size data of incomming write operations which an attacker can   \nuse to overflow memory buffers, resulting in a bug check and potentially  \n arbitrary code execution in kernel space \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-08T20:46:09.000000Z"}, {"uuid": "8f821f85-e605-4e96-b3c6-5d53961193bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1305", "type": "seen", "source": "https://t.me/true_secator/6083", "content": "Microsoft \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442 \u043e \u0447\u0435\u0442\u044b\u0440\u0435\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0432 \u041f\u041e \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c OpenVPN, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0436\u043d\u043e \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0438\u0442\u044c \u0434\u043b\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 RCE \u0438 LPE.\n\n\u0426\u0435\u043f\u043e\u0447\u043a\u0430 \u0430\u0442\u0430\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0446\u0435\u043b\u0435\u0432\u044b\u043c\u0438 \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u043c\u0438 \u0442\u043e\u0447\u043a\u0430\u043c\u0438, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0442\u0435\u0447\u043a\u0430\u043c \u0434\u0430\u043d\u043d\u044b\u0445, \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0438 \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0434\u043e\u0441\u0442\u0443\u043f\u0443 \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n\u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0431\u044b\u043b \u043f\u0440\u043e\u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d \u043d\u0430 Black Hat USA 2024, \u043d\u043e \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0438 \u0443\u0433\u043b\u0443\u0431\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043f\u043e\u043d\u0438\u043c\u0430\u043d\u0438\u044f \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0435\u0439 \u0440\u0430\u0431\u043e\u0442\u044b OpenVPN.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 OpenVPN \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0439 2.6.10 \u0438 2.5.10 \u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a:\n\n- CVE-2024-27459: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0441\u0442\u0435\u043a\u0430, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a \u043e\u0442\u043a\u0430\u0437\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 (DoS) \u0438 LPE \u0432 Windows;\n\n- CVE-2024-24974: \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043a\u0430\u043d\u0430\u043b\u0443 \u00ab\\\\openvpn\\\\service\u00bb \u0432 Windows, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u0442\u044c \u0441 \u043d\u0438\u043c \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043d\u0430 \u043d\u0435\u043c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438;\n\n- CVE-2024-27903: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0435 \u043f\u043b\u0430\u0433\u0438\u043d\u0430, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a RCE \u0432 Windows, \u0430 \u0442\u0430\u043a\u0436\u0435 LPE \u0438 \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044e \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u0432 Android, iOS, macOS \u0438 BSD;\n\n- CVE-2024-1305: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u0438, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a DoS \u0432 Windows\n\n\u041f\u0435\u0440\u0432\u044b\u0435 \u0442\u0440\u0438 \u0438\u0437 \u0447\u0435\u0442\u044b\u0440\u0435\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u043c openvpnserv, \u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u044f\u044f - \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u043e\u043c Windows Terminal Access Point (TAP).\n\n\u0412\u0441\u0435 \u043e\u043d\u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0438\u043c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u0447\u0435\u0442\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c OpenVPN \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u043a\u043e\u0442\u043e\u0440\u044b\u0435, \u0432 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u044b \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u043c\u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u0430\u043c\u0438.\n\n\u0417\u0430\u0442\u0435\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0438\u0442\u044c \u0438\u0445 \u0432 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u043a\u043e\u043c\u0431\u0438\u043d\u0430\u0446\u0438\u0438: CVE-2024-24974 \u0438 CVE-2024-27903 \u0438\u043b\u0438 CVE-2024-27459 \u0438 CVE-2024-27903, \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0438\u0436\u0435\u043d\u0438\u044f RCE \u0438 LPE \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043f\u043e \u043a\u0440\u0430\u0439\u043d\u0435\u0439 \u043c\u0435\u0440\u0435 \u0442\u0440\u0438 \u0438\u0437 \u0447\u0435\u0442\u044b\u0440\u0435\u0445 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, \u043e\u0431\u043b\u0435\u0433\u0447\u0430\u044e\u0449\u0438\u0445 RCE \u0438 LPE, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0437\u0430\u0442\u0435\u043c \u043c\u043e\u0436\u043d\u043e \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0438\u0442\u044c \u0432 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043c\u043e\u0449\u043d\u043e\u0439 \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u0430\u0442\u0430\u043a. \n\n\u041f\u043e\u0441\u043b\u0435 \u0434\u043e\u0441\u0442\u0438\u0436\u0435\u043d\u0438\u044f LPE \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u0442\u0430\u043a\u0438\u0445 \u043c\u0435\u0442\u043e\u0434\u043e\u0432, \u043a\u0430\u043a BYOVD, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c Protect Process Light (PPL) \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0430\u0436\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430, \u0442\u0430\u043a\u043e\u0433\u043e \u043a\u0430\u043a Microsoft Defender, \u0438\u043b\u0438 \u043e\u0431\u043e\u0439\u0442\u0438 \u0438 \u0432\u043c\u0435\u0448\u0430\u0442\u044c\u0441\u044f \u0432 \u0434\u0440\u0443\u0433\u0438\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0430\u0436\u043d\u044b\u0435 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u044b \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.", "creation_timestamp": "2024-08-12T17:40:05.000000Z"}, {"uuid": "7c12c3ff-8f14-43fc-9639-2c9a4f9b4621", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13059", "type": "published-proof-of-concept", "source": "https://t.me/information_security_channel/53414", "content": "CVE-2024-13059: Exploiting Path Traversal in AnythingLLM for Remote Code Execution\nhttps://www.offsec.com/blog/cve-2024-13059/\n\nDiscover CVE-2024-13059, a critical vulnerability flat that affects AnythingLLM's handling of ASCII filenames in the multer library. \nThe post CVE-2024-13059: Exploiting Path Traversal in AnythingLLM for Remote Code Execution (https://www.offsec.com/blog/cve-2024-13059/) appeared first on OffSec (https://www.offsec.com/).", "creation_timestamp": "2025-04-17T21:22:20.000000Z"}]}